Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/DyRwBEbI8KOzoySiBNVJMb7s5KU.roa
File: DyRwBEbI8KOzoySiBNVJMb7s5KU.roa (raw, json)
Hash identifier: wDRsOyXGHbVJ62aAwVRxH4D/qweuo8ITd3xub2JjGHM=
Subject key identifier: 0F:24:70:04:46:C8:F0:A3:B3:A3:24:A2:04:D5:49:31:BE:EC:E4:A5
Certificate issuer: /CN=5b0329066138bb5564571fc3c29ee953e5c1c7a3
Certificate serial: 019427485EE783EBF41B0DA4AEEAB9CC640B
Authority key identifier: 5B:03:29:06:61:38:BB:55:64:57:1F:C3:C2:9E:E9:53:E5:C1:C7:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/DyRwBEbI8KOzoySiBNVJMb7s5KU.roa
Signing time: Thu 02 Jan 2025 13:50:41 +0000
ROA not before: Thu 02 Jan 2025 13:50:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.154.152.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:5e:e7:83:eb:f4:1b:0d:a4:ae:ea:b9:cc:64:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b0329066138bb5564571fc3c29ee953e5c1c7a3
Validity
Not Before: Jan 2 13:50:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f24700446c8f0a3b3a324a204d54931beece4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1c:42:b7:aa:76:75:2a:89:8a:c2:f7:7f:63:
83:f4:9a:87:a5:1b:32:da:d4:e7:b2:f9:c3:bb:26:
cf:b9:8b:a6:9b:0f:97:85:82:08:fb:25:51:7f:6c:
56:d4:5f:a4:12:01:ac:45:d6:af:ad:3a:76:35:08:
02:6e:de:51:d7:98:b6:e7:81:a5:e7:13:54:12:b8:
22:38:44:86:bd:1e:28:fd:06:26:17:79:9a:0c:ff:
e3:77:d6:10:75:69:e4:be:85:4c:31:a8:4e:c8:a7:
db:dc:9d:0c:8e:7b:6a:17:41:af:d9:b1:d9:75:36:
8f:f7:d2:5c:cd:aa:98:78:56:19:6a:9b:1b:b4:1b:
c4:35:1a:8b:5f:b4:88:7e:64:71:36:4c:5b:a9:6b:
b3:63:5d:31:4d:9c:85:56:00:ea:8e:52:0f:61:46:
10:96:6c:91:2c:6c:56:d2:9e:6a:50:ea:05:e2:30:
d3:15:c2:fb:82:42:51:58:54:46:8f:75:06:73:15:
1b:a4:8a:b3:15:cb:c6:db:4b:7d:20:f0:8f:4a:16:
f6:03:ec:01:00:14:16:73:02:bd:03:3d:32:db:77:
f3:f1:25:76:44:72:0b:af:fb:46:6f:54:22:5b:69:
84:f6:73:54:f9:66:82:d9:98:d5:9d:4f:9f:04:fe:
e1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:24:70:04:46:C8:F0:A3:B3:A3:24:A2:04:D5:49:31:BE:EC:E4:A5
X509v3 Authority Key Identifier:
keyid:5B:03:29:06:61:38:BB:55:64:57:1F:C3:C2:9E:E9:53:E5:C1:C7:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/DyRwBEbI8KOzoySiBNVJMb7s5KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.152.0/22
Signature Algorithm: sha256WithRSAEncryption
28:ba:9f:75:ab:0c:14:85:6c:f8:bc:cb:c7:80:09:1e:3d:a1:
4b:9b:78:ee:14:25:f1:aa:d6:36:2e:f9:c5:51:a9:30:e6:d3:
9b:d5:98:fc:c0:1c:c6:9f:cd:4d:ee:59:06:bd:f1:6f:c4:8c:
ab:12:b0:e2:a1:45:db:1e:a0:17:1d:d9:3a:59:30:71:79:10:
99:a7:83:8f:78:c7:dd:bc:a1:e8:8d:38:b9:04:27:25:35:35:
84:9e:f5:c2:88:a8:1a:52:de:e1:f9:da:86:4f:a7:6d:42:c8:
13:05:32:07:5b:24:dd:f2:b2:92:50:c2:3a:54:cd:02:41:d0:
23:a1:b5:4a:c0:c7:74:34:91:41:47:54:c0:c5:0b:06:39:bb:
58:07:bb:2a:4f:3f:86:bd:c9:05:31:6f:e0:28:2f:df:ee:55:
6b:9c:ae:04:cd:28:47:22:e8:cc:13:20:57:74:ed:57:65:c2:
70:e7:66:35:01:72:1c:60:5c:3d:0b:a0:5e:28:b0:f7:bb:82:
e3:71:d8:71:32:d2:c9:ea:00:d9:93:cd:ad:fa:a2:15:5b:78:
5d:46:e8:2a:43:7c:a9:1a:43:d3:34:b9:e5:c6:f4:39:61:46:
05:77:6a:9f:c2:49:9e:66:91:63:8b:7c:54:3d:4d:12:18:23:
70:15:21:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSF7ng+v0Gw2kruq5zGQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDMyOTA2NjEzOGJiNTU2NDU3MWZjM2MyOWVlOTUzZTVj
MWM3YTMwHhcNMjUwMTAyMTM1MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI0NzAwNDQ2YzhmMGEzYjNhMzI0YTIwNGQ1NDkzMWJlZWNlNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhxCt6p2dSqJisL3f2OD9JqHpRsy
2tTnsvnDuybPuYummw+XhYII+yVRf2xW1F+kEgGsRdavrTp2NQgCbt5R15i254Gl
5xNUErgiOESGvR4o/QYmF3maDP/jd9YQdWnkvoVMMahOyKfb3J0MjntqF0Gv2bHZ
dTaP99JczaqYeFYZapsbtBvENRqLX7SIfmRxNkxbqWuzY10xTZyFVgDqjlIPYUYQ
lmyRLGxW0p5qUOoF4jDTFcL7gkJRWFRGj3UGcxUbpIqzFcvG20t9IPCPShb2A+wB
ABQWcwK9Az0y23fz8SV2RHILr/tGb1QiW2mE9nNU+WaC2ZjVnU+fBP7hjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8kcARGyPCjs6MkogTVSTG+7OSlMB8GA1UdIwQY
MBaAFFsDKQZhOLtVZFcfw8Ke6VPlwcejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3dNcEJtRTR1MVZrVnhfRHdwN3BVLVhCeDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzA5NmYtYmI4OS00MTFlLTkwZTAt
MzBjN2YzOWQ4ZTFjLzEvRHlSd0JFYkk4S096b3lTaUJOVkpNYjdzNUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzA5NmYtYmI4OS00MTFlLTkwZTAtMzBjN2YzOWQ4ZTFj
LzEvV3dNcEJtRTR1MVZrVnhfRHdwN3BVLVhCeDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZqYMA0G
CSqGSIb3DQEBCwUAA4IBAQAoup91qwwUhWz4vMvHgAkePaFLm3juFCXxqtY2LvnF
Uakw5tOb1Zj8wBzGn81N7lkGvfFvxIyrErDioUXbHqAXHdk6WTBxeRCZp4OPeMfd
vKHojTi5BCclNTWEnvXCiKgaUt7h+dqGT6dtQsgTBTIHWyTd8rKSUMI6VM0CQdAj
obVKwMd0NJFBR1TAxQsGObtYB7sqTz+GvckFMW/gKC/f7lVrnK4EzShHIujMEyBX
dO1XZcJw52Y1AXIcYFw9C6BeKLD3u4LjcdhxMtLJ6gDZk82t+qIVW3hdRugqQ3yp
GkPTNLnlxvQ5YUYFd2qfwkmeZpFji3xUPU0SGCNwFSGR
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:23:12 2025 by rpki-client