Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/mjTSWLEuvIRJ-mDUVhSblHWE7N4.roa
File: mjTSWLEuvIRJ-mDUVhSblHWE7N4.roa (raw, json)
Hash identifier: rmzWSKN3Yb/xA6p/q8UxEXQjDhun2rkoNnE76zOjZHo=
Subject key identifier: 9A:34:D2:58:B1:2E:BC:84:49:FA:60:D4:56:14:9B:94:75:84:EC:DE
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0194221F762F43C84F13C08183913B046FD4
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/mjTSWLEuvIRJ-mDUVhSblHWE7N4.roa
Signing time: Wed 01 Jan 2025 13:47:54 +0000
ROA not before: Wed 01 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34679
IP address blocks: 45.14.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:76:2f:43:c8:4f:13:c0:81:83:91:3b:04:6f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a34d258b12ebc8449fa60d456149b947584ecde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:15:b3:e3:42:62:e2:42:4a:76:a4:d2:36:8f:
0f:ff:b1:e6:99:e3:6a:eb:d8:09:ee:9c:91:b1:f1:
d7:33:7b:71:3e:ac:08:f2:25:ab:c5:74:ea:1e:60:
99:81:34:39:08:27:c7:cf:b1:ea:88:2a:5e:58:56:
f9:b3:a1:20:d1:68:73:3a:06:87:00:f3:c0:75:24:
d3:7d:0c:29:7f:8e:4e:19:0b:fa:e7:a5:f4:20:6a:
bb:df:c3:bf:02:8b:86:09:2e:61:39:f2:f8:0b:7d:
00:1b:ea:2a:5e:68:c1:55:d5:59:a5:43:cc:a8:91:
5b:77:ee:a8:e9:ed:ce:81:f0:5e:d8:b0:13:94:74:
12:bc:3a:66:f3:4d:42:c2:6a:75:43:3a:a7:f2:bb:
5d:7a:b9:92:f3:6c:4e:30:80:e9:27:58:8a:61:0d:
f4:c3:91:e4:f3:51:e6:3c:3b:23:65:df:79:34:05:
2a:f2:21:03:f1:7a:d4:22:5a:84:aa:d4:b2:74:17:
ed:44:34:98:67:06:18:5c:20:c1:d0:30:1a:b2:06:
b6:18:c6:e9:20:81:c7:cf:8d:10:f1:b7:01:30:e9:
04:90:44:24:96:89:d7:08:23:3f:d5:1b:76:20:5d:
96:6b:c7:5d:28:98:04:3a:84:4c:f4:31:8f:00:79:
de:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:34:D2:58:B1:2E:BC:84:49:FA:60:D4:56:14:9B:94:75:84:EC:DE
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/mjTSWLEuvIRJ-mDUVhSblHWE7N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.237.0/24
Signature Algorithm: sha256WithRSAEncryption
12:d5:85:27:9e:2e:2c:0c:1b:61:9c:20:9b:08:f2:94:40:ab:
c7:06:7e:c2:28:0f:95:93:80:4b:74:f7:7b:42:9e:89:a0:85:
63:e3:c1:e1:8c:e9:40:3e:bd:29:30:21:ef:b0:47:a6:0a:3e:
65:5c:c5:4d:af:0c:55:a6:1f:59:e4:26:86:4c:65:04:30:31:
d8:af:b5:3a:ee:61:3a:64:d5:2f:0f:f4:96:02:78:78:3b:c2:
5b:49:f8:aa:a3:19:29:cf:5a:13:2d:2b:00:0d:8e:4f:16:4d:
9e:13:f4:b6:09:aa:ed:82:6d:08:d7:51:99:fe:d9:69:eb:12:
32:92:00:e2:fa:f4:2b:fd:ef:2c:da:af:86:f7:13:71:4b:79:
e5:aa:f0:7c:f8:dd:80:0a:80:d9:4d:4d:04:62:29:ad:dd:7c:
26:e9:78:00:98:2f:79:d6:fe:70:eb:da:ee:81:9e:e4:e6:f5:
8e:df:ee:9b:d1:d8:bb:16:8e:ad:3d:3c:2a:34:c3:be:a4:4c:
cf:42:ed:f7:b2:19:d8:ae:10:6c:57:f3:56:c0:a7:e2:8b:c0:
23:78:af:85:36:d4:b3:19:6b:22:48:e0:e4:0b:75:99:1a:8c:
51:41:6b:34:91:1c:56:58:4a:84:89:56:2c:81:b1:5d:9f:2f:
da:31:44:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH3YvQ8hPE8CBg5E7BG/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjUwMTAxMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTM0ZDI1OGIxMmViYzg0NDlmYTYwZDQ1NjE0OWI5NDc1ODRlY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBWz40Ji4kJKdqTSNo8P/7HmmeNq
69gJ7pyRsfHXM3txPqwI8iWrxXTqHmCZgTQ5CCfHz7HqiCpeWFb5s6Eg0WhzOgaH
APPAdSTTfQwpf45OGQv656X0IGq738O/AouGCS5hOfL4C30AG+oqXmjBVdVZpUPM
qJFbd+6o6e3OgfBe2LATlHQSvDpm801Cwmp1Qzqn8rtdermS82xOMIDpJ1iKYQ30
w5Hk81HmPDsjZd95NAUq8iED8XrUIlqEqtSydBftRDSYZwYYXCDB0DAasga2GMbp
IIHHz40Q8bcBMOkEkEQklonXCCM/1Rt2IF2Wa8ddKJgEOoRM9DGPAHnegwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJo00lixLryESfpg1FYUm5R1hOzeMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvbWpUU1dMRXV2SVJKLW1EVVZoU2JsSFdFN040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ7tMA0G
CSqGSIb3DQEBCwUAA4IBAQAS1YUnni4sDBthnCCbCPKUQKvHBn7CKA+Vk4BLdPd7
Qp6JoIVj48HhjOlAPr0pMCHvsEemCj5lXMVNrwxVph9Z5CaGTGUEMDHYr7U67mE6
ZNUvD/SWAnh4O8JbSfiqoxkpz1oTLSsADY5PFk2eE/S2Cartgm0I11GZ/tlp6xIy
kgDi+vQr/e8s2q+G9xNxS3nlqvB8+N2ACoDZTU0EYimt3Xwm6XgAmC951v5w69ru
gZ7k5vWO3+6b0di7Fo6tPTwqNMO+pEzPQu33shnYrhBsV/NWwKfii8AjeK+FNtSz
GWsiSODkC3WZGoxRQWs0kRxWWEqEiVYsgbFdny/aMUS0
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:19:49 2025 by rpki-client