Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/IPXPzb4dkA4EEogsX4U2PxGFKcY.roa
File: IPXPzb4dkA4EEogsX4U2PxGFKcY.roa (raw, json)
Hash identifier: UZk64VeEyRK8kvQVYJ14kBD0C8kmSNJpbiyrVf6QFJg=
Subject key identifier: 20:F5:CF:CD:BE:1D:90:0E:04:12:88:2C:5F:85:36:3F:11:85:29:C6
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD19C53FAA33EE2A6EFBB36BBCC3ED
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/IPXPzb4dkA4EEogsX4U2PxGFKcY.roa
Signing time: Thu 02 Jan 2025 07:48:51 +0000
ROA not before: Thu 02 Jan 2025 07:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.43.140.0/24 maxlen: 24
45.43.141.0/24 maxlen: 24
104.239.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:19:c5:3f:aa:33:ee:2a:6e:fb:b3:6b:bc:c3:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20f5cfcdbe1d900e0412882c5f85363f118529c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:45:ee:a3:98:fc:7a:2f:90:40:41:7d:e2:c9:
52:83:be:c2:10:3d:9d:bd:40:e3:7a:2c:81:be:48:
dc:bc:0b:1e:e0:11:e7:8a:14:86:c1:d9:7a:8d:ee:
61:3c:af:f1:9a:a1:77:70:13:13:44:6b:41:59:f1:
0f:de:82:2f:2d:80:71:51:06:54:7f:9d:0f:2a:0a:
77:b8:86:29:24:66:8c:fb:21:71:a8:be:a4:e2:4a:
91:81:fe:56:59:db:6e:da:c3:13:bb:ec:ee:96:c5:
6d:40:ad:2a:5a:f4:93:9d:42:d4:4c:36:6e:33:b0:
76:e8:a7:a0:5a:b6:92:ff:09:33:64:cc:95:2d:39:
53:f3:5e:d7:81:9e:e3:cc:8f:f3:b2:81:51:51:15:
89:1b:6d:a4:2e:8e:05:fa:1b:0c:3a:e6:71:ce:41:
2b:e2:18:b6:c9:fd:50:da:0c:9d:98:7b:8d:0b:16:
b5:0f:45:92:05:f1:36:1b:b1:50:a7:95:ee:8e:e7:
a1:c5:28:2c:94:4c:ac:8c:19:e5:87:79:7b:d9:8f:
c7:0b:be:89:41:34:44:82:7d:5d:b4:a3:26:bc:8d:
52:c0:c6:8e:eb:4c:7b:40:23:88:8e:61:9c:97:6a:
8d:a5:77:61:6b:9d:f2:e4:fb:71:52:05:5e:d5:2a:
56:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F5:CF:CD:BE:1D:90:0E:04:12:88:2C:5F:85:36:3F:11:85:29:C6
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/IPXPzb4dkA4EEogsX4U2PxGFKcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.140.0/23
104.239.67.0/24
Signature Algorithm: sha256WithRSAEncryption
52:4f:0d:fc:16:83:d8:38:9d:2e:ad:4b:8d:c2:47:19:09:9c:
d6:a1:46:d9:94:6f:28:fb:40:23:68:e0:c5:4a:4d:ba:88:96:
c2:b4:48:f5:66:8f:ec:dc:95:b0:79:83:a2:2d:34:a9:e0:a0:
6d:e1:24:24:25:70:28:11:bd:89:03:9a:45:bf:a9:dd:0d:eb:
15:ff:fe:c5:a4:6f:7f:16:c9:bc:d4:62:14:61:c3:4b:0c:d0:
cb:4d:b3:3a:5d:73:91:be:5a:0b:2b:90:94:e8:cf:a0:40:a4:
9f:96:20:b9:1c:8e:32:fe:c1:5d:fe:20:7c:67:83:18:9e:4e:
a4:ee:b1:14:1c:df:84:17:00:03:15:75:55:62:ac:70:94:0d:
2b:01:e0:6f:4a:70:ad:11:d7:b9:32:9a:e8:ec:0a:c8:ea:39:
d7:e4:de:fd:d3:bf:cb:6e:0b:aa:a7:5a:ed:5a:47:8a:1e:e1:
c2:a2:7a:7a:42:44:8f:b2:40:41:bb:8b:8c:13:11:9e:da:02:
63:90:ea:6e:3a:04:6e:2b:d0:7d:f7:3b:bf:5e:4f:67:ff:c0:
e6:76:ad:c5:f6:8a:04:fc:24:0b:d9:d7:d7:63:71:7e:69:1d:
d3:52:27:01:b5:c8:c5:71:fc:d0:e3:a8:f3:59:49:b8:b5:41:
db:6c:3a:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/RnFP6oz7ipu+7NrvMPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY1Y2ZjZGJlMWQ5MDBlMDQxMjg4MmM1Zjg1MzYzZjExODUyOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUXuo5j8ei+QQEF94slSg77CED2d
vUDjeiyBvkjcvAse4BHnihSGwdl6je5hPK/xmqF3cBMTRGtBWfEP3oIvLYBxUQZU
f50PKgp3uIYpJGaM+yFxqL6k4kqRgf5WWdtu2sMTu+zulsVtQK0qWvSTnULUTDZu
M7B26KegWraS/wkzZMyVLTlT817XgZ7jzI/zsoFRURWJG22kLo4F+hsMOuZxzkEr
4hi2yf1Q2gydmHuNCxa1D0WSBfE2G7FQp5XujuehxSgslEysjBnlh3l72Y/HC76J
QTREgn1dtKMmvI1SwMaO60x7QCOIjmGcl2qNpXdha53y5PtxUgVe1SpWswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCD1z82+HZAOBBKILF+FNj8RhSnGMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSVBYUHpiNGRrQTRFRW9nc1g0VTJQeEdGS2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLSuMAwQA
aO9DMA0GCSqGSIb3DQEBCwUAA4IBAQBSTw38FoPYOJ0urUuNwkcZCZzWoUbZlG8o
+0AjaODFSk26iJbCtEj1Zo/s3JWweYOiLTSp4KBt4SQkJXAoEb2JA5pFv6ndDesV
//7FpG9/Fsm81GIUYcNLDNDLTbM6XXORvloLK5CU6M+gQKSfliC5HI4y/sFd/iB8
Z4MYnk6k7rEUHN+EFwADFXVVYqxwlA0rAeBvSnCtEde5Mpro7ArI6jnX5N7907/L
bguqp1rtWkeKHuHConp6QkSPskBBu4uMExGe2gJjkOpuOgRuK9B99zu/Xk9n/8Dm
dq3F9ooE/CQL2dfXY3F+aR3TUicBtcjFcfzQ46jzWUm4tUHbbDo7
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:16:36 2025 by rpki-client