Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/aTmEQc7rZSqiS9xlo8D5J910hiA.roa
File: aTmEQc7rZSqiS9xlo8D5J910hiA.roa (raw, json)
Hash identifier: gp8EnuKJWDEH/vTaQx7oV8ya6rcqLHa/Gr9Zkh0GUXA=
Subject key identifier: 69:39:84:41:CE:EB:65:2A:A2:4B:DC:65:A3:C0:F9:27:DD:74:86:20
Certificate issuer: /CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Certificate serial: 0194274719AA867C809CB1ABA156729B71AA
Authority key identifier: 78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/aTmEQc7rZSqiS9xlo8D5J910hiA.roa
Signing time: Thu 02 Jan 2025 13:49:18 +0000
ROA not before: Thu 02 Jan 2025 13:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41634
IP address blocks: 45.154.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:19:aa:86:7c:80:9c:b1:ab:a1:56:72:9b:71:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Validity
Not Before: Jan 2 13:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69398441ceeb652aa24bdc65a3c0f927dd748620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:49:d0:1e:ad:84:c9:99:38:26:5d:2c:0b:1b:
d6:8d:63:e5:db:1b:84:93:7c:37:70:e9:d1:9e:87:
80:26:b4:ae:ce:bb:f5:b6:2d:49:80:5b:67:b1:44:
b1:e9:69:d2:7a:cf:5c:01:d2:5d:f0:8d:02:fb:4f:
d5:b9:f8:b7:5f:4f:2f:eb:24:55:7a:ef:04:81:26:
8b:0d:70:92:67:97:7b:41:7d:86:cc:71:b8:3c:4e:
eb:9d:64:86:4f:64:84:66:05:12:db:b0:49:68:9e:
53:36:96:27:74:82:4f:04:e9:c7:ef:8d:fb:3a:68:
36:63:44:60:5e:b8:70:1f:36:4e:2e:80:e1:e4:e2:
66:75:73:72:db:e0:fa:60:f2:89:fe:3d:7e:f1:2f:
fa:58:03:a4:6d:63:0e:64:70:2b:00:a1:b6:9f:d4:
47:05:d8:bb:51:e0:6f:cf:e8:d9:40:4e:52:c3:32:
05:c1:6c:24:ed:6f:cc:b3:b0:48:23:88:8a:7f:10:
95:e9:7f:1e:2c:bf:e8:dd:38:cf:df:f3:68:74:9b:
a9:52:5b:41:51:28:ef:fb:15:25:83:eb:f9:0e:5e:
41:0a:d1:86:dc:1e:6f:41:57:c9:a8:4a:08:88:94:
77:c0:64:56:9c:c4:a4:d8:d9:71:e8:fd:d8:ac:44:
f4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:39:84:41:CE:EB:65:2A:A2:4B:DC:65:A3:C0:F9:27:DD:74:86:20
X509v3 Authority Key Identifier:
keyid:78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/aTmEQc7rZSqiS9xlo8D5J910hiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.253.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:0e:41:91:28:ed:01:c7:b3:af:ea:50:a6:00:1a:3e:11:a5:
a5:f9:06:f9:5f:97:83:a2:2f:5a:66:2f:1b:db:ca:d5:c3:28:
3f:54:aa:11:9a:9a:4b:58:07:17:22:4f:4a:3c:f0:f2:28:fa:
84:c7:f6:36:a8:24:e6:f1:bb:4a:2b:3b:b5:cd:75:94:68:bc:
c5:26:ed:ae:e6:0f:59:0d:58:e6:c1:82:da:21:9d:e2:b8:ed:
f2:ed:95:8a:74:89:f1:a3:4e:78:8d:9f:fa:97:d7:d9:b2:3f:
1d:bc:9c:bc:cd:f6:99:dd:d9:0e:a3:d6:47:e5:f0:d2:21:43:
ad:54:df:d0:7b:c2:5d:57:ec:10:28:49:8a:6f:81:51:35:79:
2b:f0:ee:91:d3:02:4e:1c:1f:12:04:0f:8d:9e:dd:78:20:f8:
d5:4c:82:e2:8d:ed:bc:4e:3b:6e:34:b8:71:a4:2b:d6:77:52:
a3:bc:2b:ce:ba:b6:b3:d4:b6:69:30:3b:81:d9:6a:b6:ac:a7:
af:51:d3:c3:fb:c6:ed:d6:93:6b:06:4c:84:35:2f:00:2e:85:
6c:ba:60:64:9b:1a:4a:8c:80:7f:8d:a2:b9:46:13:ba:c9:c8:
ae:9d:66:85:13:28:4b:6d:ab:b2:4f:6c:2e:dd:da:0d:c7:09:
9f:45:c8:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRxmqhnyAnLGroVZym3GqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2UzMWNlNWQ1MDFkMWE5NGFmZGFiYmQ0ZTAyNGNjMmE3
ODhlZjUwHhcNMjUwMTAyMTM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM5ODQ0MWNlZWI2NTJhYTI0YmRjNjVhM2MwZjkyN2RkNzQ4NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20nQHq2EyZk4Jl0sCxvWjWPl2xuE
k3w3cOnRnoeAJrSuzrv1ti1JgFtnsUSx6WnSes9cAdJd8I0C+0/Vufi3X08v6yRV
eu8EgSaLDXCSZ5d7QX2GzHG4PE7rnWSGT2SEZgUS27BJaJ5TNpYndIJPBOnH7437
Omg2Y0RgXrhwHzZOLoDh5OJmdXNy2+D6YPKJ/j1+8S/6WAOkbWMOZHArAKG2n9RH
Bdi7UeBvz+jZQE5SwzIFwWwk7W/Ms7BII4iKfxCV6X8eLL/o3TjP3/NodJupUltB
USjv+xUlg+v5Dl5BCtGG3B5vQVfJqEoIiJR3wGRWnMSk2Nlx6P3YrET05wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGk5hEHO62UqokvcZaPA+SfddIYgMB8GA1UdIwQY
MBaAFHh+Mc5dUB0alK/au9TgJMwqeI71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUt
MjMwN2JiNTkyMjVmLzEvYVRtRVFjN3JaU3FpUzl4bG84RDVKOTEwaGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUtMjMwN2JiNTkyMjVm
LzEvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZr9MA0G
CSqGSIb3DQEBCwUAA4IBAQBsDkGRKO0Bx7Ov6lCmABo+EaWl+Qb5X5eDoi9aZi8b
28rVwyg/VKoRmppLWAcXIk9KPPDyKPqEx/Y2qCTm8btKKzu1zXWUaLzFJu2u5g9Z
DVjmwYLaIZ3iuO3y7ZWKdInxo054jZ/6l9fZsj8dvJy8zfaZ3dkOo9ZH5fDSIUOt
VN/Qe8JdV+wQKEmKb4FRNXkr8O6R0wJOHB8SBA+Nnt14IPjVTILije28TjtuNLhx
pCvWd1KjvCvOuraz1LZpMDuB2Wq2rKevUdPD+8bt1pNrBkyENS8ALoVsumBkmxpK
jIB/jaK5RhO6yciunWaFEyhLbauyT2wu3doNxwmfRcht
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:09:49 2025 by rpki-client