Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/IzvcnFv9kw0TqyCe74ubve86Q-E.roa
File: IzvcnFv9kw0TqyCe74ubve86Q-E.roa (raw, json)
Hash identifier: 78DgscXfEbwSYX7qdA0JtGlNdmCzdWY7H1HTizuXeoc=
Subject key identifier: 23:3B:DC:9C:5B:FD:93:0D:13:AB:20:9E:EF:8B:9B:BD:EF:3A:43:E1
Certificate issuer: /CN=4540daa4c245a4725f38041402b6bffded15ea78
Certificate serial: 0194228D3194516C16A05A14CA246422E743
Authority key identifier: 45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/IzvcnFv9kw0TqyCe74ubve86Q-E.roa
Signing time: Wed 01 Jan 2025 15:47:46 +0000
ROA not before: Wed 01 Jan 2025 15:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201746
IP address blocks: 178.236.125.0/24 maxlen: 24
185.49.168.0/22 maxlen: 24
185.70.139.0/24 maxlen: 24
193.5.150.0/24 maxlen: 24
217.61.224.0/22 maxlen: 24
2a01:9f20::/37 maxlen: 37
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:31:94:51:6c:16:a0:5a:14:ca:24:64:22:e7:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4540daa4c245a4725f38041402b6bffded15ea78
Validity
Not Before: Jan 1 15:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=233bdc9c5bfd930d13ab209eef8b9bbdef3a43e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3d:ce:aa:c2:af:c1:9b:16:80:f6:07:f9:83:
2c:0c:83:ab:db:6f:b0:2c:e1:6f:50:e5:00:ce:e9:
00:8b:cf:1a:10:0b:fa:24:da:56:89:8f:de:83:8d:
a2:28:77:73:8e:c1:4b:6c:8a:fd:44:2d:34:c3:09:
0d:1f:b9:ac:60:10:0c:29:76:97:90:5e:3d:1c:6d:
e8:24:2a:f5:36:1f:7e:7f:75:24:2c:f7:4a:39:e0:
47:ff:36:4b:c3:b4:7d:29:84:89:b0:1b:09:b8:43:
d3:92:c4:d8:34:7a:49:31:9b:02:f5:e0:80:33:b9:
fa:66:1a:80:6d:27:e5:e8:82:7d:6e:51:31:21:79:
09:de:e3:5d:b8:61:df:6e:ea:34:15:40:54:04:5a:
cd:1b:11:4e:70:3e:a5:48:67:57:18:cf:c9:aa:6f:
bd:a3:1f:8c:64:44:5b:f2:52:59:5c:dd:60:82:09:
da:8a:19:33:08:ff:36:6b:ef:f8:23:e0:ce:72:f1:
98:a4:8e:69:bf:8e:c5:e5:c9:8e:09:46:05:97:52:
c7:ce:18:68:d6:65:7d:6b:8c:7b:49:cf:68:18:59:
c9:a0:ea:98:d6:92:e3:51:fb:f7:1a:21:be:4a:d6:
9c:5b:a2:e8:45:c5:b8:df:3e:cd:05:b0:86:98:b4:
7e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3B:DC:9C:5B:FD:93:0D:13:AB:20:9E:EF:8B:9B:BD:EF:3A:43:E1
X509v3 Authority Key Identifier:
keyid:45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/IzvcnFv9kw0TqyCe74ubve86Q-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.125.0/24
185.49.168.0/22
185.70.139.0/24
193.5.150.0/24
217.61.224.0/22
IPv6:
2a01:9f20::/37
Signature Algorithm: sha256WithRSAEncryption
6e:ee:40:04:e7:e3:2b:2a:3c:8a:7f:37:31:35:65:ae:51:d9:
4d:9d:52:d4:87:54:0a:e2:91:1b:4f:1d:18:1f:8a:13:e5:3f:
f2:71:08:a2:82:b2:b1:8d:44:fe:69:0f:cd:c4:06:6d:76:13:
d7:1a:bf:c5:b1:e8:6a:44:12:b4:13:ab:1c:25:da:15:8e:f0:
40:3c:da:39:91:aa:06:67:99:76:9a:c3:23:d2:23:f8:60:b9:
e7:a3:b2:19:c3:25:a1:a2:88:ba:e1:38:e8:01:48:b5:fb:92:
25:67:44:85:e2:78:a9:be:ae:81:27:a1:73:16:a2:49:91:4c:
0e:c6:42:10:a7:c6:2c:bb:2c:06:89:7f:be:31:e0:4c:34:9f:
b9:92:ad:e7:8b:23:7b:b1:96:5c:ee:0f:98:1e:9f:b3:cf:a3:
d9:09:8e:42:56:a8:68:3c:f5:23:6f:80:be:55:7d:b7:cf:65:
c6:89:8d:d4:aa:39:5b:43:40:d0:14:2c:67:0f:f4:88:ed:15:
fa:48:db:27:ad:ed:26:69:8a:bb:e8:b8:a9:fb:89:ea:99:ac:
1e:49:3d:33:9a:03:2e:3b:1d:0f:bd:65:3f:51:39:c9:6d:57:
9b:e0:40:0b:6c:4d:ac:95:96:cf:38:b8:3e:61:d7:38:ad:a6:
40:0b:10:eb
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQijTGUUWwWoFoUyiRkIudDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDBkYWE0YzI0NWE0NzI1ZjM4MDQxNDAyYjZiZmZkZWQx
NWVhNzgwHhcNMjUwMTAxMTU0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNiZGM5YzViZmQ5MzBkMTNhYjIwOWVlZjhiOWJiZGVmM2E0M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7j3OqsKvwZsWgPYH+YMsDIOr22+w
LOFvUOUAzukAi88aEAv6JNpWiY/eg42iKHdzjsFLbIr9RC00wwkNH7msYBAMKXaX
kF49HG3oJCr1Nh9+f3UkLPdKOeBH/zZLw7R9KYSJsBsJuEPTksTYNHpJMZsC9eCA
M7n6ZhqAbSfl6IJ9blExIXkJ3uNduGHfbuo0FUBUBFrNGxFOcD6lSGdXGM/Jqm+9
ox+MZERb8lJZXN1gggnaihkzCP82a+/4I+DOcvGYpI5pv47F5cmOCUYFl1LHzhho
1mV9a4x7Sc9oGFnJoOqY1pLjUfv3GiG+StacW6LoRcW43z7NBbCGmLR+PQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCM73Jxb/ZMNE6sgnu+Lm73vOkPhMB8GA1UdIwQY
MBaAFEVA2qTCRaRyXzgEFAK2v/3tFep4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2Et
ZDI1YWFhODA0MTQ1LzEvSXp2Y25GdjlrdzBUcXlDZTc0dWJ2ZTg2US1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2EtZDI1YWFhODA0MTQ1
LzEvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQAsux9AwQC
uTGoAwQAuUaLAwQAwQWWAwQC2T3gMA4EAgACMAgDBgMqAZ8gADANBgkqhkiG9w0B
AQsFAAOCAQEAbu5ABOfjKyo8in83MTVlrlHZTZ1S1IdUCuKRG08dGB+KE+U/8nEI
ooKysY1E/mkPzcQGbXYT1xq/xbHoakQStBOrHCXaFY7wQDzaOZGqBmeZdprDI9Ij
+GC556OyGcMloaKIuuE46AFItfuSJWdEheJ4qb6ugSehcxaiSZFMDsZCEKfGLLss
Bol/vjHgTDSfuZKt54sje7GWXO4PmB6fs8+j2QmOQlaoaDz1I2+AvlV9t89lxomN
1Ko5W0NA0BQsZw/0iO0V+kjbJ63tJmmKu+i4qfuJ6pmsHkk9M5oDLjsdD71lP1E5
yW1Xm+BAC2xNrJWWzzi4PmHXOK2mQAsQ6w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:47:59 2025 by rpki-client