Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/P4joPrMbyyf9eJU97dD_0zc8DJY.roa
File: P4joPrMbyyf9eJU97dD_0zc8DJY.roa (raw, json)
Hash identifier: gl6GZ/HrB5BKfA9rjfcCYlZhjRwEwX8+Blcs80phGI4=
Subject key identifier: 3F:88:E8:3E:B3:1B:CB:27:FD:78:95:3D:ED:D0:FF:D3:37:3C:0C:96
Certificate issuer: /CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329
Certificate serial: 019420684D29393EA7E9D02C5974349A503E
Authority key identifier: 23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/P4joPrMbyyf9eJU97dD_0zc8DJY.roa
Signing time: Wed 01 Jan 2025 05:48:13 +0000
ROA not before: Wed 01 Jan 2025 05:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15083
IP address blocks: 45.15.41.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:4d:29:39:3e:a7:e9:d0:2c:59:74:34:9a:50:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329
Validity
Not Before: Jan 1 05:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f88e83eb31bcb27fd78953dedd0ffd3373c0c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6d:40:20:d5:63:f9:eb:fa:1a:27:51:5e:80:
bb:16:34:7d:31:dc:15:de:b0:c4:3b:0b:29:88:b8:
3e:76:46:f7:45:76:80:8f:2f:a4:32:5c:1c:2a:4f:
38:3c:a8:10:ce:47:be:43:2c:95:db:f0:57:32:39:
0f:b0:d4:e4:d3:4e:1c:7b:97:e5:3a:f1:03:0c:3b:
c7:2d:81:b9:9d:6d:42:a4:28:c2:89:82:06:4c:6c:
33:c9:a1:37:87:4a:d9:a9:f6:a6:49:b5:53:af:3e:
9d:c1:f9:fe:02:ac:95:84:f4:6e:e7:b6:50:d9:6a:
9c:89:e2:9d:4b:db:4d:70:47:8d:e7:30:99:b6:91:
86:75:ed:f1:93:b3:33:a2:b5:16:da:b0:61:db:31:
25:e6:90:fa:9f:17:f1:ea:99:8b:ae:1d:6f:38:75:
39:e8:68:57:15:ef:8a:8a:df:24:56:1d:dc:6c:0b:
e8:7d:9c:d2:19:80:da:cd:27:1e:54:c5:ba:b2:00:
6d:31:1e:2e:48:e2:7c:eb:31:c2:52:7b:e9:5b:59:
d3:cf:b6:a2:92:96:4e:1d:79:45:53:59:26:aa:80:
c4:60:48:5d:41:2f:8c:f1:82:75:d6:c9:1e:1b:99:
46:c9:0b:f3:be:e4:23:91:90:b7:ca:40:b2:a0:97:
f8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:88:E8:3E:B3:1B:CB:27:FD:78:95:3D:ED:D0:FF:D3:37:3C:0C:96
X509v3 Authority Key Identifier:
keyid:23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/P4joPrMbyyf9eJU97dD_0zc8DJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.41.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:30:32:9d:5f:31:00:cc:38:36:05:ab:b6:52:65:d5:4e:0e:
1f:0f:51:36:ed:a3:d0:7d:aa:2f:dc:a8:9b:de:b8:c1:bf:33:
79:81:a5:d8:0c:ea:e9:ff:f9:42:c0:bb:74:f5:b0:40:f2:dc:
db:97:30:8d:f9:91:a6:2a:8c:bf:6e:cf:8b:1a:c8:ea:2e:40:
64:d2:6c:f5:1a:81:f3:3d:0d:cb:b8:a4:5f:60:63:98:85:c4:
2a:d5:73:4d:9e:f9:ec:35:b9:60:8e:b9:9b:14:d1:c0:56:ae:
25:62:23:ae:14:78:6c:65:dd:66:c9:29:70:ee:04:af:bf:3e:
44:ce:df:fa:ad:84:ed:2f:f2:1f:99:db:3a:b1:52:b1:a7:36:
99:31:41:2c:26:e3:bd:a0:8b:c1:7f:0e:a1:03:42:eb:bc:13:
e1:db:8f:cd:28:90:62:61:14:b0:70:11:c3:48:6c:3e:63:81:
a3:b1:26:89:b7:da:0f:1f:57:90:65:43:96:90:58:d6:3a:f1:
02:ca:76:b6:2e:f1:ef:12:89:94:fc:b5:79:3e:af:83:cf:ca:
fb:c1:91:1a:74:0b:e9:35:1c:fd:37:45:77:87:21:44:3b:7c:
31:a8:c2:d0:ee:33:f5:f8:12:77:4e:b9:e5:32:02:c6:7b:20:
96:00:e9:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaE0pOT6n6dAsWXQ0mlA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzI5Y2IzYWJlNGU5NDBjZmM2MmEyMGUyYTZlMmMyOGZj
MjgzMjkwHhcNMjUwMTAxMDU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjg4ZTgzZWIzMWJjYjI3ZmQ3ODk1M2RlZGQwZmZkMzM3M2MwYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W1AINVj+ev6GidRXoC7FjR9MdwV
3rDEOwspiLg+dkb3RXaAjy+kMlwcKk84PKgQzke+QyyV2/BXMjkPsNTk004ce5fl
OvEDDDvHLYG5nW1CpCjCiYIGTGwzyaE3h0rZqfamSbVTrz6dwfn+AqyVhPRu57ZQ
2WqcieKdS9tNcEeN5zCZtpGGde3xk7MzorUW2rBh2zEl5pD6nxfx6pmLrh1vOHU5
6GhXFe+Kit8kVh3cbAvofZzSGYDazSceVMW6sgBtMR4uSOJ86zHCUnvpW1nTz7ai
kpZOHXlFU1kmqoDEYEhdQS+M8YJ11skeG5lGyQvzvuQjkZC3ykCyoJf4iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD+I6D6zG8sn/XiVPe3Q/9M3PAyWMB8GA1UdIwQY
MBaAFCMynLOr5OlAz8YqIOKm4sKPwoMpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTIt
NTE4ZjJjOGY4NDZiLzEvUDRqb1ByTWJ5eWY5ZUpVOTdkRF8wemM4REpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTItNTE4ZjJjOGY4NDZi
LzEvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ8pMA0G
CSqGSIb3DQEBCwUAA4IBAQBfMDKdXzEAzDg2Bau2UmXVTg4fD1E27aPQfaov3Kib
3rjBvzN5gaXYDOrp//lCwLt09bBA8tzblzCN+ZGmKoy/bs+LGsjqLkBk0mz1GoHz
PQ3LuKRfYGOYhcQq1XNNnvnsNblgjrmbFNHAVq4lYiOuFHhsZd1mySlw7gSvvz5E
zt/6rYTtL/Ifmds6sVKxpzaZMUEsJuO9oIvBfw6hA0LrvBPh24/NKJBiYRSwcBHD
SGw+Y4GjsSaJt9oPH1eQZUOWkFjWOvECyna2LvHvEomU/LV5Pq+Dz8r7wZEadAvp
NRz9N0V3hyFEO3wxqMLQ7jP1+BJ3TrnlMgLGeyCWAOnz
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:00 2025 by rpki-client