Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/42hpqWqY72USafsvfiD_518D4aY.roa
File: 42hpqWqY72USafsvfiD_518D4aY.roa (raw, json)
Hash identifier: XyqSHkNb93lXjMdBQV3tT6d41VyHCZFCyukyVX/G7/A=
Subject key identifier: E3:68:69:A9:6A:98:EF:65:12:69:FB:2F:7E:20:FF:E7:5F:03:E1:A6
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 019422FB3BE913DE9A0388269B6A7E828C63
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/42hpqWqY72USafsvfiD_518D4aY.roa
Signing time: Wed 01 Jan 2025 17:47:57 +0000
ROA not before: Wed 01 Jan 2025 17:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44218
IP address blocks: 145.14.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:3b:e9:13:de:9a:03:88:26:9b:6a:7e:82:8c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 17:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e36869a96a98ef651269fb2f7e20ffe75f03e1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:26:cf:78:27:1e:d1:a0:0a:29:a7:53:cf:1e:
fe:e3:f1:ba:65:b5:33:d1:60:a5:37:fe:b8:07:12:
8c:6b:7e:42:45:b3:e4:69:9a:c4:96:32:74:58:a1:
88:80:44:ab:ee:e5:ae:8e:d3:b9:9c:56:7f:4e:d6:
f5:d5:6b:f5:f1:1c:47:60:ca:f6:7b:d0:d7:0d:90:
8c:c3:d6:f7:65:03:e0:b5:db:fe:75:82:23:93:2a:
0f:c7:3e:0b:b4:67:af:f3:2e:6c:1a:5c:29:45:00:
6f:7f:b4:9e:b5:4d:40:19:73:84:c3:1c:37:b6:25:
23:1a:cf:d4:0a:7e:8c:2e:4a:50:f7:6a:f9:2a:41:
30:33:cb:fb:73:ed:86:3e:80:25:9f:3a:4a:81:54:
bf:93:b1:52:9f:91:fd:73:b7:42:88:e5:d3:00:71:
d9:a0:7b:2a:cb:22:99:1a:63:a9:e5:1c:c6:28:8e:
6f:a8:8f:c3:bf:e4:6c:67:7f:b9:cf:84:36:62:72:
6b:32:24:49:3a:12:b7:cb:71:56:e0:42:07:e4:8f:
5c:ba:fb:b7:a2:a1:e2:ec:da:eb:61:39:32:91:ff:
fe:30:0c:09:5c:15:4d:a5:21:76:ff:1a:5e:e3:a4:
bb:06:15:50:79:aa:5e:ab:94:2a:a5:a3:a8:69:9e:
f6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:68:69:A9:6A:98:EF:65:12:69:FB:2F:7E:20:FF:E7:5F:03:E1:A6
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/42hpqWqY72USafsvfiD_518D4aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.94.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:55:27:17:ba:30:b8:46:a1:c6:b3:b0:7c:e7:0c:cc:cb:d0:
99:92:17:04:fb:83:31:85:8a:71:86:6e:2a:92:02:63:eb:e7:
c1:70:4e:ab:a1:e3:e5:4e:3e:89:5e:54:82:d8:f4:32:24:0b:
a1:db:0a:08:91:13:75:0f:5b:2c:3c:2b:32:8d:56:db:a9:9e:
d6:55:7c:c6:32:38:99:7a:7f:4b:9e:b7:48:c6:1d:be:e6:92:
6d:35:3d:bd:bc:42:2b:55:52:b5:0e:74:7a:56:5e:ed:3a:b5:
57:f3:73:e5:c0:82:46:b1:95:9c:e7:fd:8c:ab:83:2c:54:9d:
a6:17:36:83:83:e4:6e:bc:fb:00:b5:50:b7:ca:50:49:9d:67:
08:8e:aa:b3:90:fd:87:d6:12:c7:f9:93:b7:36:75:ac:88:ea:
b7:b1:1b:9e:2a:f1:6b:a6:6e:ef:d1:d6:f7:99:ab:71:64:96:
a7:58:3d:f8:06:06:cf:07:8b:dd:5b:2a:a7:8b:6d:ca:d8:b2:
e1:39:eb:42:0c:25:7c:e8:31:db:74:d2:48:de:28:38:aa:25:
ef:dc:6e:45:a6:eb:15:46:49:fa:a5:47:78:6a:e2:60:b2:f3:
eb:57:20:a2:d6:3b:4d:9e:52:e4:71:80:f4:00:2c:3c:ee:ca:
be:bc:5f:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zvpE96aA4gmm2p+goxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjUwMTAxMTc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY4NjlhOTZhOThlZjY1MTI2OWZiMmY3ZTIwZmZlNzVmMDNlMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnibPeCce0aAKKadTzx7+4/G6ZbUz
0WClN/64BxKMa35CRbPkaZrEljJ0WKGIgESr7uWujtO5nFZ/Ttb11Wv18RxHYMr2
e9DXDZCMw9b3ZQPgtdv+dYIjkyoPxz4LtGev8y5sGlwpRQBvf7SetU1AGXOEwxw3
tiUjGs/UCn6MLkpQ92r5KkEwM8v7c+2GPoAlnzpKgVS/k7FSn5H9c7dCiOXTAHHZ
oHsqyyKZGmOp5RzGKI5vqI/Dv+RsZ3+5z4Q2YnJrMiRJOhK3y3FW4EIH5I9cuvu3
oqHi7NrrYTkykf/+MAwJXBVNpSF2/xpe46S7BhVQeapeq5QqpaOoaZ72qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONoaalqmO9lEmn7L34g/+dfA+GmMB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvNDJocHFXcVk3MlVTYWZzdmZpRF81MThENGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkQ5eMA0G
CSqGSIb3DQEBCwUAA4IBAQCiVScXujC4RqHGs7B85wzMy9CZkhcE+4MxhYpxhm4q
kgJj6+fBcE6roePlTj6JXlSC2PQyJAuh2woIkRN1D1ssPCsyjVbbqZ7WVXzGMjiZ
en9LnrdIxh2+5pJtNT29vEIrVVK1DnR6Vl7tOrVX83PlwIJGsZWc5/2Mq4MsVJ2m
FzaDg+RuvPsAtVC3ylBJnWcIjqqzkP2H1hLH+ZO3NnWsiOq3sRueKvFrpm7v0db3
matxZJanWD34BgbPB4vdWyqni23K2LLhOetCDCV86DHbdNJI3ig4qiXv3G5FpusV
Rkn6pUd4auJgsvPrVyCi1jtNnlLkcYD0ACw87sq+vF/3
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:40:55 2025 by rpki-client