Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/68f44b-3675-4ad8-a0ca-74ba26aaf1f6/1/kBYkIoAwOTb1jZVoI-2IjKFmw9s.roa
File: kBYkIoAwOTb1jZVoI-2IjKFmw9s.roa (raw, json)
Hash identifier: XJGvgivLL6yw0361zmrsd505aLJW4OPiGkt/w/pz35g=
Subject key identifier: 90:16:24:22:80:30:39:36:F5:8D:95:68:23:ED:88:8C:A1:66:C3:DB
Certificate issuer: /CN=36980b4863a4c0fc109e933a9f8f7892e42622f8
Certificate serial: 019423D710AE4C572CF1FB18868BC29935DA
Authority key identifier: 36:98:0B:48:63:A4:C0:FC:10:9E:93:3A:9F:8F:78:92:E4:26:22:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpgLSGOkwPwQnpM6n494kuQmIvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/68f44b-3675-4ad8-a0ca-74ba26aaf1f6/1/kBYkIoAwOTb1jZVoI-2IjKFmw9s.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49619
IP address blocks: 45.130.24.0/22 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:10:ae:4c:57:2c:f1:fb:18:86:8b:c2:99:35:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36980b4863a4c0fc109e933a9f8f7892e42622f8
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9016242280303936f58d956823ed888ca166c3db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2a:a4:2d:42:90:90:b2:be:50:92:7b:8c:88:
3c:c6:e6:8c:ed:41:00:7c:6a:a6:48:cc:14:2a:cc:
d1:d9:aa:cc:7a:f8:f0:e5:2d:b5:1a:2d:7d:d9:04:
50:b1:7f:0c:49:5e:b5:0d:45:f9:98:9b:91:73:a7:
5f:95:99:ac:7c:aa:dc:74:16:a9:da:de:da:5c:97:
0a:71:cf:c1:0a:8a:d6:3f:ca:b8:47:87:61:e9:f3:
6a:a7:7e:75:c1:a3:72:4d:a3:c6:fe:ea:e4:2b:6f:
f4:fb:86:30:d3:d0:16:b3:30:51:60:d1:24:a3:9f:
65:40:a5:c2:b1:3b:27:d9:4b:ae:43:3d:83:46:62:
20:7e:65:c8:bb:ac:63:70:d7:bd:36:d7:7a:df:0e:
a7:13:39:17:d6:5d:9e:a2:bd:ab:1a:da:44:31:75:
f4:0a:7e:2b:cd:3e:ff:c5:bb:5a:02:c2:a2:31:a3:
e0:d7:43:13:95:0a:20:af:e9:83:ea:ae:0c:a2:42:
ef:21:58:b3:18:55:8d:04:95:90:cc:ed:29:b9:d8:
79:23:2e:17:43:5a:f2:1e:d7:01:21:41:4f:a7:db:
85:d9:fd:3a:55:ec:e5:f1:c7:a2:b0:f8:23:18:15:
df:22:4d:a1:54:59:0c:ca:29:a9:1c:cf:d6:8e:d7:
4f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:16:24:22:80:30:39:36:F5:8D:95:68:23:ED:88:8C:A1:66:C3:DB
X509v3 Authority Key Identifier:
keyid:36:98:0B:48:63:A4:C0:FC:10:9E:93:3A:9F:8F:78:92:E4:26:22:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpgLSGOkwPwQnpM6n494kuQmIvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/68f44b-3675-4ad8-a0ca-74ba26aaf1f6/1/kBYkIoAwOTb1jZVoI-2IjKFmw9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/68f44b-3675-4ad8-a0ca-74ba26aaf1f6/1/NpgLSGOkwPwQnpM6n494kuQmIvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.24.0/22
Signature Algorithm: sha256WithRSAEncryption
15:56:5f:ce:ab:da:e2:b5:b8:2f:e3:e0:a2:e4:0b:bc:86:4a:
c5:ab:91:a9:01:ae:53:a5:92:03:bf:fa:8f:a1:58:f6:4a:f3:
f9:71:94:b5:5d:90:47:7c:96:d5:2e:21:e7:ce:f1:93:6d:5b:
8a:52:b0:ef:ca:37:23:6c:e6:17:7c:01:fc:a4:5e:23:c9:b2:
11:b6:75:ae:06:4f:7b:7c:d0:1f:01:ab:a2:d8:21:de:a1:55:
cb:8f:ec:f7:58:3d:2f:e4:71:dd:8f:59:98:31:89:4c:2c:2c:
3f:47:09:b5:c7:dd:e2:c0:86:54:fd:45:c6:5a:e4:78:d8:1f:
75:e1:54:31:c3:94:83:85:69:fc:ae:3e:68:2f:8f:ee:58:c5:
c8:ae:76:b0:14:9d:ac:28:6c:63:de:61:03:fa:50:2d:8c:ac:
fb:ce:42:9d:72:a6:1d:ff:2a:e5:92:4c:ca:4d:58:e7:f2:75:
5f:2c:87:96:4c:52:65:31:ee:eb:44:ea:a4:6b:90:47:ef:04:
f9:f6:8d:84:84:57:12:a4:54:ee:f2:99:5b:af:4b:c6:d6:96:
24:f9:84:50:7a:df:2e:e6:34:3f:0b:84:34:de:00:5b:c8:fe:
dc:ff:90:c0:5f:31:5f:ed:6e:df:d5:e1:f8:36:e1:df:66:ab:
b5:b7:a3:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xCuTFcs8fsYhovCmTXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTgwYjQ4NjNhNGMwZmMxMDllOTMzYTlmOGY3ODkyZTQy
NjIyZjgwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDE2MjQyMjgwMzAzOTM2ZjU4ZDk1NjgyM2VkODg4Y2ExNjZjM2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCqkLUKQkLK+UJJ7jIg8xuaM7UEA
fGqmSMwUKszR2arMevjw5S21Gi192QRQsX8MSV61DUX5mJuRc6dflZmsfKrcdBap
2t7aXJcKcc/BCorWP8q4R4dh6fNqp351waNyTaPG/urkK2/0+4Yw09AWszBRYNEk
o59lQKXCsTsn2UuuQz2DRmIgfmXIu6xjcNe9Ntd63w6nEzkX1l2eor2rGtpEMXX0
Cn4rzT7/xbtaAsKiMaPg10MTlQogr+mD6q4MokLvIVizGFWNBJWQzO0pudh5Iy4X
Q1ryHtcBIUFPp9uF2f06Vezl8ceisPgjGBXfIk2hVFkMyimpHM/WjtdPywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAWJCKAMDk29Y2VaCPtiIyhZsPbMB8GA1UdIwQY
MBaAFDaYC0hjpMD8EJ6TOp+PeJLkJiL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBnTFNHT2t3UHdRbnBNNm40OTRrdVFtSXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OGY0NGItMzY3NS00YWQ4LWEwY2Et
NzRiYTI2YWFmMWY2LzEva0JZa0lvQXdPVGIxalpWb0ktMklqS0ZtdzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OGY0NGItMzY3NS00YWQ4LWEwY2EtNzRiYTI2YWFmMWY2
LzEvTnBnTFNHT2t3UHdRbnBNNm40OTRrdVFtSXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAVVl/Oq9ritbgv4+Ci5Au8hkrFq5GpAa5TpZIDv/qP
oVj2SvP5cZS1XZBHfJbVLiHnzvGTbVuKUrDvyjcjbOYXfAH8pF4jybIRtnWuBk97
fNAfAaui2CHeoVXLj+z3WD0v5HHdj1mYMYlMLCw/Rwm1x93iwIZU/UXGWuR42B91
4VQxw5SDhWn8rj5oL4/uWMXIrnawFJ2sKGxj3mED+lAtjKz7zkKdcqYd/yrlkkzK
TVjn8nVfLIeWTFJlMe7rROqka5BH7wT59o2EhFcSpFTu8plbr0vG1pYk+YRQet8u
5jQ/C4Q03gBbyP7c/5DAXzFf7W7f1eH4NuHfZqu1t6Py
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:21 2025 by rpki-client