Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/IVO47FxImh-y3rWgAak5j9Lhqu0.roa
File: IVO47FxImh-y3rWgAak5j9Lhqu0.roa (raw, json)
Hash identifier: UCZgxxNbeCBV4XvQFqq64x8nscbBvfYrvynDklgIEQw=
Subject key identifier: 21:53:B8:EC:5C:48:9A:1F:B2:DE:B5:A0:01:A9:39:8F:D2:E1:AA:ED
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 019422FB6069C01A51B1400534F98C9F0158
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/IVO47FxImh-y3rWgAak5j9Lhqu0.roa
Signing time: Wed 01 Jan 2025 17:48:07 +0000
ROA not before: Wed 01 Jan 2025 17:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5650
IP address blocks: 45.85.130.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:60:69:c0:1a:51:b1:40:05:34:f9:8c:9f:01:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jan 1 17:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2153b8ec5c489a1fb2deb5a001a9398fd2e1aaed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:95:74:c9:9e:d9:7f:f9:ad:95:ab:09:de:1d:
c9:1b:8b:9d:87:b2:c1:0a:89:42:29:63:c5:8b:f4:
78:74:22:c2:9e:3d:40:93:7e:c7:9d:f0:b6:a7:3d:
9c:d9:e2:a7:dc:d4:08:22:c4:d7:68:04:80:e9:56:
ec:24:7d:92:4f:6e:2f:1a:d0:fc:a4:5a:58:f5:c0:
be:17:94:2d:8d:2a:86:48:f4:34:90:a3:c3:13:75:
fe:50:d1:47:a6:53:53:de:d0:e4:27:cf:d7:39:fd:
0b:1a:8c:b1:a9:8c:93:ee:51:a0:8a:4f:36:b6:49:
cc:68:23:48:1e:91:2e:da:65:3a:d4:49:6f:66:51:
90:b7:84:ab:ba:3a:c5:1a:5a:58:0a:b7:1d:2c:22:
de:1c:54:5a:22:91:16:f2:4b:c8:25:85:be:2d:2d:
2f:e1:ed:f5:91:ce:33:8b:cf:e8:92:f9:03:f3:9a:
a4:4d:5c:79:05:38:8d:78:d4:ee:11:cd:a4:04:6e:
b4:e0:d5:61:0c:53:22:23:d5:ac:5e:e8:0f:f2:a8:
91:87:27:05:c6:e1:39:82:96:7c:b4:a6:89:5d:88:
42:26:37:07:a0:ed:77:18:d3:7c:ac:52:21:15:d8:
cc:05:9f:62:97:e5:4f:9b:7c:05:4f:c8:81:3c:bd:
af:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:53:B8:EC:5C:48:9A:1F:B2:DE:B5:A0:01:A9:39:8F:D2:E1:AA:ED
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/IVO47FxImh-y3rWgAak5j9Lhqu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.130.0/23
Signature Algorithm: sha256WithRSAEncryption
31:97:26:13:9e:d0:79:dd:cb:e7:70:72:2e:03:b1:99:39:f3:
bb:5a:f2:f2:dc:32:99:ca:43:0e:5f:48:ad:40:48:30:f1:55:
95:69:c2:67:d6:aa:d2:8e:fa:e5:d3:ab:a2:40:0a:cd:0f:cc:
cd:08:9d:a7:70:42:f1:13:6d:b7:fa:b5:5f:2a:29:7c:be:5e:
f5:a7:bf:da:d9:d4:38:f8:24:d5:1a:b0:fe:8a:c1:d4:ef:09:
ce:34:28:53:a9:13:9c:9a:b8:b2:3f:2e:05:ba:fd:8d:6c:48:
ff:c3:7b:62:b4:3e:17:c7:7c:8b:ab:ec:7c:f5:cd:e8:46:5c:
1d:57:15:3d:13:7c:de:cf:38:92:a6:f2:db:5e:e1:40:36:41:
03:4e:bf:e3:fc:30:08:4f:82:ea:f1:79:cf:ff:3b:f6:36:fc:
a5:96:a4:75:18:59:bf:ab:a7:0b:77:47:d5:56:cf:34:04:81:
f8:91:f9:72:e5:ce:b5:ef:d1:6c:25:09:9e:ba:df:34:8d:13:
9e:2a:b5:00:54:25:0a:25:a4:16:15:39:df:81:50:b8:8a:68:
6b:26:c2:ff:69:02:b6:02:b8:29:7d:08:fd:48:b2:af:94:cd:
81:be:66:d8:d4:59:bf:93:d9:b0:8f:b7:91:59:aa:29:9e:ac:
34:11:f5:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+2BpwBpRsUAFNPmMnwFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjUwMTAxMTc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUzYjhlYzVjNDg5YTFmYjJkZWI1YTAwMWE5Mzk4ZmQyZTFhYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJV0yZ7Zf/mtlasJ3h3JG4udh7LB
ColCKWPFi/R4dCLCnj1Ak37HnfC2pz2c2eKn3NQIIsTXaASA6VbsJH2ST24vGtD8
pFpY9cC+F5QtjSqGSPQ0kKPDE3X+UNFHplNT3tDkJ8/XOf0LGoyxqYyT7lGgik82
tknMaCNIHpEu2mU61ElvZlGQt4SrujrFGlpYCrcdLCLeHFRaIpEW8kvIJYW+LS0v
4e31kc4zi8/okvkD85qkTVx5BTiNeNTuEc2kBG604NVhDFMiI9WsXugP8qiRhycF
xuE5gpZ8tKaJXYhCJjcHoO13GNN8rFIhFdjMBZ9il+VPm3wFT8iBPL2v5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFTuOxcSJofst61oAGpOY/S4artMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvSVZPNDdGeEltaC15M3JXZ0FhazVqOUxocXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVWCMA0G
CSqGSIb3DQEBCwUAA4IBAQAxlyYTntB53cvncHIuA7GZOfO7WvLy3DKZykMOX0it
QEgw8VWVacJn1qrSjvrl06uiQArND8zNCJ2ncELxE223+rVfKil8vl71p7/a2dQ4
+CTVGrD+isHU7wnONChTqROcmriyPy4Fuv2NbEj/w3titD4Xx3yLq+x89c3oRlwd
VxU9E3zezziSpvLbXuFANkEDTr/j/DAIT4Lq8XnP/zv2NvyllqR1GFm/q6cLd0fV
Vs80BIH4kfly5c6179FsJQmeut80jROeKrUAVCUKJaQWFTnfgVC4imhrJsL/aQK2
ArgpfQj9SLKvlM2BvmbY1Fm/k9mwj7eRWaopnqw0EfUu
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:39:07 2025 by rpki-client