Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/B-leWKyHyUWQaTSAIdQFN-Zp9rw.roa
File: B-leWKyHyUWQaTSAIdQFN-Zp9rw.roa (raw, json)
Hash identifier: zSJCyrn6RempGySvfu/Xbm5Mpb6WnVGqpUroJHwaWew=
Subject key identifier: 07:E9:5E:58:AC:87:C9:45:90:69:34:80:21:D4:05:37:E6:69:F6:BC
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 019421442E1CD1BEF1E3A6E4E04A88FD11A4
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/B-leWKyHyUWQaTSAIdQFN-Zp9rw.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205404
IP address blocks: 145.14.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2e:1c:d1:be:f1:e3:a6:e4:e0:4a:88:fd:11:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07e95e58ac87c9459069348021d40537e669f6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cd:db:1a:24:d3:90:a5:5e:2c:d4:a0:34:27:
6c:18:a0:48:e4:51:93:24:ac:39:52:37:55:9e:2a:
7a:e5:61:6b:51:aa:45:9f:ed:3f:12:b2:93:99:40:
8b:a0:15:f0:12:c8:36:fa:b3:06:e9:01:aa:dc:df:
1b:eb:2b:0d:7b:51:74:eb:50:db:68:bd:b4:8b:cc:
c0:64:11:c8:8c:dd:23:d0:a7:99:4f:4a:4f:76:f4:
1c:09:e9:71:f1:a6:e3:a2:e6:7f:3d:ff:fe:3c:fd:
df:e9:07:89:5e:19:95:a0:0d:b0:2b:75:c4:c8:27:
f4:1e:45:3f:64:c6:15:3d:41:25:91:e0:53:59:21:
90:f2:39:57:04:b7:ea:c2:e2:82:e0:a2:00:ac:1e:
12:51:f7:88:8d:06:48:bf:0b:7a:5d:af:ba:e4:6c:
07:17:6f:ca:9d:0a:6d:6d:dd:cf:30:a3:c9:a2:76:
7a:26:79:24:d5:7d:a7:86:ac:00:8c:37:99:a9:a1:
58:ce:2a:7d:79:43:fe:54:c2:1c:9e:7c:64:3c:5d:
ed:26:6c:11:ac:e5:ea:09:f6:cc:d5:00:87:0b:9e:
a1:33:3b:fe:e1:35:29:71:03:da:14:a4:a7:e4:0d:
f5:88:47:cb:dc:39:5d:2b:fd:33:88:37:c0:b1:e0:
27:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E9:5E:58:AC:87:C9:45:90:69:34:80:21:D4:05:37:E6:69:F6:BC
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/B-leWKyHyUWQaTSAIdQFN-Zp9rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.5.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:a0:01:82:d8:2a:c5:7a:15:ac:9c:99:4e:85:48:34:1f:63:
02:f1:e5:28:8f:df:89:3a:a9:dd:4b:bd:15:4b:57:94:6b:54:
75:cf:88:25:7d:67:c2:b4:c2:81:58:0d:86:44:84:b6:c9:f4:
f7:15:de:73:d4:2f:6a:33:b0:d8:68:5c:cf:89:e4:3b:ea:52:
07:9a:08:c2:6a:f2:12:42:1a:18:77:7e:6f:da:01:37:af:c3:
db:1a:be:bd:a8:be:02:9b:ac:ca:4f:28:48:a5:ae:89:22:95:
02:5c:d8:cc:63:69:53:fa:2c:fd:3a:9a:e1:5d:2f:ac:76:07:
ab:4d:51:70:11:1a:e8:8b:2a:61:c3:af:3f:95:6e:77:8c:19:
fb:80:36:ba:4e:d6:da:3b:07:56:dd:94:e5:05:47:b7:30:66:
13:8a:9e:a9:ac:08:2b:20:ed:43:76:50:c8:dc:40:7e:9a:ca:
86:41:7a:68:a3:c1:29:ef:7a:2a:05:02:ce:1a:fa:bd:89:d1:
59:2f:70:d9:6f:1a:c0:90:2e:33:e6:8c:58:a4:8f:24:f7:68:
5e:4d:f0:08:12:44:5f:b7:d4:06:af:47:ee:af:bc:46:a4:76:
3d:60:40:30:a3:7c:22:eb:ce:ba:05:df:c2:7e:59:ec:f6:31:
d0:a7:89:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRC4c0b7x46bk4EqI/RGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U5NWU1OGFjODdjOTQ1OTA2OTM0ODAyMWQ0MDUzN2U2NjlmNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc3bGiTTkKVeLNSgNCdsGKBI5FGT
JKw5UjdVnip65WFrUapFn+0/ErKTmUCLoBXwEsg2+rMG6QGq3N8b6ysNe1F061Db
aL20i8zAZBHIjN0j0KeZT0pPdvQcCelx8abjouZ/Pf/+PP3f6QeJXhmVoA2wK3XE
yCf0HkU/ZMYVPUElkeBTWSGQ8jlXBLfqwuKC4KIArB4SUfeIjQZIvwt6Xa+65GwH
F2/KnQptbd3PMKPJonZ6Jnkk1X2nhqwAjDeZqaFYzip9eUP+VMIcnnxkPF3tJmwR
rOXqCfbM1QCHC56hMzv+4TUpcQPaFKSn5A31iEfL3DldK/0ziDfAseAn1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfpXlish8lFkGk0gCHUBTfmafa8MB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvQi1sZVdLeUh5VVdRYVRTQUlkUUZOLVpwOXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkQ4FMA0G
CSqGSIb3DQEBCwUAA4IBAQCsoAGC2CrFehWsnJlOhUg0H2MC8eUoj9+JOqndS70V
S1eUa1R1z4glfWfCtMKBWA2GRIS2yfT3Fd5z1C9qM7DYaFzPieQ76lIHmgjCavIS
QhoYd35v2gE3r8PbGr69qL4Cm6zKTyhIpa6JIpUCXNjMY2lT+iz9OprhXS+sdger
TVFwERroiyphw68/lW53jBn7gDa6TtbaOwdW3ZTlBUe3MGYTip6prAgrIO1DdlDI
3EB+msqGQXpoo8Ep73oqBQLOGvq9idFZL3DZbxrAkC4z5oxYpI8k92heTfAIEkRf
t9QGr0fur7xGpHY9YEAwo3wi6866Bd/Cflns9jHQp4mp
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:44 2025 by rpki-client