Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/yQmkLUR6MH6h1RvFVHhe4DDu7QY.roa
File: yQmkLUR6MH6h1RvFVHhe4DDu7QY.roa (raw, json)
Hash identifier: 7D7oyqrxVnp9P9+upqmUz5U0xALaurO7hGz+98jrtEE=
Subject key identifier: C9:09:A4:2D:44:7A:30:7E:A1:D5:1B:C5:54:78:5E:E0:30:EE:ED:06
Certificate issuer: /CN=a5f6a71a180dcf8b230c414f09f7b71baea9781c
Certificate serial: 019424B3B28050656F0611E1F883B8F2E388
Authority key identifier: A5:F6:A7:1A:18:0D:CF:8B:23:0C:41:4F:09:F7:B7:1B:AE:A9:78:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pfanGhgNz4sjDEFPCfe3G66peBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/yQmkLUR6MH6h1RvFVHhe4DDu7QY.roa
Signing time: Thu 02 Jan 2025 01:49:03 +0000
ROA not before: Thu 02 Jan 2025 01:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16097
IP address blocks: 45.157.224.0/24 maxlen: 24
2a0f:6cc6::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b2:80:50:65:6f:06:11:e1:f8:83:b8:f2:e3:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5f6a71a180dcf8b230c414f09f7b71baea9781c
Validity
Not Before: Jan 2 01:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c909a42d447a307ea1d51bc554785ee030eeed06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:92:67:f1:45:67:19:c5:26:90:74:f6:79:38:
f8:fa:f3:9d:44:9c:e4:69:7c:88:00:b4:a6:bc:9f:
09:30:54:93:3b:10:c3:5e:c1:46:f6:5d:7d:06:1a:
82:e5:db:aa:30:1a:ca:42:39:53:a0:9d:f1:cc:fa:
c0:e8:f5:96:b4:c8:d3:83:ee:4c:ea:30:91:ac:e6:
8a:a8:d3:1f:69:94:91:f7:32:f8:05:2c:c8:37:8a:
8e:f3:cb:cc:72:93:5b:12:ee:98:40:80:d0:9a:e0:
fd:be:a0:73:e0:44:78:5a:02:4b:86:f9:56:e9:29:
c0:71:0c:28:1e:f7:5d:cf:f1:28:e6:80:b1:57:ca:
94:0f:51:d7:e1:5a:2b:e8:51:76:e4:57:0c:a3:16:
2a:34:50:1e:58:92:58:18:dc:30:88:f7:66:a8:f7:
b5:65:6f:5e:6b:97:b1:09:54:bb:03:a1:8d:95:22:
0d:5a:8f:33:b0:43:7b:e4:93:f3:1a:6e:ae:e8:eb:
ad:18:f0:f7:65:c6:99:1a:5a:4b:4d:53:0b:23:3d:
41:0e:6d:6d:71:3b:51:7d:a6:d6:3f:13:f5:27:07:
1d:68:f2:bb:82:d7:e3:c8:fa:16:94:08:1b:ad:7a:
e6:0e:b1:81:28:2b:6e:70:4b:48:e1:00:01:36:d9:
c5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:09:A4:2D:44:7A:30:7E:A1:D5:1B:C5:54:78:5E:E0:30:EE:ED:06
X509v3 Authority Key Identifier:
keyid:A5:F6:A7:1A:18:0D:CF:8B:23:0C:41:4F:09:F7:B7:1B:AE:A9:78:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pfanGhgNz4sjDEFPCfe3G66peBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/yQmkLUR6MH6h1RvFVHhe4DDu7QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/pfanGhgNz4sjDEFPCfe3G66peBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.224.0/24
IPv6:
2a0f:6cc6::/32
Signature Algorithm: sha256WithRSAEncryption
79:91:c0:50:4b:d7:be:be:91:32:0b:f7:42:d8:0b:b0:7c:b6:
b1:0a:73:79:81:67:59:84:62:81:6c:c7:49:36:9d:b2:85:3f:
f8:c0:84:1e:54:18:59:16:ff:c4:db:0f:4b:86:b8:a9:cf:4c:
1b:80:68:ef:7c:81:98:6c:a2:a0:e4:e1:96:d8:4e:82:52:17:
d7:1d:bf:1f:f3:79:79:c8:bc:ac:25:36:de:ea:7e:66:66:50:
fe:0b:0e:5c:ee:54:80:a2:8a:e7:97:b4:35:0f:ea:c6:fd:96:
13:f5:f2:f2:28:18:a1:54:ae:82:b4:3b:79:3a:1e:90:7b:85:
98:1d:2c:db:66:bb:45:14:cd:cc:59:0c:64:e4:75:fa:b5:a1:
25:8d:20:ef:b4:06:e7:d8:0c:64:2d:a6:17:2c:85:4b:08:2c:
ad:0c:88:84:3c:6b:01:48:c4:ad:75:fc:10:be:6d:9a:ac:82:
c3:18:a2:9a:6d:35:1f:df:a9:7f:97:86:1b:d6:25:63:ba:98:
c0:14:1e:39:40:62:80:3d:2b:c3:07:f1:8c:01:fd:8a:fe:c6:
61:9a:7c:e1:4b:df:8a:5f:f2:5d:78:c2:fd:ef:43:d7:e6:18:
18:96:66:22:41:3e:22:16:76:0f:07:cb:6d:93:98:58:45:d2:
3e:7e:dc:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks7KAUGVvBhHh+IO48uOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjZhNzFhMTgwZGNmOGIyMzBjNDE0ZjA5ZjdiNzFiYWVh
OTc4MWMwHhcNMjUwMTAyMDE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA5YTQyZDQ0N2EzMDdlYTFkNTFiYzU1NDc4NWVlMDMwZWVlZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5Jn8UVnGcUmkHT2eTj4+vOdRJzk
aXyIALSmvJ8JMFSTOxDDXsFG9l19BhqC5duqMBrKQjlToJ3xzPrA6PWWtMjTg+5M
6jCRrOaKqNMfaZSR9zL4BSzIN4qO88vMcpNbEu6YQIDQmuD9vqBz4ER4WgJLhvlW
6SnAcQwoHvddz/Eo5oCxV8qUD1HX4Vor6FF25FcMoxYqNFAeWJJYGNwwiPdmqPe1
ZW9ea5exCVS7A6GNlSINWo8zsEN75JPzGm6u6OutGPD3ZcaZGlpLTVMLIz1BDm1t
cTtRfabWPxP1JwcdaPK7gtfjyPoWlAgbrXrmDrGBKCtucEtI4QABNtnFRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMkJpC1EejB+odUbxVR4XuAw7u0GMB8GA1UdIwQY
MBaAFKX2pxoYDc+LIwxBTwn3txuuqXgcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZhbkdoZ056NHNqREVGUENmZTNHNjZwZUJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iM2Y5MTItMzZkMS00MzY2LWFjM2Mt
NjY2MDIzOGIwM2NlLzEveVFta0xVUjZNSDZoMVJ2RlZIaGU0RER1N1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iM2Y5MTItMzZkMS00MzY2LWFjM2MtNjY2MDIzOGIwM2Nl
LzEvcGZhbkdoZ056NHNqREVGUENmZTNHNjZwZUJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZ3gMA0E
AgACMAcDBQAqD2zGMA0GCSqGSIb3DQEBCwUAA4IBAQB5kcBQS9e+vpEyC/dC2Auw
fLaxCnN5gWdZhGKBbMdJNp2yhT/4wIQeVBhZFv/E2w9Lhripz0wbgGjvfIGYbKKg
5OGW2E6CUhfXHb8f83l5yLysJTbe6n5mZlD+Cw5c7lSAoornl7Q1D+rG/ZYT9fLy
KBihVK6CtDt5Oh6Qe4WYHSzbZrtFFM3MWQxk5HX6taEljSDvtAbn2AxkLaYXLIVL
CCytDIiEPGsBSMStdfwQvm2arILDGKKabTUf36l/l4Yb1iVjupjAFB45QGKAPSvD
B/GMAf2K/sZhmnzhS9+KX/JdeML970PX5hgYlmYiQT4iFnYPB8ttk5hYRdI+ftyB
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:59:34 2025 by rpki-client