Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/I-qnYe3pCJJC6GLKlhRXNSOnj7Q.roa
File: I-qnYe3pCJJC6GLKlhRXNSOnj7Q.roa (raw, json)
Hash identifier: MvvvcuaQB3Ptunhg27MnEt55o6So5bq1V197PASnWPY=
Subject key identifier: 23:EA:A7:61:ED:E9:08:92:42:E8:62:CA:96:14:57:35:23:A7:8F:B4
Certificate issuer: /CN=1fc5955940bbd7555df0a2e417379fc447ef0cdc
Certificate serial: 0194266C28883F43963BA38E924D13240980
Authority key identifier: 1F:C5:95:59:40:BB:D7:55:5D:F0:A2:E4:17:37:9F:C4:47:EF:0C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8WVWUC711Vd8KLkFzefxEfvDNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/I-qnYe3pCJJC6GLKlhRXNSOnj7Q.roa
Signing time: Thu 02 Jan 2025 09:50:09 +0000
ROA not before: Thu 02 Jan 2025 09:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.159.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:28:88:3f:43:96:3b:a3:8e:92:4d:13:24:09:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc5955940bbd7555df0a2e417379fc447ef0cdc
Validity
Not Before: Jan 2 09:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23eaa761ede9089242e862ca9614573523a78fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:6a:5a:38:2e:ed:c7:a0:b9:a6:96:4f:55:
12:f6:e3:0f:fe:44:e8:67:cf:00:fb:ea:5c:66:e4:
49:9e:c3:23:d7:26:bc:98:f5:64:53:d2:dd:c5:ea:
01:84:f0:ab:c8:9b:da:83:ac:cc:6a:59:cb:9c:1d:
31:9c:43:5b:56:b2:af:5e:64:ce:05:0b:17:37:1d:
bf:ed:fb:d5:8c:b3:4c:f0:36:ee:d0:a0:ae:87:d7:
2c:00:f6:f5:ee:8e:d7:ed:8d:ca:36:d2:af:83:f9:
35:6c:47:8a:3d:a9:0b:ea:94:07:89:0f:97:9f:cb:
d2:26:a3:84:1c:50:f3:88:bb:96:07:5d:05:58:2f:
c9:26:5e:05:83:35:8b:40:cc:48:94:79:43:ad:0c:
19:d5:f3:b8:80:14:82:63:0c:75:54:9e:1b:12:f1:
0a:ba:db:90:b6:ac:9c:ba:65:81:54:60:d6:28:21:
8b:5d:5f:29:03:32:fa:b1:1a:a5:c3:6b:52:3d:a9:
1f:28:29:ce:42:0a:49:81:71:3a:a9:49:3f:37:14:
bf:49:90:24:5b:ce:d2:38:a1:41:4e:40:b3:55:35:
8d:86:8b:35:43:02:2f:fc:53:d6:7a:b9:ec:99:cc:
36:2e:91:9f:1b:b4:84:65:e0:57:9d:40:39:ce:c2:
bb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EA:A7:61:ED:E9:08:92:42:E8:62:CA:96:14:57:35:23:A7:8F:B4
X509v3 Authority Key Identifier:
keyid:1F:C5:95:59:40:BB:D7:55:5D:F0:A2:E4:17:37:9F:C4:47:EF:0C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8WVWUC711Vd8KLkFzefxEfvDNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/I-qnYe3pCJJC6GLKlhRXNSOnj7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/H8WVWUC711Vd8KLkFzefxEfvDNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.120.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:d1:31:3f:6a:29:36:9f:8a:44:82:b7:5b:cf:c4:13:00:94:
b2:aa:42:3c:4e:fa:5c:88:d7:6f:0c:23:08:7f:79:dd:42:b3:
ea:98:33:0f:e7:8f:4e:3c:95:c7:46:63:f7:74:49:3d:d8:ca:
a4:80:79:d0:a7:fb:47:c6:9c:6f:fb:98:45:c3:fd:23:9a:3e:
5f:7b:6d:47:5d:32:95:39:f0:88:2a:d7:68:d1:81:57:e1:19:
05:86:eb:b4:d1:5b:53:17:b3:6d:5b:17:27:50:d4:01:bb:8c:
5c:d3:8c:bf:7d:48:10:43:19:c7:20:3b:6d:82:3f:a0:6f:1b:
7f:8c:0b:ad:40:d7:1f:90:ce:aa:59:5e:eb:3a:37:5c:0d:32:
c1:cc:3b:cf:19:00:a4:61:80:5c:d5:0b:35:63:6d:c6:66:46:
72:04:9c:0a:76:89:8b:6a:c8:6a:37:da:0a:e3:da:f2:b0:63:
ce:52:b7:5b:29:d3:7f:0b:f0:b3:14:a8:b4:98:25:8d:77:1f:
24:b8:9f:db:26:d7:52:96:a1:31:66:c7:c5:54:7a:10:93:d8:
e3:26:28:da:d9:35:38:5c:29:16:85:f5:83:d3:28:0f:32:d4:
b4:b2:3d:69:da:8f:43:3b:d2:ac:37:43:b2:b9:b6:50:1c:27:
e5:4d:db:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCiIP0OWO6OOkk0TJAmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzU5NTU5NDBiYmQ3NTU1ZGYwYTJlNDE3Mzc5ZmM0NDdl
ZjBjZGMwHhcNMjUwMTAyMDk1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2VhYTc2MWVkZTkwODkyNDJlODYyY2E5NjE0NTczNTIzYTc4ZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYFqWjgu7ceguaaWT1US9uMP/kTo
Z88A++pcZuRJnsMj1ya8mPVkU9LdxeoBhPCryJvag6zMalnLnB0xnENbVrKvXmTO
BQsXNx2/7fvVjLNM8Dbu0KCuh9csAPb17o7X7Y3KNtKvg/k1bEeKPakL6pQHiQ+X
n8vSJqOEHFDziLuWB10FWC/JJl4FgzWLQMxIlHlDrQwZ1fO4gBSCYwx1VJ4bEvEK
utuQtqycumWBVGDWKCGLXV8pAzL6sRqlw2tSPakfKCnOQgpJgXE6qUk/NxS/SZAk
W87SOKFBTkCzVTWNhos1QwIv/FPWernsmcw2LpGfG7SEZeBXnUA5zsK74wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPqp2Ht6QiSQuhiypYUVzUjp4+0MB8GA1UdIwQY
MBaAFB/FlVlAu9dVXfCi5Bc3n8RH7wzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhXVldVQzcxMVZkOEtMa0Z6ZWZ4RWZ2RE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYzg4OTYtN2JlMi00MmNkLTkxMWYt
MmZkYjdhYjY1ZDUyLzEvSS1xblllM3BDSkpDNkdMS2xoUlhOU09uajdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYzg4OTYtN2JlMi00MmNkLTkxMWYtMmZkYjdhYjY1ZDUy
LzEvSDhXVldVQzcxMVZkOEtMa0Z6ZWZ4RWZ2RE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ94MA0G
CSqGSIb3DQEBCwUAA4IBAQBr0TE/aik2n4pEgrdbz8QTAJSyqkI8TvpciNdvDCMI
f3ndQrPqmDMP549OPJXHRmP3dEk92MqkgHnQp/tHxpxv+5hFw/0jmj5fe21HXTKV
OfCIKtdo0YFX4RkFhuu00VtTF7NtWxcnUNQBu4xc04y/fUgQQxnHIDttgj+gbxt/
jAutQNcfkM6qWV7rOjdcDTLBzDvPGQCkYYBc1Qs1Y23GZkZyBJwKdomLashqN9oK
49rysGPOUrdbKdN/C/CzFKi0mCWNdx8kuJ/bJtdSlqExZsfFVHoQk9jjJija2TU4
XCkWhfWD0ygPMtS0sj1p2o9DO9KsN0OyubZQHCflTdsO
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:45:21 2025 by rpki-client