Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/g5vLvMzyY6iocE2krG0Z0SJdXKE.roa
File: g5vLvMzyY6iocE2krG0Z0SJdXKE.roa (raw, json)
Hash identifier: 7Uftt+pkf4JmzzrynHDiN+y0M7EXwi7l54WuFyKgcgU=
Subject key identifier: 83:9B:CB:BC:CC:F2:63:A8:A8:70:4D:A4:AC:6D:19:D1:22:5D:5C:A1
Certificate issuer: /CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Certificate serial: 0194252183853D489C2FA0E1E9AE72B5D02A
Authority key identifier: D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/g5vLvMzyY6iocE2krG0Z0SJdXKE.roa
Signing time: Thu 02 Jan 2025 03:49:00 +0000
ROA not before: Thu 02 Jan 2025 03:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44061
IP address blocks: 45.139.92.0/24 maxlen: 24
45.139.93.0/24 maxlen: 24
45.139.94.0/24 maxlen: 24
45.139.95.0/24 maxlen: 24
79.175.192.0/20 maxlen: 20
79.175.208.0/20 maxlen: 20
79.175.224.0/20 maxlen: 20
79.175.240.0/21 maxlen: 21
79.175.248.0/21 maxlen: 21
79.175.248.0/22 maxlen: 22
79.175.252.0/22 maxlen: 22
109.74.96.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:83:85:3d:48:9c:2f:a0:e1:e9:ae:72:b5:d0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Validity
Not Before: Jan 2 03:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=839bcbbcccf263a8a8704da4ac6d19d1225d5ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:1c:8e:d5:a7:cd:52:86:8b:c5:1d:9d:c0:
3e:af:f2:01:ce:da:d1:df:71:a0:00:7a:d5:99:04:
0d:28:0e:1e:3b:87:a9:40:94:c4:0d:66:f4:80:84:
a8:63:4c:34:2d:a6:d0:7f:e2:95:bc:2e:24:74:bc:
2d:c0:29:48:50:15:d1:5b:60:ce:9d:a7:a4:05:fd:
1f:8f:0a:73:39:4f:b7:44:b6:4d:82:e2:96:14:21:
dd:c2:68:4f:22:f3:47:b2:40:37:df:db:e0:7f:d0:
9f:e4:9b:2b:4f:98:a4:1e:21:17:22:a9:3c:6d:1e:
18:1f:c5:aa:fe:23:be:75:96:2d:f5:ce:48:36:5f:
84:83:f5:46:f4:13:5e:89:b0:61:26:6a:7e:21:14:
27:7b:3f:b3:10:83:43:26:d1:c1:51:ce:83:99:90:
3d:21:5e:9d:ec:19:5c:90:39:e1:5c:c4:5e:14:36:
9c:24:2f:2d:c6:07:25:d3:fd:98:d4:da:b2:f9:0b:
a3:fb:79:0f:6c:3e:81:d8:97:44:f9:95:50:ed:69:
6a:ab:01:4a:47:55:ec:8f:55:0f:eb:54:e8:e7:76:
1e:ab:ce:9a:df:39:62:e1:bd:2b:1c:f2:bd:86:ff:
6f:22:56:ae:bf:1d:a6:e4:de:8b:79:92:f7:ff:b5:
1a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9B:CB:BC:CC:F2:63:A8:A8:70:4D:A4:AC:6D:19:D1:22:5D:5C:A1
X509v3 Authority Key Identifier:
keyid:D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/g5vLvMzyY6iocE2krG0Z0SJdXKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/1F35i-yCdrgrqC2TdgRHukTRoZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.92.0/22
79.175.192.0/18
109.74.96.0/20
Signature Algorithm: sha256WithRSAEncryption
52:64:c8:24:d1:ba:53:b2:11:22:22:09:6d:5f:a6:87:29:06:
7b:f4:d7:3c:7f:c3:ec:01:b1:b7:f6:c7:50:29:cf:f5:09:0c:
dd:dc:ae:8f:c5:81:5a:38:42:d4:b3:aa:f3:f7:7f:57:1a:7d:
42:88:57:0b:78:7e:68:bf:ef:3b:96:c4:6c:db:d2:b5:0d:55:
85:25:66:65:72:31:07:64:79:97:61:69:a5:92:64:69:c7:a5:
58:63:e9:25:4e:c3:7c:73:a2:79:c4:82:d6:d1:f0:56:5b:27:
f0:f4:4d:6f:92:7a:bf:d9:bd:bc:3b:8e:f3:8d:44:8f:36:17:
73:ab:c8:d2:57:0c:b9:11:67:f4:60:91:78:52:7d:31:15:18:
40:95:61:d5:3f:78:b4:6b:41:3a:a9:b5:f7:cb:2e:7d:9c:80:
72:9b:59:b0:04:82:9e:59:53:27:7b:f4:78:82:53:b5:36:99:
d6:7a:88:96:87:de:4f:44:be:bb:ab:b1:7a:ff:7e:f2:b0:97:
6a:de:17:f8:ba:1c:7a:f5:f7:c9:38:11:64:c7:2e:98:b1:69:
70:cb:6e:7f:f7:c0:11:0b:cf:11:e0:64:71:6e:f8:70:22:a0:
b6:b1:75:a3:d4:18:ba:7b:b7:3c:58:ca:e2:90:d4:e5:e7:7c:
ff:4a:cc:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIYOFPUicL6Dh6a5ytdAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWRmOThiZWM4Mjc2YjgyYmE4MmQ5Mzc2MDQ0N2JhNDRk
MWExOWIwHhcNMjUwMTAyMDM0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzliY2JiY2NjZjI2M2E4YTg3MDRkYTRhYzZkMTlkMTIyNWQ1Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDEcjtWnzVKGi8UdncA+r/IBztrR
33GgAHrVmQQNKA4eO4epQJTEDWb0gISoY0w0LabQf+KVvC4kdLwtwClIUBXRW2DO
naekBf0fjwpzOU+3RLZNguKWFCHdwmhPIvNHskA339vgf9Cf5JsrT5ikHiEXIqk8
bR4YH8Wq/iO+dZYt9c5INl+Eg/VG9BNeibBhJmp+IRQnez+zEINDJtHBUc6DmZA9
IV6d7BlckDnhXMReFDacJC8txgcl0/2Y1Nqy+Quj+3kPbD6B2JdE+ZVQ7WlqqwFK
R1Xsj1UP61To53Yeq86a3zli4b0rHPK9hv9vIlauvx2m5N6LeZL3/7UalQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIOby7zM8mOoqHBNpKxtGdEiXVyhMB8GA1UdIwQY
MBaAFNRd+Yvsgna4K6gtk3YER7pE0aGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUYzNWkteUNkcmdycUMyVGRnUkh1a1RSb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kZTA2NWQtMzBlMi00M2Q1LWIzNTct
YzA5NTZhODAxMzJkLzEvZzV2THZNenlZNmlvY0Uya3JHMFowU0pkWEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9kZTA2NWQtMzBlMi00M2Q1LWIzNTctYzA5NTZhODAxMzJk
LzEvMUYzNWkteUNkcmdycUMyVGRnUkh1a1RSb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYtcAwQG
T6/AAwQEbUpgMA0GCSqGSIb3DQEBCwUAA4IBAQBSZMgk0bpTshEiIgltX6aHKQZ7
9Nc8f8PsAbG39sdQKc/1CQzd3K6PxYFaOELUs6rz939XGn1CiFcLeH5ov+87lsRs
29K1DVWFJWZlcjEHZHmXYWmlkmRpx6VYY+klTsN8c6J5xILW0fBWWyfw9E1vknq/
2b28O47zjUSPNhdzq8jSVwy5EWf0YJF4Un0xFRhAlWHVP3i0a0E6qbX3yy59nIBy
m1mwBIKeWVMne/R4glO1NpnWeoiWh95PRL67q7F6/37ysJdq3hf4uhx69ffJOBFk
xy6YsWlwy25/98ARC88R4GRxbvhwIqC2sXWj1Bi6e7c8WMrikNTl53z/Sswj
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:51:57 2025 by rpki-client