Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/A_DdgpizT--rlZ-ab-YZdIwkNLE.roa
File: A_DdgpizT--rlZ-ab-YZdIwkNLE.roa (raw, json)
Hash identifier: hfZgPH/DllsEyaUJjbheadfPG1jNf80tTNcLY41EaYQ=
Subject key identifier: 03:F0:DD:82:98:B3:4F:EF:AB:95:9F:9A:6F:E6:19:74:8C:24:34:B1
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 0194266B0FB14DA1762A81D943305E5E3BA0
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/A_DdgpizT--rlZ-ab-YZdIwkNLE.roa
Signing time: Thu 02 Jan 2025 09:48:58 +0000
ROA not before: Thu 02 Jan 2025 09:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215348
IP address blocks: 45.12.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:0f:b1:4d:a1:76:2a:81:d9:43:30:5e:5e:3b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Jan 2 09:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03f0dd8298b34fefab959f9a6fe619748c2434b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f3:5e:f5:03:25:01:38:04:0f:c2:9d:c3:54:
76:15:c6:23:ba:c0:ba:61:9f:e6:ed:2f:80:03:51:
b3:9f:08:f7:94:bc:29:76:f1:81:bf:52:e5:84:c6:
32:c0:b8:b8:6f:c2:ca:e6:88:71:d7:89:c5:60:2d:
6b:81:48:25:2c:cc:9b:9c:9a:f0:2d:36:22:35:f0:
45:64:f1:90:fe:c0:b1:d6:d2:af:3b:5f:5d:1d:9e:
03:ff:17:b2:e2:fc:59:ea:6b:78:9d:34:31:8e:ef:
6b:68:10:c4:e2:ec:a3:b2:cf:6b:70:92:fa:21:55:
d2:07:64:c7:55:1d:d8:fc:73:06:f9:33:ab:21:d5:
8a:70:dd:4f:b7:4f:52:45:c1:c0:cd:b0:bf:23:48:
e3:59:9f:3b:b9:7d:ac:c9:0f:b0:e9:53:69:48:f0:
99:84:21:8a:b8:09:f9:43:14:1d:17:8e:a4:d7:95:
f7:9b:22:dc:77:12:c5:e4:c0:7b:ed:9b:0c:b0:88:
b6:5a:6c:f5:66:e9:79:10:19:ae:ca:62:4f:aa:fc:
17:26:4b:73:65:09:30:c0:61:45:84:c5:a2:44:51:
5b:27:85:78:01:4f:a2:85:c1:41:1f:d8:41:eb:36:
bc:95:7f:8b:18:ad:37:5a:71:d6:97:13:b1:72:4d:
ce:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F0:DD:82:98:B3:4F:EF:AB:95:9F:9A:6F:E6:19:74:8C:24:34:B1
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/A_DdgpizT--rlZ-ab-YZdIwkNLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.89.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:d4:4a:c2:2e:4a:db:22:e7:e2:09:de:b9:f9:99:c4:87:44:
05:b0:25:85:85:2b:69:28:7a:ac:4b:b5:18:74:f5:5e:0a:89:
87:3f:9d:0e:dc:c9:5f:76:f8:9b:b0:c6:c0:54:c4:bd:29:de:
c8:f8:d1:ef:89:77:ea:69:cc:49:65:52:ed:1c:e7:eb:56:03:
ff:b8:c9:b0:06:83:f0:71:9c:d1:75:99:47:27:aa:5a:8a:9b:
5b:e4:8f:9c:e5:08:7e:2c:e1:dd:92:4e:dc:cb:fb:1d:61:6f:
9b:9b:44:de:fd:19:da:f9:8b:c6:af:fe:07:d1:9f:70:d1:fb:
1c:43:f7:97:74:d0:83:4c:14:de:50:48:f1:59:db:9c:5d:2c:
eb:9a:44:c5:62:75:9b:c5:fe:87:39:ab:0f:95:97:5a:59:60:
50:41:4b:f8:c5:9a:36:4b:71:a7:de:45:0c:16:ab:37:b5:e6:
aa:9a:bd:85:0d:ed:f6:7c:71:ab:5c:dd:57:23:f9:f0:e4:0e:
d3:4a:e6:b3:4f:fb:06:e2:65:61:89:fa:69:75:e6:82:b6:fd:
f5:29:27:d7:18:ec:6d:a2:82:59:63:af:d3:a9:77:2f:8d:9a:
47:e5:29:f0:c0:dd:01:41:0e:d8:aa:ac:4e:7a:1d:23:ee:e1:
1b:34:9a:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaw+xTaF2KoHZQzBeXjugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjUwMTAyMDk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2YwZGQ4Mjk4YjM0ZmVmYWI5NTlmOWE2ZmU2MTk3NDhjMjQzNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvNe9QMlATgED8Kdw1R2FcYjusC6
YZ/m7S+AA1Gznwj3lLwpdvGBv1LlhMYywLi4b8LK5ohx14nFYC1rgUglLMybnJrw
LTYiNfBFZPGQ/sCx1tKvO19dHZ4D/xey4vxZ6mt4nTQxju9raBDE4uyjss9rcJL6
IVXSB2THVR3Y/HMG+TOrIdWKcN1Pt09SRcHAzbC/I0jjWZ87uX2syQ+w6VNpSPCZ
hCGKuAn5QxQdF46k15X3myLcdxLF5MB77ZsMsIi2Wmz1Zul5EBmuymJPqvwXJktz
ZQkwwGFFhMWiRFFbJ4V4AU+ihcFBH9hB6za8lX+LGK03WnHWlxOxck3O5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPw3YKYs0/vq5Wfmm/mGXSMJDSxMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvQV9EZGdwaXpULS1ybFotYWItWVpkSXdrTkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQxZMA0G
CSqGSIb3DQEBCwUAA4IBAQAN1ErCLkrbIufiCd65+ZnEh0QFsCWFhStpKHqsS7UY
dPVeComHP50O3MlfdvibsMbAVMS9Kd7I+NHviXfqacxJZVLtHOfrVgP/uMmwBoPw
cZzRdZlHJ6paiptb5I+c5Qh+LOHdkk7cy/sdYW+bm0Te/Rna+YvGr/4H0Z9w0fsc
Q/eXdNCDTBTeUEjxWducXSzrmkTFYnWbxf6HOasPlZdaWWBQQUv4xZo2S3Gn3kUM
Fqs3teaqmr2FDe32fHGrXN1XI/nw5A7TSuazT/sG4mVhifppdeaCtv31KSfXGOxt
ooJZY6/TqXcvjZpH5SnwwN0BQQ7YqqxOeh0j7uEbNJrg
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:28:30 2025 by rpki-client