Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/TOKJ7leUflS6UttAZzwZcKF4cuU.roa
File: TOKJ7leUflS6UttAZzwZcKF4cuU.roa (raw, json)
Hash identifier: FbxsOsIky6908M3EghoAhEv3FVACCPzpDuJvnzX9foU=
Subject key identifier: 4C:E2:89:EE:57:94:7E:54:BA:52:DB:40:67:3C:19:70:A1:78:72:E5
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 019427B634FC901D351F00D86153EE9D7C31
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/TOKJ7leUflS6UttAZzwZcKF4cuU.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12293
IP address blocks: 45.132.64.0/22 maxlen: 22
2a0c:1180::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:34:fc:90:1d:35:1f:00:d8:61:53:ee:9d:7c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ce289ee57947e54ba52db40673c1970a17872e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:12:32:cf:2f:88:e4:77:fe:79:c5:49:a2:
07:69:9d:09:f7:91:a0:ef:cd:49:54:ac:bc:0d:97:
b5:46:05:f4:a7:c3:3a:11:60:be:cd:99:d2:06:ec:
f5:75:53:ca:ce:2a:c4:ae:8c:60:98:34:9c:c0:67:
ba:b2:96:2c:6c:a2:d8:37:08:d8:e6:d3:45:8c:6e:
56:ef:6c:cb:8a:5a:50:35:93:78:da:64:5f:14:ef:
dc:74:0f:cd:c5:9e:f7:51:82:b5:4e:6c:c2:a7:fa:
49:24:78:09:3c:4e:13:58:6d:42:0e:e7:9d:6f:9f:
aa:5e:5f:8d:d8:7d:92:d0:58:80:5c:d1:3e:ae:8f:
b1:c0:da:9b:83:31:85:82:2f:36:d1:a4:da:97:77:
46:ae:90:9e:5f:21:98:84:27:9b:65:19:94:a8:ef:
f4:17:e2:79:5b:8b:ea:3d:fa:a9:83:c2:73:05:4e:
ad:59:43:7a:3a:01:77:5d:d1:b8:30:e3:ce:95:73:
07:9e:a8:6c:82:ac:cf:aa:bb:8b:be:ba:ab:4a:f8:
f9:94:39:33:47:77:c2:db:09:94:a7:ce:1b:3b:dd:
8b:16:1d:3b:4d:85:e1:b9:75:58:1a:81:a3:78:61:
ac:51:4f:de:ad:77:f5:30:58:56:a2:2c:aa:a9:a5:
01:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E2:89:EE:57:94:7E:54:BA:52:DB:40:67:3C:19:70:A1:78:72:E5
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/TOKJ7leUflS6UttAZzwZcKF4cuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.64.0/22
IPv6:
2a0c:1180::/40
Signature Algorithm: sha256WithRSAEncryption
25:8f:4e:f8:33:45:97:90:d4:f1:e2:d0:59:7c:72:ed:34:99:
9c:61:b1:a0:ab:34:7d:ca:d8:90:a5:e9:29:61:94:00:01:82:
5b:23:7d:5a:e4:f8:79:1c:c9:ae:ba:e8:51:59:ef:07:49:82:
12:0c:47:a1:30:82:0a:0b:3d:4d:bf:50:aa:03:6f:2d:e3:ef:
e0:95:ce:b2:de:bb:68:75:d6:b5:f5:3c:3f:a1:03:3c:03:a1:
f1:d2:b1:7c:30:aa:09:87:03:89:f2:1e:dd:8b:89:96:10:20:
a0:d3:16:e7:59:83:68:50:d6:9c:c6:cc:84:71:3b:b6:ff:93:
5a:55:95:6b:f4:a5:f6:b8:52:b9:72:65:f3:57:31:e5:a4:23:
87:69:85:7f:53:5b:b1:62:10:95:9a:36:d2:c6:16:75:53:c6:
c7:c0:b4:86:65:ae:2e:0e:10:3e:33:6d:93:93:52:d0:1d:3b:
c7:d5:e7:3c:75:98:16:2b:4f:36:58:37:fd:0e:60:5a:ba:68:
8b:9d:d7:cd:66:af:31:a5:5f:a8:af:2b:3a:77:e9:e5:64:04:
95:cf:b9:53:26:a3:d2:4b:5e:45:de:41:62:7b:b6:3d:14:53:
9e:9c:f0:d6:df:a9:b1:a2:ea:fc:f1:22:28:68:af:0d:24:69:
cb:5a:b8:9c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQntjT8kB01HwDYYVPunXwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2UyODllZTU3OTQ3ZTU0YmE1MmRiNDA2NzNjMTk3MGExNzg3MmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslgSMs8viOR3/nnFSaIHaZ0J95Gg
781JVKy8DZe1RgX0p8M6EWC+zZnSBuz1dVPKzirEroxgmDScwGe6spYsbKLYNwjY
5tNFjG5W72zLilpQNZN42mRfFO/cdA/NxZ73UYK1TmzCp/pJJHgJPE4TWG1CDued
b5+qXl+N2H2S0FiAXNE+ro+xwNqbgzGFgi820aTal3dGrpCeXyGYhCebZRmUqO/0
F+J5W4vqPfqpg8JzBU6tWUN6OgF3XdG4MOPOlXMHnqhsgqzPqruLvrqrSvj5lDkz
R3fC2wmUp84bO92LFh07TYXhuXVYGoGjeGGsUU/erXf1MFhWoiyqqaUBMwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEziie5XlH5UulLbQGc8GXCheHLlMB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvVE9LSjdsZVVmbFM2VXR0QVp6d1pjS0Y0Y3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLYRAMA4E
AgACMAgDBgAqDBGAADANBgkqhkiG9w0BAQsFAAOCAQEAJY9O+DNFl5DU8eLQWXxy
7TSZnGGxoKs0fcrYkKXpKWGUAAGCWyN9WuT4eRzJrrroUVnvB0mCEgxHoTCCCgs9
Tb9QqgNvLePv4JXOst67aHXWtfU8P6EDPAOh8dKxfDCqCYcDifIe3YuJlhAgoNMW
51mDaFDWnMbMhHE7tv+TWlWVa/Sl9rhSuXJl81cx5aQjh2mFf1NbsWIQlZo20sYW
dVPGx8C0hmWuLg4QPjNtk5NS0B07x9XnPHWYFitPNlg3/Q5gWrpoi53XzWavMaVf
qK8rOnfp5WQElc+5Uyaj0kteRd5BYnu2PRRTnpzw1t+psaLq/PEiKGivDSRpy1q4
nA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:45:48 2025 by rpki-client