Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/vfIxBAsj822N76w697miZZQZT-M.roa
File: vfIxBAsj822N76w697miZZQZT-M.roa (raw, json)
Hash identifier: Q7ba86E3b6I2IxLmX1JkWhxhrGYtcU7zADafi/RdHVE=
Subject key identifier: BD:F2:31:04:0B:23:F3:6D:8D:EF:AC:3A:F7:B9:A2:65:94:19:4F:E3
Certificate issuer: /CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
Certificate serial: 01942444B3A01DC8688AD32FDB125F246306
Authority key identifier: 10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/vfIxBAsj822N76w697miZZQZT-M.roa
Signing time: Wed 01 Jan 2025 23:47:49 +0000
ROA not before: Wed 01 Jan 2025 23:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60776
IP address blocks: 45.155.84.0/22 maxlen: 22
2a0f:f100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b3:a0:1d:c8:68:8a:d3:2f:db:12:5f:24:63:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10071dab168e8e53e3cd7df5db8e0f04242e9086
Validity
Not Before: Jan 1 23:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdf231040b23f36d8defac3af7b9a26594194fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:ea:bf:7e:54:04:73:68:7f:94:a3:ad:93:
42:f2:c2:ed:42:46:30:35:ae:ec:13:59:0c:ac:88:
91:b1:d7:d6:de:ef:89:5c:31:65:54:ee:64:58:52:
6d:3e:a4:95:4e:5c:10:81:a1:1e:a6:ce:5d:ce:75:
45:9e:b3:ea:b8:6c:05:1e:48:87:50:d7:a8:18:f9:
d0:f9:23:a7:81:d4:a4:b9:b5:33:8c:de:24:6c:5e:
43:5e:c1:04:59:d2:ad:8b:b6:cf:cb:54:4b:19:5c:
b5:f9:9a:95:c7:cb:17:ef:15:6f:a9:02:56:38:e9:
92:c2:31:57:98:43:8b:e0:89:8b:01:d7:3a:2a:bc:
33:a1:71:cc:88:e0:3e:d6:a4:f6:7c:0b:29:00:3b:
f5:9f:e6:4a:3d:32:a1:38:47:30:00:18:47:5e:20:
87:6e:ee:21:28:c6:db:cb:39:cb:5b:77:f6:1d:41:
64:9b:2d:11:4f:fa:cd:89:b9:90:0b:91:4e:3a:83:
54:26:a6:b7:13:e5:a6:eb:34:0c:77:df:31:ce:f7:
00:94:3f:2e:73:9f:63:cc:15:8a:5a:f2:a6:f2:40:
8b:a0:a0:af:8b:6d:8d:23:45:74:cc:d5:f3:35:d6:
0e:a7:0b:37:dc:bd:49:51:7d:2d:96:ad:d5:2b:21:
55:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F2:31:04:0B:23:F3:6D:8D:EF:AC:3A:F7:B9:A2:65:94:19:4F:E3
X509v3 Authority Key Identifier:
keyid:10:07:1D:AB:16:8E:8E:53:E3:CD:7D:F5:DB:8E:0F:04:24:2E:90:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAcdqxaOjlPjzX31244PBCQukIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/vfIxBAsj822N76w697miZZQZT-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/cbe6b7-5e13-4094-b979-2fe412e3eab4/1/EAcdqxaOjlPjzX31244PBCQukIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.84.0/22
IPv6:
2a0f:f100::/29
Signature Algorithm: sha256WithRSAEncryption
8b:e8:0b:f8:60:53:30:b4:0c:e8:d9:33:bb:3f:f7:18:cf:82:
9f:f2:9e:ae:0d:35:28:35:c0:0f:2e:b2:c4:aa:e5:be:98:0c:
07:e2:c8:61:ab:da:d8:be:97:99:9a:aa:e9:5b:af:99:aa:7a:
9d:68:72:85:c9:c7:88:2e:63:6d:99:10:22:08:91:ae:7e:6c:
91:82:dd:a6:fb:4d:2a:4e:04:a6:f5:84:24:8b:f0:b7:8c:5a:
c6:cb:51:c6:bb:1b:1f:5e:b7:77:b1:ac:d6:ba:4f:d2:84:76:
d3:e7:18:b6:04:be:5c:13:cb:6b:af:cc:bc:08:1a:f0:70:44:
58:e4:d9:c4:f3:99:95:b4:9f:1b:05:49:51:a7:45:2f:9b:57:
fe:fc:26:db:45:01:77:8b:82:f7:7c:84:8c:dd:eb:59:0f:db:
a3:74:8e:a9:49:df:11:84:d6:c7:66:b7:0e:70:73:11:23:c5:
7e:98:3f:8d:7f:48:69:64:77:cc:72:64:3c:9c:3d:33:34:fb:
e7:c7:dc:53:67:47:79:23:54:dc:fc:0c:b2:1d:b9:54:60:7d:
dd:bd:fe:af:37:d8:55:8e:9b:ac:4c:a6:1c:f5:aa:7e:12:67:
4f:bc:00:9a:00:fc:60:a0:03:6b:9f:6b:d3:ea:b1:75:2f:27:
af:73:f9:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRLOgHchoitMv2xJfJGMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDcxZGFiMTY4ZThlNTNlM2NkN2RmNWRiOGUwZjA0MjQy
ZTkwODYwHhcNMjUwMTAxMjM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGYyMzEwNDBiMjNmMzZkOGRlZmFjM2FmN2I5YTI2NTk0MTk0ZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzqv35UBHNof5SjrZNC8sLtQkYw
Na7sE1kMrIiRsdfW3u+JXDFlVO5kWFJtPqSVTlwQgaEeps5dznVFnrPquGwFHkiH
UNeoGPnQ+SOngdSkubUzjN4kbF5DXsEEWdKti7bPy1RLGVy1+ZqVx8sX7xVvqQJW
OOmSwjFXmEOL4ImLAdc6KrwzoXHMiOA+1qT2fAspADv1n+ZKPTKhOEcwABhHXiCH
bu4hKMbbyznLW3f2HUFkmy0RT/rNibmQC5FOOoNUJqa3E+Wm6zQMd98xzvcAlD8u
c59jzBWKWvKm8kCLoKCvi22NI0V0zNXzNdYOpws33L1JUX0tlq3VKyFViQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL3yMQQLI/Ntje+sOve5omWUGU/jMB8GA1UdIwQY
MBaAFBAHHasWjo5T48199duODwQkLpCGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5Nzkt
MmZlNDEyZTNlYWI0LzEvdmZJeEJBc2o4MjJONzZ3Njk3bWlaWlFaVC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jYmU2YjctNWUxMy00MDk0LWI5NzktMmZlNDEyZTNlYWI0
LzEvRUFjZHF4YU9qbFBqelgzMTI0NFBCQ1F1a0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZtUMA0E
AgACMAcDBQMqD/EAMA0GCSqGSIb3DQEBCwUAA4IBAQCL6Av4YFMwtAzo2TO7P/cY
z4Kf8p6uDTUoNcAPLrLEquW+mAwH4shhq9rYvpeZmqrpW6+ZqnqdaHKFyceILmNt
mRAiCJGufmyRgt2m+00qTgSm9YQki/C3jFrGy1HGuxsfXrd3sazWuk/ShHbT5xi2
BL5cE8trr8y8CBrwcERY5NnE85mVtJ8bBUlRp0Uvm1f+/CbbRQF3i4L3fISM3etZ
D9ujdI6pSd8RhNbHZrcOcHMRI8V+mD+Nf0hpZHfMcmQ8nD0zNPvnx9xTZ0d5I1Tc
/AyyHblUYH3dvf6vN9hVjpusTKYc9ap+EmdPvACaAPxgoANrn2vT6rF1Lyevc/mH
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:46:26 2025 by rpki-client