Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/cdRkB7AVAsaCQza2C6eaLskeEHY.roa
File: cdRkB7AVAsaCQza2C6eaLskeEHY.roa (raw, json)
Hash identifier: R3X0t9w4kaySZ1sZzxcJ1+mmA7WHRo/nLaZSV1WFUCk=
Subject key identifier: 71:D4:64:07:B0:15:02:C6:82:43:36:B6:0B:A7:9A:2E:C9:1E:10:76
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01953C9FD5E9969A3D31600817C9D154CA42
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/cdRkB7AVAsaCQza2C6eaLskeEHY.roa
Signing time: Tue 25 Feb 2025 10:21:02 +0000
ROA not before: Tue 25 Feb 2025 10:21:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 45.67.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:9f:d5:e9:96:9a:3d:31:60:08:17:c9:d1:54:ca:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Feb 25 10:21:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71d46407b01502c6824336b60ba79a2ec91e1076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9e:8c:7b:6a:fd:8c:d6:52:87:d9:51:7f:5b:
f7:bf:8b:87:cd:80:b0:ba:f5:66:90:86:84:6a:a8:
b3:f1:c1:f8:9c:4b:a1:8c:79:6e:a4:02:f4:e8:18:
2b:61:8b:9f:4f:27:c8:02:90:97:ff:d3:63:fb:7e:
ac:03:71:27:2d:57:c6:11:15:26:0a:51:e0:fb:7a:
4f:89:68:5e:46:51:5d:29:7d:f5:aa:c9:04:96:73:
1e:58:15:83:86:30:39:ab:b8:41:da:4d:ea:88:21:
83:21:ef:e9:d8:77:8c:ef:e2:f5:41:9c:2e:ec:63:
94:3c:e5:cf:ee:9e:d8:2f:2e:e2:dd:75:23:04:ca:
a3:1c:08:e6:1e:bd:c1:89:5b:a4:eb:c4:42:65:c2:
b7:4c:10:a5:ea:d1:c1:48:1f:b2:21:98:0a:e5:f3:
41:f7:f5:89:ce:ca:da:cc:20:59:90:9c:a8:92:99:
60:10:df:1e:c0:92:63:f7:4f:ff:c2:14:92:49:fa:
bb:2d:ad:a7:13:e1:b1:e1:f1:33:54:54:54:ff:3b:
87:70:76:07:e2:30:ba:13:57:9d:64:ff:6d:86:92:
0c:1a:4f:60:92:71:e1:1c:8a:c6:8d:12:e7:88:c1:
ef:95:a3:e2:5b:d4:99:4b:6b:ad:50:ba:29:67:47:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D4:64:07:B0:15:02:C6:82:43:36:B6:0B:A7:9A:2E:C9:1E:10:76
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/cdRkB7AVAsaCQza2C6eaLskeEHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.203.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:f9:d3:97:22:d3:8d:24:62:98:09:c4:a5:d1:47:bb:eb:9d:
02:3c:73:f6:71:7b:16:ad:9b:5e:92:7d:ba:8f:ad:9e:f2:c6:
f5:d1:4c:66:e1:41:8b:3e:77:bd:9c:68:4b:2b:d4:90:1d:f7:
76:c2:01:a4:76:1a:15:50:fc:33:6a:04:7b:29:db:59:42:16:
51:1f:51:7e:60:87:32:f5:79:b5:32:16:9c:03:aa:99:92:5d:
7b:f0:0c:06:b3:27:6e:13:84:66:ce:fa:0f:48:19:df:19:0d:
77:3e:1d:02:2a:34:f6:d9:83:fa:6f:e6:50:78:62:6f:60:bf:
d2:f9:88:85:34:46:80:87:c8:34:ff:1f:1c:37:2e:a3:e4:99:
3c:bb:2b:2e:a5:b4:0f:e8:30:23:2d:25:37:a5:d6:9a:ac:c3:
76:33:7a:2c:fe:16:5f:6e:87:91:ff:59:03:b3:02:d0:58:e3:
b7:8a:5a:9f:6f:ee:f8:0a:dc:90:5b:f7:c7:1e:eb:be:05:6f:
3d:8f:ad:56:c1:b2:a7:40:d9:b9:b2:9e:94:4c:16:4e:06:80:
2f:8e:96:30:9a:c7:8a:22:dd:93:db:95:a2:f1:81:d0:7a:79:
e6:ee:c9:cf:82:96:8c:0d:ac:ec:dc:d5:44:3f:31:c5:fc:7c:
96:f2:17:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU8n9Xplpo9MWAIF8nRVMpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMjI1MTAyMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ0NjQwN2IwMTUwMmM2ODI0MzM2YjYwYmE3OWEyZWM5MWUxMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ6Me2r9jNZSh9lRf1v3v4uHzYCw
uvVmkIaEaqiz8cH4nEuhjHlupAL06BgrYYufTyfIApCX/9Nj+36sA3EnLVfGERUm
ClHg+3pPiWheRlFdKX31qskElnMeWBWDhjA5q7hB2k3qiCGDIe/p2HeM7+L1QZwu
7GOUPOXP7p7YLy7i3XUjBMqjHAjmHr3BiVuk68RCZcK3TBCl6tHBSB+yIZgK5fNB
9/WJzsrazCBZkJyokplgEN8ewJJj90//whSSSfq7La2nE+Gx4fEzVFRU/zuHcHYH
4jC6E1edZP9thpIMGk9gknHhHIrGjRLniMHvlaPiW9SZS2utULopZ0d8xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHUZAewFQLGgkM2tgunmi7JHhB2MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvY2RSa0I3QVZBc2FDUXphMkM2ZWFMc2tlRUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUPLMA0G
CSqGSIb3DQEBCwUAA4IBAQAN+dOXItONJGKYCcSl0Ue7650CPHP2cXsWrZtekn26
j62e8sb10Uxm4UGLPne9nGhLK9SQHfd2wgGkdhoVUPwzagR7KdtZQhZRH1F+YIcy
9Xm1MhacA6qZkl178AwGsyduE4RmzvoPSBnfGQ13Ph0CKjT22YP6b+ZQeGJvYL/S
+YiFNEaAh8g0/x8cNy6j5Jk8uysupbQP6DAjLSU3pdaarMN2M3os/hZfboeR/1kD
swLQWOO3ilqfb+74CtyQW/fHHuu+BW89j61WwbKnQNm5sp6UTBZOBoAvjpYwmseK
It2T25Wi8YHQennm7snPgpaMDazs3NVEPzHF/HyW8hde
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:33:24 2025 by rpki-client