Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/nX68xJu4PPuUd3E7LTmizIz9Y5I.roa
File: nX68xJu4PPuUd3E7LTmizIz9Y5I.roa (raw, json)
Hash identifier: /g2zsHvUoHXd0pXza/c5SOH4ioZmb5PkmJj1tNBWyBU=
Subject key identifier: 9D:7E:BC:C4:9B:B8:3C:FB:94:77:71:3B:2D:39:A2:CC:8C:FD:63:92
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019600A008B11ECCF5725F7C9430765ACF03
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/nX68xJu4PPuUd3E7LTmizIz9Y5I.roa
Signing time: Fri 04 Apr 2025 11:46:50 +0000
ROA not before: Fri 04 Apr 2025 11:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47690
IP address blocks: 45.43.148.0/24 maxlen: 24
45.43.149.0/24 maxlen: 24
45.43.150.0/24 maxlen: 24
45.43.151.0/24 maxlen: 24
45.43.154.0/24 maxlen: 24
45.43.158.0/24 maxlen: 24
45.43.159.0/24 maxlen: 24
45.43.161.0/24 maxlen: 24
104.222.176.0/24 maxlen: 24
104.222.177.0/24 maxlen: 24
104.222.178.0/24 maxlen: 24
104.222.179.0/24 maxlen: 24
104.222.180.0/24 maxlen: 24
104.222.181.0/24 maxlen: 24
104.222.182.0/24 maxlen: 24
104.222.183.0/24 maxlen: 24
104.222.189.0/24 maxlen: 24
104.233.8.0/24 maxlen: 24
104.233.9.0/24 maxlen: 24
104.233.59.0/24 maxlen: 24
104.238.6.0/24 maxlen: 24
104.238.11.0/24 maxlen: 24
104.238.12.0/24 maxlen: 24
104.238.13.0/24 maxlen: 24
104.239.8.0/24 maxlen: 24
104.239.12.0/24 maxlen: 24
104.239.14.0/24 maxlen: 24
104.239.29.0/24 maxlen: 24
104.239.55.0/24 maxlen: 24
104.239.56.0/24 maxlen: 24
104.239.58.0/24 maxlen: 24
104.239.59.0/24 maxlen: 24
104.239.60.0/24 maxlen: 24
104.239.61.0/24 maxlen: 24
104.239.62.0/24 maxlen: 24
104.239.63.0/24 maxlen: 24
104.239.64.0/24 maxlen: 24
104.239.65.0/24 maxlen: 24
104.249.8.0/24 maxlen: 24
104.249.9.0/24 maxlen: 24
104.249.10.0/24 maxlen: 24
104.249.11.0/24 maxlen: 24
104.249.12.0/24 maxlen: 24
104.249.13.0/24 maxlen: 24
104.249.14.0/24 maxlen: 24
104.249.15.0/24 maxlen: 24
104.249.16.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.18.0/24 maxlen: 24
104.249.19.0/24 maxlen: 24
104.249.20.0/24 maxlen: 24
104.249.21.0/24 maxlen: 24
104.249.22.0/24 maxlen: 24
104.249.23.0/24 maxlen: 24
104.249.42.0/24 maxlen: 24
104.249.43.0/24 maxlen: 24
104.249.44.0/24 maxlen: 24
104.249.45.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.48.0/24 maxlen: 24
104.249.49.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
104.249.51.0/24 maxlen: 24
104.249.52.0/24 maxlen: 24
104.249.53.0/24 maxlen: 24
104.249.54.0/24 maxlen: 24
216.173.90.0/24 maxlen: 24
216.173.91.0/24 maxlen: 24
216.173.92.0/24 maxlen: 24
216.173.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:a0:08:b1:1e:cc:f5:72:5f:7c:94:30:76:5a:cf:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 4 11:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d7ebcc49bb83cfb9477713b2d39a2cc8cfd6392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:14:5c:7d:0d:88:cb:d2:9c:a8:bf:81:41:dd:
b0:b1:3c:20:8b:64:6a:5d:fc:7d:2e:53:56:ea:6f:
c9:e7:50:22:ac:05:14:59:b8:1a:e4:44:8f:ad:ae:
09:22:a0:b7:8e:0e:a7:06:b6:33:8d:b8:23:77:1b:
29:a9:1d:ad:7e:52:8d:43:74:6f:8f:df:32:15:e2:
cf:16:93:88:ea:9c:e9:b0:67:17:a6:52:aa:12:e6:
0c:f7:a8:60:b4:48:3c:28:57:93:92:56:0f:7a:48:
a5:eb:37:52:58:b4:74:27:16:2d:4d:6b:18:b3:73:
8b:ad:a2:51:d4:02:d1:1d:30:e6:66:03:6d:44:bd:
a9:1d:7d:3e:b9:58:67:9b:f7:78:c7:30:29:1c:d7:
96:78:f5:8b:cd:0e:07:42:95:48:94:06:79:55:c5:
c8:51:89:19:4a:fb:12:a5:8a:52:8b:12:00:88:62:
74:ad:61:58:67:2b:b9:a3:4b:95:7d:a4:b4:f1:9e:
38:20:00:47:bf:97:b2:28:84:6e:b5:cc:a7:ba:54:
87:f2:42:10:e7:46:77:67:af:cb:f4:bd:d5:8f:70:
7b:71:37:dc:38:8c:2d:2f:55:77:ef:5b:85:b1:c8:
31:44:4e:d4:b3:a8:c5:88:1d:aa:d3:ee:53:f7:fb:
12:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7E:BC:C4:9B:B8:3C:FB:94:77:71:3B:2D:39:A2:CC:8C:FD:63:92
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/nX68xJu4PPuUd3E7LTmizIz9Y5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.148.0/22
45.43.154.0/24
45.43.158.0/23
45.43.161.0/24
104.222.176.0/21
104.222.189.0/24
104.233.8.0/23
104.233.59.0/24
104.238.6.0/24
104.238.11.0-104.238.13.255
104.239.8.0/24
104.239.12.0/24
104.239.14.0/24
104.239.29.0/24
104.239.55.0-104.239.56.255
104.239.58.0-104.239.65.255
104.249.8.0-104.249.23.255
104.249.42.0-104.249.54.255
216.173.90.0-216.173.93.255
Signature Algorithm: sha256WithRSAEncryption
76:1b:39:7f:c2:73:35:ea:5b:76:5e:46:a5:93:74:26:aa:9d:
ae:df:44:e5:1f:96:5c:5a:dd:30:86:89:7b:cd:59:d6:61:10:
d6:bd:79:11:e3:9a:3a:41:16:fc:84:92:c8:4e:e6:b9:83:64:
36:f2:85:df:71:ab:01:92:e4:fe:f1:b5:4e:24:21:3b:77:f7:
31:cd:a2:01:4d:17:dd:51:95:7e:c9:a7:4d:cf:20:d2:ed:e4:
21:4f:f9:35:52:1e:da:92:b6:4d:ed:f1:5a:35:1f:d2:a7:e9:
12:03:8c:90:15:cf:49:70:9c:0e:05:4c:0e:fc:84:9e:10:8d:
52:a5:3c:27:db:77:17:1f:54:e0:15:27:bd:74:5c:83:a2:cb:
ce:63:31:5a:34:6b:df:16:6e:a0:82:cd:11:36:73:a1:29:18:
cf:bc:e4:1e:95:54:5f:42:50:f1:2d:f8:bf:5b:00:e0:7e:22:
46:ad:ca:53:5a:67:27:6f:35:23:2b:94:ba:23:42:3c:24:62:
56:42:ad:33:fd:0f:b9:d0:0f:a8:a8:52:6a:b9:7f:e4:38:66:
b4:b4:47:07:a6:7e:22:b0:d7:1b:e2:8b:07:88:5c:05:d0:d7:
7b:ad:52:1d:05:8d:bc:5a:47:2c:d8:55:ad:0c:b3:be:e2:77:
f3:2a:c0:13
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZYAoAixHsz1cl98lDB2Ws8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNDA0MTE0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdlYmNjNDliYjgzY2ZiOTQ3NzcxM2IyZDM5YTJjYzhjZmQ2MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8hRcfQ2Iy9KcqL+BQd2wsTwgi2Rq
Xfx9LlNW6m/J51AirAUUWbga5ESPra4JIqC3jg6nBrYzjbgjdxspqR2tflKNQ3Rv
j98yFeLPFpOI6pzpsGcXplKqEuYM96hgtEg8KFeTklYPekil6zdSWLR0JxYtTWsY
s3OLraJR1ALRHTDmZgNtRL2pHX0+uVhnm/d4xzApHNeWePWLzQ4HQpVIlAZ5VcXI
UYkZSvsSpYpSixIAiGJ0rWFYZyu5o0uVfaS08Z44IABHv5eyKIRutcynulSH8kIQ
50Z3Z6/L9L3Vj3B7cTfcOIwtL1V371uFscgxRE7Us6jFiB2q0+5T9/sSlwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFJ1+vMSbuDz7lHdxOy05osyM/WOSMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvblg2OHhKdTRQUHVVZDNFN0xUbWl6SXo5WTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAIt
K5QDBAAtK5oDBAEtK54DBAAtK6EDBANo3rADBABo3r0DBAFo6QgDBABo6TsDBABo
7gYwDAMEAGjuCwMEAWjuDAMEAGjvCAMEAGjvDAMEAGjvDgMEAGjvHTAMAwQAaO83
AwQAaO84MAwDBAFo7zoDBAFo70AwDAMEA2j5CAMEA2j5EDAMAwQBaPkqAwQAaPk2
MAwDBAHYrVoDBAHYrVwwDQYJKoZIhvcNAQELBQADggEBAHYbOX/CczXqW3ZeRqWT
dCaqna7fROUfllxa3TCGiXvNWdZhENa9eRHjmjpBFvyEkshO5rmDZDbyhd9xqwGS
5P7xtU4kITt39zHNogFNF91RlX7Jp03PINLt5CFP+TVSHtqStk3t8Vo1H9Kn6RID
jJAVz0lwnA4FTA78hJ4QjVKlPCfbdxcfVOAVJ710XIOiy85jMVo0a98WbqCCzRE2
c6EpGM+85B6VVF9CUPEt+L9bAOB+IkatylNaZydvNSMrlLojQjwkYlZCrTP9D7nQ
D6ioUmq5f+Q4ZrS0RwemfiKw1xviiweIXAXQ13utUh0FjbxaRyzYVa0Ms77id/Mq
wBM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:29 2025 by rpki-client on console.sobornost.net