Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/e9EQ6VGsqQtTlrcZFXyP1dKg-x0.roa
File: e9EQ6VGsqQtTlrcZFXyP1dKg-x0.roa (raw, json)
Hash identifier: Qxin8oKJ7eJDBi35LMUZ2n4Hb/pGwiYUbLvNw7wbCZg=
Subject key identifier: 7B:D1:10:E9:51:AC:A9:0B:53:96:B7:19:15:7C:8F:D5:D2:A0:FB:1D
Certificate issuer: /CN=1b368fbf5bbd6d32f3dddc24ec204038c49b0550
Certificate serial: 019425FC2E6F238824AD509B6394FE1A21BA
Authority key identifier: 1B:36:8F:BF:5B:BD:6D:32:F3:DD:DC:24:EC:20:40:38:C4:9B:05:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzaPv1u9bTLz3dwk7CBAOMSbBVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/e9EQ6VGsqQtTlrcZFXyP1dKg-x0.roa
Signing time: Thu 02 Jan 2025 07:47:51 +0000
ROA not before: Thu 02 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211978
IP address blocks: 45.135.72.0/23 maxlen: 23
45.135.74.0/23 maxlen: 23
45.135.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:2e:6f:23:88:24:ad:50:9b:63:94:fe:1a:21:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b368fbf5bbd6d32f3dddc24ec204038c49b0550
Validity
Not Before: Jan 2 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bd110e951aca90b5396b719157c8fd5d2a0fb1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bd:c2:53:be:d3:f8:14:10:68:64:f7:b5:81:
e7:6c:3e:70:24:61:c6:4e:88:35:fc:28:ec:ef:cd:
d3:58:45:ee:00:3b:8e:34:1d:db:51:ca:58:f5:5d:
4e:99:9e:98:6f:35:0e:c7:5a:cd:0a:4b:c5:4c:36:
38:b5:0c:70:25:9c:d7:76:cb:35:49:d4:6b:6a:30:
80:9a:e7:c8:70:27:13:f2:76:61:9b:2d:cc:6e:93:
6e:03:74:16:d2:77:d3:0d:22:cb:df:e6:ea:13:6e:
0f:0a:39:1c:ee:87:61:91:82:9a:ec:85:34:05:fb:
14:b3:86:f0:f0:b1:6d:f3:e5:43:fd:7e:f7:79:48:
f0:89:b2:1d:1f:7c:44:86:34:5f:91:da:65:40:78:
41:29:af:70:c9:33:01:93:a0:b3:6a:6c:b0:b3:b6:
d0:21:8f:10:fe:21:70:a4:8c:5f:21:a4:87:03:4c:
62:76:fa:42:24:42:b0:ac:84:ad:fc:8d:74:61:70:
db:10:ce:21:1a:7e:89:34:0f:d0:07:3b:43:a3:7b:
6f:6b:ed:32:71:34:1a:56:9b:62:bd:b3:9a:40:3a:
04:d4:cc:6f:97:24:8f:a6:65:1c:6d:7c:10:44:ab:
fb:96:0b:b8:78:7d:44:3f:21:a3:26:22:d9:c2:87:
bd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D1:10:E9:51:AC:A9:0B:53:96:B7:19:15:7C:8F:D5:D2:A0:FB:1D
X509v3 Authority Key Identifier:
keyid:1B:36:8F:BF:5B:BD:6D:32:F3:DD:DC:24:EC:20:40:38:C4:9B:05:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzaPv1u9bTLz3dwk7CBAOMSbBVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/e9EQ6VGsqQtTlrcZFXyP1dKg-x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/2cbf88-58d9-424e-8f8f-fd4604d7e7af/1/GzaPv1u9bTLz3dwk7CBAOMSbBVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.72.0/22
Signature Algorithm: sha256WithRSAEncryption
68:98:dd:88:94:96:78:1a:75:81:53:2d:a2:72:cc:8e:a8:b2:
21:1b:b8:2a:0d:12:ea:76:3d:84:df:1c:76:11:48:c7:46:ce:
ce:e8:a9:27:99:b6:82:17:68:d5:df:a3:22:9c:04:60:0e:39:
67:7d:61:a2:f2:18:52:92:14:65:64:e0:60:8d:16:9d:99:e5:
21:4a:48:52:2e:43:ab:f1:66:df:85:01:a8:b7:67:6b:9d:74:
b8:60:a2:78:88:fb:c0:11:7c:8f:ab:41:7c:8e:2e:92:ca:1c:
59:9f:d3:20:06:8d:86:84:70:68:1c:76:6a:85:97:d0:eb:e8:
f9:03:b5:28:0f:a1:2f:3e:5a:26:d6:d8:23:f1:81:d7:e4:8c:
6b:9b:d8:a6:91:ff:67:4e:e7:98:87:e6:39:f0:b2:07:fd:bb:
db:4a:63:82:62:b4:be:d0:0c:73:ef:24:5f:42:e0:bd:ba:83:
95:19:1b:73:cc:d2:9f:81:1a:24:a0:29:42:88:98:52:81:6e:
ad:6e:91:3e:e7:13:a1:ab:62:e1:de:ae:68:30:2f:69:af:c0:
f3:54:34:7b:80:63:a5:d2:42:3c:ab:6e:28:a4:c0:2c:6e:ab:
44:a9:af:07:59:7f:2d:74:34:d0:b5:48:b9:bc:3d:63:61:11:
b6:36:a7:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/C5vI4gkrVCbY5T+GiG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMzY4ZmJmNWJiZDZkMzJmM2RkZGMyNGVjMjA0MDM4YzQ5
YjA1NTAwHhcNMjUwMTAyMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQxMTBlOTUxYWNhOTBiNTM5NmI3MTkxNTdjOGZkNWQyYTBmYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b3CU77T+BQQaGT3tYHnbD5wJGHG
Tog1/Cjs783TWEXuADuONB3bUcpY9V1OmZ6YbzUOx1rNCkvFTDY4tQxwJZzXdss1
SdRrajCAmufIcCcT8nZhmy3MbpNuA3QW0nfTDSLL3+bqE24PCjkc7odhkYKa7IU0
BfsUs4bw8LFt8+VD/X73eUjwibIdH3xEhjRfkdplQHhBKa9wyTMBk6Czamyws7bQ
IY8Q/iFwpIxfIaSHA0xidvpCJEKwrISt/I10YXDbEM4hGn6JNA/QBztDo3tva+0y
cTQaVptivbOaQDoE1MxvlySPpmUcbXwQRKv7lgu4eH1EPyGjJiLZwoe9QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvREOlRrKkLU5a3GRV8j9XSoPsdMB8GA1UdIwQY
MBaAFBs2j79bvW0y893cJOwgQDjEmwVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3phUHYxdTliVEx6M2R3azdDQkFPTVNiQlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8yY2JmODgtNThkOS00MjRlLThmOGYt
ZmQ0NjA0ZDdlN2FmLzEvZTlFUTZWR3NxUXRUbHJjWkZYeVAxZEtnLXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8yY2JmODgtNThkOS00MjRlLThmOGYtZmQ0NjA0ZDdlN2Fm
LzEvR3phUHYxdTliVEx6M2R3azdDQkFPTVNiQlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYdIMA0G
CSqGSIb3DQEBCwUAA4IBAQBomN2IlJZ4GnWBUy2icsyOqLIhG7gqDRLqdj2E3xx2
EUjHRs7O6KknmbaCF2jV36MinARgDjlnfWGi8hhSkhRlZOBgjRadmeUhSkhSLkOr
8WbfhQGot2drnXS4YKJ4iPvAEXyPq0F8ji6SyhxZn9MgBo2GhHBoHHZqhZfQ6+j5
A7UoD6EvPlom1tgj8YHX5Ixrm9imkf9nTueYh+Y58LIH/bvbSmOCYrS+0Axz7yRf
QuC9uoOVGRtzzNKfgRokoClCiJhSgW6tbpE+5xOhq2Lh3q5oMC9pr8DzVDR7gGOl
0kI8q24opMAsbqtEqa8HWX8tdDTQtUi5vD1jYRG2Nqe5
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:05:11 2025 by rpki-client