Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/B67VWzdl3AAKjk23JpPqT48jA8c.roa
File: B67VWzdl3AAKjk23JpPqT48jA8c.roa (raw, json)
Hash identifier: bzW8M0K39ivXss5N9+C/b0aX7RrIq8uKGLc//kpqL54=
Subject key identifier: 07:AE:D5:5B:37:65:DC:00:0A:8E:4D:B7:26:93:EA:4F:8F:23:03:C7
Certificate issuer: /CN=2fb87a2c309d75553a46e1025775e9aa41f6b337
Certificate serial: 019426D928CB6837C490786EE7847036B2AB
Authority key identifier: 2F:B8:7A:2C:30:9D:75:55:3A:46:E1:02:57:75:E9:AA:41:F6:B3:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L7h6LDCddVU6RuECV3XpqkH2szc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/B67VWzdl3AAKjk23JpPqT48jA8c.roa
Signing time: Thu 02 Jan 2025 11:49:13 +0000
ROA not before: Thu 02 Jan 2025 11:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208463
IP address blocks: 45.135.108.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:28:cb:68:37:c4:90:78:6e:e7:84:70:36:b2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fb87a2c309d75553a46e1025775e9aa41f6b337
Validity
Not Before: Jan 2 11:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07aed55b3765dc000a8e4db72693ea4f8f2303c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a4:d4:3c:f8:b2:05:a7:8e:de:68:82:94:00:
77:ba:25:6e:3b:95:db:95:84:11:f4:bd:3b:a2:fa:
35:49:7c:1b:44:86:c8:f3:8a:8b:ca:85:f0:b6:2c:
22:32:c4:20:b7:05:9e:e7:bf:7d:96:25:b0:a0:9e:
1d:91:2e:3d:57:00:9c:a4:03:fd:8b:22:a0:fc:c1:
45:1b:e4:ee:1a:8f:e8:b2:36:31:47:b1:bd:2a:03:
5e:ce:6b:24:3c:8e:b1:d1:f9:7f:da:2a:87:3d:fb:
92:54:d2:4e:66:10:e8:15:43:78:b5:b8:c9:ae:db:
14:70:3a:68:7c:c1:a1:3a:aa:6a:6b:cb:f3:a3:f1:
af:aa:6e:31:c9:63:c2:92:99:7b:9a:e7:2b:84:f3:
9a:ec:7b:ba:f8:d8:3a:fb:7d:f8:95:9a:dc:97:15:
2e:9f:d8:d7:f3:19:38:ac:da:dd:61:1c:6e:df:6d:
bf:62:95:59:eb:74:51:fd:99:42:99:3b:b7:b3:c4:
db:67:61:26:6d:fb:5c:8b:dc:61:d9:cb:51:eb:fa:
49:ff:c3:39:41:3a:19:e2:51:4b:27:3e:c9:c6:08:
49:8f:e3:32:13:e8:84:e5:4d:13:3f:d2:1f:50:cb:
0c:d6:28:ea:80:0e:cd:59:77:49:d4:8f:b6:87:9b:
f8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AE:D5:5B:37:65:DC:00:0A:8E:4D:B7:26:93:EA:4F:8F:23:03:C7
X509v3 Authority Key Identifier:
keyid:2F:B8:7A:2C:30:9D:75:55:3A:46:E1:02:57:75:E9:AA:41:F6:B3:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L7h6LDCddVU6RuECV3XpqkH2szc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/B67VWzdl3AAKjk23JpPqT48jA8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3cfd94-7d51-459a-8393-7717eb319160/1/L7h6LDCddVU6RuECV3XpqkH2szc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.108.0/22
Signature Algorithm: sha256WithRSAEncryption
06:04:e4:8a:77:07:84:f4:91:56:e3:c3:d7:42:ba:78:3d:05:
69:ee:59:bd:35:d1:20:b9:a2:de:e0:55:20:83:76:51:36:74:
45:a0:28:e3:79:50:23:d0:ea:a2:f5:46:a1:52:1f:89:73:35:
70:8c:8b:94:f2:77:1c:13:31:0b:8f:d3:5e:81:1a:65:03:d7:
6f:8d:51:3e:0a:8a:3a:d7:d4:04:20:23:5e:52:c4:58:f5:34:
2b:f4:e4:9d:bf:5c:36:82:fc:ee:f7:29:0c:27:16:26:df:c5:
15:f5:1a:b1:c7:0c:1c:2f:86:6a:17:11:3d:d0:a0:a9:12:78:
8c:8c:79:10:22:12:2a:e1:a8:16:bb:dd:d0:c4:1e:8d:05:7e:
9d:23:07:be:bc:79:16:1c:ee:2a:03:ae:78:73:33:5b:33:62:
e6:9c:9f:ea:22:dd:21:aa:21:d5:ce:72:ba:ca:75:86:a7:81:
70:d7:2e:d3:2c:18:22:84:d5:b4:df:07:79:0d:01:64:3d:3a:
18:d8:c0:17:e9:56:40:01:b6:56:b2:26:5a:59:1b:88:23:b7:
1d:36:24:4a:2c:aa:18:80:3d:e6:a2:67:b1:95:e0:d0:65:e3:
2a:5b:40:ca:25:5e:54:19:6e:84:74:47:72:56:29:02:af:d9:
bd:58:2b:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2SjLaDfEkHhu54RwNrKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYjg3YTJjMzA5ZDc1NTUzYTQ2ZTEwMjU3NzVlOWFhNDFm
NmIzMzcwHhcNMjUwMTAyMTE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2FlZDU1YjM3NjVkYzAwMGE4ZTRkYjcyNjkzZWE0ZjhmMjMwM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6TUPPiyBaeO3miClAB3uiVuO5Xb
lYQR9L07ovo1SXwbRIbI84qLyoXwtiwiMsQgtwWe5799liWwoJ4dkS49VwCcpAP9
iyKg/MFFG+TuGo/osjYxR7G9KgNezmskPI6x0fl/2iqHPfuSVNJOZhDoFUN4tbjJ
rtsUcDpofMGhOqpqa8vzo/Gvqm4xyWPCkpl7mucrhPOa7Hu6+Ng6+334lZrclxUu
n9jX8xk4rNrdYRxu322/YpVZ63RR/ZlCmTu3s8TbZ2Embftci9xh2ctR6/pJ/8M5
QToZ4lFLJz7JxghJj+MyE+iE5U0TP9IfUMsM1ijqgA7NWXdJ1I+2h5v4mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAeu1Vs3ZdwACo5NtyaT6k+PIwPHMB8GA1UdIwQY
MBaAFC+4eiwwnXVVOkbhAld16apB9rM3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDdoNkxEQ2RkVlU2UnVFQ1YzWHBxa0gyc3pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zY2ZkOTQtN2Q1MS00NTlhLTgzOTMt
NzcxN2ViMzE5MTYwLzEvQjY3Vld6ZGwzQUFLamsyM0pwUHFUNDhqQThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zY2ZkOTQtN2Q1MS00NTlhLTgzOTMtNzcxN2ViMzE5MTYw
LzEvTDdoNkxEQ2RkVlU2UnVFQ1YzWHBxa0gyc3pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYdsMA0G
CSqGSIb3DQEBCwUAA4IBAQAGBOSKdweE9JFW48PXQrp4PQVp7lm9NdEguaLe4FUg
g3ZRNnRFoCjjeVAj0Oqi9UahUh+JczVwjIuU8nccEzELj9NegRplA9dvjVE+Coo6
19QEICNeUsRY9TQr9OSdv1w2gvzu9ykMJxYm38UV9RqxxwwcL4ZqFxE90KCpEniM
jHkQIhIq4agWu93QxB6NBX6dIwe+vHkWHO4qA654czNbM2LmnJ/qIt0hqiHVznK6
ynWGp4Fw1y7TLBgihNW03wd5DQFkPToY2MAX6VZAAbZWsiZaWRuII7cdNiRKLKoY
gD3momexleDQZeMqW0DKJV5UGW6EdEdyVikCr9m9WCsA
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:45:48 2025 by rpki-client