Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/JYfhLlnnbkNyoJf2jUaj_jWUp5s.roa
File: JYfhLlnnbkNyoJf2jUaj_jWUp5s.roa (raw, json)
Hash identifier: j9Lqvmu7XCYD1vZZbd0oUqTAmQk9qK6hB3sojaAQRAQ=
Subject key identifier: 25:87:E1:2E:59:E7:6E:43:72:A0:97:F6:8D:46:A3:FE:35:94:A7:9B
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01942068085723CEBD2E1086209AB6686B75
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/JYfhLlnnbkNyoJf2jUaj_jWUp5s.roa
Signing time: Wed 01 Jan 2025 05:47:56 +0000
ROA not before: Wed 01 Jan 2025 05:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200250
IP address blocks: 45.152.10.0/24 maxlen: 24
2a0c:fe01::/32 maxlen: 48
2a0e:a942::/32 maxlen: 48
2a0e:cbc3::/33 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:08:57:23:ce:bd:2e:10:86:20:9a:b6:68:6b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2587e12e59e76e4372a097f68d46a3fe3594a79b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7f:42:99:fa:28:85:d9:cc:ec:e0:53:f3:b7:
eb:a2:b5:dd:16:3f:c9:01:bf:be:17:9b:61:67:48:
2b:46:8e:cd:0f:e6:44:d0:61:0f:ce:aa:b1:8b:4a:
42:09:3e:5f:05:60:95:aa:ea:f9:1d:c4:6d:00:af:
8f:e4:06:df:02:77:b8:25:c7:da:6b:4e:bc:ce:06:
dc:84:2d:ca:cd:19:cb:8d:61:dc:69:81:46:1b:18:
a8:1e:59:8c:16:fb:88:bd:06:37:10:31:7d:b2:6b:
59:43:6b:77:60:45:00:4a:b3:86:3d:5a:76:18:db:
52:04:72:04:4d:ab:18:20:df:46:d7:c4:00:73:83:
58:b6:5c:28:b3:f9:37:1d:7c:94:73:c1:0f:c1:2c:
4d:e0:2b:9a:11:80:7f:b2:c9:d4:ec:52:5e:f9:eb:
36:8c:db:dd:08:12:e4:a7:e4:35:ce:c0:6b:63:11:
e6:03:8a:dc:15:36:7d:74:6a:bc:9c:a3:02:cc:14:
ae:14:c4:ce:ad:e6:3d:91:d2:c0:55:c2:93:b8:85:
26:4b:59:28:0b:7c:66:ff:65:08:5b:96:36:f3:57:
42:d7:4e:98:60:22:38:71:af:29:a8:c4:7d:b8:48:
3b:78:8c:a6:7e:79:84:66:0d:e4:81:52:d3:ef:cd:
aa:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:87:E1:2E:59:E7:6E:43:72:A0:97:F6:8D:46:A3:FE:35:94:A7:9B
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/JYfhLlnnbkNyoJf2jUaj_jWUp5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.10.0/24
IPv6:
2a0c:fe01::/32
2a0e:a942::/32
2a0e:cbc3::/33
Signature Algorithm: sha256WithRSAEncryption
50:c6:bf:cd:a6:14:f9:c1:bb:2f:44:40:f4:96:47:9b:66:a7:
bc:f6:b6:63:be:cd:90:8e:a0:77:ef:20:32:35:62:25:6f:79:
6f:db:f4:e5:96:ad:2e:fb:ee:24:08:2c:dc:a3:a2:bb:6c:f1:
53:d2:47:96:12:30:9d:42:9b:a5:3e:98:a3:73:fa:1a:03:a5:
20:3f:e8:e8:77:8e:a8:1e:78:94:ab:38:cf:56:4a:01:7e:87:
a8:52:bf:6f:a7:33:dc:48:44:85:17:d4:04:e4:9c:24:08:43:
33:4c:07:97:54:85:80:d0:27:2a:52:e4:1a:3e:27:1b:2b:44:
19:78:b4:a0:f3:d8:d6:7d:2b:62:fb:d0:42:ab:68:b9:1a:40:
de:3a:60:ba:e8:e5:94:06:26:fa:a7:a4:83:14:16:5f:2a:ff:
21:a3:d6:7b:83:1f:4b:ed:0f:e4:ee:32:1a:66:60:59:dc:61:
14:f0:d9:92:53:9e:3d:c6:6a:c7:ae:3f:58:12:31:11:1d:cb:
81:73:7d:ea:15:bb:14:17:9c:48:69:17:65:5d:44:ed:e1:f0:
b8:dd:d9:8a:90:4f:3e:bf:61:13:90:58:e1:17:23:5a:71:b8:
2b:ca:ac:a3:2f:d2:77:50:73:a9:d1:7f:12:ae:2a:c6:58:34:
29:52:e0:34
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQgaAhXI869LhCGIJq2aGt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTg3ZTEyZTU5ZTc2ZTQzNzJhMDk3ZjY4ZDQ2YTNmZTM1OTRhNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH9CmfoohdnM7OBT87frorXdFj/J
Ab++F5thZ0grRo7ND+ZE0GEPzqqxi0pCCT5fBWCVqur5HcRtAK+P5AbfAne4Jcfa
a068zgbchC3KzRnLjWHcaYFGGxioHlmMFvuIvQY3EDF9smtZQ2t3YEUASrOGPVp2
GNtSBHIETasYIN9G18QAc4NYtlwos/k3HXyUc8EPwSxN4CuaEYB/ssnU7FJe+es2
jNvdCBLkp+Q1zsBrYxHmA4rcFTZ9dGq8nKMCzBSuFMTOreY9kdLAVcKTuIUmS1ko
C3xm/2UIW5Y281dC106YYCI4ca8pqMR9uEg7eIymfnmEZg3kgVLT782qzwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCWH4S5Z525DcqCX9o1Go/41lKebMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvSllmaExsbm5ia055b0pmMmpVYWpfaldVcDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAMBAIAATAGAwQALZgKMBwE
AgACMBYDBQAqDP4BAwUAKg6pQgMGByoOy8MAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
xr/NphT5wbsvRED0lkebZqe89rZjvs2QjqB37yAyNWIlb3lv2/Tllq0u++4kCCzc
o6K7bPFT0keWEjCdQpulPpijc/oaA6UgP+jod46oHniUqzjPVkoBfoeoUr9vpzPc
SESFF9QE5JwkCEMzTAeXVIWA0CcqUuQaPicbK0QZeLSg89jWfSti+9BCq2i5GkDe
OmC66OWUBib6p6SDFBZfKv8ho9Z7gx9L7Q/k7jIaZmBZ3GEU8NmSU549xmrHrj9Y
EjERHcuBc33qFbsUF5xIaRdlXUTt4fC43dmKkE8+v2ETkFjhFyNacbgryqyjL9J3
UHOp0X8SrirGWDQpUuA0
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:55:48 2025 by rpki-client