Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/Ad__4Mw9qH40aKjCCd6U7wn1LE8.roa
File: Ad__4Mw9qH40aKjCCd6U7wn1LE8.roa (raw, json)
Hash identifier: XmUspE3wSTnFZCF/0+RPTjtSL/Xtm1GMKSxL+nI/8po=
Subject key identifier: 01:DF:FF:E0:CC:3D:A8:7E:34:68:A8:C2:09:DE:94:EF:09:F5:2C:4F
Certificate issuer: /CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Certificate serial: 01942823A494958413895D80654EC89D5472
Authority key identifier: 42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/Ad__4Mw9qH40aKjCCd6U7wn1LE8.roa
Signing time: Thu 02 Jan 2025 17:50:12 +0000
ROA not before: Thu 02 Jan 2025 17:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60377
IP address blocks: 45.13.4.0/22 maxlen: 22
45.13.5.0/24 maxlen: 24
145.40.128.0/18 maxlen: 18
2a0e:cb00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:a4:94:95:84:13:89:5d:80:65:4e:c8:9d:54:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Validity
Not Before: Jan 2 17:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01dfffe0cc3da87e3468a8c209de94ef09f52c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:86:51:39:a6:82:a4:f5:85:ec:d4:17:58:51:
d2:85:72:40:3d:80:cd:ce:f7:8f:73:2e:66:96:a7:
64:11:84:05:93:f1:d6:8c:ef:d0:8a:e5:d5:54:41:
2d:db:d3:6b:ef:a1:ba:00:25:6b:1e:17:02:23:ff:
5f:73:7f:07:e0:d8:8d:fc:48:67:f0:d6:a3:2b:6d:
e8:df:22:28:98:4c:ff:b4:e9:49:6c:b3:33:05:00:
45:6f:e0:cc:c1:5b:68:7f:7d:4d:b2:45:02:d7:79:
05:f4:5e:13:49:33:93:24:33:10:9e:27:59:25:4a:
7e:2f:2f:ea:27:c8:fe:22:00:02:f5:f3:ea:21:5b:
a4:5d:98:d3:da:99:cb:ef:a2:8b:1e:39:0d:51:b4:
bd:fd:3a:73:ba:88:01:4e:2a:ba:e7:17:27:d1:9c:
c7:cc:c0:bd:32:e9:b4:06:79:22:79:78:02:4d:ac:
12:c7:07:6d:c8:59:7c:0e:6b:63:2f:95:80:e7:4d:
f1:b6:54:7c:6d:da:71:2b:8b:ac:f2:e7:0d:13:a5:
ed:af:89:ef:5c:89:3b:4f:83:fd:1c:f2:86:3a:ff:
84:28:7c:31:a6:44:9a:a0:aa:c4:e0:7c:15:a3:88:
61:97:b2:cc:d1:2e:0a:e3:3d:88:1e:02:bc:f3:7c:
b9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DF:FF:E0:CC:3D:A8:7E:34:68:A8:C2:09:DE:94:EF:09:F5:2C:4F
X509v3 Authority Key Identifier:
keyid:42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/Ad__4Mw9qH40aKjCCd6U7wn1LE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.4.0/22
145.40.128.0/18
IPv6:
2a0e:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
3b:11:e0:25:f0:c1:13:9c:b2:4e:74:49:c9:02:56:e4:19:e5:
51:20:99:17:3a:87:69:b7:01:b3:3d:8b:d8:11:06:02:03:ab:
70:81:c7:e4:84:dd:e2:bd:21:ba:d3:8f:7d:78:5e:7b:31:50:
7d:5c:83:96:89:0b:9f:9e:d5:d9:8c:5b:b2:26:7b:49:86:f4:
8d:33:01:4f:a4:24:94:68:63:48:af:db:af:65:06:fe:86:9b:
c7:a6:89:27:b7:49:a7:98:8b:6e:21:25:e4:df:1b:96:89:1d:
a6:1b:2a:57:66:bc:a9:f6:06:f7:e0:79:11:fa:80:5f:93:99:
0b:28:15:6b:a8:c7:f2:34:e3:49:d7:37:a0:2b:c6:0f:12:e6:
9d:6f:98:2b:ca:05:86:e7:27:60:d8:58:4b:6a:40:62:bf:ee:
02:fa:8e:20:0d:cb:d0:bb:58:14:a2:42:7a:1f:1c:b1:55:50:
c6:99:27:bf:ef:cc:e1:44:42:9d:03:ff:79:bb:7f:d9:d4:f1:
f2:25:36:76:97:e1:1b:b6:89:db:75:66:28:5b:71:41:94:e6:
d7:ff:b6:a3:21:ee:ab:53:b1:d7:ca:6f:94:01:71:d6:eb:d8:
b7:f3:63:72:1a:48:b1:64:2f:40:86:a6:64:fd:ed:24:b6:ff:
41:89:6c:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoI6SUlYQTiV2AZU7InVRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjViNTcwZjQ2ZGU1YzZlOGIyYjY0ZWQwOTBhZDEzODVk
YWI3MzEwHhcNMjUwMTAyMTc1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWRmZmZlMGNjM2RhODdlMzQ2OGE4YzIwOWRlOTRlZjA5ZjUyYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4ZROaaCpPWF7NQXWFHShXJAPYDN
zvePcy5mlqdkEYQFk/HWjO/QiuXVVEEt29Nr76G6ACVrHhcCI/9fc38H4NiN/Ehn
8NajK23o3yIomEz/tOlJbLMzBQBFb+DMwVtof31NskUC13kF9F4TSTOTJDMQnidZ
JUp+Ly/qJ8j+IgAC9fPqIVukXZjT2pnL76KLHjkNUbS9/TpzuogBTiq65xcn0ZzH
zMC9Mum0BnkieXgCTawSxwdtyFl8DmtjL5WA503xtlR8bdpxK4us8ucNE6Xtr4nv
XIk7T4P9HPKGOv+EKHwxpkSaoKrE4HwVo4hhl7LM0S4K4z2IHgK883y5vQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAHf/+DMPah+NGiowgnelO8J9SxPMB8GA1UdIwQY
MBaAFEIltXD0beXG6LK2TtCQrROF2rcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlXMWNQUnQ1Y2Jvc3JaTzBKQ3RFNFhhdHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jMzRjOTktMThjOC00MWEyLTg3NGIt
MzkwYjg1Mzk0YmViLzEvQWRfXzRNdzlxSDQwYUtqQ0NkNlU3d24xTEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jMzRjOTktMThjOC00MWEyLTg3NGItMzkwYjg1Mzk0YmVi
LzEvUWlXMWNQUnQ1Y2Jvc3JaTzBKQ3RFNFhhdHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ0EAwQG
kSiAMA0EAgACMAcDBQMqDssAMA0GCSqGSIb3DQEBCwUAA4IBAQA7EeAl8METnLJO
dEnJAlbkGeVRIJkXOodptwGzPYvYEQYCA6twgcfkhN3ivSG60499eF57MVB9XIOW
iQufntXZjFuyJntJhvSNMwFPpCSUaGNIr9uvZQb+hpvHpoknt0mnmItuISXk3xuW
iR2mGypXZryp9gb34HkR+oBfk5kLKBVrqMfyNONJ1zegK8YPEuadb5grygWG5ydg
2FhLakBiv+4C+o4gDcvQu1gUokJ6HxyxVVDGmSe/78zhREKdA/95u3/Z1PHyJTZ2
l+EbtonbdWYoW3FBlObX/7ajIe6rU7HXym+UAXHW69i382NyGkixZC9AhqZk/e0k
tv9BiWyC
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:21:23 2025 by rpki-client