Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/5BiiR8tyxMqnVkrCR-JVCe5thJE.roa
File: 5BiiR8tyxMqnVkrCR-JVCe5thJE.roa (raw, json)
Hash identifier: Hg2Lr4BrUeLiGXPiTTswxDVsunI16iUbiaP/wD6FGp4=
Subject key identifier: E4:18:A2:47:CB:72:C4:CA:A7:56:4A:C2:47:E2:55:09:EE:6D:84:91
Certificate issuer: /CN=b7785a30d8512d0d8ab637812b79fa4529a1ef1b
Certificate serial: 0194228D5C2BB9FBE59F9A3F8B502E4AEDB3
Authority key identifier: B7:78:5A:30:D8:51:2D:0D:8A:B6:37:81:2B:79:FA:45:29:A1:EF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3haMNhRLQ2KtjeBK3n6RSmh7xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/5BiiR8tyxMqnVkrCR-JVCe5thJE.roa
Signing time: Wed 01 Jan 2025 15:47:57 +0000
ROA not before: Wed 01 Jan 2025 15:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208006
IP address blocks: 45.82.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:5c:2b:b9:fb:e5:9f:9a:3f:8b:50:2e:4a:ed:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7785a30d8512d0d8ab637812b79fa4529a1ef1b
Validity
Not Before: Jan 1 15:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e418a247cb72c4caa7564ac247e25509ee6d8491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:06:c3:3f:2b:2d:f4:59:07:75:1b:e9:33:d1:
e8:d3:10:15:a8:59:c3:8c:a5:ef:f8:30:ab:0c:60:
5d:8b:67:e0:3e:19:78:7d:0d:07:8a:d1:98:c2:8f:
c2:64:40:1b:a7:24:82:97:0f:9b:1c:0c:7d:21:1d:
75:a8:f3:41:31:87:af:47:db:6d:33:2e:b1:3d:12:
bf:ab:aa:f0:45:f4:d1:a5:c8:d9:88:b8:22:34:31:
e8:a4:52:0e:b4:7c:87:78:a4:46:b2:5d:90:31:2b:
10:85:b4:1b:23:e9:f5:96:9d:c5:70:d6:ee:27:11:
d0:f7:fb:f7:27:39:bf:61:e8:6f:f5:ab:d7:6f:08:
f7:f5:ac:5d:1b:4a:58:b5:7d:64:b4:e1:6b:b6:cb:
29:fb:ed:73:55:2c:99:04:f0:7b:07:cb:47:09:bc:
9f:34:25:6e:df:08:0d:46:a5:6f:c1:2a:e6:46:a3:
20:89:a9:0c:c2:e7:c5:13:6d:e0:46:17:01:62:ca:
b8:29:5b:a3:b4:c2:44:88:53:1a:13:db:29:fc:7c:
c7:84:9a:28:42:ec:ea:81:2e:39:6f:7d:c0:e6:6a:
41:57:51:bd:d1:16:18:e0:ab:2f:1e:c2:0c:d2:25:
09:f4:0f:14:27:82:23:17:d5:0d:8b:36:10:bd:ae:
8c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:18:A2:47:CB:72:C4:CA:A7:56:4A:C2:47:E2:55:09:EE:6D:84:91
X509v3 Authority Key Identifier:
keyid:B7:78:5A:30:D8:51:2D:0D:8A:B6:37:81:2B:79:FA:45:29:A1:EF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3haMNhRLQ2KtjeBK3n6RSmh7xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/5BiiR8tyxMqnVkrCR-JVCe5thJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/54317d-094e-4820-9651-6219b32122d0/1/t3haMNhRLQ2KtjeBK3n6RSmh7xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:38:3f:59:2d:81:a7:e8:bf:2c:e6:46:c3:9a:15:99:bf:d3:
8b:49:9f:cc:fb:a1:f2:b5:92:44:11:7a:8b:05:a5:b3:cb:05:
e2:8f:72:c6:01:cb:74:2e:db:de:23:9f:08:db:d7:80:28:91:
1c:90:7a:47:fd:56:19:9b:8b:29:9a:f4:da:59:49:be:f6:ec:
86:fd:b6:54:ad:90:af:f6:e7:c2:09:a2:4f:d0:70:dd:08:be:
9c:61:e5:ce:7d:c8:66:ac:70:dc:f8:ce:d2:50:90:27:c6:dc:
8e:bd:2c:1a:0f:75:65:ae:ec:ea:30:e2:99:d8:2b:e0:13:dc:
61:56:32:50:8a:8c:04:6f:a5:b9:08:8e:9f:77:b2:08:96:bb:
c0:70:59:e8:56:5a:97:c6:bd:c1:f9:06:53:f7:9d:53:29:b8:
12:b7:ce:16:96:a1:3b:08:9d:a1:b6:89:d6:a7:5b:88:18:d2:
c8:32:c8:30:d8:e6:8d:08:1a:99:ef:70:1f:b2:e8:6a:f6:13:
c8:06:32:1f:74:b0:1b:23:7b:4f:f9:d9:ed:e0:62:37:82:1e:
09:66:54:52:1b:5f:cb:47:d9:25:8b:a1:a7:5a:08:a3:37:a6:
7f:69:c9:19:1c:4a:ec:1d:9a:d8:bd:55:62:40:bd:8c:25:46:
7b:97:2b:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijVwrufvln5o/i1AuSu2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Nzg1YTMwZDg1MTJkMGQ4YWI2Mzc4MTJiNzlmYTQ1Mjlh
MWVmMWIwHhcNMjUwMTAxMTU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDE4YTI0N2NiNzJjNGNhYTc1NjRhYzI0N2UyNTUwOWVlNmQ4NDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugbDPyst9FkHdRvpM9Ho0xAVqFnD
jKXv+DCrDGBdi2fgPhl4fQ0HitGYwo/CZEAbpySClw+bHAx9IR11qPNBMYevR9tt
My6xPRK/q6rwRfTRpcjZiLgiNDHopFIOtHyHeKRGsl2QMSsQhbQbI+n1lp3FcNbu
JxHQ9/v3Jzm/Yehv9avXbwj39axdG0pYtX1ktOFrtssp++1zVSyZBPB7B8tHCbyf
NCVu3wgNRqVvwSrmRqMgiakMwufFE23gRhcBYsq4KVujtMJEiFMaE9sp/HzHhJoo
QuzqgS45b33A5mpBV1G90RYY4KsvHsIM0iUJ9A8UJ4IjF9UNizYQva6MfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQYokfLcsTKp1ZKwkfiVQnubYSRMB8GA1UdIwQY
MBaAFLd4WjDYUS0NirY3gSt5+kUpoe8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNoYU1OaFJMUTJLdGplQkszbjZSU21oN3hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy81NDMxN2QtMDk0ZS00ODIwLTk2NTEt
NjIxOWIzMjEyMmQwLzEvNUJpaVI4dHl4TXFuVmtyQ1ItSlZDZTV0aEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy81NDMxN2QtMDk0ZS00ODIwLTk2NTEtNjIxOWIzMjEyMmQw
LzEvdDNoYU1OaFJMUTJLdGplQkszbjZSU21oN3hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKIMA0G
CSqGSIb3DQEBCwUAA4IBAQB6OD9ZLYGn6L8s5kbDmhWZv9OLSZ/M+6HytZJEEXqL
BaWzywXij3LGAct0LtveI58I29eAKJEckHpH/VYZm4spmvTaWUm+9uyG/bZUrZCv
9ufCCaJP0HDdCL6cYeXOfchmrHDc+M7SUJAnxtyOvSwaD3VlruzqMOKZ2CvgE9xh
VjJQiowEb6W5CI6fd7IIlrvAcFnoVlqXxr3B+QZT951TKbgSt84WlqE7CJ2htonW
p1uIGNLIMsgw2OaNCBqZ73Afsuhq9hPIBjIfdLAbI3tP+dnt4GI3gh4JZlRSG1/L
R9kli6GnWgijN6Z/ackZHErsHZrYvVViQL2MJUZ7lyvW
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:55:00 2025 by rpki-client