Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/7oTB9A6lOtEjQEsvoA-hCkKE_kU.roa
File: 7oTB9A6lOtEjQEsvoA-hCkKE_kU.roa (raw, json)
Hash identifier: CgqHCnrNWT0vsnk0wl9rl++PdFLv2TYzmWCCrA7fBCY=
Subject key identifier: EE:84:C1:F4:0E:A5:3A:D1:23:40:4B:2F:A0:0F:A1:0A:42:84:FE:45
Certificate issuer: /CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Certificate serial: 019424B373D47485FF700FD67D9655830C9B
Authority key identifier: B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/7oTB9A6lOtEjQEsvoA-hCkKE_kU.roa
Signing time: Thu 02 Jan 2025 01:48:47 +0000
ROA not before: Thu 02 Jan 2025 01:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44841
IP address blocks: 45.153.248.0/22 maxlen: 24
185.170.9.0/24 maxlen: 24
2a10:f9c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:73:d4:74:85:ff:70:0f:d6:7d:96:55:83:0c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Validity
Not Before: Jan 2 01:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee84c1f40ea53ad123404b2fa00fa10a4284fe45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3c:f5:23:a7:79:19:5f:1e:d0:43:57:69:5b:
75:bd:3d:18:20:33:87:71:c2:d0:29:e1:54:e3:a6:
c7:91:f3:ff:49:7d:7f:48:cc:9a:84:d3:79:34:7d:
ee:87:27:b6:4a:34:d8:f2:d0:53:6b:3b:99:6b:ad:
60:a2:d5:c4:e0:42:ee:ae:af:26:05:f6:ea:91:22:
14:2d:11:ec:36:6b:ba:13:0f:e9:76:36:cf:80:0c:
65:a7:6d:fe:14:e6:6c:2e:be:3d:5a:30:c2:0b:b2:
f7:09:0b:f9:1c:9c:b1:1c:50:33:3c:69:91:1c:9c:
0f:2d:ee:ca:29:13:36:15:e6:f5:d8:c4:51:f2:5b:
75:4d:0d:20:e7:71:59:0a:b9:41:93:78:ca:6d:02:
b1:91:59:9c:33:c0:6f:8a:9e:f9:62:7d:32:19:e6:
3b:a0:6b:76:43:d8:fc:20:18:ca:9c:41:a9:a4:85:
16:50:8e:80:42:87:b9:98:07:42:1e:57:ad:bf:cc:
34:e4:cb:5d:76:d0:16:d6:7a:1d:ed:d5:d2:c9:dc:
a0:86:cf:42:4c:45:48:a9:e4:a5:f6:31:22:47:e3:
46:f0:4f:e0:a1:1a:d1:88:83:75:21:23:48:e1:81:
08:51:6f:65:06:1a:55:7d:98:a0:d4:7c:31:74:70:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:84:C1:F4:0E:A5:3A:D1:23:40:4B:2F:A0:0F:A1:0A:42:84:FE:45
X509v3 Authority Key Identifier:
keyid:B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/7oTB9A6lOtEjQEsvoA-hCkKE_kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.248.0/22
185.170.9.0/24
IPv6:
2a10:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:7f:68:6f:91:f0:30:c9:72:76:0f:81:78:d7:42:73:23:b8:
b5:ee:a2:5e:54:af:6a:6f:9f:6c:bb:d0:95:85:ed:76:bb:ac:
47:35:da:12:01:2d:54:1c:3f:d8:f8:4a:3e:9b:7b:3d:18:b6:
e7:97:e9:44:3c:45:76:c9:6f:a7:63:74:28:9e:40:b2:c1:a2:
d4:0b:b7:69:87:f5:d8:08:55:e3:b6:aa:40:9a:81:f4:68:1f:
e4:c8:f9:fc:3c:ef:ab:f3:0b:1e:fc:a1:54:88:58:61:e4:39:
d8:a6:b5:69:76:68:c7:44:19:f5:25:d6:89:f1:d6:cc:eb:64:
75:e0:ed:bc:cb:59:82:50:a1:a5:62:75:f2:2a:82:89:97:b4:
ab:5e:49:48:75:d2:e6:62:cf:91:a5:bb:a1:b2:e1:30:81:ad:
1d:ff:8c:19:6e:24:81:c5:31:fd:88:5e:86:0e:85:f2:08:80:
7e:15:06:d0:29:7b:1c:16:b5:16:49:85:e7:4f:62:1e:69:46:
a2:d0:5c:47:a4:74:cc:ea:f3:6e:71:6b:50:c8:7a:46:85:5f:
8f:99:50:ba:31:56:4b:0f:af:4c:38:ed:d5:f3:46:59:0a:87:
59:d7:56:80:b3:43:9e:c8:ee:17:1c:23:e5:c0:94:e6:34:a1:
48:ec:b8:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks3PUdIX/cA/WfZZVgwybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjBhMjA0ZjRlMDljYzgzYTYyNThkN2FhNDRmN2QyZjBm
YTQ0YTAwHhcNMjUwMTAyMDE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg0YzFmNDBlYTUzYWQxMjM0MDRiMmZhMDBmYTEwYTQyODRmZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Tz1I6d5GV8e0ENXaVt1vT0YIDOH
ccLQKeFU46bHkfP/SX1/SMyahNN5NH3uhye2SjTY8tBTazuZa61gotXE4ELurq8m
BfbqkSIULRHsNmu6Ew/pdjbPgAxlp23+FOZsLr49WjDCC7L3CQv5HJyxHFAzPGmR
HJwPLe7KKRM2Feb12MRR8lt1TQ0g53FZCrlBk3jKbQKxkVmcM8Bvip75Yn0yGeY7
oGt2Q9j8IBjKnEGppIUWUI6AQoe5mAdCHletv8w05MtddtAW1nod7dXSydyghs9C
TEVIqeSl9jEiR+NG8E/goRrRiIN1ISNI4YEIUW9lBhpVfZig1HwxdHCCmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO6EwfQOpTrRI0BLL6APoQpChP5FMB8GA1UdIwQY
MBaAFLUgogT04JzIOmJY16pE99Lw+kSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAt
YjhiMWU0YjRlY2I5LzEvN29UQjlBNmxPdEVqUUVzdm9BLWhDa0tFX2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAtYjhiMWU0YjRlY2I5
LzEvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZn4AwQA
uaoJMA0EAgACMAcDBQMqEPnAMA0GCSqGSIb3DQEBCwUAA4IBAQBrf2hvkfAwyXJ2
D4F410JzI7i17qJeVK9qb59su9CVhe12u6xHNdoSAS1UHD/Y+Eo+m3s9GLbnl+lE
PEV2yW+nY3QonkCywaLUC7dph/XYCFXjtqpAmoH0aB/kyPn8PO+r8wse/KFUiFhh
5DnYprVpdmjHRBn1JdaJ8dbM62R14O28y1mCUKGlYnXyKoKJl7SrXklIddLmYs+R
pbuhsuEwga0d/4wZbiSBxTH9iF6GDoXyCIB+FQbQKXscFrUWSYXnT2IeaUai0FxH
pHTM6vNucWtQyHpGhV+PmVC6MVZLD69MOO3V80ZZCodZ11aAs0OeyO4XHCPlwJTm
NKFI7Lh8
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:40 2025 by rpki-client