Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/vZmH2bvHl1nSGW5nMPLYnxBlkRU.roa
File: vZmH2bvHl1nSGW5nMPLYnxBlkRU.roa (raw, json)
Hash identifier: JOoXAeAAIZEiWY0Rg+/OZMN4l51Mdx07GGAUcyh78VU=
Subject key identifier: BD:99:87:D9:BB:C7:97:59:D2:19:6E:67:30:F2:D8:9F:10:65:91:15
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 019594BA92D397EFE3EE81BF1C76BAE1BA0E
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/vZmH2bvHl1nSGW5nMPLYnxBlkRU.roa
Signing time: Fri 14 Mar 2025 12:56:50 +0000
ROA not before: Fri 14 Mar 2025 12:56:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401190
IP address blocks: 45.65.114.0/24 maxlen: 24
45.65.115.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:ba:92:d3:97:ef:e3:ee:81:bf:1c:76:ba:e1:ba:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 14 12:56:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd9987d9bbc79759d2196e6730f2d89f10659115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:70:75:cc:5b:e6:4f:40:08:00:8c:33:d3:
99:cc:47:c3:c3:23:ef:04:73:67:81:3f:fd:a9:86:
d1:f7:5b:52:40:5a:d5:fe:03:0d:6e:14:4b:2e:de:
cf:ea:b3:a0:62:4a:c1:6f:15:d4:5d:d1:9a:c2:a5:
5f:02:7c:29:fb:b8:84:32:9b:95:63:9b:13:cf:43:
e9:70:59:ff:28:de:c4:3b:e4:b9:e8:1a:96:5a:1d:
32:81:91:d0:e1:9a:57:86:43:e1:e6:8a:f4:8f:8f:
6e:93:27:1d:04:69:ee:ca:1c:ec:62:2f:77:d0:3d:
87:cc:1b:fe:42:bc:5e:cb:80:d7:16:9f:34:47:b1:
45:64:10:4a:47:60:ca:b3:f4:d1:56:cb:b5:db:c5:
48:e6:19:93:ca:c3:3f:22:93:76:a9:f0:04:b9:5e:
60:be:17:60:52:c0:92:49:07:f6:5c:7f:60:cf:5a:
55:a4:39:6e:db:56:d4:e5:53:3d:96:b0:73:54:5f:
2a:19:e4:84:48:90:8d:eb:d1:f6:f5:c7:b8:50:a6:
51:35:86:06:03:11:f0:95:98:2d:91:71:12:b5:96:
6d:50:86:5b:85:de:27:51:b4:7b:e9:69:d3:e3:d5:
ff:f4:78:86:a1:bc:13:69:b8:fd:30:56:66:7a:82:
2f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:99:87:D9:BB:C7:97:59:D2:19:6E:67:30:F2:D8:9F:10:65:91:15
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/vZmH2bvHl1nSGW5nMPLYnxBlkRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:92:c0:30:2e:bd:11:67:1a:16:e5:5e:09:36:fc:db:2d:70:
1b:b9:8d:72:66:94:ca:eb:f1:5f:2c:bc:55:b2:7f:a0:ab:8c:
c5:dd:df:3a:b7:60:6b:94:8c:dc:1c:d8:ae:08:d2:40:9e:ea:
72:41:c1:bf:15:2f:6d:85:2f:b7:ce:d2:a8:5c:fb:2e:cc:5c:
98:5b:b6:c1:5f:37:38:6d:a1:ee:89:fc:da:f5:35:d1:18:8d:
ed:fa:a2:2b:89:5c:6d:bb:0d:04:a0:44:0c:f2:c5:1b:e8:d8:
04:ee:8e:ce:3c:a0:1e:f2:e5:97:ac:0c:9c:9f:c3:e8:f7:26:
eb:e6:94:9b:2a:ba:98:b6:dc:fd:87:1c:43:fd:bc:ed:4d:7b:
5b:31:be:01:c6:14:ff:65:5e:12:e3:7c:d5:04:77:b8:18:5e:
b4:0d:ce:6c:70:e7:61:fc:47:05:59:de:b2:26:cb:ef:48:d2:
97:56:5e:b9:05:92:1f:6c:6b:af:3d:bf:a4:93:6d:4d:c5:6f:
e4:a8:be:0b:d6:97:18:0b:1d:37:5b:5f:cd:e9:02:8c:d4:eb:
a3:42:b1:71:87:7e:68:9a:6e:6f:a7:ca:88:59:78:42:14:42:
ca:47:cb:42:78:c4:3a:7b:98:2a:30:fe:94:cc:6b:09:a2:7e:
84:52:15:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWUupLTl+/j7oG/HHa64boOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzE0MTI1NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk5ODdkOWJiYzc5NzU5ZDIxOTZlNjczMGYyZDg5ZjEwNjU5MTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvntwdcxb5k9ACACMM9OZzEfDwyPv
BHNngT/9qYbR91tSQFrV/gMNbhRLLt7P6rOgYkrBbxXUXdGawqVfAnwp+7iEMpuV
Y5sTz0PpcFn/KN7EO+S56BqWWh0ygZHQ4ZpXhkPh5or0j49ukycdBGnuyhzsYi93
0D2HzBv+Qrxey4DXFp80R7FFZBBKR2DKs/TRVsu128VI5hmTysM/IpN2qfAEuV5g
vhdgUsCSSQf2XH9gz1pVpDlu21bU5VM9lrBzVF8qGeSESJCN69H29ce4UKZRNYYG
AxHwlZgtkXEStZZtUIZbhd4nUbR76WnT49X/9HiGobwTabj9MFZmeoIvjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2Zh9m7x5dZ0hluZzDy2J8QZZEVMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvdlptSDJidkhsMW5TR1c1bk1QTFlueEJsa1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUFyMA0G
CSqGSIb3DQEBCwUAA4IBAQCtksAwLr0RZxoW5V4JNvzbLXAbuY1yZpTK6/FfLLxV
sn+gq4zF3d86t2BrlIzcHNiuCNJAnupyQcG/FS9thS+3ztKoXPsuzFyYW7bBXzc4
baHuifza9TXRGI3t+qIriVxtuw0EoEQM8sUb6NgE7o7OPKAe8uWXrAycn8Po9ybr
5pSbKrqYttz9hxxD/bztTXtbMb4BxhT/ZV4S43zVBHe4GF60Dc5scOdh/EcFWd6y
JsvvSNKXVl65BZIfbGuvPb+kk21NxW/kqL4L1pcYCx03W1/N6QKM1OujQrFxh35o
mm5vp8qIWXhCFELKR8tCeMQ6e5gqMP6UzGsJon6EUhWI
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:24:49 2025 by rpki-client