Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_7b-wK6kLzxf7iWesXkqkfFcpNY.roa
File: _7b-wK6kLzxf7iWesXkqkfFcpNY.roa (raw, json)
Hash identifier: ru9q3GENXuaiBoAszK3nQ0h0s8M2NWFrfv9sPgO9mQE=
Subject key identifier: FF:B6:FE:C0:AE:A4:2F:3C:5F:EE:25:9E:B1:79:2A:91:F1:5C:A4:D6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01948476D0E63791218772FC53734E1FF93E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_7b-wK6kLzxf7iWesXkqkfFcpNY.roa
Signing time: Mon 20 Jan 2025 16:06:06 +0000
ROA not before: Mon 20 Jan 2025 16:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60721
IP address blocks: 45.88.136.0/23 maxlen: 24
45.132.182.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:76:d0:e6:37:91:21:87:72:fc:53:73:4e:1f:f9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 20 16:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffb6fec0aea42f3c5fee259eb1792a91f15ca4d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:a7:f9:0a:77:b5:b4:bb:69:68:c2:2d:b7:
41:3c:2d:4b:63:d5:56:49:d4:fd:55:67:e1:92:34:
20:bd:7a:ca:f3:0b:91:ba:2b:b4:97:fb:9b:8f:8f:
c4:25:ac:71:1d:e4:5d:f0:75:ef:00:f2:31:70:c9:
0d:47:2b:6d:24:37:bd:87:62:24:4f:d2:d6:60:90:
09:37:c0:1b:93:c5:a0:66:79:51:58:0e:c2:93:d8:
4f:2a:4b:b6:4a:08:1b:48:86:bf:12:61:15:4b:0f:
0a:ca:00:e0:7f:89:f5:66:7f:76:32:65:9b:f6:63:
e7:98:01:16:a2:73:0e:28:0f:7c:11:8b:55:67:be:
0d:55:0b:03:07:db:f0:39:62:7e:8d:d6:3b:8c:d0:
36:d8:f9:82:2b:ed:11:b1:ca:2f:f0:81:c0:ad:0d:
4b:ab:df:2b:f2:2d:c1:99:d8:32:b2:ba:a4:33:8a:
58:d7:13:9d:73:ac:73:9d:fc:fb:d9:2b:b8:a0:54:
71:af:21:92:79:a2:1b:f8:06:cf:7d:19:4f:47:c5:
d4:07:70:aa:83:07:37:03:4d:04:57:db:e5:b4:cf:
d1:0c:24:8e:60:ce:dc:b3:15:cc:a9:86:34:17:af:
a5:ba:4f:a7:90:09:2c:f1:24:9e:3e:fc:f4:74:86:
6e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B6:FE:C0:AE:A4:2F:3C:5F:EE:25:9E:B1:79:2A:91:F1:5C:A4:D6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_7b-wK6kLzxf7iWesXkqkfFcpNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.136.0/23
45.132.182.0/23
Signature Algorithm: sha256WithRSAEncryption
78:8d:78:d1:db:ab:36:45:19:2a:ac:1a:8f:aa:7a:96:27:27:
0b:f1:9d:ff:92:0d:55:3c:a2:e9:11:cc:52:ee:ef:ed:db:f1:
cc:67:a4:29:14:95:74:d4:59:bf:10:24:6a:77:b2:a6:ab:cf:
06:c8:97:3b:40:75:f1:10:68:1b:06:23:1b:e8:4c:64:80:fb:
63:3d:9d:d3:a1:c2:be:be:bd:25:93:07:63:d1:b2:9a:cc:34:
c8:ea:2f:26:9d:91:df:6a:82:4e:1f:b3:46:ea:c5:8a:b7:12:
1f:88:7e:a7:3b:fb:a6:2f:8f:51:96:68:59:74:3e:34:e0:3f:
31:4d:26:17:49:b6:dd:11:dd:4d:d8:29:b8:7b:44:2e:e6:75:
d6:e6:6c:3d:ed:9a:f6:ba:b7:ff:8c:67:f8:25:d4:0f:cc:fd:
db:2e:e4:28:9b:cf:6b:15:d5:be:90:9c:4e:62:8a:3f:04:28:
8b:69:bd:17:da:ab:6e:1f:e9:09:63:ed:99:f0:85:c8:9c:f0:
81:c5:fa:d7:32:5d:b5:46:24:26:93:0b:02:69:30:14:ae:30:
07:15:16:2b:94:b8:0c:f8:61:88:cb:2f:cd:8a:6d:5c:87:87:
73:a8:a7:cc:5f:d0:ee:e3:16:ad:36:16:06:a7:06:93:af:34:
78:45:fd:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSEdtDmN5Ehh3L8U3NOH/k+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTIwMTYwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI2ZmVjMGFlYTQyZjNjNWZlZTI1OWViMTc5MmE5MWYxNWNhNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDCn+Qp3tbS7aWjCLbdBPC1LY9VW
SdT9VWfhkjQgvXrK8wuRuiu0l/ubj4/EJaxxHeRd8HXvAPIxcMkNRyttJDe9h2Ik
T9LWYJAJN8Abk8WgZnlRWA7Ck9hPKku2SggbSIa/EmEVSw8KygDgf4n1Zn92MmWb
9mPnmAEWonMOKA98EYtVZ74NVQsDB9vwOWJ+jdY7jNA22PmCK+0Rscov8IHArQ1L
q98r8i3BmdgysrqkM4pY1xOdc6xznfz72Su4oFRxryGSeaIb+AbPfRlPR8XUB3Cq
gwc3A00EV9vltM/RDCSOYM7csxXMqYY0F6+luk+nkAks8SSePvz0dIZu0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP+2/sCupC88X+4lnrF5KpHxXKTWMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvXzdiLXdLNmtMenhmN2lXZXNYa3FrZkZjcE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLViIAwQB
LYS2MA0GCSqGSIb3DQEBCwUAA4IBAQB4jXjR26s2RRkqrBqPqnqWJycL8Z3/kg1V
PKLpEcxS7u/t2/HMZ6QpFJV01Fm/ECRqd7Kmq88GyJc7QHXxEGgbBiMb6ExkgPtj
PZ3TocK+vr0lkwdj0bKazDTI6i8mnZHfaoJOH7NG6sWKtxIfiH6nO/umL49RlmhZ
dD404D8xTSYXSbbdEd1N2Cm4e0Qu5nXW5mw97Zr2urf/jGf4JdQPzP3bLuQom89r
FdW+kJxOYoo/BCiLab0X2qtuH+kJY+2Z8IXInPCBxfrXMl21RiQmkwsCaTAUrjAH
FRYrlLgM+GGIyy/Nim1ch4dzqKfMX9Du4xatNhYGpwaTrzR4Rf3R
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:26 2025 by rpki-client