Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/klsA1hqjxIrJUBsoykdqPuaziDU.roa
File: klsA1hqjxIrJUBsoykdqPuaziDU.roa (raw, json)
Hash identifier: OoNHeFyORhazCHIVGr3CHXfOu3tsT0lJQ/SJhclfSIg=
Subject key identifier: 92:5B:00:D6:1A:A3:C4:8A:C9:50:1B:28:CA:47:6A:3E:E6:B3:88:35
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B38CBED2B0A8CBE0D82068D7CA3F7A
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/klsA1hqjxIrJUBsoykdqPuaziDU.roa
Signing time: Thu 02 Jan 2025 15:47:45 +0000
ROA not before: Thu 02 Jan 2025 15:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.137.196.0/24 maxlen: 24
45.137.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:8c:be:d2:b0:a8:cb:e0:d8:20:68:d7:ca:3f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=925b00d61aa3c48ac9501b28ca476a3ee6b38835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cb:8e:40:61:73:3e:64:51:6b:0a:e0:26:dd:
0b:5c:9f:90:74:2e:bd:53:7b:db:60:45:14:ed:ed:
e6:d3:96:c1:ce:5e:87:2e:99:88:d3:c6:3b:ab:c1:
95:ef:6a:0e:e1:cb:02:35:c1:9b:23:1f:b8:1f:b1:
6e:5e:22:b7:1b:a5:74:14:67:5b:7c:d4:19:4d:b4:
41:52:3e:02:9a:c2:8f:2d:50:f6:3b:4e:cd:8e:e2:
14:16:67:fd:16:80:0c:36:f3:b2:62:8e:aa:f0:93:
cd:1f:56:eb:85:b1:83:e9:99:57:17:86:54:05:d3:
cc:96:98:01:a8:31:eb:21:f8:93:f8:ae:09:33:de:
f8:19:1c:1e:39:7f:84:94:36:34:20:be:20:61:6b:
49:82:19:16:b3:88:db:6c:8e:33:56:12:49:d0:46:
71:22:70:f7:d0:e7:4f:f0:45:25:b0:16:10:66:77:
ac:e7:78:47:41:17:3d:72:08:8d:91:a6:06:61:b2:
82:d5:24:cc:fe:c6:8a:1e:7f:b6:8c:6c:9c:f5:01:
1c:63:e4:ca:9d:16:e9:4b:dc:f9:58:10:b5:ad:38:
f0:9f:50:16:5d:78:4c:f6:3b:e5:d6:02:81:b2:48:
c8:1e:a8:f5:79:c5:1f:9d:63:4f:27:bc:8d:82:cf:
ef:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:5B:00:D6:1A:A3:C4:8A:C9:50:1B:28:CA:47:6A:3E:E6:B3:88:35
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/klsA1hqjxIrJUBsoykdqPuaziDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.196.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:22:a5:53:71:6c:5e:b2:31:12:45:1b:00:28:36:17:f5:f4:
c7:83:4d:5a:ec:b0:5e:77:88:71:e1:d0:e4:cc:9d:9d:06:c5:
bb:8c:73:b3:03:51:81:53:4c:4b:fc:22:f6:ee:c2:ea:bc:95:
e6:c0:79:2e:74:5c:21:3a:b0:e2:a4:99:df:15:27:93:2f:50:
82:f0:84:c9:2f:f5:fa:f9:51:e0:e0:5d:92:4f:2a:06:35:74:
d4:04:ad:cd:96:dc:3c:23:a1:bc:75:fe:3e:4f:17:dc:1e:1a:
ff:79:c0:43:a6:32:f5:4f:34:3d:34:c8:69:d4:ce:64:66:bc:
e9:74:ef:d3:c3:96:88:bb:44:ed:b9:88:8a:ec:63:64:3a:c9:
3a:93:9d:f0:c2:74:7e:f5:67:8e:1e:c4:56:fc:1c:75:8d:df:
8c:cd:91:c6:cc:7d:68:8d:0c:9b:36:68:18:24:79:93:f9:5c:
10:94:bf:bd:c2:f6:00:11:f4:8c:c2:12:c3:86:e0:bb:c6:e1:
68:18:05:f7:7a:4a:a3:68:cd:7a:21:d1:d6:bc:4b:ce:ae:31:
51:4b:48:62:ef:50:c5:11:8f:4b:f8:4b:09:d5:bb:38:4f:25:
3a:38:f3:64:4e:08:e6:5b:81:f2:9a:56:1b:b2:1e:e2:04:5c:
21:09:67:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns4y+0rCoy+DYIGjXyj96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjViMDBkNjFhYTNjNDhhYzk1MDFiMjhjYTQ3NmEzZWU2YjM4ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcuOQGFzPmRRawrgJt0LXJ+QdC69
U3vbYEUU7e3m05bBzl6HLpmI08Y7q8GV72oO4csCNcGbIx+4H7FuXiK3G6V0FGdb
fNQZTbRBUj4CmsKPLVD2O07NjuIUFmf9FoAMNvOyYo6q8JPNH1brhbGD6ZlXF4ZU
BdPMlpgBqDHrIfiT+K4JM974GRweOX+ElDY0IL4gYWtJghkWs4jbbI4zVhJJ0EZx
InD30OdP8EUlsBYQZnes53hHQRc9cgiNkaYGYbKC1STM/saKHn+2jGyc9QEcY+TK
nRbpS9z5WBC1rTjwn1AWXXhM9jvl1gKBskjIHqj1ecUfnWNPJ7yNgs/vRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJbANYao8SKyVAbKMpHaj7ms4g1MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEva2xzQTFocWp4SXJKVUJzb3lrZHFQdWF6aURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYnEMA0G
CSqGSIb3DQEBCwUAA4IBAQBeIqVTcWxesjESRRsAKDYX9fTHg01a7LBed4hx4dDk
zJ2dBsW7jHOzA1GBU0xL/CL27sLqvJXmwHkudFwhOrDipJnfFSeTL1CC8ITJL/X6
+VHg4F2STyoGNXTUBK3Nltw8I6G8df4+TxfcHhr/ecBDpjL1TzQ9NMhp1M5kZrzp
dO/Tw5aIu0TtuYiK7GNkOsk6k53wwnR+9WeOHsRW/Bx1jd+MzZHGzH1ojQybNmgY
JHmT+VwQlL+9wvYAEfSMwhLDhuC7xuFoGAX3ekqjaM16IdHWvEvOrjFRS0hi71DF
EY9L+EsJ1bs4TyU6OPNkTgjmW4HymlYbsh7iBFwhCWcg
-----END CERTIFICATE-----
Generated at Thu Apr 24 19:06:46 2025 by rpki-client