Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/_jMez6UKzbPOPelQcGjdJ8x6E6w.roa
File: _jMez6UKzbPOPelQcGjdJ8x6E6w.roa (raw, json)
Hash identifier: ZU7ujP/uBnbOS9GuRHg5V1uQ0qPQ1zH6qf1VkFt1340=
Subject key identifier: FE:33:1E:CF:A5:0A:CD:B3:CE:3D:E9:50:70:68:DD:27:CC:7A:13:AC
Certificate issuer: /CN=3de2681dda00702a7597a71257e14f7a725e890e
Certificate serial: 019427479087C2C1489DBF097DC4060BBC7F
Authority key identifier: 3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/_jMez6UKzbPOPelQcGjdJ8x6E6w.roa
Signing time: Thu 02 Jan 2025 13:49:49 +0000
ROA not before: Thu 02 Jan 2025 13:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50799
IP address blocks: 145.43.248.0/24 maxlen: 24
145.43.249.0/24 maxlen: 24
145.43.250.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:90:87:c2:c1:48:9d:bf:09:7d:c4:06:0b:bc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de2681dda00702a7597a71257e14f7a725e890e
Validity
Not Before: Jan 2 13:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe331ecfa50acdb3ce3de9507068dd27cc7a13ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:37:1f:0f:28:25:1e:ee:69:da:36:0f:bd:e0:
c9:7b:fd:ec:7f:9f:5b:95:df:76:95:1e:ca:d8:46:
06:d3:7a:06:f4:f9:21:0c:ba:ec:33:81:69:06:75:
66:f6:a7:af:75:3b:1f:31:19:09:29:1b:2f:8e:bb:
be:e6:b8:f4:10:ac:5f:a8:2c:7d:bf:01:25:f2:19:
52:11:ae:23:4f:a8:13:1d:dc:6a:23:24:e4:3d:a7:
9f:19:49:9f:cb:46:07:5c:e1:2a:48:9f:c7:69:93:
08:2e:a2:3b:3a:5d:c7:81:3d:9e:a7:03:ab:dd:41:
ba:57:76:f0:c8:02:9f:74:0b:e2:af:74:a5:db:15:
99:6d:8a:6a:0b:4b:ed:f5:47:ba:b2:53:07:36:67:
2f:eb:ac:08:ef:10:94:0a:43:40:7c:3c:59:c8:a1:
81:7b:ca:88:f1:0d:6f:ce:b7:b3:28:8c:55:d0:14:
fe:1b:e3:bc:1f:86:27:72:7b:9a:b5:4b:93:d5:11:
d6:36:cf:e8:41:db:3b:af:70:b3:c7:f3:3b:79:55:
04:4c:27:c4:7a:d0:6f:e7:70:8e:3f:a3:e9:35:09:
b6:3a:55:05:9a:da:17:88:eb:e2:22:2d:da:8a:65:
3a:46:96:3a:90:da:fe:d5:66:16:75:4a:24:c7:a0:
17:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:33:1E:CF:A5:0A:CD:B3:CE:3D:E9:50:70:68:DD:27:CC:7A:13:AC
X509v3 Authority Key Identifier:
keyid:3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/_jMez6UKzbPOPelQcGjdJ8x6E6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/PeJoHdoAcCp1l6cSV-FPenJeiQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.43.248.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:47:8c:19:41:24:20:e7:0e:c5:2c:0e:85:08:50:11:d0:e7:
28:31:71:ce:d5:bb:24:76:42:df:38:8a:f5:d9:7c:a5:a1:2e:
83:4f:da:d1:ba:ab:7c:47:22:fd:50:8e:e6:5c:97:44:a8:34:
73:a4:e9:ae:45:62:de:5a:b9:f4:d6:c1:a2:b1:2b:6a:df:69:
5f:53:d9:09:3d:e9:3f:2a:de:ab:17:a4:64:b8:c3:95:bb:6a:
f9:4f:70:d1:73:66:f4:d0:96:5a:aa:8c:b0:20:ce:b5:30:56:
27:08:54:f8:20:41:71:21:25:7e:8d:d6:54:a6:01:b1:62:f5:
0c:d8:9a:7b:b8:13:b2:78:21:91:49:e7:c5:72:b7:f5:b6:fb:
79:45:ea:fe:9c:88:bc:25:08:35:49:3f:46:f9:61:65:9c:8b:
59:b7:9e:9f:71:de:f8:fa:16:1e:69:01:84:cb:bc:9f:49:2e:
b5:4e:ba:10:24:2f:65:71:4b:69:4e:5f:0c:15:80:d4:65:2c:
50:a0:5d:db:f9:45:c9:a3:eb:07:fc:c2:39:a0:47:74:aa:4f:
69:d4:b2:8f:06:6a:c2:78:56:2e:8d:48:9b:cc:46:01:e9:5c:
8c:98:7d:61:6e:c1:12:13:7b:44:b6:11:5b:f0:a6:2e:cb:fb:
64:de:c5:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR5CHwsFInb8JfcQGC7x/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTI2ODFkZGEwMDcwMmE3NTk3YTcxMjU3ZTE0ZjdhNzI1
ZTg5MGUwHhcNMjUwMTAyMTM0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTMzMWVjZmE1MGFjZGIzY2UzZGU5NTA3MDY4ZGQyN2NjN2ExM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDcfDyglHu5p2jYPveDJe/3sf59b
ld92lR7K2EYG03oG9PkhDLrsM4FpBnVm9qevdTsfMRkJKRsvjru+5rj0EKxfqCx9
vwEl8hlSEa4jT6gTHdxqIyTkPaefGUmfy0YHXOEqSJ/HaZMILqI7Ol3HgT2epwOr
3UG6V3bwyAKfdAvir3Sl2xWZbYpqC0vt9Ue6slMHNmcv66wI7xCUCkNAfDxZyKGB
e8qI8Q1vzrezKIxV0BT+G+O8H4YncnuatUuT1RHWNs/oQds7r3Czx/M7eVUETCfE
etBv53COP6PpNQm2OlUFmtoXiOviIi3aimU6RpY6kNr+1WYWdUokx6AXNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4zHs+lCs2zzj3pUHBo3SfMehOsMB8GA1UdIwQY
MBaAFD3iaB3aAHAqdZenElfhT3pyXokOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYt
ZTBhYzcyNjNkYjEyLzEvX2pNZXo2VUt6YlBPUGVsUWNHamRKOHg2RTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYtZTBhYzcyNjNkYjEy
LzEvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkSv4MA0G
CSqGSIb3DQEBCwUAA4IBAQBMR4wZQSQg5w7FLA6FCFAR0OcoMXHO1bskdkLfOIr1
2XyloS6DT9rRuqt8RyL9UI7mXJdEqDRzpOmuRWLeWrn01sGisStq32lfU9kJPek/
Kt6rF6RkuMOVu2r5T3DRc2b00JZaqoywIM61MFYnCFT4IEFxISV+jdZUpgGxYvUM
2Jp7uBOyeCGRSefFcrf1tvt5Rer+nIi8JQg1ST9G+WFlnItZt56fcd74+hYeaQGE
y7yfSS61TroQJC9lcUtpTl8MFYDUZSxQoF3b+UXJo+sH/MI5oEd0qk9p1LKPBmrC
eFYujUibzEYB6VyMmH1hbsESE3tEthFb8KYuy/tk3sWI
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:50:49 2025 by rpki-client