Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/vqiF7KHwgC4hKANJve3WilTtCaA.roa
File: vqiF7KHwgC4hKANJve3WilTtCaA.roa (raw, json)
Hash identifier: ViWg/cb4ZOWXmU8DGPzhe6lMZyYPSAoJx2DnUl9cMUQ=
Subject key identifier: BE:A8:85:EC:A1:F0:80:2E:21:28:03:49:BD:ED:D6:8A:54:ED:09:A0
Certificate issuer: /CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Certificate serial: 0194221F9E617F443A3E49F84B214FE17AF5
Authority key identifier: 2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/vqiF7KHwgC4hKANJve3WilTtCaA.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 553
IP address blocks: 45.90.132.0/22 maxlen: 22
185.134.84.0/22 maxlen: 22
2a06:ec00::/29 maxlen: 29
2a0e:3c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9e:61:7f:44:3a:3e:49:f8:4b:21:4f:e1:7a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bea885eca1f0802e21280349bdedd68a54ed09a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3f:71:d8:ca:79:b1:f8:22:3d:58:c3:36:1f:
cd:f3:4f:04:55:f3:ce:ee:ad:fb:33:aa:e6:ed:23:
54:a8:6e:0b:b8:07:2c:29:0e:ca:eb:8e:b9:d5:27:
2a:5f:b8:5f:23:4b:15:c1:19:dc:0f:d6:d1:8e:47:
9c:ff:e7:7b:89:3d:33:c8:98:dd:c2:fb:c5:ec:f6:
2c:bf:c0:cc:10:d2:72:cc:17:ad:96:37:ed:14:b0:
2a:19:be:23:e1:ee:a0:1f:c2:4d:79:46:02:de:6d:
72:f8:ec:de:4f:98:f7:6c:4f:ca:d6:4a:a2:88:fa:
46:b0:19:23:53:1f:28:6a:53:b8:14:8d:42:7c:5a:
27:66:d0:2e:01:41:90:c9:90:cf:b9:71:8e:65:fc:
51:8e:2d:8f:9c:9a:d0:99:2d:9f:ad:4d:f6:78:43:
7b:55:d9:63:00:0b:b5:ad:de:ff:7a:ec:2c:61:36:
0b:2b:12:2f:d0:e4:30:76:94:32:b1:71:bf:a0:fd:
13:e0:07:9a:d1:81:23:45:7f:a4:85:9d:28:e9:38:
f1:f4:36:e3:1d:ae:3e:af:4a:2e:54:3d:b3:77:5a:
49:35:32:42:fa:04:1e:9b:74:aa:41:df:0b:93:00:
8f:43:77:1b:ef:28:49:fc:3d:23:02:ab:ca:e4:1f:
52:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A8:85:EC:A1:F0:80:2E:21:28:03:49:BD:ED:D6:8A:54:ED:09:A0
X509v3 Authority Key Identifier:
keyid:2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/vqiF7KHwgC4hKANJve3WilTtCaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.132.0/22
185.134.84.0/22
IPv6:
2a06:ec00::/29
2a0e:3c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:b3:0e:79:59:00:47:08:1e:e8:05:bf:76:9f:98:63:ec:1a:
d5:92:b7:e6:00:b4:61:25:ef:f0:90:d3:ea:23:4a:51:32:f1:
59:32:5d:b0:7d:c7:f8:cc:7a:88:df:88:b0:d9:1e:d4:33:39:
fe:5b:d1:09:61:b6:99:a1:ae:2e:8d:c0:9f:0c:24:86:db:f0:
8b:5e:33:25:8b:e6:3d:8b:6d:4f:4f:bc:04:29:c4:ad:0b:49:
ed:80:65:94:ea:8a:d2:d7:3d:1e:f0:8f:36:99:b9:e2:80:42:
bc:07:67:bf:2f:7c:f7:e0:f5:74:11:d5:08:e9:1c:8e:b4:d9:
19:0f:25:de:0b:6c:56:21:15:e4:6c:db:05:87:8a:f1:35:74:
14:c4:ca:c5:3a:93:d7:79:e9:1b:62:e7:74:ed:1e:e1:63:85:
a2:49:bb:b6:2a:1f:d4:b3:9f:49:cb:2b:da:1a:85:56:8d:bf:
1b:56:9d:1a:30:68:79:6e:0d:05:8f:63:6b:74:af:b3:e8:99:
49:79:74:16:2f:b3:6b:be:84:ca:86:c8:5e:0e:ff:34:06:73:
fd:28:aa:bc:3b:50:a6:98:53:2b:c2:02:2f:0d:90:46:63:d7:
bd:42:08:c5:f3:0e:c1:85:da:4f:d3:67:41:b2:38:7c:63:2b:
35:60:1e:4f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQiH55hf0Q6Pkn4SyFP4Xr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmYwZWEwMTI3YTZlMzkyMTk1Njk2MzgwYmU1YmIwNDc0
YjAxZGYwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWE4ODVlY2ExZjA4MDJlMjEyODAzNDliZGVkZDY4YTU0ZWQwOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD9x2Mp5sfgiPVjDNh/N808EVfPO
7q37M6rm7SNUqG4LuAcsKQ7K64651ScqX7hfI0sVwRncD9bRjkec/+d7iT0zyJjd
wvvF7PYsv8DMENJyzBetljftFLAqGb4j4e6gH8JNeUYC3m1y+OzeT5j3bE/K1kqi
iPpGsBkjUx8oalO4FI1CfFonZtAuAUGQyZDPuXGOZfxRji2PnJrQmS2frU32eEN7
VdljAAu1rd7/euwsYTYLKxIv0OQwdpQysXG/oP0T4Aea0YEjRX+khZ0o6Tjx9Dbj
Ha4+r0ouVD2zd1pJNTJC+gQem3SqQd8LkwCPQ3cb7yhJ/D0jAqvK5B9ScQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFL6oheyh8IAuISgDSb3t1opU7QmgMB8GA1UdIwQY
MBaAFC9vDqASem45IZVpY4C+W7BHSwHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDct
YjJhMjMyNDZlNjE0LzEvdnFpRjdLSHdnQzRoS0FOSnZlM1dpbFR0Q2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDctYjJhMjMyNDZlNjE0
LzEvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVqEAwQC
uYZUMBQEAgACMA4DBQMqBuwAAwUDKg4DwDANBgkqhkiG9w0BAQsFAAOCAQEAZ7MO
eVkARwge6AW/dp+YY+wa1ZK35gC0YSXv8JDT6iNKUTLxWTJdsH3H+Mx6iN+IsNke
1DM5/lvRCWG2maGuLo3Anwwkhtvwi14zJYvmPYttT0+8BCnErQtJ7YBllOqK0tc9
HvCPNpm54oBCvAdnvy989+D1dBHVCOkcjrTZGQ8l3gtsViEV5GzbBYeK8TV0FMTK
xTqT13npG2LndO0e4WOFokm7tiof1LOfScsr2hqFVo2/G1adGjBoeW4NBY9ja3Sv
s+iZSXl0Fi+za76EyobIXg7/NAZz/SiqvDtQpphTK8ICLw2QRmPXvUIIxfMOwYXa
T9NnQbI4fGMrNWAeTw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:09:22 2025 by rpki-client