Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/ruoDX0K9VhdXmRyoyMx7Kq-ps0U.roa
File: ruoDX0K9VhdXmRyoyMx7Kq-ps0U.roa (raw, json)
Hash identifier: zYFHs9Pc2fRsxf2yR98ieoabL4bJzJtKnSudDrvjoY4=
Subject key identifier: AE:EA:03:5F:42:BD:56:17:57:99:1C:A8:C8:CC:7B:2A:AF:A9:B3:45
Certificate issuer: /CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Certificate serial: 019421442B72FE6EAE61A89354E4F4A5FE1D
Authority key identifier: 28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/ruoDX0K9VhdXmRyoyMx7Kq-ps0U.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208339
IP address blocks: 45.143.204.0/22 maxlen: 23
45.143.204.0/23 maxlen: 24
45.143.204.0/24 maxlen: 24
45.143.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2b:72:fe:6e:ae:61:a8:93:54:e4:f4:a5:fe:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aeea035f42bd561757991ca8c8cc7b2aafa9b345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:bf:78:9a:56:d0:1f:31:b5:ac:65:1c:41:2f:
0a:95:26:44:e6:a6:49:fe:19:90:51:50:72:34:c9:
40:24:70:70:73:eb:7c:e2:7c:85:6b:2e:19:8d:fe:
85:38:76:89:83:5d:6f:fe:d5:74:da:3d:e5:c3:16:
25:1f:87:d8:c9:26:ec:2d:92:ab:98:12:88:f7:bf:
96:8d:40:fc:9b:1d:9f:94:f0:97:f8:b5:31:06:fa:
82:c5:24:88:98:7a:a2:91:9c:4b:f2:39:79:34:9f:
56:a1:96:d2:84:1d:9a:b7:d3:74:1d:c4:19:f4:27:
e3:cf:a7:98:be:40:f3:d3:ea:f7:fa:97:e7:f0:9c:
92:44:0c:79:9d:7a:d9:12:1e:63:0b:0b:7e:95:ff:
6f:d4:4f:5d:fa:e3:87:5e:f6:07:8f:98:2f:06:07:
37:16:a0:1d:8b:23:1c:54:57:76:49:35:61:cf:25:
53:7f:98:05:df:51:14:e4:84:eb:df:f0:37:da:79:
eb:0c:71:e2:fe:5e:d1:f9:3d:b7:85:c8:e4:87:81:
82:e1:9c:02:72:6a:49:13:67:ec:40:f5:76:b3:d6:
54:ac:6b:67:7d:35:72:dc:b0:a1:af:19:f5:57:d8:
dc:14:b6:37:64:e8:ab:46:ea:68:d4:d6:90:38:55:
f3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:EA:03:5F:42:BD:56:17:57:99:1C:A8:C8:CC:7B:2A:AF:A9:B3:45
X509v3 Authority Key Identifier:
keyid:28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/ruoDX0K9VhdXmRyoyMx7Kq-ps0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.204.0/22
Signature Algorithm: sha256WithRSAEncryption
48:84:c3:33:22:e6:7f:33:de:2f:bb:8a:d5:b9:90:01:d7:c0:
84:41:ae:3a:76:09:c1:c2:52:ba:68:ff:81:d0:ff:33:66:f4:
2a:93:97:5e:25:9d:11:e1:55:15:3c:77:cd:73:99:57:00:fc:
c7:78:fd:62:6b:ee:b1:8d:7e:f9:1a:42:f6:fa:37:7b:3a:e0:
da:fa:34:72:44:c2:c8:e5:07:f9:4f:7b:24:74:ab:df:5c:30:
06:5b:73:d2:8b:38:85:5c:5d:f3:44:fd:73:5e:59:ac:26:1b:
13:45:31:da:9e:c7:e1:32:5f:47:c8:1e:c8:d6:4e:2e:6f:ba:
22:e3:b9:0d:1d:da:56:a3:f8:ec:70:6a:45:0d:36:9f:a6:59:
f7:c2:27:43:bb:60:6b:2e:5e:7e:15:79:82:d1:4c:fb:bf:c8:
6e:6b:e4:f7:73:f4:9a:27:21:f9:d4:0f:22:b2:b9:60:fb:03:
33:a5:8c:95:84:d7:d2:b6:a9:a9:13:74:09:51:3a:10:a2:d3:
40:67:fc:46:4d:f6:c9:f3:a8:75:6e:59:21:08:da:8f:b9:be:
61:87:8a:11:2d:15:6b:20:43:a7:6f:23:10:9f:e7:09:1a:1b:
de:72:0e:39:b1:9e:64:1f:b4:0e:6b:ab:eb:b2:72:93:fa:ae:
98:d2:c3:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCty/m6uYaiTVOT0pf4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTBkYTc2NWE5OTlmNzE5ODc1YzUxZWVjZjRjN2Q2MTQ4
YTFiZDkwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWVhMDM1ZjQyYmQ1NjE3NTc5OTFjYThjOGNjN2IyYWFmYTliMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6794mlbQHzG1rGUcQS8KlSZE5qZJ
/hmQUVByNMlAJHBwc+t84nyFay4Zjf6FOHaJg11v/tV02j3lwxYlH4fYySbsLZKr
mBKI97+WjUD8mx2flPCX+LUxBvqCxSSImHqikZxL8jl5NJ9WoZbShB2at9N0HcQZ
9Cfjz6eYvkDz0+r3+pfn8JySRAx5nXrZEh5jCwt+lf9v1E9d+uOHXvYHj5gvBgc3
FqAdiyMcVFd2STVhzyVTf5gF31EU5ITr3/A32nnrDHHi/l7R+T23hcjkh4GC4ZwC
cmpJE2fsQPV2s9ZUrGtnfTVy3LChrxn1V9jcFLY3ZOirRupo1NaQOFXz1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7qA19CvVYXV5kcqMjMeyqvqbNFMB8GA1UdIwQY
MBaAFCiQ2nZamZ9xmHXFHuz0x9YUihvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEt
MjhmYzcwNjNkOTUyLzEvcnVvRFgwSzlWaGRYbVJ5b3lNeDdLcS1wczBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEtMjhmYzcwNjNkOTUy
LzEvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY/MMA0G
CSqGSIb3DQEBCwUAA4IBAQBIhMMzIuZ/M94vu4rVuZAB18CEQa46dgnBwlK6aP+B
0P8zZvQqk5deJZ0R4VUVPHfNc5lXAPzHeP1ia+6xjX75GkL2+jd7OuDa+jRyRMLI
5Qf5T3skdKvfXDAGW3PSiziFXF3zRP1zXlmsJhsTRTHansfhMl9HyB7I1k4ub7oi
47kNHdpWo/jscGpFDTafpln3widDu2BrLl5+FXmC0Uz7v8hua+T3c/SaJyH51A8i
srlg+wMzpYyVhNfStqmpE3QJUToQotNAZ/xGTfbJ86h1blkhCNqPub5hh4oRLRVr
IEOnbyMQn+cJGhvecg45sZ5kH7QOa6vrsnKT+q6Y0sNP
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:23:14 2025 by rpki-client