Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/4tvYqBz30c-0SHwQf2CtT0VNBPQ.roa
File: 4tvYqBz30c-0SHwQf2CtT0VNBPQ.roa (raw, json)
Hash identifier: qCyQEU6OdMbxdWiqsxkcJvwc0b3lfRGI0KL0oWxXAXQ=
Subject key identifier: E2:DB:D8:A8:1C:F7:D1:CF:B4:48:7C:10:7F:60:AD:4F:45:4D:04:F4
Certificate issuer: /CN=b7785a30d8512d0d8ab637812b79fa4529a1ef1b
Certificate serial: 0194228D5C9571D9EC5846BD507A46EBD3C4
Authority key identifier: B7:78:5A:30:D8:51:2D:0D:8A:B6:37:81:2B:79:FA:45:29:A1:EF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3haMNhRLQ2KtjeBK3n6RSmh7xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/4tvYqBz30c-0SHwQf2CtT0VNBPQ.roa
Signing time: Wed 01 Jan 2025 15:47:57 +0000
ROA not before: Wed 01 Jan 2025 15:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209459
IP address blocks: 45.82.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:5c:95:71:d9:ec:58:46:bd:50:7a:46:eb:d3:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7785a30d8512d0d8ab637812b79fa4529a1ef1b
Validity
Not Before: Jan 1 15:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2dbd8a81cf7d1cfb4487c107f60ad4f454d04f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:15:b1:e2:39:60:e2:65:9e:73:3b:f1:f3:9d:
80:50:5f:12:a6:b5:53:9f:15:56:f4:10:18:d2:96:
7b:4d:6e:3c:d0:00:c1:c7:24:13:7c:d5:08:e5:80:
06:4e:5f:14:87:22:f0:de:4d:ca:61:ad:9c:e4:5d:
19:f1:84:f4:8f:af:f7:d0:4f:38:3f:45:3a:0b:13:
f0:8f:fa:a3:84:7e:1c:f4:d1:aa:96:89:88:37:0c:
92:4c:b9:97:b4:bc:6c:fd:74:bf:25:7c:fc:5e:02:
9f:9b:e2:8a:8c:d6:7e:fe:2a:6f:54:7c:5d:c5:f4:
b8:15:af:71:91:88:34:81:1f:37:cf:b6:4b:68:1b:
41:c4:b4:c3:9c:64:9a:2d:af:0b:55:d9:56:c4:bc:
52:89:93:5b:6c:02:fd:9b:f5:3e:b7:94:3d:c7:fe:
38:d8:20:c4:d5:3c:2a:53:47:b7:17:cc:7d:e7:97:
00:8e:53:d8:54:dd:61:7f:05:8a:8a:c5:f0:38:60:
77:56:b5:11:af:bb:50:6d:05:ff:b1:99:29:d7:58:
b3:46:bd:de:70:3f:16:9d:f2:c3:d5:a6:fd:19:82:
8c:35:d4:17:7f:84:0e:be:b6:3c:46:a3:ff:cf:67:
29:a7:66:08:1d:e3:0e:89:cf:db:49:b4:1b:b0:12:
69:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DB:D8:A8:1C:F7:D1:CF:B4:48:7C:10:7F:60:AD:4F:45:4D:04:F4
X509v3 Authority Key Identifier:
keyid:B7:78:5A:30:D8:51:2D:0D:8A:B6:37:81:2B:79:FA:45:29:A1:EF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3haMNhRLQ2KtjeBK3n6RSmh7xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/4tvYqBz30c-0SHwQf2CtT0VNBPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/t3haMNhRLQ2KtjeBK3n6RSmh7xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.136.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:1a:e3:00:be:f0:42:e0:8f:c9:42:56:d8:4d:71:25:3b:8c:
3b:99:d1:3b:49:be:82:aa:09:8f:31:02:70:15:8d:b2:67:b3:
7a:29:1d:c0:0b:1a:e0:24:10:f7:b2:71:0e:b5:e8:ed:d3:6a:
6e:7e:00:a1:53:55:ea:e2:9f:10:6b:f3:eb:a3:98:7e:eb:a3:
b2:58:51:0c:2f:4a:41:58:46:32:7b:1f:2a:25:90:2e:6e:d9:
f3:e2:e1:5b:35:a4:7e:3e:f5:03:a9:76:bd:9b:ec:84:ba:b6:
9a:a8:bc:66:28:61:d0:2b:e7:ae:9a:95:75:11:1d:e7:61:51:
b2:0d:02:83:21:65:1a:5e:ce:85:76:35:bd:be:b9:d6:bf:0e:
e8:43:03:b8:f1:64:2d:09:c0:50:b7:1c:2d:8d:4d:00:91:b7:
57:71:86:82:7f:df:8f:f4:78:af:5e:9d:2e:6c:0f:3b:1e:06:
2c:5e:cf:c2:2a:b8:ee:0c:6e:7d:52:32:1c:63:a0:2c:70:5a:
de:9d:7b:00:6f:c4:2f:53:57:5b:67:0f:38:95:15:cd:16:3a:
a4:d5:73:c6:0f:1d:8d:01:33:ca:e1:84:37:43:3d:af:92:e7:
ea:65:74:4f:cf:72:9a:69:8b:87:4e:36:66:84:18:ef:7e:b4:
41:39:50:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijVyVcdnsWEa9UHpG69PEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Nzg1YTMwZDg1MTJkMGQ4YWI2Mzc4MTJiNzlmYTQ1Mjlh
MWVmMWIwHhcNMjUwMTAxMTU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmRiZDhhODFjZjdkMWNmYjQ0ODdjMTA3ZjYwYWQ0ZjQ1NGQwNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xWx4jlg4mWeczvx852AUF8SprVT
nxVW9BAY0pZ7TW480ADBxyQTfNUI5YAGTl8UhyLw3k3KYa2c5F0Z8YT0j6/30E84
P0U6CxPwj/qjhH4c9NGqlomINwySTLmXtLxs/XS/JXz8XgKfm+KKjNZ+/ipvVHxd
xfS4Fa9xkYg0gR83z7ZLaBtBxLTDnGSaLa8LVdlWxLxSiZNbbAL9m/U+t5Q9x/44
2CDE1TwqU0e3F8x955cAjlPYVN1hfwWKisXwOGB3VrURr7tQbQX/sZkp11izRr3e
cD8WnfLD1ab9GYKMNdQXf4QOvrY8RqP/z2cpp2YIHeMOic/bSbQbsBJpAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLb2Kgc99HPtEh8EH9grU9FTQT0MB8GA1UdIwQY
MBaAFLd4WjDYUS0NirY3gSt5+kUpoe8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNoYU1OaFJMUTJLdGplQkszbjZSU21oN3hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy81NDMxN2QtMDk0ZS00ODIwLTk2NTEt
NjIxOWIzMjEyMmQwLzEvNHR2WXFCejMwYy0wU0h3UWYyQ3RUMFZOQlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy81NDMxN2QtMDk0ZS00ODIwLTk2NTEtNjIxOWIzMjEyMmQw
LzEvdDNoYU1OaFJMUTJLdGplQkszbjZSU21oN3hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKIMA0G
CSqGSIb3DQEBCwUAA4IBAQAeGuMAvvBC4I/JQlbYTXElO4w7mdE7Sb6CqgmPMQJw
FY2yZ7N6KR3ACxrgJBD3snEOtejt02pufgChU1Xq4p8Qa/Pro5h+66OyWFEML0pB
WEYyex8qJZAubtnz4uFbNaR+PvUDqXa9m+yEuraaqLxmKGHQK+eumpV1ER3nYVGy
DQKDIWUaXs6FdjW9vrnWvw7oQwO48WQtCcBQtxwtjU0AkbdXcYaCf9+P9HivXp0u
bA87HgYsXs/CKrjuDG59UjIcY6AscFrenXsAb8QvU1dbZw84lRXNFjqk1XPGDx2N
ATPK4YQ3Qz2vkufqZXRPz3KaaYuHTjZmhBjvfrRBOVDM
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:08:44 2025 by rpki-client