Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/21922a-dd79-4f56-83be-0a069dec100a/1/iI3eBvPcK_oU8TVqkbYOtwG8vsg.roa
File: iI3eBvPcK_oU8TVqkbYOtwG8vsg.roa (raw, json)
Hash identifier: ikZUasg08WdXub3shWtyhp22ZcEuhRbJ+MQpgo0gb1Q=
Subject key identifier: 88:8D:DE:06:F3:DC:2B:FA:14:F1:35:6A:91:B6:0E:B7:01:BC:BE:C8
Certificate issuer: /CN=421f108882a9e2d72782db6527da4d9adeeb19cc
Certificate serial: 0194228D5B900CDFB9FC7CE9F49C94B58E76
Authority key identifier: 42:1F:10:88:82:A9:E2:D7:27:82:DB:65:27:DA:4D:9A:DE:EB:19:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qh8QiIKp4tcngttlJ9pNmt7rGcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/21922a-dd79-4f56-83be-0a069dec100a/1/iI3eBvPcK_oU8TVqkbYOtwG8vsg.roa
Signing time: Wed 01 Jan 2025 15:47:56 +0000
ROA not before: Wed 01 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.86.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:5b:90:0c:df:b9:fc:7c:e9:f4:9c:94:b5:8e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421f108882a9e2d72782db6527da4d9adeeb19cc
Validity
Not Before: Jan 1 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=888dde06f3dc2bfa14f1356a91b60eb701bcbec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:a4:c6:35:40:1e:99:ae:ae:e0:5d:49:a8:
10:58:2f:23:43:33:a5:b3:57:62:df:c7:b9:2d:85:
16:ae:43:64:5f:1d:ac:4e:9f:1c:01:7a:54:7d:96:
a5:fc:e6:18:2a:f8:a2:c8:ad:0f:8a:fa:f9:f6:0f:
d6:cb:10:6a:c6:c4:5d:16:bd:53:97:0c:3b:7f:c4:
da:fb:0d:bb:79:4d:d9:22:5f:e0:21:9b:80:8f:25:
94:07:d8:68:8b:aa:7e:ca:6f:2c:c3:16:2b:8d:67:
7c:b9:f6:53:59:57:78:e6:ab:c1:97:3d:d8:fc:18:
36:94:b3:58:bd:b0:67:e5:f4:46:ca:f6:44:e4:be:
ef:8a:fb:5c:83:1c:42:0a:1f:4d:3e:c2:7f:23:b5:
6f:7f:11:41:0c:6b:9b:65:c0:7d:91:db:7e:ce:d8:
40:b1:cf:57:6c:72:a9:2d:dc:63:00:ee:7a:94:e5:
cf:5b:31:d0:b8:d3:8e:7c:75:4a:8a:9c:bf:ba:71:
d0:78:9a:72:22:e3:24:c2:35:be:e0:1f:51:68:24:
20:82:7a:8e:29:85:88:20:64:cf:80:fe:85:56:77:
fa:d1:58:f7:24:fb:bb:ee:af:d1:c0:a2:d1:a1:71:
45:33:4b:49:77:8c:28:e8:77:d0:95:aa:db:20:b8:
03:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8D:DE:06:F3:DC:2B:FA:14:F1:35:6A:91:B6:0E:B7:01:BC:BE:C8
X509v3 Authority Key Identifier:
keyid:42:1F:10:88:82:A9:E2:D7:27:82:DB:65:27:DA:4D:9A:DE:EB:19:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qh8QiIKp4tcngttlJ9pNmt7rGcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/21922a-dd79-4f56-83be-0a069dec100a/1/iI3eBvPcK_oU8TVqkbYOtwG8vsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/21922a-dd79-4f56-83be-0a069dec100a/1/Qh8QiIKp4tcngttlJ9pNmt7rGcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.112.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:02:78:d7:ec:31:ef:1a:44:27:fa:51:f7:bb:38:94:04:24:
80:f9:57:ca:18:06:c0:0f:23:6f:31:8e:22:7c:34:47:29:c2:
bb:bc:45:27:4f:53:e4:3a:4c:16:10:b3:76:17:34:fb:79:a2:
65:09:b6:17:f5:a6:ea:be:83:c2:71:46:48:f3:bf:86:05:98:
f0:f0:43:13:87:6e:c2:12:ba:95:5f:a2:b0:84:b7:a9:64:7f:
be:89:dc:a1:b2:47:d8:ba:9e:2a:83:b6:2c:8a:43:70:8d:2b:
62:0c:79:1e:d3:f8:e6:06:5e:29:22:4e:d5:db:c7:dd:17:35:
46:78:e6:25:69:f7:2a:7f:07:2d:82:3d:22:19:83:09:5e:c3:
49:f1:0b:d6:df:a2:c1:c2:86:2b:6c:a1:e4:f5:9f:ae:d4:61:
86:38:ff:64:80:3b:79:f1:23:9f:4b:1e:42:65:b1:26:83:dc:
c2:4c:26:85:05:d7:2f:ab:c6:75:12:8a:c9:6c:c2:da:79:21:
fc:ca:2d:9b:67:9b:4a:29:18:1f:ee:78:e1:be:49:2a:16:b4:
47:09:28:30:2c:8c:7e:2d:ac:f7:c8:36:79:c1:7a:0b:f4:7c:
9b:27:ee:ee:33:85:a1:04:ab:5d:a9:63:e7:19:0e:99:1f:d1:
1a:d9:02:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijVuQDN+5/Hzp9JyUtY52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWYxMDg4ODJhOWUyZDcyNzgyZGI2NTI3ZGE0ZDlhZGVl
YjE5Y2MwHhcNMjUwMTAxMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhkZGUwNmYzZGMyYmZhMTRmMTM1NmE5MWI2MGViNzAxYmNiZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTGkxjVAHpmuruBdSagQWC8jQzOl
s1di38e5LYUWrkNkXx2sTp8cAXpUfZal/OYYKviiyK0Pivr59g/WyxBqxsRdFr1T
lww7f8Ta+w27eU3ZIl/gIZuAjyWUB9hoi6p+ym8swxYrjWd8ufZTWVd45qvBlz3Y
/Bg2lLNYvbBn5fRGyvZE5L7vivtcgxxCCh9NPsJ/I7VvfxFBDGubZcB9kdt+zthA
sc9XbHKpLdxjAO56lOXPWzHQuNOOfHVKipy/unHQeJpyIuMkwjW+4B9RaCQggnqO
KYWIIGTPgP6FVnf60Vj3JPu77q/RwKLRoXFFM0tJd4wo6HfQlarbILgDBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiN3gbz3Cv6FPE1apG2DrcBvL7IMB8GA1UdIwQY
MBaAFEIfEIiCqeLXJ4LbZSfaTZre6xnMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWg4UWlJS3A0dGNuZ3R0bEo5cE5tdDdyR2N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMTkyMmEtZGQ3OS00ZjU2LTgzYmUt
MGEwNjlkZWMxMDBhLzEvaUkzZUJ2UGNLX29VOFRWcWtiWU90d0c4dnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMTkyMmEtZGQ3OS00ZjU2LTgzYmUtMGEwNjlkZWMxMDBh
LzEvUWg4UWlJS3A0dGNuZ3R0bEo5cE5tdDdyR2N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZwMA0G
CSqGSIb3DQEBCwUAA4IBAQBsAnjX7DHvGkQn+lH3uziUBCSA+VfKGAbADyNvMY4i
fDRHKcK7vEUnT1PkOkwWELN2FzT7eaJlCbYX9abqvoPCcUZI87+GBZjw8EMTh27C
ErqVX6KwhLepZH++idyhskfYup4qg7YsikNwjStiDHke0/jmBl4pIk7V28fdFzVG
eOYlafcqfwctgj0iGYMJXsNJ8QvW36LBwoYrbKHk9Z+u1GGGOP9kgDt58SOfSx5C
ZbEmg9zCTCaFBdcvq8Z1EorJbMLaeSH8yi2bZ5tKKRgf7njhvkkqFrRHCSgwLIx+
Laz3yDZ5wXoL9HybJ+7uM4WhBKtdqWPnGQ6ZH9Ea2QLi
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:17:59 2025 by rpki-client