Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/mN1SF0jqXFbA77Cv4kSAFM7eMrI.roa
File: mN1SF0jqXFbA77Cv4kSAFM7eMrI.roa (raw, json)
Hash identifier: bd+gRbyeXkhCADuawPp6Y7Zl70oz5JVqv5T2uQOkFmM=
Subject key identifier: 98:DD:52:17:48:EA:5C:56:C0:EF:B0:AF:E2:44:80:14:CE:DE:32:B2
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0195B826683896506E9B86486E0722100B14
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/mN1SF0jqXFbA77Cv4kSAFM7eMrI.roa
Signing time: Fri 21 Mar 2025 10:01:19 +0000
ROA not before: Fri 21 Mar 2025 10:01:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.65.114.0/24 maxlen: 24
45.65.115.0/24 maxlen: 24
194.15.97.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:26:68:38:96:50:6e:9b:86:48:6e:07:22:10:0b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 21 10:01:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98dd521748ea5c56c0efb0afe2448014cede32b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4f:63:4f:cd:42:1f:8d:37:da:64:33:05:d7:
89:b2:fb:11:f3:8b:d9:bb:ce:63:e4:7a:fa:2b:dd:
03:b4:ee:0a:6e:4c:f6:8c:0b:09:88:49:14:17:a5:
e6:0a:d7:89:1b:09:c6:04:ff:09:a8:f3:f2:bb:d7:
c7:49:ad:ec:5b:21:07:19:c3:36:ce:e7:4b:bc:e8:
31:0e:f3:00:2a:d0:42:25:11:76:4b:75:c4:96:c6:
71:68:30:e3:1f:08:2d:be:c9:64:6c:35:7c:96:f6:
ea:e8:15:06:09:fb:91:21:da:25:3d:a7:de:8e:75:
1b:02:32:27:9d:b1:41:bc:10:8a:46:6e:3a:e2:49:
20:a9:59:3a:85:8a:3d:d4:c5:69:df:fe:85:80:76:
d6:ef:62:2f:c8:a5:9c:a3:34:c8:98:4c:9b:47:ab:
96:4f:25:13:9c:1c:04:04:14:e8:3d:6f:b2:20:43:
d5:83:f6:18:a3:67:4c:d2:58:45:11:8b:63:71:bf:
ea:c8:32:c3:5f:f9:10:b9:2e:45:6d:a5:f8:3a:82:
96:42:89:d7:fc:35:37:50:b2:42:96:73:c2:95:c4:
fe:33:f4:49:c2:31:4b:91:ac:6a:9e:b8:a1:0e:5e:
53:fb:01:67:00:a9:ff:24:c6:a2:59:01:f0:7d:1a:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DD:52:17:48:EA:5C:56:C0:EF:B0:AF:E2:44:80:14:CE:DE:32:B2
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/mN1SF0jqXFbA77Cv4kSAFM7eMrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/23
194.15.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:c1:8c:9e:a0:bc:6a:6d:3c:6f:7f:2b:29:51:d0:91:f5:d7:
74:77:cb:ee:89:0d:be:4a:1a:0f:96:6b:4e:f9:b9:a0:62:99:
2a:e2:1d:c8:1d:76:98:82:c9:8d:75:88:20:ea:71:2f:4c:8d:
a0:f2:1d:68:9c:d2:46:fa:21:24:7a:2f:a9:c3:57:17:98:c6:
80:3e:85:1f:c0:1d:67:07:ac:c7:9d:60:58:9c:39:1a:9a:32:
70:c6:16:c2:5e:2b:8b:d1:de:08:1c:8d:a6:bc:4c:61:dc:c9:
26:2e:99:e5:f4:4f:8e:56:43:70:e9:88:d5:7e:32:0e:63:9b:
a0:2f:1a:8c:ac:52:01:4d:ac:89:d8:e5:36:1e:fc:e7:38:a7:
a2:0c:7d:86:60:ba:57:bb:d2:0e:89:99:a5:f6:7e:83:f6:5a:
a4:a8:58:56:57:f4:87:4c:ec:92:14:b9:21:52:a4:c6:88:90:
73:a9:ce:4a:7f:d0:02:c4:a1:1c:fb:b6:63:b9:32:cc:77:97:
b3:1e:9a:32:fd:4d:5f:37:9d:ae:b8:a9:50:80:b6:fb:a6:ef:
ab:dc:3b:64:58:07:82:f5:85:97:21:28:37:18:1b:37:e0:c5:
b8:6a:3f:c8:2b:83:51:84:ab:f3:49:e1:8c:9a:74:24:09:b6:
8e:d8:6a:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZW4Jmg4llBum4ZIbgciEAsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzIxMTAwMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRkNTIxNzQ4ZWE1YzU2YzBlZmIwYWZlMjQ0ODAxNGNlZGUzMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk9jT81CH4032mQzBdeJsvsR84vZ
u85j5Hr6K90DtO4Kbkz2jAsJiEkUF6XmCteJGwnGBP8JqPPyu9fHSa3sWyEHGcM2
zudLvOgxDvMAKtBCJRF2S3XElsZxaDDjHwgtvslkbDV8lvbq6BUGCfuRIdolPafe
jnUbAjInnbFBvBCKRm464kkgqVk6hYo91MVp3/6FgHbW72IvyKWcozTImEybR6uW
TyUTnBwEBBToPW+yIEPVg/YYo2dM0lhFEYtjcb/qyDLDX/kQuS5FbaX4OoKWQonX
/DU3ULJClnPClcT+M/RJwjFLkaxqnrihDl5T+wFnAKn/JMaiWQHwfRrlCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJjdUhdI6lxWwO+wr+JEgBTO3jKyMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvbU4xU0YwanFYRmJBNzdDdjRrU0FGTTdlTXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLUFyAwQA
wg9hMA0GCSqGSIb3DQEBCwUAA4IBAQBuwYyeoLxqbTxvfyspUdCR9dd0d8vuiQ2+
ShoPlmtO+bmgYpkq4h3IHXaYgsmNdYgg6nEvTI2g8h1onNJG+iEkei+pw1cXmMaA
PoUfwB1nB6zHnWBYnDkamjJwxhbCXiuL0d4IHI2mvExh3MkmLpnl9E+OVkNw6YjV
fjIOY5ugLxqMrFIBTayJ2OU2HvznOKeiDH2GYLpXu9IOiZml9n6D9lqkqFhWV/SH
TOySFLkhUqTGiJBzqc5Kf9ACxKEc+7ZjuTLMd5ezHpoy/U1fN52uuKlQgLb7pu+r
3DtkWAeC9YWXISg3GBs34MW4aj/IK4NRhKvzSeGMmnQkCbaO2GqG
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:28:06 2025 by rpki-client