Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/kFp1ntirY-_nRj5W9JqqX1ydSnU.roa
File: kFp1ntirY-_nRj5W9JqqX1ydSnU.roa (raw, json)
Hash identifier: NWOTQpr3hkXHB9fkn9UXRHKGkCwc9Gafyc4Z5IuHimc=
Subject key identifier: 90:5A:75:9E:D8:AB:63:EF:E7:46:3E:56:F4:9A:AA:5F:5C:9D:4A:75
Certificate issuer: /CN=d485b6e9d89fb010369971ed88857205985d4918
Certificate serial: 0194258F5F018BEE3EEE195145BAA40974FB
Authority key identifier: D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/kFp1ntirY-_nRj5W9JqqX1ydSnU.roa
Signing time: Thu 02 Jan 2025 05:49:00 +0000
ROA not before: Thu 02 Jan 2025 05:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208725
IP address blocks: 45.87.76.0/22 maxlen: 22
2a0e:f780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5f:01:8b:ee:3e:ee:19:51:45:ba:a4:09:74:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d485b6e9d89fb010369971ed88857205985d4918
Validity
Not Before: Jan 2 05:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=905a759ed8ab63efe7463e56f49aaa5f5c9d4a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:da:11:e0:3d:e1:83:c6:2d:9e:05:82:5c:54:
b8:dc:b7:42:5a:30:9f:5b:bc:fd:fe:55:70:03:34:
93:6d:05:32:62:cc:cd:9d:b0:a9:c4:1d:ac:42:4b:
1a:18:fe:91:ff:07:98:23:8d:df:8d:c5:49:02:0b:
49:41:22:fe:1f:3b:6b:85:b9:ff:66:51:94:10:29:
a5:b4:c6:84:19:bc:27:cf:7e:76:84:04:20:8c:43:
51:be:e9:12:11:dc:26:1c:b6:b7:83:e5:ff:b7:c4:
b1:86:31:a9:b6:fd:20:74:b4:56:6e:83:bb:8a:aa:
03:44:0c:00:73:44:d3:59:f0:fd:ed:ee:95:f4:39:
19:8c:c2:02:7d:65:5a:54:6f:72:08:a0:5b:71:83:
98:77:02:6d:78:f2:b7:9c:76:ef:f8:7d:e2:36:ea:
02:6a:1e:1a:a9:3b:4a:5b:84:fb:9c:f1:d4:9a:79:
2e:85:01:db:22:3c:80:e1:41:52:1b:97:3d:38:74:
0d:68:92:c0:d7:ab:65:56:6a:33:98:60:35:6b:5b:
a3:86:b8:59:d6:26:49:49:43:8d:98:07:0b:c4:36:
8f:86:3b:02:ff:60:bf:3f:74:2f:44:54:cd:cd:6a:
b6:c8:56:cd:a2:0e:29:15:f6:cb:f1:16:5c:39:48:
9c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:5A:75:9E:D8:AB:63:EF:E7:46:3E:56:F4:9A:AA:5F:5C:9D:4A:75
X509v3 Authority Key Identifier:
keyid:D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/kFp1ntirY-_nRj5W9JqqX1ydSnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.76.0/22
IPv6:
2a0e:f780::/29
Signature Algorithm: sha256WithRSAEncryption
5d:bf:e4:07:58:94:37:1c:78:b1:b1:3b:3f:d9:ed:54:d5:db:
87:5a:18:71:e9:61:aa:6f:df:65:9e:71:e4:79:8a:46:45:22:
d9:c5:2d:46:01:29:51:e6:45:54:91:fe:9b:cf:5a:ff:ad:cd:
63:14:b9:5d:cb:69:29:74:e5:fc:a0:a5:7c:3a:f5:2f:aa:1d:
02:fc:43:3e:ba:aa:9c:8a:d8:bc:85:2e:70:1f:7c:ce:0b:06:
70:c6:15:7d:af:8a:79:a4:19:e0:8d:4d:85:9b:04:78:2e:f3:
07:65:fa:18:be:98:1d:4f:5f:93:58:e6:e9:ce:18:15:68:93:
6b:b3:e6:43:7b:0e:62:2f:78:c7:f4:42:6c:a7:ab:ca:d6:fe:
e2:a2:f7:50:58:cb:11:f8:dd:61:ca:bb:0e:7f:b5:c9:f7:b0:
55:ee:68:31:5b:89:29:96:22:8a:65:0b:fd:61:c6:81:a2:9b:
4f:cc:c6:76:38:4c:54:d2:70:c2:15:11:3f:1e:b1:ee:28:06:
b6:13:b2:3a:18:dd:54:c2:03:f3:19:f6:99:18:84:0e:1e:e3:
d8:ac:bf:07:2b:23:38:e1:52:84:13:fc:52:d4:64:9b:72:03:
6f:86:1e:66:61:18:41:d5:d7:f1:f1:ca:99:af:71:87:f5:40:
a4:30:d2:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj18Bi+4+7hlRRbqkCXT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODViNmU5ZDg5ZmIwMTAzNjk5NzFlZDg4ODU3MjA1OTg1
ZDQ5MTgwHhcNMjUwMTAyMDU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDVhNzU5ZWQ4YWI2M2VmZTc0NjNlNTZmNDlhYWE1ZjVjOWQ0YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtoR4D3hg8YtngWCXFS43LdCWjCf
W7z9/lVwAzSTbQUyYszNnbCpxB2sQksaGP6R/weYI43fjcVJAgtJQSL+Hztrhbn/
ZlGUECmltMaEGbwnz352hAQgjENRvukSEdwmHLa3g+X/t8SxhjGptv0gdLRWboO7
iqoDRAwAc0TTWfD97e6V9DkZjMICfWVaVG9yCKBbcYOYdwJtePK3nHbv+H3iNuoC
ah4aqTtKW4T7nPHUmnkuhQHbIjyA4UFSG5c9OHQNaJLA16tlVmozmGA1a1ujhrhZ
1iZJSUONmAcLxDaPhjsC/2C/P3QvRFTNzWq2yFbNog4pFfbL8RZcOUiczQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJBadZ7Yq2Pv50Y+VvSaql9cnUp1MB8GA1UdIwQY
MBaAFNSFtunYn7AQNplx7YiFcgWYXUkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlXMjZkaWZzQkEybVhIdGlJVnlCWmhkU1JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84NTg5MTAtYzUwMS00NTljLWEzMTMt
N2FjNjgwZWQ1ZGQ3LzEva0ZwMW50aXJZLV9uUmo1VzlKcXFYMXlkU25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84NTg5MTAtYzUwMS00NTljLWEzMTMtN2FjNjgwZWQ1ZGQ3
LzEvMUlXMjZkaWZzQkEybVhIdGlJVnlCWmhkU1JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVdMMA0E
AgACMAcDBQMqDveAMA0GCSqGSIb3DQEBCwUAA4IBAQBdv+QHWJQ3HHixsTs/2e1U
1duHWhhx6WGqb99lnnHkeYpGRSLZxS1GASlR5kVUkf6bz1r/rc1jFLldy2kpdOX8
oKV8OvUvqh0C/EM+uqqciti8hS5wH3zOCwZwxhV9r4p5pBngjU2FmwR4LvMHZfoY
vpgdT1+TWObpzhgVaJNrs+ZDew5iL3jH9EJsp6vK1v7iovdQWMsR+N1hyrsOf7XJ
97BV7mgxW4kpliKKZQv9YcaBoptPzMZ2OExU0nDCFRE/HrHuKAa2E7I6GN1UwgPz
GfaZGIQOHuPYrL8HKyM44VKEE/xS1GSbcgNvhh5mYRhB1dfx8cqZr3GH9UCkMNLg
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:45:07 2025 by rpki-client