Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/1D0kryG-hg5X4kNtLF0_L_6fbtc.roa
File: 1D0kryG-hg5X4kNtLF0_L_6fbtc.roa (raw, json)
Hash identifier: Zop4UA3qvwcLs+PgF6ZAbdQWhdOq1xNbvhqjWudAWN0=
Subject key identifier: D4:3D:24:AF:21:BE:86:0E:57:E2:43:6D:2C:5D:3F:2F:FE:9F:6E:D7
Certificate issuer: /CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Certificate serial: 019426D9C25F4618979D981C52D29BB38F30
Authority key identifier: 4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/1D0kryG-hg5X4kNtLF0_L_6fbtc.roa
Signing time: Thu 02 Jan 2025 11:49:52 +0000
ROA not before: Thu 02 Jan 2025 11:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212138
IP address blocks: 192.145.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c2:5f:46:18:97:9d:98:1c:52:d2:9b:b3:8f:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Validity
Not Before: Jan 2 11:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d43d24af21be860e57e2436d2c5d3f2ffe9f6ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2e:7d:17:df:05:18:15:d6:62:2a:69:32:7b:
27:43:93:a5:6a:78:f6:92:dc:bf:ce:ad:f9:d7:f3:
f8:92:ce:ed:83:3a:99:e1:46:dd:db:38:17:40:3d:
5c:82:b8:d5:68:c5:42:04:00:b6:70:42:f5:2e:c6:
b2:8c:57:8d:a9:c8:67:2e:b5:44:fc:7b:db:95:53:
ef:8a:dd:ca:2c:78:d6:4d:d7:65:19:12:23:d2:25:
96:7b:ac:e3:1d:46:54:f1:b2:db:ec:07:9c:77:52:
53:49:d4:e4:86:3d:e4:b7:a6:50:38:d8:93:af:98:
09:ed:7f:7d:88:31:de:20:58:89:8d:9e:28:9d:5a:
ad:9e:af:85:47:d7:94:27:fa:3e:74:4e:e9:d2:fd:
36:bb:6b:ea:bd:90:96:e6:b5:4d:54:bc:ea:98:37:
87:45:99:44:f7:06:ac:da:bd:c7:97:b3:95:ec:89:
f5:7f:b4:77:ff:cc:58:e5:06:87:95:a7:16:58:07:
20:5d:24:a1:da:66:ad:56:6c:94:0f:da:a2:44:3d:
73:1f:6f:75:56:c5:a5:32:c0:52:fa:bb:0e:59:32:
69:2c:4c:3f:e2:e6:d0:fa:23:cc:45:ac:62:ec:c7:
34:01:71:69:3b:98:42:a4:3c:bc:be:8c:85:61:c0:
56:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3D:24:AF:21:BE:86:0E:57:E2:43:6D:2C:5D:3F:2F:FE:9F:6E:D7
X509v3 Authority Key Identifier:
keyid:4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/1D0kryG-hg5X4kNtLF0_L_6fbtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.104.0/22
Signature Algorithm: sha256WithRSAEncryption
62:09:08:48:68:ae:01:d5:5f:58:ac:fe:63:8d:bb:23:46:9a:
e1:23:70:0f:26:85:55:1e:21:35:a1:a5:3c:e9:6a:ae:5a:3a:
15:74:d0:66:3f:12:c1:9a:1d:26:e4:40:63:a0:a2:c7:05:31:
53:f7:d3:05:99:20:78:d1:0a:7e:a4:60:6e:ec:70:24:3d:97:
12:4b:2d:e6:23:67:89:78:52:06:4d:ea:45:e7:65:cd:07:c5:
bd:3a:87:d6:ee:26:46:d5:22:7f:18:86:f6:a3:f8:a1:3a:95:
1b:83:48:e7:c9:26:cb:cb:d7:27:e9:63:51:73:cf:0b:7e:96:
91:04:8a:4e:63:a5:e3:d6:17:bf:9b:f9:86:e6:3f:48:e3:ec:
ad:bb:a3:3a:c4:3c:f2:af:6d:85:20:a2:77:0d:cc:33:e8:eb:
e4:18:3f:42:ce:0a:5e:74:52:c3:b4:43:4f:36:98:4a:d7:1b:
84:84:f7:b9:14:80:0b:f5:b8:ea:79:64:d0:75:99:b0:2e:40:
6b:36:32:18:ed:bb:6c:6e:f4:01:cb:fc:55:2a:2e:b6:c0:ed:
a6:9d:2b:94:40:f7:12:e3:87:c1:c8:a0:1f:23:9e:81:34:ca:
83:72:91:73:9d:f9:b1:89:5b:df:fb:eb:ca:8d:62:3d:71:cf:
5d:51:4c:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2cJfRhiXnZgcUtKbs48wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzIwNjZkN2U2Y2E4YWQyZmZhNjJhNjliMDY3OTIzYTQy
ZGY5NmYwHhcNMjUwMTAyMTE0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNkMjRhZjIxYmU4NjBlNTdlMjQzNmQyYzVkM2YyZmZlOWY2ZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5S59F98FGBXWYippMnsnQ5Olanj2
kty/zq351/P4ks7tgzqZ4Ubd2zgXQD1cgrjVaMVCBAC2cEL1LsayjFeNqchnLrVE
/HvblVPvit3KLHjWTddlGRIj0iWWe6zjHUZU8bLb7Aecd1JTSdTkhj3kt6ZQONiT
r5gJ7X99iDHeIFiJjZ4onVqtnq+FR9eUJ/o+dE7p0v02u2vqvZCW5rVNVLzqmDeH
RZlE9was2r3Hl7OV7In1f7R3/8xY5QaHlacWWAcgXSSh2matVmyUD9qiRD1zH291
VsWlMsBS+rsOWTJpLEw/4ubQ+iPMRaxi7Mc0AXFpO5hCpDy8voyFYcBWRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQ9JK8hvoYOV+JDbSxdPy/+n27XMB8GA1UdIwQY
MBaAFEtyBm1+bKitL/pippsGeSOkLflvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQt
MWY2OTkxODc3YjI2LzEvMUQwa3J5Ry1oZzVYNGtOdExGMF9MXzZmYnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQtMWY2OTkxODc3YjI2
LzEvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJFoMA0G
CSqGSIb3DQEBCwUAA4IBAQBiCQhIaK4B1V9YrP5jjbsjRprhI3APJoVVHiE1oaU8
6WquWjoVdNBmPxLBmh0m5EBjoKLHBTFT99MFmSB40Qp+pGBu7HAkPZcSSy3mI2eJ
eFIGTepF52XNB8W9OofW7iZG1SJ/GIb2o/ihOpUbg0jnySbLy9cn6WNRc88LfpaR
BIpOY6Xj1he/m/mG5j9I4+ytu6M6xDzyr22FIKJ3Dcwz6OvkGD9CzgpedFLDtENP
NphK1xuEhPe5FIAL9bjqeWTQdZmwLkBrNjIY7btsbvQBy/xVKi62wO2mnSuUQPcS
44fByKAfI56BNMqDcpFznfmxiVvf++vKjWI9cc9dUUxZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:02:25 2025 by rpki-client