Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/SHESx2HqUfWZxboQ6jP2hImYKmU.roa
File: SHESx2HqUfWZxboQ6jP2hImYKmU.roa (raw, json)
Hash identifier: OlCdziBdwRc0FY5ejIFVQ8Nt867ISEKKLNxKfPnLzFA=
Subject key identifier: 48:71:12:C7:61:EA:51:F5:99:C5:BA:10:EA:33:F6:84:89:98:2A:65
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 019421B198E5B4A16C7B2810633C2D9C61F8
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/SHESx2HqUfWZxboQ6jP2hImYKmU.roa
Signing time: Wed 01 Jan 2025 11:47:54 +0000
ROA not before: Wed 01 Jan 2025 11:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50565
IP address blocks: 45.143.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:98:e5:b4:a1:6c:7b:28:10:63:3c:2d:9c:61:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jan 1 11:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=487112c761ea51f599c5ba10ea33f68489982a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:aa:e3:13:d6:b3:a9:f4:96:e9:8d:4e:79:3d:
62:cf:39:60:da:ed:33:9b:c4:f4:e4:10:73:53:f0:
d5:5f:0e:87:81:ba:9e:81:6e:86:cf:3e:3a:b7:7e:
be:3b:ea:cf:f0:84:01:ee:ea:d1:5b:ea:86:d8:b8:
d0:a1:26:0a:87:78:6c:3e:31:a7:23:66:5d:84:9a:
2b:4c:9f:14:03:30:60:ba:0c:2e:5f:1b:87:1a:74:
07:09:1d:a5:69:1f:a9:5b:b8:37:c1:6b:3d:d8:0d:
da:75:af:1a:54:97:79:5a:18:e4:64:37:40:19:1c:
7c:cb:55:cf:e7:dc:f7:07:c9:ae:bd:31:91:dc:cf:
5e:bd:df:19:0a:5f:97:89:6d:11:e0:51:d3:bf:a8:
2a:24:2f:85:b3:34:25:80:ab:16:01:4f:69:66:f8:
51:b1:bb:5a:71:ed:7e:9e:1a:53:36:12:81:f3:15:
ed:bd:17:46:ca:3b:35:a4:82:f2:bb:4d:17:fb:f8:
ea:57:a3:d0:6f:92:c1:76:34:db:c0:d8:a7:b3:b8:
c4:b9:c4:7b:18:05:5b:1f:02:01:3a:e3:9b:59:65:
e8:58:c4:6c:47:7a:ec:6e:37:4b:14:92:db:b1:b7:
8d:4b:52:13:d8:2e:06:97:db:94:a2:30:14:45:ab:
9a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:71:12:C7:61:EA:51:F5:99:C5:BA:10:EA:33:F6:84:89:98:2A:65
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/SHESx2HqUfWZxboQ6jP2hImYKmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.97.0/24
Signature Algorithm: sha256WithRSAEncryption
60:b5:0e:76:1f:8b:50:d1:a7:e3:b7:bb:9f:01:b4:a3:05:90:
de:ea:e3:bd:8f:83:ca:74:04:67:97:ac:39:e7:d6:ad:6f:9c:
3c:e0:4a:0d:7e:5b:d1:d0:bb:b6:7c:e7:7a:13:39:b8:72:3c:
0c:2a:82:6a:ac:4a:91:6e:5a:7a:56:dc:c7:42:61:0e:2a:02:
fe:fa:96:54:fe:3f:f8:0a:ec:19:92:85:c9:c1:8c:6b:4e:55:
61:c3:b8:23:c7:24:a0:83:0f:cb:df:8d:0a:d3:f5:9d:e2:07:
d4:12:53:b5:11:b4:ea:50:f2:8e:62:c8:28:e9:ac:93:77:ba:
c5:92:63:1a:fd:df:a9:06:5c:44:5c:a2:8a:f5:e5:c1:02:af:
62:a2:4a:f0:e8:32:43:dd:9a:6f:7f:59:fb:e3:ef:4b:45:be:
10:52:84:12:ed:ff:41:96:68:37:97:8a:2a:94:f1:c2:be:ba:
cd:ad:a0:1e:d9:d4:8e:5d:36:cc:fd:91:ea:63:86:af:13:d8:
a1:b0:17:83:50:72:1a:fa:86:84:23:2e:14:81:65:f5:8c:c6:
52:7a:41:52:11:c9:49:0b:c6:b5:ea:f9:f9:6d:18:e1:db:39:
20:99:cf:00:8e:14:ca:76:44:86:e9:75:9b:d7:84:cb:55:68:
82:ca:3e:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsZjltKFseygQYzwtnGH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwMTAxMTE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODcxMTJjNzYxZWE1MWY1OTljNWJhMTBlYTMzZjY4NDg5OTgyYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvarjE9azqfSW6Y1OeT1izzlg2u0z
m8T05BBzU/DVXw6HgbqegW6Gzz46t36+O+rP8IQB7urRW+qG2LjQoSYKh3hsPjGn
I2ZdhJorTJ8UAzBgugwuXxuHGnQHCR2laR+pW7g3wWs92A3ada8aVJd5WhjkZDdA
GRx8y1XP59z3B8muvTGR3M9evd8ZCl+XiW0R4FHTv6gqJC+FszQlgKsWAU9pZvhR
sbtace1+nhpTNhKB8xXtvRdGyjs1pILyu00X+/jqV6PQb5LBdjTbwNins7jEucR7
GAVbHwIBOuObWWXoWMRsR3rsbjdLFJLbsbeNS1IT2C4Gl9uUojAURaua6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhxEsdh6lH1mcW6EOoz9oSJmCplMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvU0hFU3gySHFVZldaeGJvUTZqUDJoSW1ZS21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY9hMA0G
CSqGSIb3DQEBCwUAA4IBAQBgtQ52H4tQ0afjt7ufAbSjBZDe6uO9j4PKdARnl6w5
59atb5w84EoNflvR0Lu2fOd6Ezm4cjwMKoJqrEqRblp6VtzHQmEOKgL++pZU/j/4
CuwZkoXJwYxrTlVhw7gjxySggw/L340K0/Wd4gfUElO1EbTqUPKOYsgo6ayTd7rF
kmMa/d+pBlxEXKKK9eXBAq9iokrw6DJD3Zpvf1n74+9LRb4QUoQS7f9Blmg3l4oq
lPHCvrrNraAe2dSOXTbM/ZHqY4avE9ihsBeDUHIa+oaEIy4UgWX1jMZSekFSEclJ
C8a16vn5bRjh2zkgmc8AjhTKdkSG6XWb14TLVWiCyj6c
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:12:49 2025 by rpki-client