Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/cKBi0sZ39evwv-naUUnqXGt9u8c.roa
File: cKBi0sZ39evwv-naUUnqXGt9u8c.roa (raw, json)
Hash identifier: V4ZpBDBdSz/34N04mwK++SnitP2fAEm2YK7dnFi3lwU=
Subject key identifier: 70:A0:62:D2:C6:77:F5:EB:F0:BF:E9:DA:51:49:EA:5C:6B:7D:BB:C7
Certificate issuer: /CN=7a7cf1a2aa83b126ff4ceef473a47397abf8ff0d
Certificate serial: 0194221F9EAED6B52D2503A17F5813D33CCD
Authority key identifier: 7A:7C:F1:A2:AA:83:B1:26:FF:4C:EE:F4:73:A4:73:97:AB:F8:FF:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/enzxoqqDsSb_TO70c6Rzl6v4_w0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/cKBi0sZ39evwv-naUUnqXGt9u8c.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201150
IP address blocks: 45.84.156.0/22 maxlen: 24
46.249.120.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:9e:ae:d6:b5:2d:25:03:a1:7f:58:13:d3:3c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a7cf1a2aa83b126ff4ceef473a47397abf8ff0d
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70a062d2c677f5ebf0bfe9da5149ea5c6b7dbbc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:79:01:42:37:31:3e:f3:b3:38:a5:c3:bf:ba:
75:b7:b7:1b:45:ef:e9:76:22:7e:46:ef:01:4b:7b:
19:e4:c5:0b:47:df:e6:7c:ea:39:42:fd:3f:20:dd:
8a:fc:d3:e0:ab:f5:bd:20:6d:7b:1f:b6:59:49:ec:
19:9e:12:96:73:57:d7:79:e9:b3:c3:f3:81:f5:6d:
75:92:2e:61:28:bd:65:fe:4f:95:66:f5:bb:d5:05:
db:d9:bf:f2:b3:fa:2b:aa:2a:3d:46:7c:8b:63:11:
e3:9f:a9:3b:81:a5:d7:a5:76:65:f2:a0:21:f8:cc:
7a:dc:cb:e6:98:82:1f:b8:93:d2:5f:c8:e0:eb:3a:
a2:64:a7:a5:6b:6d:75:ea:0f:3f:7f:7d:f1:9c:33:
e1:a1:c2:ba:2d:1f:0c:51:d6:73:32:4a:85:43:83:
58:7d:ab:20:77:fc:5d:43:12:fd:e2:b7:96:4c:0f:
40:a5:3c:24:bb:6e:9f:97:bd:e5:97:e5:9c:50:e3:
fd:99:6a:10:d6:6d:6b:cf:97:10:30:8c:54:74:6d:
90:62:01:f5:f4:25:05:e9:7c:72:89:10:52:1f:a6:
34:fb:f8:26:8a:ab:f5:f8:72:54:71:e0:6a:05:70:
66:1b:df:39:ad:0a:f3:16:79:b2:74:77:0e:3b:33:
cf:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A0:62:D2:C6:77:F5:EB:F0:BF:E9:DA:51:49:EA:5C:6B:7D:BB:C7
X509v3 Authority Key Identifier:
keyid:7A:7C:F1:A2:AA:83:B1:26:FF:4C:EE:F4:73:A4:73:97:AB:F8:FF:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/enzxoqqDsSb_TO70c6Rzl6v4_w0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/cKBi0sZ39evwv-naUUnqXGt9u8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/enzxoqqDsSb_TO70c6Rzl6v4_w0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.156.0/22
46.249.120.0/21
Signature Algorithm: sha256WithRSAEncryption
46:5c:69:56:4c:6e:ac:dc:ec:c1:e9:97:50:e8:ae:39:26:4f:
a3:98:a4:c7:93:23:cb:ea:f1:0f:e4:e5:f0:6b:43:0c:86:89:
6a:cf:5a:09:a0:16:a8:cf:2d:66:08:e9:b1:31:d6:71:9b:26:
83:a6:60:83:79:fd:2f:91:00:8c:45:b9:72:18:2c:b0:7d:1c:
9a:e2:80:72:60:d9:b7:42:b3:c9:fd:eb:39:10:7f:b7:30:e4:
d1:de:84:44:87:1f:ed:1b:fe:2e:7d:74:d7:f6:cc:4c:93:bb:
20:7e:2a:f1:32:f5:2d:99:75:62:12:b3:33:c3:41:23:66:97:
33:f3:d6:2f:94:5d:4e:2c:11:dd:41:b1:55:bc:dc:45:5e:0f:
52:31:75:c9:8e:71:82:43:25:52:e1:6a:0b:37:b2:54:ef:9f:
7b:51:f4:02:bd:8e:3e:8a:2f:8e:dc:88:4f:1f:62:e1:c0:9b:
3b:b0:19:94:18:a2:36:a8:7c:e1:88:ff:61:86:71:a2:1f:2d:
d0:9f:2c:6c:89:f3:ab:69:2e:6e:5e:21:e6:6d:b0:83:da:a1:
0f:b5:8b:85:6b:b4:ad:08:ce:f7:da:f7:00:8c:80:2f:54:17:
9f:6c:c6:9f:26:9b:96:9d:8b:08:74:93:3e:32:59:72:37:d0:
7b:8e:57:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH56u1rUtJQOhf1gT0zzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhN2NmMWEyYWE4M2IxMjZmZjRjZWVmNDczYTQ3Mzk3YWJm
OGZmMGQwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGEwNjJkMmM2NzdmNWViZjBiZmU5ZGE1MTQ5ZWE1YzZiN2RiYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHkBQjcxPvOzOKXDv7p1t7cbRe/p
diJ+Ru8BS3sZ5MULR9/mfOo5Qv0/IN2K/NPgq/W9IG17H7ZZSewZnhKWc1fXeemz
w/OB9W11ki5hKL1l/k+VZvW71QXb2b/ys/orqio9RnyLYxHjn6k7gaXXpXZl8qAh
+Mx63MvmmIIfuJPSX8jg6zqiZKela2116g8/f33xnDPhocK6LR8MUdZzMkqFQ4NY
fasgd/xdQxL94reWTA9ApTwku26fl73ll+WcUOP9mWoQ1m1rz5cQMIxUdG2QYgH1
9CUF6XxyiRBSH6Y0+/gmiqv1+HJUceBqBXBmG985rQrzFnmydHcOOzPPiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCgYtLGd/Xr8L/p2lFJ6lxrfbvHMB8GA1UdIwQY
MBaAFHp88aKqg7Em/0zu9HOkc5er+P8NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW56eG9xcURzU2JfVE83MGM2UnpsNnY0X3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84YWY4ZTYtMTljMS00YmUxLWFmMjMt
MTk5MTZhNGFlZWIzLzEvY0tCaTBzWjM5ZXZ3di1uYVVVbnFYR3Q5dThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84YWY4ZTYtMTljMS00YmUxLWFmMjMtMTk5MTZhNGFlZWIz
LzEvZW56eG9xcURzU2JfVE83MGM2UnpsNnY0X3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVScAwQD
Lvl4MA0GCSqGSIb3DQEBCwUAA4IBAQBGXGlWTG6s3OzB6ZdQ6K45Jk+jmKTHkyPL
6vEP5OXwa0MMholqz1oJoBaozy1mCOmxMdZxmyaDpmCDef0vkQCMRblyGCywfRya
4oByYNm3QrPJ/es5EH+3MOTR3oREhx/tG/4ufXTX9sxMk7sgfirxMvUtmXViErMz
w0EjZpcz89YvlF1OLBHdQbFVvNxFXg9SMXXJjnGCQyVS4WoLN7JU7597UfQCvY4+
ii+O3IhPH2LhwJs7sBmUGKI2qHzhiP9hhnGiHy3QnyxsifOraS5uXiHmbbCD2qEP
tYuFa7StCM732vcAjIAvVBefbMafJpuWnYsIdJM+MllyN9B7jldG
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:52:44 2025 by rpki-client