Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/Yv-tOf_tITvZrh8RooAtxp7TK0o.roa
File: Yv-tOf_tITvZrh8RooAtxp7TK0o.roa (raw, json)
Hash identifier: 9Wq1a/wEw3a8Ph1i4BUMD94Q3lQzmejrav8oStD8sBc=
Subject key identifier: 62:FF:AD:39:FF:ED:21:3B:D9:AE:1F:11:A2:80:2D:C6:9E:D3:2B:4A
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 019427B582D1F50452B87C6F4821AAE4F328
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/Yv-tOf_tITvZrh8RooAtxp7TK0o.roa
Signing time: Thu 02 Jan 2025 15:49:54 +0000
ROA not before: Thu 02 Jan 2025 15:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212219
IP address blocks: 45.94.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:82:d1:f5:04:52:b8:7c:6f:48:21:aa:e4:f3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Jan 2 15:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62ffad39ffed213bd9ae1f11a2802dc69ed32b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:58:e1:a4:1c:df:4e:9a:30:dd:15:88:28:
f7:5d:e9:94:eb:50:6e:38:b8:05:db:fc:dc:dc:ee:
9a:6b:0c:67:1d:78:b0:6d:16:8d:bf:82:0a:25:ce:
9d:9e:cc:d1:ad:d9:4b:ec:96:f2:16:dd:ea:a0:5a:
1e:eb:62:38:be:7b:93:c7:78:f0:de:d3:b2:85:3c:
d0:3a:88:d8:8b:72:1f:02:4e:d1:6f:0c:30:05:b9:
7e:91:63:fa:c8:ce:7c:b3:bf:00:a8:77:30:d4:e4:
a4:e6:92:39:1c:98:ad:05:c4:ec:52:5d:9f:b4:41:
53:45:dc:8c:d0:8b:1e:36:5b:ac:0b:04:0e:27:eb:
ca:13:32:a1:95:0b:40:2b:d5:74:b4:c0:ae:d9:6e:
3b:40:8d:d0:cd:a7:24:c1:5b:4d:aa:49:7a:c3:4d:
0e:aa:7e:68:b4:2c:29:07:40:22:9c:b8:75:84:a2:
c0:92:bb:02:52:4e:f6:74:79:c9:18:d7:ca:3f:13:
96:da:ac:89:5f:f0:6a:ee:59:d6:f6:43:da:db:3a:
e5:37:61:c6:26:4e:72:e4:ac:fe:9b:8f:b2:77:6b:
63:ad:ee:06:92:9c:00:dd:31:27:b3:23:e8:44:39:
96:aa:6a:c0:3e:f6:60:aa:cb:f1:ff:73:ce:5e:c6:
22:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FF:AD:39:FF:ED:21:3B:D9:AE:1F:11:A2:80:2D:C6:9E:D3:2B:4A
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/Yv-tOf_tITvZrh8RooAtxp7TK0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.4.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ac:50:a6:b1:79:8e:b2:99:48:c6:67:c9:ee:55:3b:ed:2d:
f5:75:b7:08:4d:8d:4f:e2:53:58:33:4d:e0:9a:b3:b8:7b:8d:
6b:4b:0e:25:40:ef:c5:11:60:c3:4c:4c:1e:ca:68:9e:46:4c:
04:5e:70:c5:d6:6b:42:4c:2e:7d:f2:52:0d:95:6f:89:3c:50:
bb:36:44:98:17:68:64:3f:03:20:d7:7d:0f:64:40:ad:0f:e2:
33:81:6c:d9:1c:60:c1:02:de:61:c9:b5:de:1d:b3:e7:34:83:
5a:3b:ee:9b:a1:b9:27:db:35:1c:c8:23:5f:ff:2b:2f:13:13:
53:3b:47:7f:ef:33:5d:33:6d:d1:f0:7b:88:55:1c:ce:f6:b5:
a3:9d:e5:ff:e7:d2:cd:83:be:59:29:1f:8c:0a:18:40:58:7d:
b9:3d:a4:7b:f6:04:90:02:7a:fa:de:18:63:07:4b:8a:60:f6:
92:cd:97:b0:5e:e0:f5:f0:a6:55:8d:e5:68:cd:4e:b0:2f:f9:
e4:3e:58:41:75:26:6d:91:c0:fe:91:b2:49:02:26:7b:0e:d6:
7d:fb:41:c0:95:f3:64:b2:21:15:fc:82:cf:44:93:49:0a:9e:
3d:ad:d5:44:2e:fc:5e:37:0e:d6:b4:40:7b:60:18:17:84:65:
91:ce:a1:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYLR9QRSuHxvSCGq5PMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzBiZGFmYWRlYTc4ZGNlMzEyZjg2MmRkZjQyYjFiZDRj
NGY2NDUwHhcNMjUwMTAyMTU0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZmYWQzOWZmZWQyMTNiZDlhZTFmMTFhMjgwMmRjNjllZDMyYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCVY4aQc306aMN0ViCj3XemU61Bu
OLgF2/zc3O6aawxnHXiwbRaNv4IKJc6dnszRrdlL7JbyFt3qoFoe62I4vnuTx3jw
3tOyhTzQOojYi3IfAk7RbwwwBbl+kWP6yM58s78AqHcw1OSk5pI5HJitBcTsUl2f
tEFTRdyM0IseNlusCwQOJ+vKEzKhlQtAK9V0tMCu2W47QI3QzackwVtNqkl6w00O
qn5otCwpB0AinLh1hKLAkrsCUk72dHnJGNfKPxOW2qyJX/Bq7lnW9kPa2zrlN2HG
Jk5y5Kz+m4+yd2tjre4GkpwA3TEnsyPoRDmWqmrAPvZgqsvx/3POXsYidQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL/rTn/7SE72a4fEaKALcae0ytKMB8GA1UdIwQY
MBaAFLLAva+t6njc4xL4Yt30KxvUxPZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMt
ZmNjMzM2ZWVkOGQ3LzEvWXYtdE9mX3RJVHZacmg4Um9vQXR4cDdUSzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMtZmNjMzM2ZWVkOGQ3
LzEvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV4EMA0G
CSqGSIb3DQEBCwUAA4IBAQCerFCmsXmOsplIxmfJ7lU77S31dbcITY1P4lNYM03g
mrO4e41rSw4lQO/FEWDDTEweymieRkwEXnDF1mtCTC598lINlW+JPFC7NkSYF2hk
PwMg130PZECtD+IzgWzZHGDBAt5hybXeHbPnNINaO+6bobkn2zUcyCNf/ysvExNT
O0d/7zNdM23R8HuIVRzO9rWjneX/59LNg75ZKR+MChhAWH25PaR79gSQAnr63hhj
B0uKYPaSzZewXuD18KZVjeVozU6wL/nkPlhBdSZtkcD+kbJJAiZ7DtZ9+0HAlfNk
siEV/ILPRJNJCp49rdVELvxeNw7WtEB7YBgXhGWRzqEv
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:35:17 2025 by rpki-client