Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/kNKW14Dxh4X2xbIOHRvhO-4tzcE.roa
File: kNKW14Dxh4X2xbIOHRvhO-4tzcE.roa (raw, json)
Hash identifier: ENDHKI6G3Ef3eUled5c74JZlLpucyibX5X1QKlCy8/E=
Subject key identifier: 90:D2:96:D7:80:F1:87:85:F6:C5:B2:0E:1D:1B:E1:3B:EE:2D:CD:C1
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0195DBD515AC1CAC87BB5533781944D8E239
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/kNKW14Dxh4X2xbIOHRvhO-4tzcE.roa
Signing time: Fri 28 Mar 2025 08:18:49 +0000
ROA not before: Fri 28 Mar 2025 08:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400909
IP address blocks: 45.154.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:db:d5:15:ac:1c:ac:87:bb:55:33:78:19:44:d8:e2:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 28 08:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90d296d780f18785f6c5b20e1d1be13bee2dcdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c3:4d:ae:f6:9b:93:92:2f:1c:e3:d1:5c:43:
89:02:c9:0e:5b:d4:bc:29:e7:db:96:48:4c:07:99:
ec:05:40:6d:46:b3:5b:75:f4:c4:ff:df:82:8d:16:
d9:f0:1e:3a:d8:ef:4a:11:ca:0a:5e:f0:f5:04:86:
d4:1f:f5:74:e1:ad:21:33:47:8e:cb:36:8b:3c:6c:
6d:d2:8e:eb:03:b8:5d:15:18:83:b7:48:2f:a0:d1:
bc:36:5e:6b:11:9b:7d:a4:2b:86:9c:85:2e:57:a6:
10:74:2f:74:e9:06:2a:94:d0:65:d2:cf:ed:18:97:
7a:6b:39:ec:d8:de:84:6c:76:54:01:85:71:67:74:
30:8b:6b:4e:87:b5:4f:48:e1:2f:2a:00:f3:65:b7:
2a:be:e3:b7:c8:0a:04:89:56:96:f7:25:38:98:e1:
cb:4c:09:b3:24:d2:68:43:60:b3:eb:4a:73:30:52:
53:d9:9c:01:a6:1f:59:49:6c:d1:cd:42:9e:5d:13:
5d:e6:79:1e:51:a9:ec:31:03:b2:0a:29:73:36:c7:
1c:22:2a:a3:d6:d8:c8:30:50:57:e2:06:93:14:b4:
9a:9c:6d:ec:0d:f5:c1:07:cb:24:25:fd:4e:7e:ae:
9e:b2:f2:9c:28:4d:41:e4:4e:6a:39:68:12:f1:94:
42:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D2:96:D7:80:F1:87:85:F6:C5:B2:0E:1D:1B:E1:3B:EE:2D:CD:C1
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/kNKW14Dxh4X2xbIOHRvhO-4tzcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.156.0/24
Signature Algorithm: sha256WithRSAEncryption
33:3a:49:a9:c5:be:aa:82:af:2b:b2:0e:97:85:5d:27:cc:76:
b1:f3:01:1d:79:7f:af:fc:55:65:8f:07:77:41:18:c0:a3:f1:
a7:0c:13:71:0f:14:ec:e0:3b:2e:5e:e5:92:8a:55:2d:02:9c:
ff:d7:4d:14:a2:02:f9:57:d4:71:93:81:18:79:eb:7f:8c:97:
86:41:6e:f8:2b:88:fd:5e:a8:16:f9:85:5f:42:b6:b4:fb:fe:
28:e6:09:e8:cc:83:52:90:8c:a0:5b:96:a1:10:b2:20:22:c2:
45:81:8a:a0:48:7b:9c:7c:57:13:fb:d0:da:ba:ed:1f:1f:fb:
16:13:23:c9:47:dc:1f:54:3c:8f:f8:46:b5:a4:cb:fa:42:93:
0e:08:b4:89:00:b0:b9:87:6f:cd:4b:f6:be:71:c9:ca:87:7d:
09:38:88:f4:24:11:bf:a3:42:66:f1:25:b2:97:44:10:96:bc:
9f:7a:bf:9d:6f:51:00:7f:8b:38:1a:ad:6b:75:ea:f3:18:ba:
86:ee:38:c8:32:32:3a:a1:7e:a2:ff:49:24:4c:fe:ed:1b:1a:
ad:76:ad:72:98:81:bc:0f:5d:35:d5:34:ca:18:3e:db:9b:5c:
8e:f8:7a:db:26:a0:ab:b0:e0:07:67:71:a9:32:bd:80:61:c2:
bc:e6:54:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXb1RWsHKyHu1UzeBlE2OI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzI4MDgxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQyOTZkNzgwZjE4Nzg1ZjZjNWIyMGUxZDFiZTEzYmVlMmRjZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sNNrvabk5IvHOPRXEOJAskOW9S8
KefblkhMB5nsBUBtRrNbdfTE/9+CjRbZ8B462O9KEcoKXvD1BIbUH/V04a0hM0eO
yzaLPGxt0o7rA7hdFRiDt0gvoNG8Nl5rEZt9pCuGnIUuV6YQdC906QYqlNBl0s/t
GJd6azns2N6EbHZUAYVxZ3Qwi2tOh7VPSOEvKgDzZbcqvuO3yAoEiVaW9yU4mOHL
TAmzJNJoQ2Cz60pzMFJT2ZwBph9ZSWzRzUKeXRNd5nkeUansMQOyCilzNsccIiqj
1tjIMFBX4gaTFLSanG3sDfXBB8skJf1Ofq6esvKcKE1B5E5qOWgS8ZRCIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDSlteA8YeF9sWyDh0b4TvuLc3BMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEva05LVzE0RHhoNFgyeGJJT0hSdmhPLTR0emNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZqcMA0G
CSqGSIb3DQEBCwUAA4IBAQAzOkmpxb6qgq8rsg6XhV0nzHax8wEdeX+v/FVljwd3
QRjAo/GnDBNxDxTs4DsuXuWSilUtApz/100UogL5V9Rxk4EYeet/jJeGQW74K4j9
XqgW+YVfQra0+/4o5gnozINSkIygW5ahELIgIsJFgYqgSHucfFcT+9Dauu0fH/sW
EyPJR9wfVDyP+Ea1pMv6QpMOCLSJALC5h2/NS/a+ccnKh30JOIj0JBG/o0Jm8SWy
l0QQlryfer+db1EAf4s4Gq1rderzGLqG7jjIMjI6oX6i/0kkTP7tGxqtdq1ymIG8
D1011TTKGD7bm1yO+HrbJqCrsOAHZ3GpMr2AYcK85lSV
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:44:28 2025 by rpki-client