Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/Lf04Gu4CGxYLcQBclc4AN9VDJLA.roa
File: Lf04Gu4CGxYLcQBclc4AN9VDJLA.roa (raw, json)
Hash identifier: dSOlHoyFZA5kqNN/4PjLQn10doJUzZFyYe2NTurY+0M=
Subject key identifier: 2D:FD:38:1A:EE:02:1B:16:0B:71:00:5C:95:CE:00:37:D5:43:24:B0
Certificate issuer: /CN=d4fbc74cd1f87a0bf16c482f6201c9b9eb244ea2
Certificate serial: 019423D6C8ED84CD3CF35A67CCBABC9738C8
Authority key identifier: D4:FB:C7:4C:D1:F8:7A:0B:F1:6C:48:2F:62:01:C9:B9:EB:24:4E:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1PvHTNH4egvxbEgvYgHJueskTqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/Lf04Gu4CGxYLcQBclc4AN9VDJLA.roa
Signing time: Wed 01 Jan 2025 21:47:46 +0000
ROA not before: Wed 01 Jan 2025 21:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203201
IP address blocks: 45.145.204.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c8:ed:84:cd:3c:f3:5a:67:cc:ba:bc:97:38:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4fbc74cd1f87a0bf16c482f6201c9b9eb244ea2
Validity
Not Before: Jan 1 21:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dfd381aee021b160b71005c95ce0037d54324b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a3:75:d1:22:73:7f:38:c9:9a:3e:79:ee:28:
b1:06:b5:3e:7a:ec:7c:72:7c:2c:28:ac:d9:1a:eb:
1c:c0:ee:c7:0b:28:57:0b:b4:ed:92:5b:0b:02:6c:
49:a4:cf:0b:8f:27:5c:fd:7e:3e:d3:d6:cc:42:2b:
5a:aa:63:f2:23:2c:f4:f4:83:b5:2d:29:4d:1b:94:
66:68:61:c1:b8:b1:60:ff:59:5b:fa:f8:9b:f1:6b:
1d:22:c1:92:d6:be:74:fe:f9:e9:ce:f8:14:87:a6:
0b:61:6c:2c:06:df:f2:38:64:99:13:d1:c7:58:bd:
7c:40:42:8d:e7:da:42:c7:83:e0:56:1c:b2:ba:ba:
23:55:1b:d8:41:72:11:1a:3a:3d:30:19:7c:f7:87:
f9:0a:53:e2:7c:99:45:9f:04:5f:23:91:a4:3a:2e:
93:c8:d6:ed:f9:e5:fd:51:8b:68:2e:f8:62:54:c3:
e8:5c:a8:f0:ef:dd:2b:db:c7:6a:73:da:c3:03:f3:
ec:82:ce:82:08:54:a7:40:3b:8e:5b:e3:e6:5a:4c:
37:87:d9:76:5e:c4:7a:36:ba:52:c2:c7:88:79:d8:
a8:79:79:99:ad:98:9c:15:0d:8d:ce:68:9a:20:26:
65:61:06:3e:10:f5:5f:0d:05:f7:1e:b7:f1:58:9a:
73:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FD:38:1A:EE:02:1B:16:0B:71:00:5C:95:CE:00:37:D5:43:24:B0
X509v3 Authority Key Identifier:
keyid:D4:FB:C7:4C:D1:F8:7A:0B:F1:6C:48:2F:62:01:C9:B9:EB:24:4E:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PvHTNH4egvxbEgvYgHJueskTqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/Lf04Gu4CGxYLcQBclc4AN9VDJLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/87312c-69c4-4813-b740-1c9667730534/1/1PvHTNH4egvxbEgvYgHJueskTqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.204.0/22
Signature Algorithm: sha256WithRSAEncryption
96:fa:44:e3:4c:b3:4c:fa:5d:4e:a3:d3:e5:e8:29:5a:00:a0:
75:6d:da:a2:eb:71:b6:c8:1e:2d:b4:da:c4:dc:7f:7a:8a:ef:
95:ad:6c:5b:a3:d7:ed:e7:a5:1a:a7:5c:76:f5:70:ee:07:17:
d7:55:fe:c2:ab:dd:23:53:b9:20:fd:df:6f:53:ed:38:46:1e:
d5:ca:29:27:4d:6f:31:83:39:3a:db:6a:6b:b6:50:05:8e:67:
49:d0:fa:4d:7b:b3:b9:20:bd:83:b9:17:8b:15:15:80:20:48:
40:65:1c:93:d7:61:10:0e:d2:59:08:e6:45:46:a5:e3:f9:c4:
87:d6:dd:20:03:61:f7:0b:82:f0:e5:6b:c1:d4:07:96:a8:24:
80:09:e0:66:96:b0:31:c2:96:44:62:b0:2d:f3:b9:4b:19:fb:
9d:30:56:d0:75:6a:e0:bf:f2:12:e2:82:3d:ad:94:f0:5c:5a:
b1:05:97:a6:99:52:e0:5d:73:9a:98:b1:60:43:59:9a:1d:f8:
28:00:15:e3:e6:39:e7:80:77:f4:cd:b4:5d:e6:07:7e:a8:ad:
16:96:0e:03:13:c1:fa:9f:42:34:4e:83:59:bb:a6:b2:3c:49:
19:71:e3:9c:eb:87:51:b1:ba:72:ae:15:88:bc:eb:a6:85:cc:
21:5f:bf:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sjthM0881pnzLq8lzjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmJjNzRjZDFmODdhMGJmMTZjNDgyZjYyMDFjOWI5ZWIy
NDRlYTIwHhcNMjUwMTAxMjE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZkMzgxYWVlMDIxYjE2MGI3MTAwNWM5NWNlMDAzN2Q1NDMyNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKN10SJzfzjJmj557iixBrU+eux8
cnwsKKzZGuscwO7HCyhXC7TtklsLAmxJpM8Ljydc/X4+09bMQitaqmPyIyz09IO1
LSlNG5RmaGHBuLFg/1lb+vib8WsdIsGS1r50/vnpzvgUh6YLYWwsBt/yOGSZE9HH
WL18QEKN59pCx4PgVhyyurojVRvYQXIRGjo9MBl894f5ClPifJlFnwRfI5GkOi6T
yNbt+eX9UYtoLvhiVMPoXKjw790r28dqc9rDA/Psgs6CCFSnQDuOW+PmWkw3h9l2
XsR6NrpSwseIedioeXmZrZicFQ2NzmiaICZlYQY+EPVfDQX3HrfxWJpzUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC39OBruAhsWC3EAXJXOADfVQySwMB8GA1UdIwQY
MBaAFNT7x0zR+HoL8WxIL2IBybnrJE6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVB2SFROSDRlZ3Z4YkVndllnSEp1ZXNrVHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84NzMxMmMtNjljNC00ODEzLWI3NDAt
MWM5NjY3NzMwNTM0LzEvTGYwNEd1NENHeFlMY1FCY2xjNEFOOVZESkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84NzMxMmMtNjljNC00ODEzLWI3NDAtMWM5NjY3NzMwNTM0
LzEvMVB2SFROSDRlZ3Z4YkVndllnSEp1ZXNrVHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZHMMA0G
CSqGSIb3DQEBCwUAA4IBAQCW+kTjTLNM+l1Oo9Pl6ClaAKB1bdqi63G2yB4ttNrE
3H96iu+VrWxbo9ft56Uap1x29XDuBxfXVf7Cq90jU7kg/d9vU+04Rh7VyiknTW8x
gzk622prtlAFjmdJ0PpNe7O5IL2DuReLFRWAIEhAZRyT12EQDtJZCOZFRqXj+cSH
1t0gA2H3C4Lw5WvB1AeWqCSACeBmlrAxwpZEYrAt87lLGfudMFbQdWrgv/IS4oI9
rZTwXFqxBZemmVLgXXOamLFgQ1maHfgoABXj5jnngHf0zbRd5gd+qK0Wlg4DE8H6
n0I0ToNZu6ayPEkZceOc64dRsbpyrhWIvOumhcwhX7/G
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:06:49 2025 by rpki-client