Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/4f0ae2-27a2-4e70-a659-9e6e4402753f/1/1RKkl-K3_z75SII0MZxLi4S_gHI.roa
File: 1RKkl-K3_z75SII0MZxLi4S_gHI.roa (raw, json)
Hash identifier: erq4T0vd09vvImH9q+zDemlSrFk6eJkgk918YrUsfrU=
Subject key identifier: D5:12:A4:97:E2:B7:FF:3E:F9:48:82:34:31:9C:4B:8B:84:BF:80:72
Certificate issuer: /CN=73d06ebd39aa8de74b56532c9dab40694fa1c8e8
Certificate serial: 0186FD0EBEB95994D35F42E8AADBB0555A00
Authority key identifier: 73:D0:6E:BD:39:AA:8D:E7:4B:56:53:2C:9D:AB:40:69:4F:A1:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9BuvTmqjedLVlMsnatAaU-hyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/4f0ae2-27a2-4e70-a659-9e6e4402753f/1/1RKkl-K3_z75SII0MZxLi4S_gHI.roa
Signing time: Mon 20 Mar 2023 03:27:27 +0000
ROA not before: Mon 20 Mar 2023 03:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209326
IP address blocks: 45.150.231.0/24 maxlen: 24
45.150.228.0/24 maxlen: 24
45.150.230.0/24 maxlen: 24
45.150.229.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fd:0e:be:b9:59:94:d3:5f:42:e8:aa:db:b0:55:5a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73d06ebd39aa8de74b56532c9dab40694fa1c8e8
Validity
Not Before: Mar 20 03:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d512a497e2b7ff3ef9488234319c4b8b84bf8072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e0:50:07:47:fa:61:3a:f1:50:50:33:8c:4e:
73:21:04:0a:8c:76:4c:6d:1f:26:d0:18:27:ca:be:
29:e9:12:85:c4:2b:bd:5d:b4:21:8e:bb:7d:7d:0c:
99:31:78:e2:f7:d0:b5:7f:39:81:a5:52:0c:fb:4b:
e1:8d:b6:cc:c3:0c:ff:36:57:b2:22:f4:31:a4:83:
28:16:a4:8d:66:ec:5d:0d:54:c1:3c:88:5e:72:87:
ae:e5:ef:9a:c1:30:3e:5c:e5:5e:18:7b:f1:75:90:
36:18:8a:25:bb:0b:7d:5e:41:a1:04:d0:20:53:a5:
c3:f4:61:3e:f8:0b:63:08:ce:6b:3d:f9:61:97:73:
87:71:6f:6d:82:fc:2b:6f:3b:d9:fb:d8:f8:63:a2:
81:05:9c:d7:87:0b:4e:3e:df:ed:e4:8d:c2:30:37:
4d:bc:47:7d:e8:65:84:4b:ab:5c:c5:ea:ba:1d:34:
13:a6:a2:7f:97:c7:e8:0b:ce:ae:42:8b:71:e5:39:
e0:24:8c:36:ae:a0:2c:67:1a:7b:de:c3:87:82:d0:
e7:74:b9:2d:c4:15:8f:e2:68:c2:17:b4:6d:4c:84:
32:13:eb:2c:e5:7b:3e:25:9f:4c:3e:ae:9d:ab:bf:
df:3e:45:f1:8c:26:33:48:dd:58:79:9d:a5:aa:51:
d8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:12:A4:97:E2:B7:FF:3E:F9:48:82:34:31:9C:4B:8B:84:BF:80:72
X509v3 Authority Key Identifier:
keyid:73:D0:6E:BD:39:AA:8D:E7:4B:56:53:2C:9D:AB:40:69:4F:A1:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9BuvTmqjedLVlMsnatAaU-hyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4f0ae2-27a2-4e70-a659-9e6e4402753f/1/1RKkl-K3_z75SII0MZxLi4S_gHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4f0ae2-27a2-4e70-a659-9e6e4402753f/1/c9BuvTmqjedLVlMsnatAaU-hyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.228.0/22
Signature Algorithm: sha256WithRSAEncryption
46:1b:a8:93:7d:91:7c:96:2c:e7:68:c9:38:c5:58:be:30:56:
7a:eb:d4:1f:f6:e5:c6:b9:3f:e7:36:5e:c9:b7:c8:9c:9c:63:
3e:b4:38:9e:bb:f0:17:0a:06:96:f5:17:3f:35:3c:be:e0:c2:
16:d7:c8:30:21:ff:5b:4f:fc:b5:4c:e8:ed:06:2b:a2:e7:23:
94:88:b3:27:02:85:c6:c4:11:fd:b2:52:1f:74:39:ee:e6:e7:
36:c7:14:18:d8:4c:60:2f:76:6b:7d:5c:f9:4c:7c:9d:bb:2b:
e4:26:7e:47:a9:ca:75:20:d9:c2:a2:ce:19:b0:35:5f:d5:dc:
45:52:74:d2:ca:dd:fc:51:e6:8c:8a:78:f2:2a:ab:7a:ee:21:
2e:84:63:85:48:0c:6f:0e:f7:e8:75:2e:b2:19:20:d7:45:c4:
3f:62:ec:e4:b8:f7:8a:b1:f1:ea:2b:e0:0d:b9:51:75:56:19:
a3:c9:15:18:2b:47:5f:56:5c:21:35:64:fe:01:c0:28:16:b5:
86:a4:e1:69:13:49:8a:e8:90:93:db:7f:01:81:a1:8a:69:36:
83:2d:bd:44:eb:59:ad:b1:d6:f2:fc:2d:0e:c4:fc:0a:33:8c:
c2:09:16:39:07:b4:01:a0:78:ed:8c:eb:58:95:ff:3d:d5:b7:
c4:75:7e:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb9Dr65WZTTX0LoqtuwVVoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZDA2ZWJkMzlhYThkZTc0YjU2NTMyYzlkYWI0MDY5NGZh
MWM4ZTgwHhcNMjMwMzIwMDMyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTEyYTQ5N2UyYjdmZjNlZjk0ODgyMzQzMTljNGI4Yjg0YmY4MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieBQB0f6YTrxUFAzjE5zIQQKjHZM
bR8m0Bgnyr4p6RKFxCu9XbQhjrt9fQyZMXji99C1fzmBpVIM+0vhjbbMwwz/Nley
IvQxpIMoFqSNZuxdDVTBPIhecoeu5e+awTA+XOVeGHvxdZA2GIoluwt9XkGhBNAg
U6XD9GE++AtjCM5rPflhl3OHcW9tgvwrbzvZ+9j4Y6KBBZzXhwtOPt/t5I3CMDdN
vEd96GWES6tcxeq6HTQTpqJ/l8foC86uQotx5TngJIw2rqAsZxp73sOHgtDndLkt
xBWP4mjCF7RtTIQyE+ss5Xs+JZ9MPq6dq7/fPkXxjCYzSN1YeZ2lqlHYCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUSpJfit/8++UiCNDGcS4uEv4ByMB8GA1UdIwQY
MBaAFHPQbr05qo3nS1ZTLJ2rQGlPocjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzlCdXZUbXFqZWRMVmxNc25hdEFhVS1oeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80ZjBhZTItMjdhMi00ZTcwLWE2NTkt
OWU2ZTQ0MDI3NTNmLzEvMVJLa2wtSzNfejc1U0lJME1aeExpNFNfZ0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy80ZjBhZTItMjdhMi00ZTcwLWE2NTktOWU2ZTQ0MDI3NTNm
LzEvYzlCdXZUbXFqZWRMVmxNc25hdEFhVS1oeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZbkMA0G
CSqGSIb3DQEBCwUAA4IBAQBGG6iTfZF8liznaMk4xVi+MFZ669Qf9uXGuT/nNl7J
t8icnGM+tDieu/AXCgaW9Rc/NTy+4MIW18gwIf9bT/y1TOjtBiui5yOUiLMnAoXG
xBH9slIfdDnu5uc2xxQY2ExgL3ZrfVz5THyduyvkJn5Hqcp1INnCos4ZsDVf1dxF
UnTSyt38UeaMinjyKqt67iEuhGOFSAxvDvfodS6yGSDXRcQ/YuzkuPeKsfHqK+AN
uVF1VhmjyRUYK0dfVlwhNWT+AcAoFrWGpOFpE0mK6JCT238BgaGKaTaDLb1E61mt
sdby/C0OxPwKM4zCCRY5B7QBoHjtjOtYlf891bfEdX5G
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:04:27 2025 by rpki-client