Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Y3Xd6NKIjWUaPRpXNLy7b4XwzdQ.roa
File: Y3Xd6NKIjWUaPRpXNLy7b4XwzdQ.roa (raw, json)
Hash identifier: udKcZBdmBPxzUnoTICrAZrckxYvKcjnkW4RQdiCI4sI=
Subject key identifier: 63:75:DD:E8:D2:88:8D:65:1A:3D:1A:57:34:BC:BB:6F:85:F0:CD:D4
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0194282392C2DD182E09F2EB89BF1C88A90A
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Y3Xd6NKIjWUaPRpXNLy7b4XwzdQ.roa
Signing time: Thu 02 Jan 2025 17:50:07 +0000
ROA not before: Thu 02 Jan 2025 17:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60721
IP address blocks: 45.154.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:92:c2:dd:18:2e:09:f2:eb:89:bf:1c:88:a9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 2 17:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6375dde8d2888d651a3d1a5734bcbb6f85f0cdd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:49:d8:0d:89:96:25:07:86:2a:26:fc:a4:9d:
0b:27:9f:90:5f:fd:2b:29:0b:af:8e:9f:0f:71:7f:
14:a2:ea:ce:ed:a7:42:44:0e:f4:7e:98:a3:10:40:
11:f0:1a:8d:58:60:e6:f3:12:e3:f4:62:51:4c:4a:
8d:16:84:32:01:c0:4b:39:2e:92:0e:df:c8:4d:b9:
76:93:e5:a7:ef:96:42:08:b1:86:81:c0:e7:31:36:
2c:f4:a9:6a:8d:b7:08:b1:30:7d:76:5e:00:e4:52:
86:4f:9e:f1:19:88:3f:af:25:64:6e:bb:c7:1a:47:
c2:d8:e1:e1:e8:39:4f:a8:52:e6:0e:48:bc:2d:03:
94:38:d1:24:53:9c:a1:aa:dc:d1:f2:ac:7c:84:ae:
8e:95:df:3f:dd:d7:b7:c7:53:c3:74:9e:21:bc:ef:
ae:08:8c:26:e1:ea:21:56:55:dc:36:76:b2:8f:e4:
ad:cd:7d:c7:53:8b:55:9e:5a:a2:df:d1:e1:1b:bf:
d9:4e:9c:ec:b4:98:b5:19:ce:b2:c1:3f:c1:16:3f:
06:ed:54:b5:7c:c0:a8:33:bf:9f:54:ca:ca:04:db:
eb:fd:4c:89:33:71:bf:c7:07:93:14:07:06:78:31:
ee:bf:10:8b:64:fb:a4:c8:31:da:58:93:83:7e:90:
47:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:75:DD:E8:D2:88:8D:65:1A:3D:1A:57:34:BC:BB:6F:85:F0:CD:D4
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Y3Xd6NKIjWUaPRpXNLy7b4XwzdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.159.0/24
Signature Algorithm: sha256WithRSAEncryption
83:36:7f:f8:dd:17:3f:05:b3:47:7c:d5:c8:d7:c4:09:c9:58:
c2:5a:a9:26:28:a5:71:07:00:d1:62:5a:8f:32:7c:84:09:34:
95:b6:ad:6c:2f:e4:ca:09:b2:8c:d8:a5:0c:a9:e1:41:67:9b:
02:75:e2:8d:34:49:d7:6f:fa:1f:b5:96:86:2f:87:ee:1f:17:
68:8d:42:57:59:3b:41:7c:d5:04:ce:0e:f2:c0:65:47:5a:ef:
fc:92:3c:62:a1:ac:88:d6:27:70:f6:6b:4c:01:4a:72:0d:7c:
5f:3d:d2:33:80:52:d6:96:7c:fe:6f:3c:1f:6b:b1:b6:45:fa:
e5:48:35:8d:12:a8:20:a0:32:32:39:f8:15:94:6d:c1:17:ee:
f4:ae:8e:5a:04:aa:7f:61:3e:7d:65:13:37:fc:91:09:26:9c:
14:8b:0b:18:d0:a6:ed:68:09:7f:a5:5b:26:43:7c:e4:3f:29:
7e:7e:67:9e:d8:d6:47:52:3d:6c:48:72:b6:17:7d:69:21:29:
bf:cf:8f:23:43:8f:5b:e2:90:93:cb:48:2e:a8:6a:aa:ac:da:
10:6f:61:26:c2:c3:af:17:eb:ed:86:79:2a:12:9b:6d:af:9c:
29:b1:08:f1:fc:d1:50:44:08:f5:31:ae:9e:06:4e:94:4d:94:
f8:c4:11:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI5LC3RguCfLrib8ciKkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjUwMTAyMTc1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzc1ZGRlOGQyODg4ZDY1MWEzZDFhNTczNGJjYmI2Zjg1ZjBjZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEnYDYmWJQeGKib8pJ0LJ5+QX/0r
KQuvjp8PcX8UourO7adCRA70fpijEEAR8BqNWGDm8xLj9GJRTEqNFoQyAcBLOS6S
Dt/ITbl2k+Wn75ZCCLGGgcDnMTYs9KlqjbcIsTB9dl4A5FKGT57xGYg/ryVkbrvH
GkfC2OHh6DlPqFLmDki8LQOUONEkU5yhqtzR8qx8hK6Old8/3de3x1PDdJ4hvO+u
CIwm4eohVlXcNnayj+StzX3HU4tVnlqi39HhG7/ZTpzstJi1Gc6ywT/BFj8G7VS1
fMCoM7+fVMrKBNvr/UyJM3G/xweTFAcGeDHuvxCLZPukyDHaWJODfpBHewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGN13ejSiI1lGj0aVzS8u2+F8M3UMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvWTNYZDZOS0lqV1VhUFJwWE5MeTdiNFh3emRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZqfMA0G
CSqGSIb3DQEBCwUAA4IBAQCDNn/43Rc/BbNHfNXI18QJyVjCWqkmKKVxBwDRYlqP
MnyECTSVtq1sL+TKCbKM2KUMqeFBZ5sCdeKNNEnXb/oftZaGL4fuHxdojUJXWTtB
fNUEzg7ywGVHWu/8kjxioayI1idw9mtMAUpyDXxfPdIzgFLWlnz+bzwfa7G2Rfrl
SDWNEqggoDIyOfgVlG3BF+70ro5aBKp/YT59ZRM3/JEJJpwUiwsY0KbtaAl/pVsm
Q3zkPyl+fmee2NZHUj1sSHK2F31pISm/z48jQ49b4pCTy0guqGqqrNoQb2EmwsOv
F+vthnkqEpttr5wpsQjx/NFQRAj1Ma6eBk6UTZT4xBEt
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:22:06 2025 by rpki-client