Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/lq2jSay1tA6EQwiYjCYq1wVBPlQ.roa
File: lq2jSay1tA6EQwiYjCYq1wVBPlQ.roa (raw, json)
Hash identifier: DCGKuVdB79polnMIdtkaoruyPf4zaLO+YiQJ2w+H6qc=
Subject key identifier: 96:AD:A3:49:AC:B5:B4:0E:84:43:08:98:8C:26:2A:D7:05:41:3E:54
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 019420D59BD1110B7443956C9F7D6C36A3F5
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/lq2jSay1tA6EQwiYjCYq1wVBPlQ.roa
Signing time: Wed 01 Jan 2025 07:47:37 +0000
ROA not before: Wed 01 Jan 2025 07:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 45.13.171.0/24 maxlen: 24
185.189.224.0/24 maxlen: 24
185.198.51.0/24 maxlen: 24
195.245.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:9b:d1:11:0b:74:43:95:6c:9f:7d:6c:36:a3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Jan 1 07:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96ada349acb5b40e844308988c262ad705413e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2f:ba:8e:33:0d:45:7c:84:a7:21:3a:8e:0b:
45:5f:55:49:0e:99:8b:4d:2d:c8:ea:83:ca:57:e1:
a9:58:ad:bd:11:ea:0c:04:f6:a7:81:c2:5f:97:fd:
76:7d:8b:1b:b9:50:e2:81:bb:b7:6a:d6:45:cc:5e:
10:fc:0c:aa:94:09:55:b5:7c:c0:44:be:76:a9:e8:
ff:25:90:5f:eb:9a:28:e1:75:eb:49:cf:78:a3:2b:
1f:10:75:09:32:fd:89:da:36:1e:3f:f8:cd:d9:ae:
36:12:46:19:61:8e:b0:3a:9c:39:0e:40:36:93:ce:
a7:6a:78:43:b4:b9:8d:d5:eb:9a:77:66:47:8f:8b:
47:56:d0:d5:26:19:1e:54:38:09:20:3a:d6:58:73:
e2:2a:2b:ee:98:20:b7:c6:27:5c:1e:ee:1d:0b:8e:
c6:5f:92:38:47:76:d2:e4:03:dd:58:08:fc:8c:23:
47:a6:bb:97:ee:10:0e:60:e2:50:d7:ca:58:6a:9d:
e6:58:28:8f:25:c0:68:8b:a1:82:4a:d7:a4:80:a0:
42:41:c4:e7:31:a9:7d:86:d3:80:41:18:f0:bf:1d:
8d:98:de:41:8a:9f:9c:f2:0f:7d:ca:a6:3c:97:17:
7c:97:fe:33:ce:a1:f9:7b:c8:92:1b:17:cd:f5:2f:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AD:A3:49:AC:B5:B4:0E:84:43:08:98:8C:26:2A:D7:05:41:3E:54
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/lq2jSay1tA6EQwiYjCYq1wVBPlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.171.0/24
185.189.224.0/24
185.198.51.0/24
195.245.89.0/24
Signature Algorithm: sha256WithRSAEncryption
99:7f:50:ea:88:23:b0:9e:d5:c6:d1:e2:f4:b8:02:bd:62:7f:
10:57:79:9d:94:70:82:e7:47:d9:96:c6:d6:c7:db:88:3c:5c:
32:82:5c:21:37:bf:97:bf:de:0d:9f:d4:5f:04:15:78:c8:8a:
76:7a:a8:73:41:61:a0:cb:f8:99:48:da:28:ba:c3:fd:2d:54:
8c:45:39:8a:68:4b:56:e3:33:74:53:db:45:b1:33:49:9b:5c:
55:b9:e6:77:f0:f3:ec:0a:24:ec:56:43:51:ec:58:94:cf:65:
1c:56:15:87:19:b0:3e:ab:cd:c2:bd:67:bd:60:95:b2:df:97:
cf:37:59:91:6b:20:b5:98:72:3a:cb:c3:91:c8:99:1a:0b:42:
28:6e:f0:10:2d:93:f6:dc:44:26:2b:04:e2:e6:57:35:6d:d8:
0a:65:01:8f:b0:0a:9f:c0:20:4f:55:14:0e:69:48:2b:2c:ec:
88:e3:cc:b4:31:9b:00:b3:2c:e7:51:77:19:36:38:53:42:9b:
1f:da:b6:41:35:cc:bc:a4:b7:51:2b:a9:c9:c9:73:37:ec:cd:
ee:89:5a:47:66:ec:d9:0e:5e:ac:be:f5:5a:dd:c5:cd:43:69:
3e:53:eb:70:5d:5a:9c:39:5c:c8:a3:a1:4e:a1:8c:74:42:01:
0e:3f:85:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQg1ZvREQt0Q5Vsn31sNqP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjUwMTAxMDc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmFkYTM0OWFjYjViNDBlODQ0MzA4OTg4YzI2MmFkNzA1NDEzZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC+6jjMNRXyEpyE6jgtFX1VJDpmL
TS3I6oPKV+GpWK29EeoMBPangcJfl/12fYsbuVDigbu3atZFzF4Q/AyqlAlVtXzA
RL52qej/JZBf65oo4XXrSc94oysfEHUJMv2J2jYeP/jN2a42EkYZYY6wOpw5DkA2
k86nanhDtLmN1euad2ZHj4tHVtDVJhkeVDgJIDrWWHPiKivumCC3xidcHu4dC47G
X5I4R3bS5APdWAj8jCNHpruX7hAOYOJQ18pYap3mWCiPJcBoi6GCStekgKBCQcTn
Mal9htOAQRjwvx2NmN5Bip+c8g99yqY8lxd8l/4zzqH5e8iSGxfN9S8K2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJato0mstbQOhEMImIwmKtcFQT5UMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvbHEyalNheTF0QTZFUXdpWWpDWXExd1ZCUGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ2rAwQA
ub3gAwQAucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQCZf1DqiCOwntXG0eL0
uAK9Yn8QV3mdlHCC50fZlsbWx9uIPFwyglwhN7+Xv94Nn9RfBBV4yIp2eqhzQWGg
y/iZSNoousP9LVSMRTmKaEtW4zN0U9tFsTNJm1xVueZ38PPsCiTsVkNR7FiUz2Uc
VhWHGbA+q83CvWe9YJWy35fPN1mRayC1mHI6y8ORyJkaC0IobvAQLZP23EQmKwTi
5lc1bdgKZQGPsAqfwCBPVRQOaUgrLOyI48y0MZsAsyznUXcZNjhTQpsf2rZBNcy8
pLdRK6nJyXM37M3uiVpHZuzZDl6svvVa3cXNQ2k+U+twXVqcOVzIo6FOoYx0QgEO
P4VG
-----END CERTIFICATE-----
Generated at Sun Apr 27 08:11:11 2025 by rpki-client