Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/y5SZIr6qAjLW7NYmCj5IfQyi8kQ.roa
File: y5SZIr6qAjLW7NYmCj5IfQyi8kQ.roa (raw, json)
Hash identifier: NP73pJX70CxmCwBeEMVUpNdndVr2216z/LahzYeiQIs=
Subject key identifier: CB:94:99:22:BE:AA:02:32:D6:EC:D6:26:0A:3E:48:7D:0C:A2:F2:44
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019424B39B25EF947374F10F4C7559B1A3E1
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/y5SZIr6qAjLW7NYmCj5IfQyi8kQ.roa
Signing time: Thu 02 Jan 2025 01:48:57 +0000
ROA not before: Thu 02 Jan 2025 01:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45650
IP address blocks: 45.139.188.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9b:25:ef:94:73:74:f1:0f:4c:75:59:b1:a3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 01:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb949922beaa0232d6ecd6260a3e487d0ca2f244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:5a:b8:0a:48:65:e7:f7:65:14:28:50:af:
0d:59:e5:4f:93:fd:26:74:fc:14:b3:6e:a3:b1:a9:
c3:c8:57:f3:f1:e0:7f:b9:75:33:5f:db:ea:ea:db:
07:7a:fe:d4:00:0f:af:a3:62:18:ca:b2:dd:b7:9a:
28:d1:e6:41:10:1c:8d:0b:fd:1a:d2:31:44:01:4d:
17:aa:ee:5e:28:f3:cb:da:dc:af:f8:da:f1:43:26:
de:44:e8:96:bc:30:d6:53:ca:08:37:ce:7b:9d:ec:
a9:ff:05:18:4e:00:d4:1f:34:99:40:33:5a:13:1a:
10:a0:70:ba:75:8d:6c:4d:b8:e7:4e:ad:49:bc:49:
2f:5e:3d:b4:a9:0c:47:46:04:2d:5f:25:a4:46:51:
26:13:be:16:ef:cd:ce:c9:4e:80:8a:05:9a:03:f7:
a9:47:f3:ee:a8:30:d3:c6:75:bf:64:1a:44:3f:92:
7c:65:e3:7f:f7:0b:14:f8:e9:16:bd:b6:9e:bc:8e:
95:f9:19:93:c1:f0:c8:4a:15:d3:47:71:db:b6:5a:
a6:bd:21:7e:a8:4a:d9:fe:61:84:ac:a7:3e:19:9b:
ef:9a:b0:1b:20:19:e6:e2:f5:6e:56:b7:cd:37:66:
14:7b:d0:47:28:4f:e8:a5:f4:b8:ef:b0:ca:50:52:
4f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:94:99:22:BE:AA:02:32:D6:EC:D6:26:0A:3E:48:7D:0C:A2:F2:44
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/y5SZIr6qAjLW7NYmCj5IfQyi8kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:47:82:68:0e:55:96:27:fc:f8:1e:a1:de:87:91:b6:0f:3d:
3c:6b:2b:7e:1d:8e:20:c4:a2:a8:0b:00:8d:b8:3d:df:39:6c:
97:7f:4b:10:1b:42:31:cb:cd:26:3b:d2:d7:ee:5b:84:45:93:
07:c4:72:6d:16:fa:cb:9e:2a:6f:e9:9c:fa:fa:99:17:12:d6:
cd:f6:1e:f5:87:c5:e5:bd:1e:c4:34:d6:04:45:91:21:c8:32:
c0:fc:27:d5:ab:03:71:e1:fd:95:52:87:41:d7:a3:3b:65:6c:
e3:7e:61:af:fc:2e:18:9e:aa:e7:85:a4:5d:05:48:a6:88:1f:
bb:c7:17:ce:b9:47:ce:5d:46:8a:00:03:ae:ed:c2:66:41:a4:
da:0f:31:94:86:cc:3c:75:8b:1a:0e:19:fb:f1:0b:bb:cb:e9:
6c:6c:f9:dc:40:31:a6:62:c8:f4:f9:00:5c:00:88:94:e2:fa:
a5:4c:bf:ce:1e:f3:39:42:dd:60:33:5f:14:9a:e5:bc:3a:1a:
ea:82:7c:ed:c8:c9:2b:b9:80:2f:df:3e:3d:73:01:3e:c2:bf:
f2:71:39:1d:df:bb:20:9b:3c:78:f3:d4:7b:81:2b:70:23:d1:
5d:30:61:14:84:e6:ca:3a:95:cb:f3:4a:6e:1f:41:c0:d4:1e:
8e:16:d8:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks5sl75RzdPEPTHVZsaPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMTAyMDE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk0OTkyMmJlYWEwMjMyZDZlY2Q2MjYwYTNlNDg3ZDBjYTJmMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaBauApIZef3ZRQoUK8NWeVPk/0m
dPwUs26jsanDyFfz8eB/uXUzX9vq6tsHev7UAA+vo2IYyrLdt5oo0eZBEByNC/0a
0jFEAU0Xqu5eKPPL2tyv+NrxQybeROiWvDDWU8oIN857neyp/wUYTgDUHzSZQDNa
ExoQoHC6dY1sTbjnTq1JvEkvXj20qQxHRgQtXyWkRlEmE74W783OyU6AigWaA/ep
R/PuqDDTxnW/ZBpEP5J8ZeN/9wsU+OkWvbaevI6V+RmTwfDIShXTR3HbtlqmvSF+
qErZ/mGErKc+GZvvmrAbIBnm4vVuVrfNN2YUe9BHKE/opfS477DKUFJPDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuUmSK+qgIy1uzWJgo+SH0MovJEMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEveTVTWklyNnFBakxXN05ZbUNqNUlmUXlpOGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYu8MA0G
CSqGSIb3DQEBCwUAA4IBAQA+R4JoDlWWJ/z4HqHeh5G2Dz08ayt+HY4gxKKoCwCN
uD3fOWyXf0sQG0Ixy80mO9LX7luERZMHxHJtFvrLnipv6Zz6+pkXEtbN9h71h8Xl
vR7ENNYERZEhyDLA/CfVqwNx4f2VUodB16M7ZWzjfmGv/C4YnqrnhaRdBUimiB+7
xxfOuUfOXUaKAAOu7cJmQaTaDzGUhsw8dYsaDhn78Qu7y+lsbPncQDGmYsj0+QBc
AIiU4vqlTL/OHvM5Qt1gM18UmuW8OhrqgnztyMkruYAv3z49cwE+wr/ycTkd37sg
mzx489R7gStwI9FdMGEUhObKOpXL80puH0HA1B6OFtgu
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:46:21 2025 by rpki-client