Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/P8fe72CVlfJsdBHCpvH0w1OycSc.roa
File: P8fe72CVlfJsdBHCpvH0w1OycSc.roa (raw, json)
Hash identifier: 04OdqfXLVdeGIJBb6bouvUWZJ3GVs5AGJZQxTQ+fn3c=
Subject key identifier: 3F:C7:DE:EF:60:95:95:F2:6C:74:11:C2:A6:F1:F4:C3:53:B2:71:27
Certificate issuer: /CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
Certificate serial: 0194214426F1382ED78D600AF8C4B911B638
Authority key identifier: 7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/P8fe72CVlfJsdBHCpvH0w1OycSc.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208830
IP address blocks: 45.82.236.0/22 maxlen: 24
2a0e:7580::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:26:f1:38:2e:d7:8d:60:0a:f8:c4:b9:11:b6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba2be98438b98ee68a0d1b8c4144520bd0a623d
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fc7deef609595f26c7411c2a6f1f4c353b27127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:f6:77:e7:21:6d:11:bf:02:66:c9:53:db:
aa:59:d7:6b:a7:c6:78:94:0c:e3:9e:d3:b6:7a:7e:
e3:fb:f0:e2:9e:02:47:5c:10:28:a2:ad:5d:16:5f:
a6:e5:da:e2:27:ef:35:37:1f:43:0d:91:ee:3a:a8:
df:a6:a9:36:b0:a6:e0:4e:5d:a7:f0:15:e3:1b:76:
46:8e:ab:e2:8e:bc:39:60:6a:ba:94:53:9f:11:fa:
fa:f8:58:2c:f4:62:85:8a:6c:47:fb:38:b4:91:61:
ee:c0:de:29:0a:d1:fc:f3:f6:e6:58:1e:87:2c:28:
2c:1b:7a:01:13:da:b2:4c:4f:41:fe:04:24:28:f5:
09:2b:88:fc:bb:f9:c2:9f:87:5b:ee:2e:11:4d:c1:
d1:5b:43:ef:bb:68:c0:b1:ec:d4:16:01:b3:1b:db:
7a:a4:6c:0f:ea:89:29:d0:2c:43:31:54:d9:77:8a:
68:1e:b4:14:b8:b8:d4:5a:76:f3:b1:6e:73:15:11:
69:d7:b8:37:01:c8:6c:91:98:c8:40:ab:76:e9:50:
31:70:18:1a:b2:05:71:bd:d0:9d:a4:65:a8:df:7c:
fb:e5:6f:e4:78:7d:21:53:8e:d0:12:ef:7d:53:18:
48:47:3e:69:69:9d:13:73:d2:47:8a:1c:e8:27:30:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C7:DE:EF:60:95:95:F2:6C:74:11:C2:A6:F1:F4:C3:53:B2:71:27
X509v3 Authority Key Identifier:
keyid:7B:A2:BE:98:43:8B:98:EE:68:A0:D1:B8:C4:14:45:20:BD:0A:62:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6K-mEOLmO5ooNG4xBRFIL0KYj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/P8fe72CVlfJsdBHCpvH0w1OycSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/845e76-9c2d-4aff-92af-4935b3f5c209/1/e6K-mEOLmO5ooNG4xBRFIL0KYj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.236.0/22
IPv6:
2a0e:7580::/29
Signature Algorithm: sha256WithRSAEncryption
a3:cc:97:95:6c:5e:05:fa:c0:a5:77:23:2d:00:de:da:79:b7:
97:80:a1:71:ea:18:b5:47:ae:2d:eb:25:4e:2e:69:34:eb:54:
38:13:f5:af:70:92:10:59:c6:e6:51:a4:cf:33:5f:26:db:09:
60:0d:a1:7f:42:1a:a8:7e:cc:e9:50:61:bb:f5:eb:68:16:18:
fc:31:0b:7d:e7:c8:07:b1:bd:08:1a:40:fd:7b:20:21:d6:98:
03:0d:bd:ed:cd:e4:92:2c:04:73:3a:2e:18:c5:8e:27:da:66:
c2:a5:9b:9b:cb:6f:38:0b:32:0b:2a:04:c3:ae:7a:c1:74:04:
bb:1f:ac:17:38:28:7f:7b:fc:30:cb:9b:41:e7:13:47:d6:93:
e6:ea:3e:42:93:87:6f:46:79:be:8e:25:fd:3b:8e:34:6e:37:
41:7d:e4:c9:80:a7:0d:de:60:65:f9:65:2f:38:0d:cb:64:7b:
47:be:6d:ae:75:a8:60:bc:61:d3:1e:8d:df:e2:5b:d8:ec:71:
21:7d:26:7c:ea:94:0b:6c:6e:f2:18:62:18:84:d8:37:e9:73:
a7:ac:51:f5:b3:db:52:0b:1e:47:5e:a5:35:2e:07:68:09:9b:
21:6a:4f:d2:78:62:02:c0:6c:69:25:4c:16:5f:5e:44:d1:13:
e8:0a:10:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRCbxOC7XjWAK+MS5EbY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTJiZTk4NDM4Yjk4ZWU2OGEwZDFiOGM0MTQ0NTIwYmQw
YTYyM2QwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM3ZGVlZjYwOTU5NWYyNmM3NDExYzJhNmYxZjRjMzUzYjI3MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqD2d+chbRG/AmbJU9uqWddrp8Z4
lAzjntO2en7j+/DingJHXBAooq1dFl+m5driJ+81Nx9DDZHuOqjfpqk2sKbgTl2n
8BXjG3ZGjqvijrw5YGq6lFOfEfr6+Fgs9GKFimxH+zi0kWHuwN4pCtH88/bmWB6H
LCgsG3oBE9qyTE9B/gQkKPUJK4j8u/nCn4db7i4RTcHRW0Pvu2jAsezUFgGzG9t6
pGwP6okp0CxDMVTZd4poHrQUuLjUWnbzsW5zFRFp17g3AchskZjIQKt26VAxcBga
sgVxvdCdpGWo33z75W/keH0hU47QEu99UxhIRz5paZ0Tc9JHihzoJzDXAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD/H3u9glZXybHQRwqbx9MNTsnEnMB8GA1UdIwQY
MBaAFHuivphDi5juaKDRuMQURSC9CmI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYt
NDkzNWIzZjVjMjA5LzEvUDhmZTcyQ1ZsZkpzZEJIQ3B2SDB3MU95Y1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84NDVlNzYtOWMyZC00YWZmLTkyYWYtNDkzNWIzZjVjMjA5
LzEvZTZLLW1FT0xtTzVvb05HNHhCUkZJTDBLWWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVLsMA0E
AgACMAcDBQMqDnWAMA0GCSqGSIb3DQEBCwUAA4IBAQCjzJeVbF4F+sCldyMtAN7a
ebeXgKFx6hi1R64t6yVOLmk061Q4E/WvcJIQWcbmUaTPM18m2wlgDaF/Qhqofszp
UGG79etoFhj8MQt958gHsb0IGkD9eyAh1pgDDb3tzeSSLARzOi4YxY4n2mbCpZub
y284CzILKgTDrnrBdAS7H6wXOCh/e/wwy5tB5xNH1pPm6j5Ck4dvRnm+jiX9O440
bjdBfeTJgKcN3mBl+WUvOA3LZHtHvm2udahgvGHTHo3f4lvY7HEhfSZ86pQLbG7y
GGIYhNg36XOnrFH1s9tSCx5HXqU1LgdoCZshak/SeGICwGxpJUwWX15E0RPoChBL
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:33:31 2025 by rpki-client