Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/jiF9vHMkWKJpjP76Gux54TKpnzc.roa
File: jiF9vHMkWKJpjP76Gux54TKpnzc.roa (raw, json)
Hash identifier: CCXc0iW9MVKVYNnO0rxCM2yL2mQD+I1ttQ+9hGTDpvQ=
Subject key identifier: 8E:21:7D:BC:73:24:58:A2:69:8C:FE:FA:1A:EC:79:E1:32:A9:9F:37
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 0194266B8EA1420181F69CCCF57747DD5D60
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/jiF9vHMkWKJpjP76Gux54TKpnzc.roa
Signing time: Thu 02 Jan 2025 09:49:30 +0000
ROA not before: Thu 02 Jan 2025 09:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136988
IP address blocks: 45.146.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8e:a1:42:01:81:f6:9c:cc:f5:77:47:dd:5d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 2 09:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e217dbc732458a2698cfefa1aec79e132a99f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ab:cd:54:e9:78:d5:d6:50:a5:26:53:50:54:
46:04:30:a5:0b:0a:9c:d4:fc:e0:35:71:16:6a:68:
b2:3b:cd:f2:04:d7:a9:88:4d:69:04:e5:89:4c:9e:
42:9a:bc:ad:74:a4:25:65:07:50:7f:34:77:4f:b4:
f5:8b:23:6b:10:9d:87:e0:b1:1f:d3:3c:05:d7:2b:
8a:ac:ae:08:2d:7e:f3:89:09:cd:6a:ca:18:be:98:
05:2b:08:b1:f5:be:bc:f2:7c:0c:0e:9d:42:26:cf:
4e:96:0e:9e:8b:15:d8:be:c2:58:50:b2:70:77:b0:
90:01:0f:a6:6f:93:c5:83:d0:f3:a6:9b:7a:ad:a5:
61:7f:9e:34:d5:08:d6:e2:ef:be:45:17:8c:e6:48:
23:a6:03:09:ef:e7:8e:8e:c3:41:f8:d6:2f:ee:76:
44:fd:12:64:e9:51:45:78:0d:30:70:e8:3b:97:ce:
b7:26:4a:81:b9:69:d8:e8:da:af:a5:e4:d5:e4:79:
d9:5b:98:ba:41:b3:92:d9:15:7f:3a:51:33:fc:ae:
11:86:82:39:c5:4a:8e:16:54:4a:5f:fd:a9:da:57:
b8:32:15:d5:0c:38:b0:85:ef:16:88:cb:6e:ac:46:
05:56:06:88:c9:99:09:eb:ef:34:12:19:07:83:e5:
c3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:21:7D:BC:73:24:58:A2:69:8C:FE:FA:1A:EC:79:E1:32:A9:9F:37
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/jiF9vHMkWKJpjP76Gux54TKpnzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.220.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:79:25:8d:bd:b2:30:1d:03:ed:03:79:9d:c1:5a:5c:65:b0:
99:e5:94:b2:f1:bb:75:d0:b5:b7:92:5c:d4:05:ec:f7:25:b3:
ad:69:a4:e2:e0:02:81:f2:e2:bb:14:4e:21:f8:ca:f3:bd:c5:
4c:b1:f6:f8:40:a5:40:89:ee:ce:b4:cf:92:8d:6f:e0:e7:f1:
89:11:2e:4e:4c:82:a4:33:21:d6:95:55:65:ba:3e:9e:b2:b5:
93:ee:a9:af:83:3d:4a:05:08:ad:e0:3f:86:ee:6c:82:3d:f1:
8b:aa:84:26:89:63:0b:b6:f2:29:5c:56:80:be:98:7d:34:c0:
c5:91:e0:62:ae:88:fa:ce:46:9d:85:39:62:6c:95:b0:3a:2d:
c7:f4:51:09:2f:97:ab:e7:cf:c8:0a:ca:23:ce:a7:f5:ce:bd:
b7:fa:ce:73:8b:c6:73:ab:51:b8:35:fb:2a:be:26:32:c6:fc:
bb:a8:05:19:1f:30:a6:59:cf:ac:ae:a4:24:0b:dc:28:18:a0:
7a:81:b1:22:12:7b:35:c9:79:08:d2:dc:b1:ef:c2:8b:87:08:
9b:9d:aa:70:cf:3b:70:cc:a5:c0:2c:4d:66:4f:98:8b:2e:c3:
e0:9f:84:e4:2f:cd:2c:70:12:17:6a:a2:9f:67:d0:3d:a9:37:
80:5e:68:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma46hQgGB9pzM9XdH3V1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjUwMTAyMDk0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTIxN2RiYzczMjQ1OGEyNjk4Y2ZlZmExYWVjNzllMTMyYTk5ZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06vNVOl41dZQpSZTUFRGBDClCwqc
1PzgNXEWamiyO83yBNepiE1pBOWJTJ5CmrytdKQlZQdQfzR3T7T1iyNrEJ2H4LEf
0zwF1yuKrK4ILX7ziQnNasoYvpgFKwix9b688nwMDp1CJs9Olg6eixXYvsJYULJw
d7CQAQ+mb5PFg9Dzppt6raVhf5401QjW4u++RReM5kgjpgMJ7+eOjsNB+NYv7nZE
/RJk6VFFeA0wcOg7l863JkqBuWnY6NqvpeTV5HnZW5i6QbOS2RV/OlEz/K4RhoI5
xUqOFlRKX/2p2le4MhXVDDiwhe8WiMturEYFVgaIyZkJ6+80EhkHg+XD2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4hfbxzJFiiaYz++hrseeEyqZ83MB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvamlGOXZITWtXS0pwalA3Nkd1eDU0VEtwbnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZLcMA0G
CSqGSIb3DQEBCwUAA4IBAQCgeSWNvbIwHQPtA3mdwVpcZbCZ5ZSy8bt10LW3klzU
Bez3JbOtaaTi4AKB8uK7FE4h+MrzvcVMsfb4QKVAie7OtM+SjW/g5/GJES5OTIKk
MyHWlVVluj6esrWT7qmvgz1KBQit4D+G7myCPfGLqoQmiWMLtvIpXFaAvph9NMDF
keBiroj6zkadhTlibJWwOi3H9FEJL5er58/ICsojzqf1zr23+s5zi8Zzq1G4Nfsq
viYyxvy7qAUZHzCmWc+srqQkC9woGKB6gbEiEns1yXkI0tyx78KLhwibnapwzztw
zKXALE1mT5iLLsPgn4TkL80scBIXaqKfZ9A9qTeAXmia
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:43 2025 by rpki-client