Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cKBFLTMT6_7nMj7Xx2DCrgXfeyc.roa
File: cKBFLTMT6_7nMj7Xx2DCrgXfeyc.roa (raw, json)
Hash identifier: +cdUtJsxC2PH/W//0zkrrMNlUaeOafvp3nHcOB6okbs=
Subject key identifier: 70:A0:45:2D:33:13:EB:FE:E7:32:3E:D7:C7:60:C2:AE:05:DF:7B:27
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01939C03E997FF042B16686C3F789B628715
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cKBFLTMT6_7nMj7Xx2DCrgXfeyc.roa
Signing time: Fri 06 Dec 2024 12:48:42 +0000
ROA not before: Fri 06 Dec 2024 12:48:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213745
IP address blocks: 45.154.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:03:e9:97:ff:04:2b:16:68:6c:3f:78:9b:62:87:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 6 12:48:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70a0452d3313ebfee7323ed7c760c2ae05df7b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:20:a1:65:f7:3e:b7:8a:1a:62:52:4e:a1:2b:
87:e0:8e:3e:a7:e7:18:76:b0:ca:f4:35:0b:fa:2a:
fc:f3:c7:f9:1a:8a:52:83:8b:bf:72:52:64:98:ae:
82:43:4f:e3:28:f5:8c:c7:b8:fc:4a:c4:e5:5a:66:
d1:6b:9d:34:2a:e8:f6:51:da:6b:5c:75:45:a6:86:
7d:34:93:ad:67:93:cb:03:3c:7b:d3:7f:84:14:2a:
6f:ea:67:1b:ba:4e:3e:47:55:15:e6:9d:95:a7:20:
f4:e0:cd:8b:b3:2a:be:96:dd:8d:93:87:89:5b:e0:
12:16:dc:12:8d:44:29:2a:5f:76:80:cb:8e:68:c3:
c0:9a:fb:39:93:bf:18:03:fd:85:82:7c:3c:86:21:
42:a6:af:3e:47:de:6b:11:cf:49:cb:ab:a3:c8:4a:
9e:f7:38:86:0c:2c:39:7b:af:25:cd:0c:43:ce:99:
26:43:28:0f:91:c9:1b:ee:a7:3a:12:b7:2c:bf:4e:
7c:0d:f7:dd:94:5f:bc:af:18:c5:ca:59:66:3e:e6:
21:2a:7f:ae:dc:bf:9c:48:cd:46:8a:fd:9c:89:12:
c2:66:8a:03:77:73:8a:31:db:9c:6c:fe:b5:a3:b7:
44:01:ad:4c:eb:67:6a:e8:44:b7:98:d3:c9:d2:52:
95:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A0:45:2D:33:13:EB:FE:E7:32:3E:D7:C7:60:C2:AE:05:DF:7B:27
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cKBFLTMT6_7nMj7Xx2DCrgXfeyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.239.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:6f:a4:5a:56:2a:c8:35:17:e4:67:42:93:a4:da:86:95:3c:
fc:3a:e1:9b:fc:14:6c:8e:17:cc:ea:fd:1a:33:7c:75:82:3a:
38:05:c3:e9:fe:7b:42:1b:64:d4:84:6b:31:7b:35:40:e0:9e:
37:c5:9d:cb:fc:e4:08:ef:37:00:97:d4:bb:e0:6d:be:3b:d7:
97:57:63:04:19:44:33:02:4a:d7:53:a5:e7:1f:eb:7c:d9:6c:
1a:40:5a:ac:a8:0a:9d:b9:04:a4:40:0b:d6:0d:a7:51:b1:d3:
06:69:32:b8:4a:d1:44:7f:63:70:a8:a9:7b:3b:1a:6e:e1:e0:
ba:aa:ba:2a:8b:89:4d:6a:be:77:bd:6c:f9:fd:64:12:ea:90:
b9:f8:d2:a6:af:ad:47:5d:53:d7:be:a4:1b:0d:76:e3:12:1c:
49:74:0d:4c:1a:77:0e:14:bb:db:ae:10:cd:5a:a5:f8:e0:c1:
52:27:cc:2b:63:0a:3b:6e:67:5c:ca:f2:ed:c2:b7:af:a3:ec:
f7:98:35:78:6e:01:5e:8c:80:00:c3:4c:83:c0:9c:68:ef:13:
9e:8a:45:f3:71:05:10:44:0f:8b:25:b4:6f:36:5c:cc:f4:2a:
60:de:c5:b2:a5:31:f1:1a:20:30:d9:2e:92:aa:19:25:7c:62:
e1:d0:35:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOcA+mX/wQrFmhsP3ibYocVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQxMjA2MTI0ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGEwNDUyZDMzMTNlYmZlZTczMjNlZDdjNzYwYzJhZTA1ZGY3YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SChZfc+t4oaYlJOoSuH4I4+p+cY
drDK9DUL+ir888f5GopSg4u/clJkmK6CQ0/jKPWMx7j8SsTlWmbRa500Kuj2Udpr
XHVFpoZ9NJOtZ5PLAzx703+EFCpv6mcbuk4+R1UV5p2VpyD04M2Lsyq+lt2Nk4eJ
W+ASFtwSjUQpKl92gMuOaMPAmvs5k78YA/2Fgnw8hiFCpq8+R95rEc9Jy6ujyEqe
9ziGDCw5e68lzQxDzpkmQygPkckb7qc6Ercsv058DffdlF+8rxjFyllmPuYhKn+u
3L+cSM1Giv2ciRLCZooDd3OKMducbP61o7dEAa1M62dq6ES3mNPJ0lKVkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCgRS0zE+v+5zI+18dgwq4F33snMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvY0tCRkxUTVQ2XzduTWo3WHgyRENyZ1hmZXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZrvMA0G
CSqGSIb3DQEBCwUAA4IBAQB/b6RaVirINRfkZ0KTpNqGlTz8OuGb/BRsjhfM6v0a
M3x1gjo4BcPp/ntCG2TUhGsxezVA4J43xZ3L/OQI7zcAl9S74G2+O9eXV2MEGUQz
AkrXU6XnH+t82WwaQFqsqAqduQSkQAvWDadRsdMGaTK4StFEf2NwqKl7Oxpu4eC6
qroqi4lNar53vWz5/WQS6pC5+NKmr61HXVPXvqQbDXbjEhxJdA1MGncOFLvbrhDN
WqX44MFSJ8wrYwo7bmdcyvLtwrevo+z3mDV4bgFejIAAw0yDwJxo7xOeikXzcQUQ
RA+LJbRvNlzM9Cpg3sWypTHxGiAw2S6SqhklfGLh0DW2
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:52:25 2025 by rpki-client