Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/cIo_z6M4iUgSv6Rq-GH3zvKNA-E.roa
File: cIo_z6M4iUgSv6Rq-GH3zvKNA-E.roa (raw, json)
Hash identifier: uuzfvafFMiGynhqFG/8GblYil9CuUOOslH5kMNYMbzY=
Subject key identifier: 70:8A:3F:CF:A3:38:89:48:12:BF:A4:6A:F8:61:F7:CE:F2:8D:03:E1
Certificate issuer: /CN=43a8e2899693fca00bd8041ba8801f2d88869108
Certificate serial: 0194266AD3C0BB89ABD1C4E2FE3162C52A09
Authority key identifier: 43:A8:E2:89:96:93:FC:A0:0B:D8:04:1B:A8:80:1F:2D:88:86:91:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q6jiiZaT_KAL2AQbqIAfLYiGkQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/cIo_z6M4iUgSv6Rq-GH3zvKNA-E.roa
Signing time: Thu 02 Jan 2025 09:48:42 +0000
ROA not before: Thu 02 Jan 2025 09:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42487
IP address blocks: 45.81.172.0/22 maxlen: 22
2a0e:5b80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:d3:c0:bb:89:ab:d1:c4:e2:fe:31:62:c5:2a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43a8e2899693fca00bd8041ba8801f2d88869108
Validity
Not Before: Jan 2 09:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=708a3fcfa338894812bfa46af861f7cef28d03e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ad:e3:6b:39:15:57:53:f8:47:fd:9a:64:5b:
12:1b:db:4c:5d:fb:fa:88:80:a9:15:f3:35:6e:94:
fb:17:2b:ed:73:53:ec:49:25:dd:19:fb:c7:20:77:
59:49:5e:53:11:2a:fe:a5:84:0a:7a:e5:46:4e:87:
28:5f:24:e4:98:88:33:df:cb:e5:5b:bf:ee:34:36:
42:c9:43:71:96:ea:c2:e8:a0:7c:c0:d2:8b:0a:0d:
77:d5:4f:98:0f:0e:d1:29:2e:c8:f5:47:a8:ba:8a:
81:95:e7:ed:e9:51:2d:80:31:b3:92:42:d8:50:2a:
3c:72:94:be:a0:c3:5b:bf:ba:30:fc:f4:bb:eb:a7:
aa:f4:78:d8:c5:e9:4f:a4:b2:ce:6d:a2:7a:58:ad:
50:3c:34:24:32:29:7a:04:6a:d8:cf:a2:7d:1f:a4:
ea:0e:b8:73:6a:cc:3d:cb:bd:ac:28:d6:e3:48:48:
b9:06:af:0e:4d:3b:e4:2f:1c:70:36:50:44:81:ff:
8f:93:cc:51:6d:47:c6:ec:87:5d:37:13:58:0d:99:
b7:4a:55:fd:0d:9c:00:e8:2c:3c:48:0d:46:f1:c4:
2f:db:fd:77:bc:e1:97:9b:e0:1d:f9:34:eb:b9:dd:
b9:04:cf:3c:17:13:14:f3:a7:4f:86:87:c7:d4:9e:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8A:3F:CF:A3:38:89:48:12:BF:A4:6A:F8:61:F7:CE:F2:8D:03:E1
X509v3 Authority Key Identifier:
keyid:43:A8:E2:89:96:93:FC:A0:0B:D8:04:1B:A8:80:1F:2D:88:86:91:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q6jiiZaT_KAL2AQbqIAfLYiGkQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/cIo_z6M4iUgSv6Rq-GH3zvKNA-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/14e091-979a-4ed5-9d5e-4954270e2507/1/Q6jiiZaT_KAL2AQbqIAfLYiGkQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.172.0/22
IPv6:
2a0e:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
2a:d1:21:0a:40:47:1a:fc:fa:19:a8:0b:9a:62:ff:34:ac:a1:
e0:4a:4f:c7:e3:27:a4:d5:a0:e7:82:2b:a5:0d:80:77:6d:dd:
58:00:12:d7:29:90:c1:87:e5:b5:80:a9:a6:3d:5f:d5:92:06:
c3:58:aa:07:50:42:bd:0b:2e:0c:9a:57:3e:8f:22:7f:74:da:
08:0b:23:72:21:fe:e3:b1:4a:c0:68:ae:64:7c:26:01:47:9e:
f5:e4:88:68:ac:49:b6:8e:60:c5:36:9e:7f:a9:42:ed:19:66:
f5:7f:55:ab:f6:d1:5e:a4:e5:16:06:fb:8b:33:b1:18:eb:09:
90:e6:87:e6:d3:7b:7c:fc:1f:ba:04:c8:b0:6d:28:86:31:b2:
da:4c:ca:a4:09:72:58:6e:7d:f2:4f:1b:fa:df:a1:9d:25:53:
82:a3:63:f9:bf:2f:7f:66:58:36:fe:4d:6c:70:8d:75:80:fd:
31:e6:21:47:19:85:dc:6d:c6:04:d7:21:36:d7:98:6f:0d:ac:
b7:ed:5b:4d:99:6f:04:fd:b0:f6:aa:4a:7d:4c:64:fb:f3:75:
20:c8:8a:15:bb:5c:b3:da:f4:87:a6:a2:63:67:13:1b:2d:eb:
01:b7:c6:84:6d:eb:f6:69:42:31:e7:2f:de:0e:0a:52:f3:45:
da:b3:50:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmatPAu4mr0cTi/jFixSoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYThlMjg5OTY5M2ZjYTAwYmQ4MDQxYmE4ODAxZjJkODg4
NjkxMDgwHhcNMjUwMTAyMDk0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhhM2ZjZmEzMzg4OTQ4MTJiZmE0NmFmODYxZjdjZWYyOGQwM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK3jazkVV1P4R/2aZFsSG9tMXfv6
iICpFfM1bpT7Fyvtc1PsSSXdGfvHIHdZSV5TESr+pYQKeuVGTocoXyTkmIgz38vl
W7/uNDZCyUNxlurC6KB8wNKLCg131U+YDw7RKS7I9UeouoqBleft6VEtgDGzkkLY
UCo8cpS+oMNbv7ow/PS766eq9HjYxelPpLLObaJ6WK1QPDQkMil6BGrYz6J9H6Tq
Drhzasw9y72sKNbjSEi5Bq8OTTvkLxxwNlBEgf+Pk8xRbUfG7IddNxNYDZm3SlX9
DZwA6Cw8SA1G8cQv2/13vOGXm+Ad+TTrud25BM88FxMU86dPhofH1J7n/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHCKP8+jOIlIEr+kavhh987yjQPhMB8GA1UdIwQY
MBaAFEOo4omWk/ygC9gEG6iAHy2IhpEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTZqaWlaYVRfS0FMMkFRYnFJQWZMWWlHa1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNGUwOTEtOTc5YS00ZWQ1LTlkNWUt
NDk1NDI3MGUyNTA3LzEvY0lvX3o2TTRpVWdTdjZScS1HSDN6dktOQS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xNGUwOTEtOTc5YS00ZWQ1LTlkNWUtNDk1NDI3MGUyNTA3
LzEvUTZqaWlaYVRfS0FMMkFRYnFJQWZMWWlHa1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVGsMA0E
AgACMAcDBQMqDluAMA0GCSqGSIb3DQEBCwUAA4IBAQAq0SEKQEca/PoZqAuaYv80
rKHgSk/H4yek1aDngiulDYB3bd1YABLXKZDBh+W1gKmmPV/VkgbDWKoHUEK9Cy4M
mlc+jyJ/dNoICyNyIf7jsUrAaK5kfCYBR5715IhorEm2jmDFNp5/qULtGWb1f1Wr
9tFepOUWBvuLM7EY6wmQ5ofm03t8/B+6BMiwbSiGMbLaTMqkCXJYbn3yTxv636Gd
JVOCo2P5vy9/Zlg2/k1scI11gP0x5iFHGYXcbcYE1yE215hvDay37VtNmW8E/bD2
qkp9TGT783UgyIoVu1yz2vSHpqJjZxMbLesBt8aEbev2aUIx5y/eDgpS80Xas1Aj
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:05:13 2025 by rpki-client