Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/00f66b-fe83-4ccd-82ee-c56f05da3d25/1/8FLRYVQdX3uKC3EUcIINM4PPH70.roa
File: 8FLRYVQdX3uKC3EUcIINM4PPH70.roa (raw, json)
Hash identifier: AvJSbDISdiRpzDgo8gSH1kCL/FtFtirNCOoP+EDCSag=
Subject key identifier: F0:52:D1:61:54:1D:5F:7B:8A:0B:71:14:70:82:0D:33:83:CF:1F:BD
Certificate issuer: /CN=81665d6cf26d937484dbb4633743e0657eccdc5e
Certificate serial: 01942368F819596B303D8057A4711D8CBF9B
Authority key identifier: 81:66:5D:6C:F2:6D:93:74:84:DB:B4:63:37:43:E0:65:7E:CC:DC:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWZdbPJtk3SE27RjN0PgZX7M3F4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/00f66b-fe83-4ccd-82ee-c56f05da3d25/1/8FLRYVQdX3uKC3EUcIINM4PPH70.roa
Signing time: Wed 01 Jan 2025 19:47:49 +0000
ROA not before: Wed 01 Jan 2025 19:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8495
IP address blocks: 45.135.106.0/24 maxlen: 24
2a0e:6b40:20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:f8:19:59:6b:30:3d:80:57:a4:71:1d:8c:bf:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81665d6cf26d937484dbb4633743e0657eccdc5e
Validity
Not Before: Jan 1 19:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f052d161541d5f7b8a0b711470820d3383cf1fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e7:c3:2f:a7:bb:48:06:e3:30:31:32:8e:8f:
77:6a:e7:56:96:9a:61:a3:16:70:56:4a:f5:88:f8:
c4:81:fd:92:23:6b:13:01:22:82:5e:e0:8e:48:55:
26:ca:fe:c3:91:71:af:a3:f5:4f:c6:67:d5:03:a1:
7d:36:33:7e:8b:d4:88:ae:67:9f:7e:4d:6c:58:51:
38:c9:ce:69:86:cd:a9:b8:a2:20:5a:41:ab:76:63:
d0:d6:f5:51:04:92:0b:1d:f8:67:0c:b9:4d:4e:cd:
e2:55:91:7a:c8:d8:5b:1c:75:5c:c6:a4:e7:ef:63:
05:c3:8d:2f:ff:92:f9:0a:16:7d:37:16:9a:3d:05:
66:99:b4:63:b9:8d:68:c5:b0:0a:7b:63:f4:51:07:
b4:b6:80:e2:ad:31:f4:58:6c:42:30:78:d9:d8:98:
c3:8f:f7:ec:cd:f5:11:4a:ad:a5:5a:1f:9d:9d:c6:
51:53:25:98:65:47:fe:33:84:47:87:91:07:33:c8:
b3:31:74:bd:a2:a7:ec:88:3c:42:87:a2:23:f7:f7:
2d:c4:67:c4:f8:0e:08:80:2e:c9:60:95:a0:4e:39:
b1:62:50:89:38:c1:60:1f:ec:28:93:fb:2a:25:ad:
bb:c9:25:92:40:ca:79:ba:b1:bb:cb:dd:fd:a0:f0:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:52:D1:61:54:1D:5F:7B:8A:0B:71:14:70:82:0D:33:83:CF:1F:BD
X509v3 Authority Key Identifier:
keyid:81:66:5D:6C:F2:6D:93:74:84:DB:B4:63:37:43:E0:65:7E:CC:DC:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWZdbPJtk3SE27RjN0PgZX7M3F4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/00f66b-fe83-4ccd-82ee-c56f05da3d25/1/8FLRYVQdX3uKC3EUcIINM4PPH70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/00f66b-fe83-4ccd-82ee-c56f05da3d25/1/gWZdbPJtk3SE27RjN0PgZX7M3F4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.106.0/24
IPv6:
2a0e:6b40:20::/48
Signature Algorithm: sha256WithRSAEncryption
65:4c:59:8a:a7:83:07:2d:b7:4c:a7:8d:89:1a:1a:da:ff:70:
9b:37:3c:9b:9d:90:a5:65:74:92:98:4a:87:60:30:87:2c:2d:
c6:17:d7:57:83:82:b0:04:de:fc:fc:63:11:a9:cd:ef:87:a7:
6c:c0:9b:11:16:d9:52:62:af:e6:1f:9e:81:2b:82:be:82:0d:
d9:f0:fb:6b:85:67:32:b9:43:bd:bd:5f:a1:14:e0:b4:3f:b2:
7c:90:83:3f:b9:4d:7b:d9:d2:99:5f:93:11:85:13:99:26:2a:
37:10:1a:1c:42:b0:79:8d:9f:6f:ad:4d:8f:e7:93:61:36:ee:
b7:e9:e3:5b:f9:88:ec:3a:f1:bf:ac:2c:09:8c:cd:c0:c0:55:
d5:2c:92:9a:8f:06:08:f3:e8:e9:d3:03:86:c0:ac:f4:47:5e:
4d:51:7e:77:4c:ff:e1:ad:53:b3:5c:20:84:d0:5b:69:dd:09:
0b:a7:33:f1:02:72:8b:57:4a:9d:77:e5:c3:72:3b:1b:83:57:
97:54:dc:c4:22:94:ef:a1:fe:fe:77:aa:ce:bf:ef:a4:d0:d0:
dd:09:56:45:eb:94:d5:2c:96:a2:e0:29:0b:66:d6:c0:7a:4b:
de:8b:73:eb:24:17:15:ed:13:13:ef:da:2a:44:8e:05:90:2e:
4b:d2:23:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjaPgZWWswPYBXpHEdjL+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNjY1ZDZjZjI2ZDkzNzQ4NGRiYjQ2MzM3NDNlMDY1N2Vj
Y2RjNWUwHhcNMjUwMTAxMTk0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDUyZDE2MTU0MWQ1ZjdiOGEwYjcxMTQ3MDgyMGQzMzgzY2YxZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8efDL6e7SAbjMDEyjo93audWlpph
oxZwVkr1iPjEgf2SI2sTASKCXuCOSFUmyv7DkXGvo/VPxmfVA6F9NjN+i9SIrmef
fk1sWFE4yc5phs2puKIgWkGrdmPQ1vVRBJILHfhnDLlNTs3iVZF6yNhbHHVcxqTn
72MFw40v/5L5ChZ9NxaaPQVmmbRjuY1oxbAKe2P0UQe0toDirTH0WGxCMHjZ2JjD
j/fszfURSq2lWh+dncZRUyWYZUf+M4RHh5EHM8izMXS9oqfsiDxCh6Ij9/ctxGfE
+A4IgC7JYJWgTjmxYlCJOMFgH+wok/sqJa27ySWSQMp5urG7y939oPAgXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPBS0WFUHV97igtxFHCCDTODzx+9MB8GA1UdIwQY
MBaAFIFmXWzybZN0hNu0YzdD4GV+zNxeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1daZGJQSnRrM1NFMjdSak4wUGdaWDdNM0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8wMGY2NmItZmU4My00Y2NkLTgyZWUt
YzU2ZjA1ZGEzZDI1LzEvOEZMUllWUWRYM3VLQzNFVWNJSU5NNFBQSDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8wMGY2NmItZmU4My00Y2NkLTgyZWUtYzU2ZjA1ZGEzZDI1
LzEvZ1daZGJQSnRrM1NFMjdSak4wUGdaWDdNM0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYdqMA8E
AgACMAkDBwAqDmtAACAwDQYJKoZIhvcNAQELBQADggEBAGVMWYqngwctt0ynjYka
Gtr/cJs3PJudkKVldJKYSodgMIcsLcYX11eDgrAE3vz8YxGpze+Hp2zAmxEW2VJi
r+YfnoErgr6CDdnw+2uFZzK5Q729X6EU4LQ/snyQgz+5TXvZ0plfkxGFE5kmKjcQ
GhxCsHmNn2+tTY/nk2E27rfp41v5iOw68b+sLAmMzcDAVdUskpqPBgjz6OnTA4bA
rPRHXk1RfndM/+GtU7NcIITQW2ndCQunM/ECcotXSp135cNyOxuDV5dU3MQilO+h
/v53qs6/76TQ0N0JVkXrlNUslqLgKQtm1sB6S96Lc+skFxXtExPv2ipEjgWQLkvS
I0I=
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:36:06 2025 by rpki-client