Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/JAuA883iG3ecktuhBvPjwiYE2gs.roa
File: JAuA883iG3ecktuhBvPjwiYE2gs.roa (raw, json)
Hash identifier: 2XmurE8d9+/OzcrvAO2f2ROqPHe6N2R65dp7AYrb+WA=
Subject key identifier: 24:0B:80:F3:CD:E2:1B:77:9C:92:DB:A1:06:F3:E3:C2:26:04:DA:0B
Certificate issuer: /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Certificate serial: 0194A70BF678AFCEECB657C8D6434663D2CC
Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/JAuA883iG3ecktuhBvPjwiYE2gs.roa
Signing time: Mon 27 Jan 2025 09:16:06 +0000
ROA not before: Mon 27 Jan 2025 09:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215730
IP address blocks: 45.144.52.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:0b:f6:78:af:ce:ec:b6:57:c8:d6:43:46:63:d2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Validity
Not Before: Jan 27 09:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=240b80f3cde21b779c92dba106f3e3c22604da0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d2:32:34:24:e9:b4:5a:1b:c3:28:3a:6b:00:
46:33:0e:f4:76:10:bd:8f:75:8d:5d:2f:4d:f3:fd:
ba:7b:81:d9:a7:6b:d3:9f:7d:c2:02:83:1f:f6:be:
c6:9a:09:dd:16:90:ae:02:bb:45:05:0d:20:22:d3:
63:1d:05:e0:d1:c1:61:8f:9f:d2:80:b7:0c:ca:28:
64:77:87:14:77:9f:0e:83:09:53:aa:64:7b:70:0c:
4f:91:6d:a5:42:75:fe:ba:1f:28:88:db:2d:8a:2b:
bd:19:aa:de:c8:c0:cf:7b:80:a4:59:f4:2a:c4:a1:
21:62:9d:39:b2:fc:e6:09:74:0e:6a:2d:f8:d5:e8:
8b:c7:26:7b:7b:d0:22:4b:dd:26:ce:30:9e:4a:45:
5a:db:24:b1:bf:aa:db:c9:01:92:fd:40:45:58:8e:
4a:30:7b:18:c5:15:b1:73:55:d4:24:36:1a:68:15:
2d:eb:79:c0:da:1c:c4:56:4a:dd:74:27:ee:e1:fd:
2d:b6:23:ea:7d:40:b9:03:1b:f8:18:53:81:b9:c2:
9c:25:5c:7c:f0:c9:18:f0:79:c3:ce:a1:1e:91:4a:
07:3f:5c:d2:58:8e:c5:4b:d7:b4:66:2a:96:ab:bf:
3c:6d:4f:8e:02:5c:fb:03:4a:21:81:cf:5a:89:7d:
39:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0B:80:F3:CD:E2:1B:77:9C:92:DB:A1:06:F3:E3:C2:26:04:DA:0B
X509v3 Authority Key Identifier:
keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/JAuA883iG3ecktuhBvPjwiYE2gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.52.0/23
Signature Algorithm: sha256WithRSAEncryption
94:22:af:e4:7d:0b:c1:9d:bc:fd:df:a0:f2:cb:63:52:d9:79:
9e:f0:1a:ea:53:5f:d8:9f:85:88:41:22:cb:c2:fc:f9:7d:75:
ea:18:e2:a3:42:90:e4:39:7f:f7:0e:aa:07:24:c2:f7:74:32:
4f:12:8f:cb:f7:1f:3b:ca:b6:96:6c:3e:a5:c6:10:95:a2:cd:
00:69:09:10:10:9d:87:ec:89:a4:1c:88:66:1a:d5:97:52:2d:
75:ab:42:51:32:37:c7:41:c5:e7:68:d3:3c:88:35:29:9d:76:
2c:af:d4:7a:08:f5:89:ca:21:e9:6a:1c:d8:fc:6a:5e:8d:c9:
7b:33:45:d7:3e:97:54:9d:c0:93:7d:62:19:b0:c4:b0:c4:2c:
00:a1:30:ce:05:ad:4c:5c:f5:25:ce:e2:31:5e:2d:9c:93:5a:
22:88:c5:d4:e8:a0:1e:93:94:48:66:2b:69:c8:47:55:33:20:
a2:b4:c9:b1:4a:b0:fb:49:11:89:af:f8:fb:e0:af:80:ee:09:
fb:b1:a0:ad:d4:1b:e6:e3:6a:55:f4:df:d0:a1:58:0b:01:8c:
93:f4:c1:ef:d4:f1:d7:b8:24:c6:84:0c:0f:0b:d9:7a:32:85:
d6:ff:73:94:49:70:25:d3:c3:51:c9:3a:7b:56:41:97:b9:b5:
1d:5a:63:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSnC/Z4r87stlfI1kNGY9LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy
NTU2ZjAwHhcNMjUwMTI3MDkxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDBiODBmM2NkZTIxYjc3OWM5MmRiYTEwNmYzZTNjMjI2MDRkYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79IyNCTptFobwyg6awBGMw70dhC9
j3WNXS9N8/26e4HZp2vTn33CAoMf9r7GmgndFpCuArtFBQ0gItNjHQXg0cFhj5/S
gLcMyihkd4cUd58OgwlTqmR7cAxPkW2lQnX+uh8oiNstiiu9GareyMDPe4CkWfQq
xKEhYp05svzmCXQOai341eiLxyZ7e9AiS90mzjCeSkVa2ySxv6rbyQGS/UBFWI5K
MHsYxRWxc1XUJDYaaBUt63nA2hzEVkrddCfu4f0ttiPqfUC5Axv4GFOBucKcJVx8
8MkY8HnDzqEekUoHP1zSWI7FS9e0ZiqWq788bU+OAlz7A0ohgc9aiX05KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQLgPPN4ht3nJLboQbz48ImBNoLMB8GA1UdIwQY
MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt
NzY5ODI0OTNlYTFhLzEvSkF1QTg4M2lHM2Vja3R1aEJ2UGp3aVlFMmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh
LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZA0MA0G
CSqGSIb3DQEBCwUAA4IBAQCUIq/kfQvBnbz936Dyy2NS2Xme8BrqU1/Yn4WIQSLL
wvz5fXXqGOKjQpDkOX/3DqoHJML3dDJPEo/L9x87yraWbD6lxhCVos0AaQkQEJ2H
7ImkHIhmGtWXUi11q0JRMjfHQcXnaNM8iDUpnXYsr9R6CPWJyiHpahzY/Gpejcl7
M0XXPpdUncCTfWIZsMSwxCwAoTDOBa1MXPUlzuIxXi2ck1oiiMXU6KAek5RIZitp
yEdVMyCitMmxSrD7SRGJr/j74K+A7gn7saCt1Bvm42pV9N/QoVgLAYyT9MHv1PHX
uCTGhAwPC9l6MoXW/3OUSXAl08NRyTp7VkGXubUdWmME
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:52:52 2025 by rpki-client