Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/4kaBhFBJmcVPXTpr7vEzM3m5TtQ.roa
File: 4kaBhFBJmcVPXTpr7vEzM3m5TtQ.roa (raw, json)
Hash identifier: LSe9UyLKD1nkN+S+WsVwABdYF89ynfbDLCDSplYBzZQ=
Subject key identifier: E2:46:81:84:50:49:99:C5:4F:5D:3A:6B:EE:F1:33:33:79:B9:4E:D4
Certificate issuer: /CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Certificate serial: 0194266C34D156EAF5A6B0296BD45CF622AF
Authority key identifier: 8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/4kaBhFBJmcVPXTpr7vEzM3m5TtQ.roa
Signing time: Thu 02 Jan 2025 09:50:13 +0000
ROA not before: Thu 02 Jan 2025 09:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208327
IP address blocks: 45.145.92.0/22 maxlen: 22
2a0c:4d80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:34:d1:56:ea:f5:a6:b0:29:6b:d4:5c:f6:22:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Validity
Not Before: Jan 2 09:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2468184504999c54f5d3a6beef1333379b94ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:90:c5:7b:d3:53:89:30:ae:ac:31:3c:1e:98:
a1:5d:ad:8e:6a:ab:db:13:02:ae:ca:7e:f6:04:79:
a7:af:76:0d:6c:d7:8a:74:9d:f9:7a:d1:de:ca:97:
eb:d6:87:b3:03:01:be:dc:e3:cc:5d:3d:4a:49:13:
b4:2c:6e:6a:20:09:36:cc:57:21:84:a2:33:2c:69:
d6:85:79:58:b9:e5:62:d6:86:49:39:78:60:67:40:
69:b5:75:60:80:a3:a8:17:31:47:49:d2:c3:c5:f2:
d7:9f:ce:2b:8a:93:13:33:5e:38:c7:0a:10:f2:39:
d5:62:3b:5c:f9:d9:c5:b8:af:e6:90:4b:09:ef:a2:
1b:02:59:a1:13:67:0c:2f:f7:fd:57:d7:c0:f9:72:
94:bb:78:25:f1:e9:68:8a:8f:b9:5b:25:31:7e:6f:
d1:57:59:7d:48:a4:e4:b8:21:a9:6e:8f:84:65:1b:
b8:fe:26:35:94:7d:e4:78:d9:91:84:ec:8d:15:85:
b5:51:c7:24:b1:ac:12:05:2a:44:9b:08:92:b5:4f:
fc:da:fc:30:7d:50:c1:16:bd:05:37:77:dd:7f:f0:
b7:f7:31:d7:bb:ac:5f:3c:38:ca:a0:0a:8a:3f:18:
89:42:7b:d7:85:d4:58:fa:17:aa:00:29:7e:f6:e3:
3b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:46:81:84:50:49:99:C5:4F:5D:3A:6B:EE:F1:33:33:79:B9:4E:D4
X509v3 Authority Key Identifier:
keyid:8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/4kaBhFBJmcVPXTpr7vEzM3m5TtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/jaYOkADHWnXWfjf-B7FOB7IsWIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.92.0/22
IPv6:
2a0c:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
7e:3c:72:51:84:9c:1c:fc:eb:cd:7f:52:f8:02:0e:7f:0d:b5:
cb:cb:2b:46:ca:88:3c:b9:0b:11:c1:d4:16:bf:2c:59:e2:a6:
0f:01:39:f0:6f:6f:70:68:69:09:85:7d:dc:b2:59:b1:0a:17:
0c:d1:31:0c:0a:3d:60:fb:59:aa:41:90:da:68:93:c2:00:eb:
98:a6:60:cc:4c:2a:a4:e2:52:66:07:33:0f:f4:8e:07:96:d6:
86:52:16:33:b9:84:e1:16:9a:99:3c:23:0d:40:9a:ee:a7:d1:
0e:31:2c:ee:1d:c3:0f:8a:c5:0a:15:c5:ec:8a:c3:75:47:dc:
2c:f3:cd:fd:e0:07:d0:58:59:3b:91:06:a2:8b:fc:2e:a6:11:
38:86:cf:42:3e:7b:0c:e6:4c:d2:90:e4:c1:ea:b6:aa:55:2b:
63:8a:41:c6:28:ab:1b:50:83:e0:5c:ae:51:a8:5d:57:c8:6c:
25:37:ba:80:27:71:26:41:a1:39:2a:0f:ce:fc:6b:8c:c8:b3:
6e:2a:40:eb:b2:ea:22:c6:b3:6c:5a:2c:a5:0d:98:aa:9e:30:
4a:e4:d3:48:ee:83:0e:fb:fb:22:17:fb:ef:78:c9:7b:25:62:
8f:a6:24:6e:00:65:d0:95:30:00:6d:bc:0f:c9:45:ad:16:78:
de:e4:10:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbDTRVur1prApa9Rc9iKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTYwZTkwMDBjNzVhNzVkNjdlMzdmZTA3YjE0ZTA3YjIy
YzU4ODcwHhcNMjUwMTAyMDk1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ2ODE4NDUwNDk5OWM1NGY1ZDNhNmJlZWYxMzMzMzc5Yjk0ZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJDFe9NTiTCurDE8HpihXa2Oaqvb
EwKuyn72BHmnr3YNbNeKdJ35etHeypfr1oezAwG+3OPMXT1KSRO0LG5qIAk2zFch
hKIzLGnWhXlYueVi1oZJOXhgZ0BptXVggKOoFzFHSdLDxfLXn84ripMTM144xwoQ
8jnVYjtc+dnFuK/mkEsJ76IbAlmhE2cML/f9V9fA+XKUu3gl8eloio+5WyUxfm/R
V1l9SKTkuCGpbo+EZRu4/iY1lH3keNmRhOyNFYW1UccksawSBSpEmwiStU/82vww
fVDBFr0FN3fdf/C39zHXu6xfPDjKoAqKPxiJQnvXhdRY+heqACl+9uM7/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOJGgYRQSZnFT106a+7xMzN5uU7UMB8GA1UdIwQY
MBaAFI2mDpAAx1p11n43/gexTgeyLFiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQt
YjViOGQwMjQ0OGI4LzEvNGthQmhGQkptY1ZQWFRwcjd2RXpNM201VHRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQtYjViOGQwMjQ0OGI4
LzEvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZFcMA0E
AgACMAcDBQMqDE2AMA0GCSqGSIb3DQEBCwUAA4IBAQB+PHJRhJwc/OvNf1L4Ag5/
DbXLyytGyog8uQsRwdQWvyxZ4qYPATnwb29waGkJhX3cslmxChcM0TEMCj1g+1mq
QZDaaJPCAOuYpmDMTCqk4lJmBzMP9I4HltaGUhYzuYThFpqZPCMNQJrup9EOMSzu
HcMPisUKFcXsisN1R9ws88394AfQWFk7kQaii/wuphE4hs9CPnsM5kzSkOTB6raq
VStjikHGKKsbUIPgXK5RqF1XyGwlN7qAJ3EmQaE5Kg/O/GuMyLNuKkDrsuoixrNs
WiylDZiqnjBK5NNI7oMO+/siF/vveMl7JWKPpiRuAGXQlTAAbbwPyUWtFnje5BCv
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:51:00 2025 by rpki-client