Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/cgmdoVpo8tWt8dAFUCZcV7chen4.roa
File: cgmdoVpo8tWt8dAFUCZcV7chen4.roa (raw, json)
Hash identifier: Cmc2Ci2qHamNkuRx7P9unf2BMlFZ2DtZbzX8I5eW0/g=
Subject key identifier: 72:09:9D:A1:5A:68:F2:D5:AD:F1:D0:05:50:26:5C:57:B7:21:7A:7E
Certificate issuer: /CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Certificate serial: 019421B1E68FD4F7D097C1FBC3A3D359D6D0
Authority key identifier: C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/cgmdoVpo8tWt8dAFUCZcV7chen4.roa
Signing time: Wed 01 Jan 2025 11:48:14 +0000
ROA not before: Wed 01 Jan 2025 11:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61438
IP address blocks: 45.84.144.0/22 maxlen: 22
146.19.235.0/24 maxlen: 24
194.93.76.0/23 maxlen: 24
2a04:d200::/29 maxlen: 29
2a04:d200::/32 maxlen: 32
2a04:d201::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e6:8f:d4:f7:d0:97:c1:fb:c3:a3:d3:59:d6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56
Validity
Not Before: Jan 1 11:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72099da15a68f2d5adf1d00550265c57b7217a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d1:2f:8e:80:43:d1:92:ab:95:6b:92:ca:be:
d7:50:9f:e9:a2:c4:0c:a8:a5:cb:c0:b3:5e:23:cf:
f0:8e:4f:6f:13:c0:83:fb:29:b5:1e:ea:c4:81:1a:
3c:b1:b5:2f:bc:91:68:7e:72:26:29:ff:03:b9:0f:
64:20:0f:83:33:b3:fe:68:c4:6d:cf:24:04:e9:0e:
48:a2:6c:0d:f5:b2:07:a2:14:da:c3:26:3b:7a:fb:
33:e2:d1:5b:de:e4:5e:88:3a:e1:02:1c:f0:ac:aa:
d1:11:35:31:36:b3:31:4d:c3:ef:94:07:d1:60:58:
7d:26:8f:f2:be:bf:75:aa:dd:c5:f1:75:66:7f:ab:
e5:6e:a4:d2:77:00:3f:88:7c:64:1b:3c:e8:54:f6:
4c:00:34:c2:b4:30:50:cb:90:26:3a:54:90:c2:11:
eb:6d:d0:fb:17:90:b1:64:ec:d5:f7:66:07:8f:f0:
62:2e:7d:de:47:34:63:6c:81:5e:0e:8c:59:8a:31:
69:5b:76:11:cd:71:bd:87:32:b7:7c:26:17:61:08:
4c:77:b3:c3:24:1b:fc:32:67:db:0d:83:b2:af:17:
a6:d0:eb:5d:af:72:4a:2d:94:9f:48:25:c2:5a:ea:
b5:1e:af:a9:95:a5:a2:75:ca:9e:a2:5c:af:98:30:
09:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:09:9D:A1:5A:68:F2:D5:AD:F1:D0:05:50:26:5C:57:B7:21:7A:7E
X509v3 Authority Key Identifier:
keyid:C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/cgmdoVpo8tWt8dAFUCZcV7chen4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.144.0/22
146.19.235.0/24
194.93.76.0/23
IPv6:
2a04:d200::/29
Signature Algorithm: sha256WithRSAEncryption
c4:c3:f2:67:8d:8e:d8:dd:8f:52:2b:e4:00:24:51:4d:cd:c9:
48:50:9e:b6:47:1c:23:3d:3f:80:63:bd:56:51:88:bf:7e:f3:
2b:29:b3:bd:fc:90:e8:13:e4:f8:07:ee:b7:c0:6b:e0:e7:76:
67:c6:e0:9a:c4:da:aa:1b:24:54:57:a0:33:01:b2:b8:5c:eb:
bb:a6:02:01:78:a1:30:67:94:f9:e9:78:0f:42:51:03:06:a0:
bb:e7:a8:61:a7:42:d7:c3:8a:c4:ea:70:d6:3a:57:ca:b6:ba:
ef:8e:5e:49:5e:95:03:03:d3:ab:a7:65:1e:9e:64:27:89:47:
cd:de:51:d6:da:5c:18:95:43:d6:54:9e:f4:3f:05:d6:55:90:
be:89:d5:1b:a7:be:b9:13:65:46:6d:49:2d:b1:f0:76:e2:1c:
b6:8e:87:1c:8a:90:dd:a3:61:63:1d:30:51:42:c8:3e:3f:eb:
da:cd:ba:1f:7a:a5:aa:ab:23:30:3c:36:7a:96:d3:ae:9f:7d:
d9:ad:90:04:eb:a7:c6:d3:6e:ba:11:11:09:e5:66:72:f8:d8:
f1:5b:00:c8:f3:b5:07:cf:b6:b9:72:c6:b5:9a:1c:5b:bf:81:
e3:d7:58:34:e7:81:4f:29:86:ad:45:01:58:81:02:c2:14:08:
a0:7b:76:70
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhseaP1PfQl8H7w6PTWdbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDgyY2NmMGM4ZGVhN2Q3ZjZhZDcyZThlNjI0NjJkN2Jl
MjBkNTYwHhcNMjUwMTAxMTE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjA5OWRhMTVhNjhmMmQ1YWRmMWQwMDU1MDI2NWM1N2I3MjE3YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NEvjoBD0ZKrlWuSyr7XUJ/posQM
qKXLwLNeI8/wjk9vE8CD+ym1HurEgRo8sbUvvJFofnImKf8DuQ9kIA+DM7P+aMRt
zyQE6Q5IomwN9bIHohTawyY7evsz4tFb3uReiDrhAhzwrKrRETUxNrMxTcPvlAfR
YFh9Jo/yvr91qt3F8XVmf6vlbqTSdwA/iHxkGzzoVPZMADTCtDBQy5AmOlSQwhHr
bdD7F5CxZOzV92YHj/BiLn3eRzRjbIFeDoxZijFpW3YRzXG9hzK3fCYXYQhMd7PD
JBv8MmfbDYOyrxem0Otdr3JKLZSfSCXCWuq1Hq+plaWidcqeolyvmDAJqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHIJnaFaaPLVrfHQBVAmXFe3IXp+MB8GA1UdIwQY
MBaAFMLYLM8Mjep9f2rXLo5iRi174g1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUt
NDMxMThlNDk2ZDQwLzEvY2dtZG9WcG84dFd0OGRBRlVDWmNWN2NoZW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUtNDMxMThlNDk2ZDQw
LzEvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVSQAwQA
khPrAwQBwl1MMA0EAgACMAcDBQMqBNIAMA0GCSqGSIb3DQEBCwUAA4IBAQDEw/Jn
jY7Y3Y9SK+QAJFFNzclIUJ62RxwjPT+AY71WUYi/fvMrKbO9/JDoE+T4B+63wGvg
53ZnxuCaxNqqGyRUV6AzAbK4XOu7pgIBeKEwZ5T56XgPQlEDBqC756hhp0LXw4rE
6nDWOlfKtrrvjl5JXpUDA9Orp2UenmQniUfN3lHW2lwYlUPWVJ70PwXWVZC+idUb
p765E2VGbUktsfB24hy2joccipDdo2FjHTBRQsg+P+vazbofeqWqqyMwPDZ6ltOu
n33ZrZAE66fG0266EREJ5WZy+NjxWwDI87UHz7a5csa1mhxbv4Hj11g054FPKYat
RQFYgQLCFAige3Zw
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:21:09 2025 by rpki-client