Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/YmXp0kLagMnJFegcO08eA034lyA.roa
File: YmXp0kLagMnJFegcO08eA034lyA.roa (raw, json)
Hash identifier: HE2edC4wON3Wujsq1suNKRRMgCVpU6jt5hawUs/NQb0=
Subject key identifier: 62:65:E9:D2:42:DA:80:C9:C9:15:E8:1C:3B:4F:1E:03:4D:F8:97:20
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0194221F51AC7C3B244951AA30331C167E3A
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/YmXp0kLagMnJFegcO08eA034lyA.roa
Signing time: Wed 01 Jan 2025 13:47:45 +0000
ROA not before: Wed 01 Jan 2025 13:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393894
IP address blocks: 45.15.196.0/22 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:51:ac:7c:3b:24:49:51:aa:30:33:1c:16:7e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 13:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6265e9d242da80c9c915e81c3b4f1e034df89720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f4:5f:c2:0e:8b:be:f0:f5:6e:dd:ca:ca:c2:
43:3a:af:bc:a7:0f:47:55:20:c0:b3:74:78:e1:79:
a2:d0:31:41:33:4f:7b:40:24:d6:76:86:b7:ca:d7:
7d:e9:c2:75:16:31:87:45:03:10:38:52:6c:68:cf:
ac:1b:42:8a:8e:3b:ea:cb:fb:14:09:b8:59:0f:92:
c3:f6:38:ca:65:5e:e2:01:63:ff:4b:fe:b4:0c:34:
3b:9f:51:1b:56:d2:30:95:be:ba:40:76:9b:47:ac:
36:fa:6e:5f:a7:e8:1e:4c:94:6d:94:be:14:63:b9:
e7:8d:3b:e0:fd:76:ec:fc:52:ad:59:a1:37:50:7a:
33:f0:c0:2d:42:c7:65:7a:cf:90:65:6c:26:12:17:
17:51:57:fd:b6:ed:f9:4b:24:f9:4c:70:d2:cd:e6:
31:6b:8f:57:b2:3e:6c:60:2f:ff:a7:ef:29:4e:fd:
fa:4a:86:02:c2:2c:65:82:79:73:76:89:63:a6:c3:
91:8e:fd:29:8d:99:db:29:4f:bd:b9:48:d3:ce:7e:
aa:28:4c:ee:0d:8b:06:7b:f1:0f:a5:3c:51:d4:40:
80:fa:2a:98:eb:19:33:a0:ab:a2:83:6e:66:30:d4:
06:24:2e:bc:6a:8a:a4:17:73:b1:b6:a9:08:c2:88:
43:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:65:E9:D2:42:DA:80:C9:C9:15:E8:1C:3B:4F:1E:03:4D:F8:97:20
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/YmXp0kLagMnJFegcO08eA034lyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.196.0/22
Signature Algorithm: sha256WithRSAEncryption
12:1c:a2:52:c8:40:07:40:0f:94:f0:cd:4e:f8:4f:b7:42:f7:
0e:50:ec:52:22:b8:0b:53:3d:90:7d:58:60:16:7c:c7:a3:68:
0f:96:67:ef:a2:0a:e3:88:4f:2f:71:cd:ea:46:39:00:7c:65:
0d:76:f6:2e:b0:1d:71:a8:1f:00:04:45:15:c4:da:77:66:a5:
82:7f:8f:6c:6a:0a:76:c0:4b:db:e6:28:bd:67:a1:f6:33:f2:
38:18:15:cd:de:22:8b:39:51:45:b8:30:96:90:61:d6:95:4c:
d4:a6:2e:13:d2:45:0e:67:1a:39:ff:85:4e:d2:5f:b3:47:7e:
ff:f8:de:82:45:83:11:a0:1d:46:73:c4:3b:5a:b3:b6:20:9c:
d6:47:e4:ce:60:b0:60:b9:2c:68:50:21:48:d0:78:c3:5b:5b:
5e:0e:ec:fb:3e:2a:77:2b:10:a5:e3:6c:2a:05:b1:30:f6:59:
3a:85:e4:b6:d1:be:c4:c9:3c:6c:15:b4:72:52:d2:d0:b9:24:
fb:ea:e8:98:32:f3:e5:a6:e2:a2:ba:81:cc:4f:ef:2f:ae:6c:
4f:d3:eb:d5:90:71:59:f7:3b:95:68:bc:3c:dd:40:b8:3a:83:
38:e9:e8:27:99:f1:d1:de:df:c6:98:9f:41:ff:75:7d:fe:82:
78:a5:46:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH1GsfDskSVGqMDMcFn46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwMTAxMTM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjY1ZTlkMjQyZGE4MGM5YzkxNWU4MWMzYjRmMWUwMzRkZjg5NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfRfwg6LvvD1bt3KysJDOq+8pw9H
VSDAs3R44Xmi0DFBM097QCTWdoa3ytd96cJ1FjGHRQMQOFJsaM+sG0KKjjvqy/sU
CbhZD5LD9jjKZV7iAWP/S/60DDQ7n1EbVtIwlb66QHabR6w2+m5fp+geTJRtlL4U
Y7nnjTvg/Xbs/FKtWaE3UHoz8MAtQsdles+QZWwmEhcXUVf9tu35SyT5THDSzeYx
a49Xsj5sYC//p+8pTv36SoYCwixlgnlzdoljpsORjv0pjZnbKU+9uUjTzn6qKEzu
DYsGe/EPpTxR1ECA+iqY6xkzoKuig25mMNQGJC68aoqkF3OxtqkIwohDswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJl6dJC2oDJyRXoHDtPHgNN+JcgMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvWW1YcDBrTGFnTW5KRmVnY08wOGVBMDM0bHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ/EMA0G
CSqGSIb3DQEBCwUAA4IBAQASHKJSyEAHQA+U8M1O+E+3QvcOUOxSIrgLUz2QfVhg
FnzHo2gPlmfvogrjiE8vcc3qRjkAfGUNdvYusB1xqB8ABEUVxNp3ZqWCf49sagp2
wEvb5ii9Z6H2M/I4GBXN3iKLOVFFuDCWkGHWlUzUpi4T0kUOZxo5/4VO0l+zR37/
+N6CRYMRoB1Gc8Q7WrO2IJzWR+TOYLBguSxoUCFI0HjDW1teDuz7Pip3KxCl42wq
BbEw9lk6heS20b7EyTxsFbRyUtLQuST76uiYMvPlpuKiuoHMT+8vrmxP0+vVkHFZ
9zuVaLw83UC4OoM46egnmfHR3t/GmJ9B/3V9/oJ4pUby
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:03:20 2025 by rpki-client