Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/kCuU_akaKx5LyFBq_aC8tJZmW4k.roa
File: kCuU_akaKx5LyFBq_aC8tJZmW4k.roa (raw, json)
Hash identifier: rwiklkShetbqI+JCF0U82yUoqMzfmqbO8VSJkou4nX0=
Subject key identifier: 90:2B:94:FD:A9:1A:2B:1E:4B:C8:50:6A:FD:A0:BC:B4:96:66:5B:89
Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Certificate serial: 0194214459F3D96AE76CB834CB42BA971DA6
Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/kCuU_akaKx5LyFBq_aC8tJZmW4k.roa
Signing time: Wed 01 Jan 2025 09:48:35 +0000
ROA not before: Wed 01 Jan 2025 09:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204497
IP address blocks: 45.67.157.0/24 maxlen: 24
2a09:7ac1:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:59:f3:d9:6a:e7:6c:b8:34:cb:42:ba:97:1d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Validity
Not Before: Jan 1 09:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=902b94fda91a2b1e4bc8506afda0bcb496665b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:c3:c0:e0:f5:4e:43:c0:1f:d4:2b:a2:34:
41:b5:66:de:40:6b:90:9a:3b:1d:2a:7d:f8:53:4c:
87:74:5b:20:93:7a:79:2d:bf:fd:08:68:4c:c6:c4:
e0:b5:6a:28:e6:6d:ab:e7:46:12:e2:0a:d0:93:5a:
07:f3:61:08:b3:bb:5b:b4:8d:5e:cf:1c:a8:dd:61:
70:6a:80:8d:73:47:bb:a4:01:63:07:a4:47:81:f3:
47:6d:86:f4:64:82:47:83:9a:2b:c3:80:d9:9f:12:
ff:98:b2:f3:ad:0e:d2:2d:4f:06:cc:a3:de:cf:45:
ce:28:18:60:fb:56:bd:42:9d:62:e5:7a:67:15:1a:
55:f5:ed:b0:82:eb:6a:38:87:0a:71:68:26:18:69:
99:a2:73:af:b4:a9:6d:57:97:49:f5:9e:0a:98:25:
b7:40:33:2f:8c:a9:c1:67:73:4f:6c:09:41:03:a9:
19:13:25:19:da:af:36:08:bf:db:1f:83:29:63:ce:
6f:4c:ac:bd:6f:c6:d8:39:8c:79:58:67:82:73:7d:
36:a2:bf:aa:90:cc:6b:78:73:df:05:98:59:08:c2:
8e:ee:4a:6c:01:d3:c9:95:2d:21:5d:3a:07:a8:45:
05:58:9c:89:06:24:d2:ec:db:df:ca:50:12:7b:97:
b1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2B:94:FD:A9:1A:2B:1E:4B:C8:50:6A:FD:A0:BC:B4:96:66:5B:89
X509v3 Authority Key Identifier:
keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/kCuU_akaKx5LyFBq_aC8tJZmW4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.157.0/24
IPv6:
2a09:7ac1:2::/48
Signature Algorithm: sha256WithRSAEncryption
98:e1:1b:34:6e:00:8f:f2:df:ec:49:f5:70:e4:a8:68:d3:d7:
ae:55:f4:a3:bf:f7:fa:4a:92:99:b6:9c:ca:d6:81:36:91:d3:
a2:20:20:3d:bd:ab:31:eb:93:67:84:2b:11:f8:1a:ca:e5:d2:
c2:05:d9:1f:4b:17:c6:e9:d8:2d:58:b1:f1:50:f4:f3:69:cb:
22:09:8d:5e:5b:de:f9:68:56:79:8c:c8:46:06:62:f9:15:a5:
8c:2a:03:78:cb:58:a5:81:17:58:27:01:bd:95:cb:4f:18:6b:
a1:61:f4:64:81:71:30:55:ce:5f:01:40:b4:c0:f0:91:1c:d8:
8b:40:37:a6:cf:73:ff:ab:ca:34:89:36:e1:47:69:20:76:25:
cd:70:3c:60:66:da:8a:a7:62:e7:9c:0f:7d:2c:c8:1d:55:04:
59:c7:79:2b:bd:81:0a:02:a9:84:cc:60:24:3b:95:a8:11:59:
7b:f9:d4:28:d0:d3:04:d9:81:23:32:f2:71:14:4e:59:78:3c:
76:7c:be:be:d8:ce:b6:89:51:01:58:be:2f:13:96:f8:ae:2e:
91:7f:1c:93:7d:28:09:f0:83:c1:08:b3:cd:29:5b:da:36:9e:
5b:5c:4a:1c:7a:53:a6:bf:5b:4f:a5:a3:27:3c:b4:c3:7c:90:
8a:13:9d:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhRFnz2WrnbLg0y0K6lx2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw
ZDVkN2EwHhcNMjUwMTAxMDk0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDJiOTRmZGE5MWEyYjFlNGJjODUwNmFmZGEwYmNiNDk2NjY1Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQbDwOD1TkPAH9QrojRBtWbeQGuQ
mjsdKn34U0yHdFsgk3p5Lb/9CGhMxsTgtWoo5m2r50YS4grQk1oH82EIs7tbtI1e
zxyo3WFwaoCNc0e7pAFjB6RHgfNHbYb0ZIJHg5orw4DZnxL/mLLzrQ7SLU8GzKPe
z0XOKBhg+1a9Qp1i5XpnFRpV9e2wgutqOIcKcWgmGGmZonOvtKltV5dJ9Z4KmCW3
QDMvjKnBZ3NPbAlBA6kZEyUZ2q82CL/bH4MpY85vTKy9b8bYOYx5WGeCc302or+q
kMxreHPfBZhZCMKO7kpsAdPJlS0hXToHqEUFWJyJBiTS7NvfylASe5exXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJArlP2pGiseS8hQav2gvLSWZluJMB8GA1UdIwQY
MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt
MGM0OTU0NzdjYTEwLzEva0N1VV9ha2FLeDVMeUZCcV9hQzh0SlptVzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw
LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALUOdMA8E
AgACMAkDBwAqCXrBAAIwDQYJKoZIhvcNAQELBQADggEBAJjhGzRuAI/y3+xJ9XDk
qGjT165V9KO/9/pKkpm2nMrWgTaR06IgID29qzHrk2eEKxH4Gsrl0sIF2R9LF8bp
2C1YsfFQ9PNpyyIJjV5b3vloVnmMyEYGYvkVpYwqA3jLWKWBF1gnAb2Vy08Ya6Fh
9GSBcTBVzl8BQLTA8JEc2ItAN6bPc/+ryjSJNuFHaSB2Jc1wPGBm2oqnYuecD30s
yB1VBFnHeSu9gQoCqYTMYCQ7lagRWXv51CjQ0wTZgSMy8nEUTll4PHZ8vr7YzraJ
UQFYvi8TlviuLpF/HJN9KAnwg8EIs80pW9o2nltcShx6U6a/W0+loyc8tMN8kIoT
nXM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:46:56 2025 by rpki-client