Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/MvceJYeC7exu39P-KklGzIhKezo.roa
File: MvceJYeC7exu39P-KklGzIhKezo.roa (raw, json)
Hash identifier: l7CWLK2x2ygZPduMunzZSQp+ZhD4hpMbVwc9AxPKUD8=
Subject key identifier: 32:F7:1E:25:87:82:ED:EC:6E:DF:D3:FE:2A:49:46:CC:88:4A:7B:3A
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 019424B3E7A6BAD04C0D8199CBE10B39FB7A
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/MvceJYeC7exu39P-KklGzIhKezo.roa
Signing time: Thu 02 Jan 2025 01:49:17 +0000
ROA not before: Thu 02 Jan 2025 01:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200590
IP address blocks: 45.66.52.0/24 maxlen: 24
45.156.114.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:e7:a6:ba:d0:4c:0d:81:99:cb:e1:0b:39:fb:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 01:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32f71e258782edec6edfd3fe2a4946cc884a7b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:7a:52:3c:ed:f5:8a:b0:bc:8c:27:9c:93:
0d:54:0e:45:5f:56:3b:23:7c:0c:de:66:e6:b5:65:
04:a2:f4:46:db:83:b0:2a:63:b6:33:66:83:df:8e:
e2:24:62:05:8b:97:e4:d1:78:89:9e:92:fb:4f:87:
21:f0:ce:4b:bd:5f:05:da:9c:98:97:4c:b0:ac:7d:
43:41:2e:1d:f4:3a:cc:a5:77:de:6c:a8:a8:16:99:
9c:4e:77:0c:a1:46:10:53:49:b4:c6:12:24:7a:7e:
54:24:25:56:86:fe:ce:12:a9:29:fa:f9:a8:1e:af:
77:73:1d:0c:4f:25:42:9a:41:5b:9b:77:76:0b:c2:
c5:d5:91:9b:d2:39:e8:07:02:18:f7:bc:ec:c2:e8:
52:4e:d1:cf:0f:03:72:0d:51:6c:49:50:22:ba:40:
d3:14:f7:dc:28:13:06:15:8e:1c:96:bf:1b:90:f6:
ba:52:a5:e3:d1:86:50:93:5f:c1:c6:f1:31:fe:59:
23:b1:97:16:32:c7:9e:60:71:c0:60:f6:52:8e:4f:
19:b3:11:e4:56:ed:0b:cb:de:de:0d:f9:14:1c:e0:
f3:b1:fc:fd:66:b6:36:92:c6:96:77:da:ac:ef:34:
82:73:36:9c:9a:ee:fb:53:c9:a4:16:51:92:2b:60:
b5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F7:1E:25:87:82:ED:EC:6E:DF:D3:FE:2A:49:46:CC:88:4A:7B:3A
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/MvceJYeC7exu39P-KklGzIhKezo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.52.0/24
45.156.114.0/23
Signature Algorithm: sha256WithRSAEncryption
21:e3:1a:c6:5c:d7:b2:30:f1:5f:af:a0:d3:35:ef:b6:02:45:
fe:fe:df:a6:4b:0f:fd:06:7f:e2:e6:77:90:51:84:5c:c7:ad:
24:e6:d2:92:43:6f:6e:26:54:7f:65:a8:c2:e2:ae:23:3d:93:
8e:84:dc:8f:e7:ad:8e:c3:62:4a:f5:5f:88:59:1f:15:11:03:
b6:c8:a4:7e:f5:7c:24:8b:33:9e:ea:c6:70:1e:01:9a:1e:5d:
d0:84:fc:55:4e:7d:23:fd:ff:4e:c2:47:6b:be:cd:53:59:f6:
fa:8a:31:f2:dd:58:62:b9:62:24:c2:41:a4:3b:52:44:75:90:
f5:8a:e9:50:48:85:07:48:2d:ab:58:20:78:61:53:d5:45:65:
92:96:58:cb:9c:82:a8:47:ec:d7:73:a1:d2:52:5d:b4:7d:3d:
2a:54:ff:39:91:8c:08:0a:ac:b2:fd:25:8a:a9:6f:ca:b8:60:
4c:25:52:b4:72:a6:26:77:1c:e8:a5:2e:c9:72:60:4b:b7:cb:
bd:b6:1f:7e:4f:27:72:b4:99:94:54:17:ba:1a:e4:57:dc:56:
1c:10:7b:0c:d4:dc:2f:4c:1a:69:57:58:ab:44:23:d2:48:be:
22:e7:d6:4e:53:0d:96:ba:34:04:aa:71:ae:66:18:ef:4a:50:
67:56:ad:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks+emutBMDYGZy+ELOft6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjUwMTAyMDE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY3MWUyNTg3ODJlZGVjNmVkZmQzZmUyYTQ5NDZjYzg4NGE3YjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsot6Ujzt9YqwvIwnnJMNVA5FX1Y7
I3wM3mbmtWUEovRG24OwKmO2M2aD347iJGIFi5fk0XiJnpL7T4ch8M5LvV8F2pyY
l0ywrH1DQS4d9DrMpXfebKioFpmcTncMoUYQU0m0xhIken5UJCVWhv7OEqkp+vmo
Hq93cx0MTyVCmkFbm3d2C8LF1ZGb0jnoBwIY97zswuhSTtHPDwNyDVFsSVAiukDT
FPfcKBMGFY4clr8bkPa6UqXj0YZQk1/BxvEx/lkjsZcWMseeYHHAYPZSjk8ZsxHk
Vu0Ly97eDfkUHODzsfz9ZrY2ksaWd9qs7zSCczacmu77U8mkFlGSK2C1+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDL3HiWHgu3sbt/T/ipJRsyISns6MB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvTXZjZUpZZUM3ZXh1MzlQLUtrbEd6SWhLZXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUI0AwQB
LZxyMA0GCSqGSIb3DQEBCwUAA4IBAQAh4xrGXNeyMPFfr6DTNe+2AkX+/t+mSw/9
Bn/i5neQUYRcx60k5tKSQ29uJlR/ZajC4q4jPZOOhNyP562Ow2JK9V+IWR8VEQO2
yKR+9XwkizOe6sZwHgGaHl3QhPxVTn0j/f9Owkdrvs1TWfb6ijHy3VhiuWIkwkGk
O1JEdZD1iulQSIUHSC2rWCB4YVPVRWWSlljLnIKoR+zXc6HSUl20fT0qVP85kYwI
Cqyy/SWKqW/KuGBMJVK0cqYmdxzopS7JcmBLt8u9th9+TydytJmUVBe6GuRX3FYc
EHsM1NwvTBppV1irRCPSSL4i59ZOUw2WujQEqnGuZhjvSlBnVq3Q
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:22:02 2025 by rpki-client