Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/bXUvwPEgFNH1kM9-zFhBBlN0jGo.roa
File: bXUvwPEgFNH1kM9-zFhBBlN0jGo.roa (raw, json)
Hash identifier: 3Ie6IrqVMtZvkUhbCRibjgIELU/61w4y/T2SSNFuyr0=
Subject key identifier: 6D:75:2F:C0:F1:20:14:D1:F5:90:CF:7E:CC:58:41:06:53:74:8C:6A
Certificate issuer: /CN=665e4d7ea8a3470c9703ee7551481c36f774febb
Certificate serial: 01942143C7EFB0BE4B3292944FF0A47924D9
Authority key identifier: 66:5E:4D:7E:A8:A3:47:0C:97:03:EE:75:51:48:1C:36:F7:74:FE:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zl5NfqijRwyXA-51UUgcNvd0_rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/bXUvwPEgFNH1kM9-zFhBBlN0jGo.roa
Signing time: Wed 01 Jan 2025 09:47:57 +0000
ROA not before: Wed 01 Jan 2025 09:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 45.82.120.0/22 maxlen: 22
2a0e:6a80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c7:ef:b0:be:4b:32:92:94:4f:f0:a4:79:24:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=665e4d7ea8a3470c9703ee7551481c36f774febb
Validity
Not Before: Jan 1 09:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d752fc0f12014d1f590cf7ecc58410653748c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bc:10:d3:18:5c:4d:ad:11:76:c6:cd:80:2d:
3d:87:87:02:23:26:0b:02:59:f7:21:b7:14:d7:ee:
87:50:3e:ab:b7:69:c6:d0:71:4d:e1:07:b0:59:4f:
1c:8b:bd:4a:13:f6:1b:68:bd:5a:b1:b4:c9:23:bc:
a1:a4:a2:d1:92:9e:f1:46:e5:90:72:f7:77:1a:3b:
31:44:1b:c3:77:a7:5c:47:f4:ba:cf:0a:23:c3:c0:
5e:52:75:3b:01:95:e2:5b:9d:71:49:9e:50:a6:23:
e9:03:f5:b2:12:b5:fd:df:87:85:7b:4f:29:8e:15:
68:a6:1c:ab:90:da:f2:1d:86:6f:90:71:a7:bf:6e:
0b:81:22:e0:1e:6e:28:ad:e0:9f:19:94:34:a9:cb:
f4:23:fa:28:d2:25:d5:d5:f9:a8:84:a1:19:92:8f:
c9:db:93:82:70:cc:d6:66:17:b9:1e:fe:cd:8c:75:
f1:43:bb:e1:29:d0:08:57:93:29:de:6e:e6:70:bc:
dd:30:75:ab:a1:6f:93:54:f5:b7:6a:1a:69:3c:92:
02:41:35:37:b4:5e:f5:5a:3b:6d:21:99:49:82:27:
d8:f7:32:d0:21:fa:da:bd:ec:b5:66:3a:50:7e:15:
ed:8a:e0:f5:4c:29:d9:0d:eb:6e:28:9b:bf:06:09:
c4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:75:2F:C0:F1:20:14:D1:F5:90:CF:7E:CC:58:41:06:53:74:8C:6A
X509v3 Authority Key Identifier:
keyid:66:5E:4D:7E:A8:A3:47:0C:97:03:EE:75:51:48:1C:36:F7:74:FE:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zl5NfqijRwyXA-51UUgcNvd0_rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/bXUvwPEgFNH1kM9-zFhBBlN0jGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/Zl5NfqijRwyXA-51UUgcNvd0_rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.120.0/22
IPv6:
2a0e:6a80::/29
Signature Algorithm: sha256WithRSAEncryption
b7:f9:1d:07:90:63:54:11:53:d5:95:7a:6e:2c:73:96:50:dc:
74:9a:ed:c0:fd:a7:ed:cf:2e:ac:3a:b3:f3:40:f3:d2:a6:25:
60:3d:de:9f:8e:10:ad:dd:ed:b9:80:0a:b4:f3:3d:02:e7:da:
5a:e1:02:1c:36:b5:94:d1:53:7f:58:8d:95:2e:32:1f:81:f1:
40:1a:eb:c7:87:24:b9:48:a6:4d:f7:1a:1c:9d:6d:fc:ab:8e:
da:0f:73:3e:76:7e:41:ea:a2:32:ad:2b:0a:cd:53:34:06:52:
fb:c9:da:42:14:b5:f7:2f:3f:2c:0b:5f:ec:e3:7c:e8:a3:7b:
03:a7:f0:2b:8f:2a:0d:3f:3f:fb:c5:a5:50:63:15:e7:2e:0b:
f0:ad:fb:78:b6:1c:0a:2b:c1:40:87:47:9d:ad:8f:43:f4:3c:
f2:73:a3:f9:29:c3:ad:08:4e:5d:93:88:b3:68:10:52:74:0c:
d3:36:e8:87:74:70:8d:76:16:3b:35:6e:56:e8:bd:80:ac:9f:
af:55:8c:f6:35:32:c9:f3:89:55:18:eb:89:e0:e0:00:01:6d:
bd:de:a2:50:fe:a6:cc:47:84:b6:6c:9e:b9:45:c1:ab:7c:f7:
32:92:cf:04:e4:2d:26:52:a6:a4:8d:d2:43:da:69:fe:06:f1:
11:be:a3:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ8fvsL5LMpKUT/CkeSTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NWU0ZDdlYThhMzQ3MGM5NzAzZWU3NTUxNDgxYzM2Zjc3
NGZlYmIwHhcNMjUwMTAxMDk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDc1MmZjMGYxMjAxNGQxZjU5MGNmN2VjYzU4NDEwNjUzNzQ4YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7wQ0xhcTa0RdsbNgC09h4cCIyYL
Aln3IbcU1+6HUD6rt2nG0HFN4QewWU8ci71KE/YbaL1asbTJI7yhpKLRkp7xRuWQ
cvd3GjsxRBvDd6dcR/S6zwojw8BeUnU7AZXiW51xSZ5QpiPpA/WyErX934eFe08p
jhVophyrkNryHYZvkHGnv24LgSLgHm4oreCfGZQ0qcv0I/oo0iXV1fmohKEZko/J
25OCcMzWZhe5Hv7NjHXxQ7vhKdAIV5Mp3m7mcLzdMHWroW+TVPW3ahppPJICQTU3
tF71WjttIZlJgifY9zLQIfravey1ZjpQfhXtiuD1TCnZDetuKJu/BgnEzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG11L8DxIBTR9ZDPfsxYQQZTdIxqMB8GA1UdIwQY
MBaAFGZeTX6oo0cMlwPudVFIHDb3dP67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmw1TmZxaWpSd3lYQS01MVVVZ2NOdmQwX3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNGRkZDEtZGVhYy00MWZmLWJhNmIt
MTYyZWQ2MjRlMjgyLzEvYlhVdndQRWdGTkgxa005LXpGaEJCbE4wakdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNGRkZDEtZGVhYy00MWZmLWJhNmItMTYyZWQ2MjRlMjgy
LzEvWmw1TmZxaWpSd3lYQS01MVVVZ2NOdmQwX3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVJ4MA0E
AgACMAcDBQMqDmqAMA0GCSqGSIb3DQEBCwUAA4IBAQC3+R0HkGNUEVPVlXpuLHOW
UNx0mu3A/aftzy6sOrPzQPPSpiVgPd6fjhCt3e25gAq08z0C59pa4QIcNrWU0VN/
WI2VLjIfgfFAGuvHhyS5SKZN9xocnW38q47aD3M+dn5B6qIyrSsKzVM0BlL7ydpC
FLX3Lz8sC1/s43zoo3sDp/ArjyoNPz/7xaVQYxXnLgvwrft4thwKK8FAh0edrY9D
9Dzyc6P5KcOtCE5dk4izaBBSdAzTNuiHdHCNdhY7NW5W6L2ArJ+vVYz2NTLJ84lV
GOuJ4OAAAW293qJQ/qbMR4S2bJ65RcGrfPcyks8E5C0mUqakjdJD2mn+BvERvqPQ
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:30:45 2025 by rpki-client