Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/8p3FeP9fWKucuFd2k3wyGNGZSeU.roa
File: 8p3FeP9fWKucuFd2k3wyGNGZSeU.roa (raw, json)
Hash identifier: IrFcc0YYy1C3QLbl87tZXheazbbjvEZoA4G9ckLCKck=
Subject key identifier: F2:9D:C5:78:FF:5F:58:AB:9C:B8:57:76:93:7C:32:18:D1:99:49:E5
Certificate issuer: /CN=75f1a763745c25dad28f4a8116688e82ce12028b
Certificate serial: 01941FFA990DF23A22BCE06AFBC174067EE5
Authority key identifier: 75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/8p3FeP9fWKucuFd2k3wyGNGZSeU.roa
Signing time: Wed 01 Jan 2025 03:48:24 +0000
ROA not before: Wed 01 Jan 2025 03:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35478
IP address blocks: 45.8.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:99:0d:f2:3a:22:bc:e0:6a:fb:c1:74:06:7e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75f1a763745c25dad28f4a8116688e82ce12028b
Validity
Not Before: Jan 1 03:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f29dc578ff5f58ab9cb85776937c3218d19949e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f3:10:1d:15:98:e5:5d:0e:67:90:5f:b9:93:
e6:9c:57:e8:29:d1:86:4c:a3:a9:a4:df:65:f8:1a:
f2:19:11:34:a6:ef:2f:94:39:ce:48:04:4f:96:24:
8e:57:3c:13:d3:af:b2:85:40:ec:bf:c3:34:91:ad:
f3:4a:02:ad:ea:c5:11:39:dc:95:01:b4:6c:5f:28:
b3:b7:56:7b:d4:dc:b4:98:07:64:21:3b:62:d0:85:
2c:8b:a5:20:b9:cc:31:1f:a2:de:b5:9a:1f:42:ef:
9c:bf:d0:21:76:6d:12:d3:42:ef:08:d1:a0:d1:ab:
9c:62:a8:ec:6c:06:ef:17:db:a7:9b:9f:75:12:ef:
f8:67:c3:c7:26:25:76:7a:7e:ae:b2:d1:52:f3:8f:
1e:8c:c6:3a:c2:1e:57:89:dd:86:9c:a2:47:5f:db:
4f:13:28:db:03:d5:4c:c8:7f:d4:35:b2:cf:87:2f:
e4:01:01:dc:3b:4f:ee:16:af:ca:16:61:e2:56:b2:
82:33:38:bb:06:b3:6b:8c:fa:52:38:64:f7:d2:db:
ed:05:76:f2:e0:8b:e8:59:18:97:0f:c4:cc:d0:41:
79:43:f4:de:3b:a3:8b:f9:27:63:d4:21:b1:43:d3:
fa:9a:c2:8d:55:51:f0:69:1c:e6:de:b3:26:00:f6:
0f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9D:C5:78:FF:5F:58:AB:9C:B8:57:76:93:7C:32:18:D1:99:49:E5
X509v3 Authority Key Identifier:
keyid:75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/8p3FeP9fWKucuFd2k3wyGNGZSeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.44.0/24
Signature Algorithm: sha256WithRSAEncryption
43:35:8e:78:d3:82:57:92:1b:f4:db:7e:ab:78:5e:cf:63:c7:
9c:a2:7a:0f:63:16:60:d0:16:15:d4:62:04:cd:5e:15:4c:3b:
6f:aa:bf:16:4f:79:9a:93:4e:8e:da:ec:6c:62:9c:98:8d:61:
f3:80:84:97:5f:ee:3c:80:96:7d:57:0e:01:dc:61:5b:4d:d9:
a1:bd:c1:08:da:de:89:2b:db:21:63:fa:57:5d:7c:ff:8a:60:
91:93:a1:fb:96:5c:32:e5:f9:e8:f0:b8:7f:e0:1a:fe:29:b8:
97:d6:1e:63:68:9a:16:37:60:54:83:c0:11:43:90:b4:15:2f:
bf:ee:b8:4d:7f:d2:fc:cd:ee:81:74:b6:25:95:59:eb:18:7e:
ce:2a:92:49:d3:3e:8b:b2:42:46:55:76:0d:11:0e:29:75:0f:
0b:c1:5b:4e:ad:91:58:3a:da:d6:af:bf:9c:d1:ee:0b:65:b9:
f1:f3:14:38:af:be:40:d4:33:fe:93:9c:c6:4e:f1:6f:d3:6c:
39:13:aa:48:28:68:a5:a3:c0:fb:e5:80:6f:e2:ad:f1:52:b6:
aa:a7:d4:0b:d5:f2:aa:57:d2:a8:6e:ad:93:5c:c6:3d:01:f7:
04:00:c3:6e:7d:c4:c0:da:6e:2d:6b:d0:89:37:f4:1a:e5:43:
15:5e:37:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+pkN8joivOBq+8F0Bn7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZjFhNzYzNzQ1YzI1ZGFkMjhmNGE4MTE2Njg4ZTgyY2Ux
MjAyOGIwHhcNMjUwMTAxMDM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjlkYzU3OGZmNWY1OGFiOWNiODU3NzY5MzdjMzIxOGQxOTk0OWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fMQHRWY5V0OZ5BfuZPmnFfoKdGG
TKOppN9l+BryGRE0pu8vlDnOSARPliSOVzwT06+yhUDsv8M0ka3zSgKt6sUROdyV
AbRsXyizt1Z71Ny0mAdkITti0IUsi6UgucwxH6LetZofQu+cv9Ahdm0S00LvCNGg
0aucYqjsbAbvF9unm591Eu/4Z8PHJiV2en6ustFS848ejMY6wh5Xid2GnKJHX9tP
EyjbA9VMyH/UNbLPhy/kAQHcO0/uFq/KFmHiVrKCMzi7BrNrjPpSOGT30tvtBXby
4IvoWRiXD8TM0EF5Q/TeO6OL+Sdj1CGxQ9P6msKNVVHwaRzm3rMmAPYPnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKdxXj/X1irnLhXdpN8MhjRmUnlMB8GA1UdIwQY
MBaAFHXxp2N0XCXa0o9KgRZojoLOEgKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQt
Yzg0OWJjMGYzNTliLzEvOHAzRmVQOWZXS3VjdUZkMmszd3lHTkdaU2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQtYzg0OWJjMGYzNTli
LzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQgsMA0G
CSqGSIb3DQEBCwUAA4IBAQBDNY5404JXkhv0236reF7PY8econoPYxZg0BYV1GIE
zV4VTDtvqr8WT3mak06O2uxsYpyYjWHzgISXX+48gJZ9Vw4B3GFbTdmhvcEI2t6J
K9shY/pXXXz/imCRk6H7llwy5fno8Lh/4Br+KbiX1h5jaJoWN2BUg8ARQ5C0FS+/
7rhNf9L8ze6BdLYllVnrGH7OKpJJ0z6LskJGVXYNEQ4pdQ8LwVtOrZFYOtrWr7+c
0e4LZbnx8xQ4r75A1DP+k5zGTvFv02w5E6pIKGilo8D75YBv4q3xUraqp9QL1fKq
V9Kobq2TXMY9AfcEAMNufcTA2m4ta9CJN/Qa5UMVXjcz
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:56:47 2025 by rpki-client