Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/_NGd2dVtQzthWCISF-Y9kIv0e2s.roa
File: _NGd2dVtQzthWCISF-Y9kIv0e2s.roa (raw, json)
Hash identifier: AShb2mdu/vRA1Xh3lQqV4RVoMvbduHSzrk68dqeVwU0=
Subject key identifier: FC:D1:9D:D9:D5:6D:43:3B:61:58:22:12:17:E6:3D:90:8B:F4:7B:6B
Certificate issuer: /CN=646579561eca5879a747025e5798487b19cd2a97
Certificate serial: 019421446A7D85798E63BA1AC4687E0E2A65
Authority key identifier: 64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/_NGd2dVtQzthWCISF-Y9kIv0e2s.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.146.156.0/24 maxlen: 24
45.146.157.0/24 maxlen: 24
45.146.158.0/24 maxlen: 24
45.146.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6a:7d:85:79:8e:63:ba:1a:c4:68:7e:0e:2a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=646579561eca5879a747025e5798487b19cd2a97
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcd19dd9d56d433b6158221217e63d908bf47b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:40:17:49:f4:64:10:46:be:d1:66:45:0b:f8:
22:d1:ed:d2:d0:35:d2:a1:db:ee:a5:f4:07:0f:e8:
ec:ea:3f:8a:c6:fc:77:b5:20:62:0e:86:4d:78:e9:
5a:8d:0b:b4:6b:21:c8:10:cb:bf:93:04:3c:ed:2f:
a3:8e:85:2d:d8:fc:9a:62:c9:72:ea:62:4e:a3:9b:
4a:76:00:6e:5d:4e:c7:34:54:ad:26:be:02:10:58:
8b:af:c4:aa:e8:d9:c9:25:63:22:77:12:6f:9f:e3:
13:7a:b5:08:80:98:69:40:d1:8c:19:26:90:81:44:
7c:8e:f5:87:dc:8e:fb:5a:84:ba:c1:d9:0f:50:9f:
2b:b0:90:6c:40:bb:0b:b8:39:45:60:a0:c3:82:cd:
c4:43:f1:9d:c9:7b:a1:fb:a2:d5:ec:7c:a7:8b:bf:
dd:c1:7d:43:00:b6:b9:1c:d3:33:a7:d8:a7:57:02:
50:d1:d7:44:27:b1:f3:9b:6c:d4:1a:ed:8d:0b:79:
e2:6a:17:5a:c4:08:74:83:ab:6f:09:17:f5:ff:fd:
ea:00:d6:2a:9c:3c:a8:5c:d5:a9:0b:73:85:97:aa:
22:cb:5f:58:38:4a:95:67:9d:62:44:61:f6:b1:e6:
50:cd:c1:12:bb:88:6d:c6:09:fa:d1:80:ff:80:0a:
27:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D1:9D:D9:D5:6D:43:3B:61:58:22:12:17:E6:3D:90:8B:F4:7B:6B
X509v3 Authority Key Identifier:
keyid:64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/_NGd2dVtQzthWCISF-Y9kIv0e2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.156.0/22
Signature Algorithm: sha256WithRSAEncryption
65:6b:3d:6b:e7:44:9d:69:12:d9:f5:c1:4d:07:9b:e1:d2:88:
6d:20:44:49:e8:24:1d:83:37:20:9f:8a:7d:53:a0:b2:90:88:
2c:28:31:ab:08:d7:35:95:d2:3e:76:57:e4:b6:f6:77:96:2f:
a2:7e:2d:ab:66:ae:f9:a0:29:aa:e7:04:c9:93:cd:55:37:b6:
e5:56:49:1a:a9:4d:27:e4:67:8c:24:b1:e3:ae:d3:e4:bd:49:
b6:a6:95:ce:e5:30:fc:b5:35:43:60:0a:33:95:e5:63:1d:3a:
09:fe:2a:51:f6:68:21:27:a5:4b:a7:a5:39:a7:73:db:b6:44:
65:5c:7f:99:cc:f6:47:6e:84:1a:14:d3:6a:0d:af:cd:2c:46:
e3:ac:da:1a:2f:23:82:53:d6:54:a6:1b:64:ef:b4:1c:bb:01:
d0:06:c5:ec:0e:85:e6:b7:90:93:76:56:e4:35:53:5a:84:10:
41:c1:be:b6:4e:da:84:f4:57:e0:3b:65:69:72:bc:73:f2:d9:
c5:6d:f5:e7:e5:a3:7c:fa:01:ca:f1:0f:85:d4:b3:9a:1c:f2:
cd:64:4d:1d:c4:25:f0:78:21:54:de:8d:15:08:10:a5:6f:d1:
20:fc:d4:d2:5f:1b:5f:08:2e:e9:36:22:8a:f5:ad:6d:59:4b:
f2:c9:32:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGp9hXmOY7oaxGh+DiplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NjU3OTU2MWVjYTU4NzlhNzQ3MDI1ZTU3OTg0ODdiMTlj
ZDJhOTcwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2QxOWRkOWQ1NmQ0MzNiNjE1ODIyMTIxN2U2M2Q5MDhiZjQ3YjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkAXSfRkEEa+0WZFC/gi0e3S0DXS
odvupfQHD+js6j+Kxvx3tSBiDoZNeOlajQu0ayHIEMu/kwQ87S+jjoUt2PyaYsly
6mJOo5tKdgBuXU7HNFStJr4CEFiLr8Sq6NnJJWMidxJvn+MTerUIgJhpQNGMGSaQ
gUR8jvWH3I77WoS6wdkPUJ8rsJBsQLsLuDlFYKDDgs3EQ/GdyXuh+6LV7Hyni7/d
wX1DALa5HNMzp9inVwJQ0ddEJ7Hzm2zUGu2NC3niahdaxAh0g6tvCRf1//3qANYq
nDyoXNWpC3OFl6oiy19YOEqVZ51iRGH2seZQzcESu4htxgn60YD/gAon8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzRndnVbUM7YVgiEhfmPZCL9HtrMB8GA1UdIwQY
MBaAFGRleVYeylh5p0cCXleYSHsZzSqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTct
NTVjM2QxMjllYzI4LzEvX05HZDJkVnRRenRoV0NJU0YtWTlrSXYwZTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTctNTVjM2QxMjllYzI4
LzEvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZKcMA0G
CSqGSIb3DQEBCwUAA4IBAQBlaz1r50SdaRLZ9cFNB5vh0ohtIERJ6CQdgzcgn4p9
U6CykIgsKDGrCNc1ldI+dlfktvZ3li+ifi2rZq75oCmq5wTJk81VN7blVkkaqU0n
5GeMJLHjrtPkvUm2ppXO5TD8tTVDYAozleVjHToJ/ipR9mghJ6VLp6U5p3PbtkRl
XH+ZzPZHboQaFNNqDa/NLEbjrNoaLyOCU9ZUphtk77QcuwHQBsXsDoXmt5CTdlbk
NVNahBBBwb62TtqE9FfgO2Vpcrxz8tnFbfXn5aN8+gHK8Q+F1LOaHPLNZE0dxCXw
eCFU3o0VCBClb9Eg/NTSXxtfCC7pNiKK9a1tWUvyyTLX
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:40 2025 by rpki-client