Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/yPuhQgtDvz4rhwfbwpPAALIJ55o.roa
File: yPuhQgtDvz4rhwfbwpPAALIJ55o.roa (raw, json)
Hash identifier: I+ErOy+M7Yzs1SVwCt9jCXFOvf6k0f8yBGW1RCbKRIM=
Subject key identifier: C8:FB:A1:42:0B:43:BF:3E:2B:87:07:DB:C2:93:C0:00:B2:09:E7:9A
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 019427470A211E60A754E3E078C143059D2B
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/yPuhQgtDvz4rhwfbwpPAALIJ55o.roa
Signing time: Thu 02 Jan 2025 13:49:14 +0000
ROA not before: Thu 02 Jan 2025 13:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211871
IP address blocks: 45.158.12.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:0a:21:1e:60:a7:54:e3:e0:78:c1:43:05:9d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Jan 2 13:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8fba1420b43bf3e2b8707dbc293c000b209e79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:11:e9:dd:f1:6d:7f:74:57:14:1d:23:a4:
7e:02:12:22:e0:80:7a:89:ef:fc:b8:55:de:d3:64:
3d:64:3f:75:02:da:9f:fc:35:ca:64:fc:d9:60:fa:
3b:06:74:ed:a2:3a:ad:c4:e9:41:3a:3e:e9:5c:f0:
e0:38:78:15:93:90:58:fd:61:2d:3f:d4:6c:87:68:
9e:58:02:1b:cc:67:7a:a3:07:76:01:f6:69:19:84:
40:6b:9e:47:28:6b:b6:49:26:fe:e5:57:44:6a:76:
12:b5:a8:84:f5:7c:14:e2:f0:91:3d:93:f3:f4:96:
f2:da:b4:2e:f1:e5:11:05:c4:88:e1:9d:51:6e:13:
64:94:d6:79:c6:42:2b:66:a1:b7:f8:7d:d0:a2:cb:
c1:50:2f:1c:4b:9f:d7:c8:6d:f0:cb:36:1f:50:ea:
73:3b:2f:03:f4:bd:8f:e7:ba:37:4a:0a:d0:98:84:
71:e1:fb:78:40:11:b1:d8:f0:79:9c:9c:69:3f:62:
f6:40:b3:65:0e:4a:28:77:90:dc:ad:b7:2a:3a:24:
95:9d:d7:a2:ee:9d:2a:d0:5a:b9:b0:68:be:31:99:
61:eb:05:46:bf:4f:c9:18:49:5f:5f:44:16:04:af:
07:b9:f6:7a:09:71:45:25:10:2d:a6:87:5c:21:72:
c6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FB:A1:42:0B:43:BF:3E:2B:87:07:DB:C2:93:C0:00:B2:09:E7:9A
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/yPuhQgtDvz4rhwfbwpPAALIJ55o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.12.0/24
Signature Algorithm: sha256WithRSAEncryption
66:f8:12:b4:bc:76:7a:ca:37:4e:79:b2:4a:5e:ec:db:3a:4e:
c4:d8:fd:e9:95:e9:e6:90:5d:c3:b5:bc:65:99:4d:af:73:ee:
09:bf:b1:bf:c2:5d:d1:21:5a:a3:53:45:fd:a4:89:ca:75:b0:
d2:e6:15:6d:a0:2b:31:d8:89:2f:bb:3b:e4:10:60:d5:8f:91:
44:5b:2b:b7:bb:dc:c7:67:f6:8d:5a:d1:45:a9:26:fa:b9:fa:
6c:0c:4c:04:30:1d:7a:1a:21:d2:63:78:91:43:71:6f:a1:c4:
ff:32:4f:6f:30:20:08:cf:60:fa:17:22:dd:ae:04:24:cc:c9:
52:49:19:ac:69:75:d4:24:6a:a4:b2:c7:95:89:41:ea:aa:f4:
0a:60:f2:e1:f2:54:f5:9f:9b:56:51:ef:84:c5:5f:81:5d:65:
a1:41:46:65:62:7e:a0:8e:84:02:2f:05:d7:6e:e6:58:59:71:
36:1a:93:f9:60:15:37:84:aa:e0:58:5a:a7:b2:52:b8:30:62:
92:00:1b:97:9c:5a:e5:08:08:46:8c:59:1f:25:1e:73:a9:78:
b7:96:79:cd:5e:9b:9e:3b:de:82:99:a4:fe:cf:b9:29:f2:c1:
02:8a:84:66:07:28:5f:1e:a0:59:d4:20:e3:25:dd:24:f5:f9:
06:8d:0a:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRwohHmCnVOPgeMFDBZ0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjUwMTAyMTM0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGZiYTE0MjBiNDNiZjNlMmI4NzA3ZGJjMjkzYzAwMGIyMDllNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN4R6d3xbX90VxQdI6R+AhIi4IB6
ie/8uFXe02Q9ZD91Atqf/DXKZPzZYPo7BnTtojqtxOlBOj7pXPDgOHgVk5BY/WEt
P9Rsh2ieWAIbzGd6owd2AfZpGYRAa55HKGu2SSb+5VdEanYStaiE9XwU4vCRPZPz
9Jby2rQu8eURBcSI4Z1RbhNklNZ5xkIrZqG3+H3QosvBUC8cS5/XyG3wyzYfUOpz
Oy8D9L2P57o3SgrQmIRx4ft4QBGx2PB5nJxpP2L2QLNlDkood5DcrbcqOiSVndei
7p0q0Fq5sGi+MZlh6wVGv0/JGElfX0QWBK8HufZ6CXFFJRAtpodcIXLG/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMj7oUILQ78+K4cH28KTwACyCeeaMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEveVB1aFFndER2ejRyaHdmYndwUEFBTElKNTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ4MMA0G
CSqGSIb3DQEBCwUAA4IBAQBm+BK0vHZ6yjdOebJKXuzbOk7E2P3plenmkF3Dtbxl
mU2vc+4Jv7G/wl3RIVqjU0X9pInKdbDS5hVtoCsx2IkvuzvkEGDVj5FEWyu3u9zH
Z/aNWtFFqSb6ufpsDEwEMB16GiHSY3iRQ3FvocT/Mk9vMCAIz2D6FyLdrgQkzMlS
SRmsaXXUJGqksseViUHqqvQKYPLh8lT1n5tWUe+ExV+BXWWhQUZlYn6gjoQCLwXX
buZYWXE2GpP5YBU3hKrgWFqnslK4MGKSABuXnFrlCAhGjFkfJR5zqXi3lnnNXpue
O96CmaT+z7kp8sECioRmByhfHqBZ1CDjJd0k9fkGjQqy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:54 2025 by rpki-client