Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/JLwtTQi8VNVHhaVDu0kN5D34KjI.roa
File: JLwtTQi8VNVHhaVDu0kN5D34KjI.roa (raw, json)
Hash identifier: 8veoK+i1W9Fs1rw5NS+3eYVP4YbxUV5xVG3SSE+qpqo=
Subject key identifier: 24:BC:2D:4D:08:BC:54:D5:47:85:A5:43:BB:49:0D:E4:3D:F8:2A:32
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 019424B276A96D9EE8228010ABD2EF0930F7
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/JLwtTQi8VNVHhaVDu0kN5D34KjI.roa
Signing time: Thu 02 Jan 2025 01:47:43 +0000
ROA not before: Thu 02 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212017
IP address blocks: 45.130.16.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:76:a9:6d:9e:e8:22:80:10:ab:d2:ef:09:30:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Jan 2 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24bc2d4d08bc54d54785a543bb490de43df82a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e3:2d:c1:f1:67:87:63:2d:37:3c:6b:45:2c:
cf:e1:70:60:b9:f4:69:66:cb:91:18:9f:7d:54:d1:
1d:ec:8b:0d:8f:36:9f:a3:92:c5:21:54:50:80:d3:
fe:49:b9:d3:53:20:37:2b:23:0c:fc:46:c5:c7:09:
35:ad:13:37:76:58:05:06:d0:c7:36:15:d7:8c:cd:
f9:6b:af:f3:f5:d3:c3:09:cd:2d:b3:9a:dd:31:5b:
d7:2a:88:d3:cf:d0:2c:4a:b7:4f:ab:c8:7d:71:5d:
dd:c6:7f:99:15:a3:38:ab:98:2e:61:ae:b5:e8:2a:
3f:99:d9:c9:2b:86:fc:fb:64:55:87:5a:f7:05:ad:
6c:ad:d9:2a:7a:7a:f1:2d:82:26:a8:c3:33:96:23:
85:92:81:e0:7e:00:1f:fb:80:ce:43:ef:e3:f5:e8:
94:fa:47:c6:3b:4d:45:23:fb:16:69:7a:65:78:68:
b4:a1:68:94:6c:cc:68:a9:6d:a5:f5:a2:1f:0f:63:
18:19:5b:15:e5:78:ff:64:d9:2e:de:bd:ba:cd:c8:
9c:f5:25:89:22:fc:56:25:9a:f4:7a:ee:b9:6b:59:
0c:e1:ed:e2:b1:c8:5d:09:22:17:d2:fe:2c:bb:6f:
c8:e8:c8:3a:85:f3:39:97:41:f7:28:11:52:b8:84:
47:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BC:2D:4D:08:BC:54:D5:47:85:A5:43:BB:49:0D:E4:3D:F8:2A:32
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/JLwtTQi8VNVHhaVDu0kN5D34KjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.16.0/23
Signature Algorithm: sha256WithRSAEncryption
37:92:90:d8:98:b2:be:1d:21:2c:d5:5f:61:28:14:fe:07:82:
c0:38:51:7e:3d:d5:ca:4d:63:04:f7:bf:45:a2:e0:33:59:32:
fb:ed:cb:80:1b:69:55:b6:21:d4:eb:d2:76:44:4f:a3:62:83:
ed:c4:16:75:c4:94:25:bc:ce:10:51:d5:3d:21:e7:f9:ea:d9:
26:42:be:20:0e:20:38:f0:69:17:15:be:8d:09:44:f6:f9:75:
f0:37:f2:a3:2a:64:70:81:9b:41:64:30:72:45:a1:f1:af:6f:
26:07:2f:10:bc:91:7e:a8:f7:ae:ef:46:41:1c:78:d5:8a:4c:
52:38:54:00:47:bd:b8:45:eb:e6:83:4b:b4:39:63:c2:92:18:
d7:d9:12:8b:33:48:cd:e0:19:5a:8e:28:d9:18:dd:88:7d:a6:
96:56:2e:74:85:7e:31:78:63:b6:d3:e2:89:cb:32:e4:ef:df:
9f:fa:ed:ac:40:ea:0d:ce:f3:84:e7:d3:a8:d2:0e:06:f8:2f:
a8:06:9a:12:0f:a8:09:1a:dc:21:7d:4b:a9:4b:02:27:33:c8:
33:36:2c:a7:44:d9:a5:ad:9b:8f:03:22:d8:ec:4b:17:22:74:
a5:62:61:7b:3a:65:88:3e:11:91:a4:41:aa:ac:c9:b7:4a:a0:
49:48:e9:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksnapbZ7oIoAQq9LvCTD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjUwMTAyMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGJjMmQ0ZDA4YmM1NGQ1NDc4NWE1NDNiYjQ5MGRlNDNkZjgyYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+MtwfFnh2MtNzxrRSzP4XBgufRp
ZsuRGJ99VNEd7IsNjzafo5LFIVRQgNP+SbnTUyA3KyMM/EbFxwk1rRM3dlgFBtDH
NhXXjM35a6/z9dPDCc0ts5rdMVvXKojTz9AsSrdPq8h9cV3dxn+ZFaM4q5guYa61
6Co/mdnJK4b8+2RVh1r3Ba1srdkqenrxLYImqMMzliOFkoHgfgAf+4DOQ+/j9eiU
+kfGO01FI/sWaXpleGi0oWiUbMxoqW2l9aIfD2MYGVsV5Xj/ZNku3r26zcic9SWJ
IvxWJZr0eu65a1kM4e3ischdCSIX0v4su2/I6Mg6hfM5l0H3KBFSuIRHqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCS8LU0IvFTVR4WlQ7tJDeQ9+CoyMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvSkx3dFRRaThWTlZIaGFWRHUwa041RDM0S2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYIQMA0G
CSqGSIb3DQEBCwUAA4IBAQA3kpDYmLK+HSEs1V9hKBT+B4LAOFF+PdXKTWME979F
ouAzWTL77cuAG2lVtiHU69J2RE+jYoPtxBZ1xJQlvM4QUdU9Ief56tkmQr4gDiA4
8GkXFb6NCUT2+XXwN/KjKmRwgZtBZDByRaHxr28mBy8QvJF+qPeu70ZBHHjVikxS
OFQAR724Revmg0u0OWPCkhjX2RKLM0jN4BlajijZGN2IfaaWVi50hX4xeGO20+KJ
yzLk79+f+u2sQOoNzvOE59Oo0g4G+C+oBpoSD6gJGtwhfUupSwInM8gzNiynRNml
rZuPAyLY7EsXInSlYmF7OmWIPhGRpEGqrMm3SqBJSOmX
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:17:04 2025 by rpki-client