Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/dr0aQwlMd5wprYGuM-4A6wgZRyk.roa
File: dr0aQwlMd5wprYGuM-4A6wgZRyk.roa (raw, json)
Hash identifier: 5kfUYUIepAA22bF94//hZe6cokijIGlywb6OIAlIy1Y=
Subject key identifier: 76:BD:1A:43:09:4C:77:9C:29:AD:81:AE:33:EE:00:EB:08:19:47:29
Certificate issuer: /CN=aa4d72ecdc15378be717bb4ca0971070d57649a3
Certificate serial: 01941FFA7E13A782BC9D9E47828CE729DDC0
Authority key identifier: AA:4D:72:EC:DC:15:37:8B:E7:17:BB:4C:A0:97:10:70:D5:76:49:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qk1y7NwVN4vnF7tMoJcQcNV2SaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/dr0aQwlMd5wprYGuM-4A6wgZRyk.roa
Signing time: Wed 01 Jan 2025 03:48:17 +0000
ROA not before: Wed 01 Jan 2025 03:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215662
IP address blocks: 45.85.152.0/23 maxlen: 23
45.85.152.0/24 maxlen: 24
45.85.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:7e:13:a7:82:bc:9d:9e:47:82:8c:e7:29:dd:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa4d72ecdc15378be717bb4ca0971070d57649a3
Validity
Not Before: Jan 1 03:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76bd1a43094c779c29ad81ae33ee00eb08194729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3d:38:27:a6:bc:fa:c6:85:c7:08:bf:6d:f1:
c9:36:0d:a2:16:1f:64:29:c7:bb:79:63:34:d3:ea:
f0:27:8c:c4:4a:c7:d6:62:dd:5b:cf:83:a4:a0:a2:
1c:0b:ee:ad:b5:37:86:a4:0f:ad:dd:35:c6:24:22:
33:c1:26:d8:0d:17:5c:73:b3:ad:26:a3:96:c9:89:
80:78:54:f7:02:c1:cf:19:f7:9b:46:3d:3a:57:21:
ae:c4:1f:f6:23:b9:5d:1a:88:16:c9:ca:1e:d9:c0:
92:55:57:93:8d:d4:5d:1b:14:e2:b3:0f:7a:c2:4c:
c5:76:51:11:0f:64:fe:45:fc:9d:b0:e1:99:ba:cb:
a4:53:43:39:29:9e:b3:40:aa:63:64:ab:7d:94:76:
1a:1b:9e:f0:9d:31:62:a1:79:0e:d4:82:c4:ac:d6:
8f:ff:09:22:b8:20:09:6d:31:91:2a:2b:4e:0b:64:
16:c5:0e:df:20:2a:34:66:1e:f3:35:7c:41:ca:f8:
5d:72:3c:3b:bd:7d:60:23:c6:0c:ec:0b:1b:90:c4:
6f:2a:d8:e4:dd:28:10:ba:40:eb:22:0f:aa:64:4e:
a6:61:c4:b0:68:04:01:e7:11:86:88:8a:bf:c1:7a:
c9:bf:0f:c9:2a:85:a8:2d:e4:d1:ea:4e:d5:17:6a:
af:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BD:1A:43:09:4C:77:9C:29:AD:81:AE:33:EE:00:EB:08:19:47:29
X509v3 Authority Key Identifier:
keyid:AA:4D:72:EC:DC:15:37:8B:E7:17:BB:4C:A0:97:10:70:D5:76:49:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qk1y7NwVN4vnF7tMoJcQcNV2SaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/dr0aQwlMd5wprYGuM-4A6wgZRyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/507a57-4a62-4b95-b1a3-b4057621bba6/1/qk1y7NwVN4vnF7tMoJcQcNV2SaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.152.0/23
Signature Algorithm: sha256WithRSAEncryption
59:34:47:59:f4:bf:45:3d:65:1f:a1:d7:29:a8:de:eb:9c:5c:
54:3c:a8:16:0b:d8:cf:7c:a6:cd:c4:37:27:50:ce:1d:20:57:
15:fa:af:13:df:66:45:5f:f6:dd:b7:4f:b6:df:47:fc:e0:70:
e4:f9:d3:70:14:09:a8:18:ce:29:0e:f6:45:1d:b6:ab:4c:44:
12:28:14:a1:3f:ef:e9:f4:98:a1:95:9d:0c:bf:73:18:c6:36:
4f:8e:87:59:9c:c3:82:b1:04:27:9f:6f:cb:90:c0:7b:54:75:
ae:f5:5b:99:a6:ae:b4:40:e1:bb:c6:07:e8:51:80:1a:65:65:
60:d9:14:7c:c4:9a:5b:51:23:47:00:69:b7:71:82:8a:cc:60:
2f:ec:7a:ed:e2:8f:81:9d:b9:ef:2c:db:25:96:09:7e:66:5d:
7d:09:3f:84:12:46:d8:64:1a:f4:0d:f1:90:be:38:09:e3:31:
5e:49:c9:99:36:77:89:5b:eb:64:45:53:1f:56:fe:66:a9:4d:
36:8e:d3:b3:9d:96:8b:29:47:4d:65:56:30:de:57:09:bb:bb:
77:42:da:fe:a6:b0:e1:6a:9b:81:a3:00:1f:05:af:d6:bd:a4:
3c:92:77:32:25:1b:19:a2:2e:ab:a9:30:11:2c:73:69:e0:89:
e1:ca:bf:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+n4Tp4K8nZ5HgoznKd3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNGQ3MmVjZGMxNTM3OGJlNzE3YmI0Y2EwOTcxMDcwZDU3
NjQ5YTMwHhcNMjUwMTAxMDM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmJkMWE0MzA5NGM3NzljMjlhZDgxYWUzM2VlMDBlYjA4MTk0NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD04J6a8+saFxwi/bfHJNg2iFh9k
Kce7eWM00+rwJ4zESsfWYt1bz4OkoKIcC+6ttTeGpA+t3TXGJCIzwSbYDRdcc7Ot
JqOWyYmAeFT3AsHPGfebRj06VyGuxB/2I7ldGogWycoe2cCSVVeTjdRdGxTisw96
wkzFdlERD2T+RfydsOGZusukU0M5KZ6zQKpjZKt9lHYaG57wnTFioXkO1ILErNaP
/wkiuCAJbTGRKitOC2QWxQ7fICo0Zh7zNXxByvhdcjw7vX1gI8YM7AsbkMRvKtjk
3SgQukDrIg+qZE6mYcSwaAQB5xGGiIq/wXrJvw/JKoWoLeTR6k7VF2qv6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHa9GkMJTHecKa2BrjPuAOsIGUcpMB8GA1UdIwQY
MBaAFKpNcuzcFTeL5xe7TKCXEHDVdkmjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWsxeTdOd1ZONHZuRjd0TW9KY1FjTlYyU2FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC81MDdhNTctNGE2Mi00Yjk1LWIxYTMt
YjQwNTc2MjFiYmE2LzEvZHIwYVF3bE1kNXdwcllHdU0tNEE2d2daUnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC81MDdhNTctNGE2Mi00Yjk1LWIxYTMtYjQwNTc2MjFiYmE2
LzEvcWsxeTdOd1ZONHZuRjd0TW9KY1FjTlYyU2FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVWYMA0G
CSqGSIb3DQEBCwUAA4IBAQBZNEdZ9L9FPWUfodcpqN7rnFxUPKgWC9jPfKbNxDcn
UM4dIFcV+q8T32ZFX/bdt0+230f84HDk+dNwFAmoGM4pDvZFHbarTEQSKBShP+/p
9JihlZ0Mv3MYxjZPjodZnMOCsQQnn2/LkMB7VHWu9VuZpq60QOG7xgfoUYAaZWVg
2RR8xJpbUSNHAGm3cYKKzGAv7Hrt4o+BnbnvLNsllgl+Zl19CT+EEkbYZBr0DfGQ
vjgJ4zFeScmZNneJW+tkRVMfVv5mqU02jtOznZaLKUdNZVYw3lcJu7t3Qtr+prDh
apuBowAfBa/WvaQ8kncyJRsZoi6rqTARLHNp4Inhyr9b
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:47:06 2025 by rpki-client