Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/851708-19f9-4ecc-a442-0ce3a2efc8dd/1/ci7D-gavzkR5lRu-Y8rw6gTVt8k.roa
File: ci7D-gavzkR5lRu-Y8rw6gTVt8k.roa (raw, json)
Hash identifier: e5+WwJtdUyHAODWheWNyNbbf9/GmybmxPgwjpdHpaL8=
Subject key identifier: 72:2E:C3:FA:06:AF:CE:44:79:95:1B:BE:63:CA:F0:EA:04:D5:B7:C9
Certificate issuer: /CN=525915b4c72407afb7941e5be294ac7133b107b3
Certificate serial: 019421B21DE0832E13098F31904EF48FF7C2
Authority key identifier: 52:59:15:B4:C7:24:07:AF:B7:94:1E:5B:E2:94:AC:71:33:B1:07:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UlkVtMckB6-3lB5b4pSscTOxB7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/851708-19f9-4ecc-a442-0ce3a2efc8dd/1/ci7D-gavzkR5lRu-Y8rw6gTVt8k.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44683
IP address blocks: 45.152.244.0/22 maxlen: 22
2a0f:6d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1d:e0:83:2e:13:09:8f:31:90:4e:f4:8f:f7:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=525915b4c72407afb7941e5be294ac7133b107b3
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=722ec3fa06afce4479951bbe63caf0ea04d5b7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:63:26:89:48:f1:51:7d:45:81:eb:a8:f9:34:
bc:88:9f:3f:18:d7:d2:29:96:0e:89:82:cf:e2:b0:
91:56:0d:6f:51:45:18:54:4e:3e:f5:fa:b4:e9:35:
3e:89:d3:91:54:63:96:52:89:4c:39:82:11:27:e6:
ca:2e:ea:55:95:2c:62:bb:89:e7:a4:5a:07:32:25:
f6:56:a3:10:51:00:06:bd:9e:3c:d8:56:18:a1:56:
5f:3a:c6:fb:e7:2a:45:5f:4b:65:63:80:8c:7a:e6:
f7:1e:05:af:de:d0:97:8f:22:46:61:ad:02:4f:08:
a7:a0:c9:e2:9f:04:79:48:53:0c:b3:e7:0a:b3:44:
40:10:1e:99:00:b4:71:0f:6b:eb:d7:f4:75:66:ab:
70:bb:78:88:67:b0:5c:da:e2:52:9b:4b:69:5e:48:
ca:13:fb:10:43:22:4d:82:e4:40:a2:98:0f:c3:29:
29:a6:3b:e0:14:76:65:bc:cb:a4:ad:70:e3:a7:c1:
d8:72:4c:7c:3c:86:23:6e:24:8b:3b:67:f4:13:26:
ab:48:dc:88:fa:1b:83:74:d2:bb:1c:65:4c:6f:09:
9b:35:f5:53:8c:ec:65:f0:81:fb:72:3b:9e:5c:dd:
b3:09:c5:0f:5b:c2:b3:fd:8f:96:58:b6:f6:03:6d:
9e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2E:C3:FA:06:AF:CE:44:79:95:1B:BE:63:CA:F0:EA:04:D5:B7:C9
X509v3 Authority Key Identifier:
keyid:52:59:15:B4:C7:24:07:AF:B7:94:1E:5B:E2:94:AC:71:33:B1:07:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlkVtMckB6-3lB5b4pSscTOxB7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/851708-19f9-4ecc-a442-0ce3a2efc8dd/1/ci7D-gavzkR5lRu-Y8rw6gTVt8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/851708-19f9-4ecc-a442-0ce3a2efc8dd/1/UlkVtMckB6-3lB5b4pSscTOxB7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.244.0/22
IPv6:
2a0f:6d00::/29
Signature Algorithm: sha256WithRSAEncryption
4f:ca:0f:de:b9:6d:3b:65:e5:32:6a:9a:37:9c:17:57:60:ac:
e1:6d:f9:d8:8a:df:e0:ef:77:3c:20:7d:af:c8:1a:27:51:5d:
a4:58:23:1f:6d:98:9a:83:86:3c:85:13:41:ce:da:38:ae:e9:
e2:70:ad:21:d1:79:10:2e:b1:7c:ed:20:b2:2a:be:92:d7:69:
8c:2f:95:e3:20:e7:69:69:3d:08:9d:b2:84:43:36:b3:33:24:
c4:e5:6b:e2:0d:3d:8f:fe:32:0d:12:40:b8:6f:85:23:33:33:
bc:e9:58:e7:85:19:da:96:a6:88:f1:77:1a:f0:a9:02:f3:fc:
6b:88:eb:f3:df:39:8e:16:84:77:ee:e2:cf:ff:ff:60:ed:37:
c7:1c:a0:3c:6b:c5:6f:96:f1:09:43:31:7e:0c:77:6c:46:78:
97:22:32:5a:91:6e:22:1e:85:25:30:47:bf:49:c0:ac:f7:b5:
c4:c2:41:0a:4c:9a:ba:9e:bf:8f:ab:33:53:d5:ce:d6:c5:e6:
79:15:87:db:1f:54:88:ee:47:92:28:66:96:9d:e2:54:81:b7:
25:18:6d:45:ce:e3:ff:de:6a:91:78:af:a4:58:1f:c7:ee:7a:
c9:ae:d5:82:39:01:70:7d:a3:6b:f9:60:8b:98:93:5a:a9:2d:
73:f9:91:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsh3ggy4TCY8xkE70j/fCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTkxNWI0YzcyNDA3YWZiNzk0MWU1YmUyOTRhYzcxMzNi
MTA3YjMwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJlYzNmYTA2YWZjZTQ0Nzk5NTFiYmU2M2NhZjBlYTA0ZDViN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWMmiUjxUX1Fgeuo+TS8iJ8/GNfS
KZYOiYLP4rCRVg1vUUUYVE4+9fq06TU+idORVGOWUolMOYIRJ+bKLupVlSxiu4nn
pFoHMiX2VqMQUQAGvZ482FYYoVZfOsb75ypFX0tlY4CMeub3HgWv3tCXjyJGYa0C
TwinoMninwR5SFMMs+cKs0RAEB6ZALRxD2vr1/R1Zqtwu3iIZ7Bc2uJSm0tpXkjK
E/sQQyJNguRAopgPwykppjvgFHZlvMukrXDjp8HYckx8PIYjbiSLO2f0EyarSNyI
+huDdNK7HGVMbwmbNfVTjOxl8IH7cjueXN2zCcUPW8Kz/Y+WWLb2A22e1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHIuw/oGr85EeZUbvmPK8OoE1bfJMB8GA1UdIwQY
MBaAFFJZFbTHJAevt5QeW+KUrHEzsQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxrVnRNY2tCNi0zbEI1YjRwU3NjVE94QjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS84NTE3MDgtMTlmOS00ZWNjLWE0NDIt
MGNlM2EyZWZjOGRkLzEvY2k3RC1nYXZ6a1I1bFJ1LVk4cnc2Z1RWdDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS84NTE3MDgtMTlmOS00ZWNjLWE0NDItMGNlM2EyZWZjOGRk
LzEvVWxrVnRNY2tCNi0zbEI1YjRwU3NjVE94QjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZj0MA0E
AgACMAcDBQMqD20AMA0GCSqGSIb3DQEBCwUAA4IBAQBPyg/euW07ZeUyapo3nBdX
YKzhbfnYit/g73c8IH2vyBonUV2kWCMfbZiag4Y8hRNBzto4runicK0h0XkQLrF8
7SCyKr6S12mML5XjIOdpaT0InbKEQzazMyTE5WviDT2P/jINEkC4b4UjMzO86Vjn
hRnalqaI8Xca8KkC8/xriOvz3zmOFoR37uLP//9g7TfHHKA8a8VvlvEJQzF+DHds
RniXIjJakW4iHoUlMEe/ScCs97XEwkEKTJq6nr+PqzNT1c7WxeZ5FYfbH1SI7keS
KGaWneJUgbclGG1FzuP/3mqReK+kWB/H7nrJrtWCOQFwfaNr+WCLmJNaqS1z+ZEv
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:27:25 2025 by rpki-client