Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/1-YgT2Dp81wwlxN4YhUFJI1jv6Y.roa
File: 1-YgT2Dp81wwlxN4YhUFJI1jv6Y.roa (raw, json)
Hash identifier: yL6zyGeH92adtXQSKd8Mq3UDRt+aKFGYWzlFrk9kOSk=
Subject key identifier: D7:E6:20:4F:60:E9:F3:5C:30:97:13:78:62:15:05:24:8D:63:BF:A6
Certificate issuer: /CN=5c61dcd3eb50c83d68060bcba4af152204193503
Certificate serial: 019425FC8F83ED74B5F6B238FF49FF2021BE
Authority key identifier: 5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/1-YgT2Dp81wwlxN4YhUFJI1jv6Y.roa
Signing time: Thu 02 Jan 2025 07:48:16 +0000
ROA not before: Thu 02 Jan 2025 07:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207281
IP address blocks: 45.128.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:8f:83:ed:74:b5:f6:b2:38:ff:49:ff:20:21:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c61dcd3eb50c83d68060bcba4af152204193503
Validity
Not Before: Jan 2 07:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7e6204f60e9f35c30971378621505248d63bfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cc:95:8c:86:ee:52:f9:01:1e:57:32:9b:32:
1a:80:66:d1:b5:f1:ba:3e:bf:4e:10:35:6b:e4:56:
4e:8c:a2:5b:f1:9b:35:6b:d0:c3:87:eb:68:0b:35:
d6:ec:dd:2b:26:92:10:0e:b7:b0:5e:fa:b8:d5:0d:
67:f3:c0:a1:7e:22:34:0a:bc:1d:0b:07:7b:80:2b:
f7:3e:d8:b3:8c:4d:2a:69:39:8e:75:1e:c2:25:35:
22:03:a0:39:f6:e1:ce:a9:f1:bb:03:34:36:64:8c:
ac:bb:b0:28:e9:59:50:2c:93:3a:9c:9e:7c:cb:31:
fa:3b:7d:20:f6:8a:dc:51:a9:0f:22:e6:8b:9c:ec:
ba:99:1e:c8:e0:7f:04:02:b9:9c:da:50:4b:e7:87:
ab:ef:d1:1e:f2:49:c3:4a:47:53:93:6f:2c:aa:82:
9a:69:87:e2:db:14:5c:c1:27:9e:5e:13:37:21:68:
03:45:35:5f:59:8e:27:22:33:30:e2:9e:ec:7b:6d:
e3:77:b7:00:b4:f5:5b:9f:e2:99:ff:11:31:68:33:
92:e3:41:a0:82:a3:2d:f8:5a:4b:f6:bc:b1:c7:f5:
18:3a:3e:18:b2:40:1c:60:f0:d2:2e:89:3d:19:79:
cf:30:98:94:7b:bd:ab:8c:27:48:fe:0c:c4:b5:f8:
1a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E6:20:4F:60:E9:F3:5C:30:97:13:78:62:15:05:24:8D:63:BF:A6
X509v3 Authority Key Identifier:
keyid:5C:61:DC:D3:EB:50:C8:3D:68:06:0B:CB:A4:AF:15:22:04:19:35:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGHc0-tQyD1oBgvLpK8VIgQZNQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/1-YgT2Dp81wwlxN4YhUFJI1jv6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/44a155-4d02-4002-8f3d-c36d1c460e2f/1/XGHc0-tQyD1oBgvLpK8VIgQZNQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.120.0/22
Signature Algorithm: sha256WithRSAEncryption
21:5d:dc:cb:24:d6:75:96:71:bc:ad:bb:9e:84:b5:ed:2a:c7:
12:51:05:45:cc:5e:95:f3:88:84:b7:9a:ef:4c:02:ee:30:4c:
59:84:0f:a8:06:49:9c:51:df:1b:5b:18:4a:2c:ca:6d:86:6b:
34:df:48:5f:c6:4d:7a:95:2a:e5:05:0c:6e:4b:cd:58:50:e5:
c4:16:ab:1c:02:a9:cf:86:05:04:3d:22:0b:8f:ce:50:82:3f:
1a:a5:9b:f3:17:b5:32:35:f5:09:c2:af:5c:2b:1e:da:ce:ab:
84:7b:0b:c7:25:92:35:5e:b6:b9:89:b0:9d:3b:14:cc:f6:a3:
83:39:2c:a9:78:b1:2d:e5:04:87:46:3d:b1:c7:ca:a6:37:c1:
9d:b0:2f:39:09:3a:cf:8f:ee:12:df:ee:23:04:81:58:db:79:
8c:91:05:49:79:5f:16:18:8f:cb:a7:c5:6a:1e:71:5a:63:a6:
a5:fc:cd:19:3a:a3:02:c1:86:fe:15:70:b4:e6:ef:76:31:01:
28:71:69:a7:d0:b3:6c:ae:96:5a:f0:2b:d7:c0:a1:25:86:09:
91:44:2f:6b:dc:8a:51:71:85:04:dd:28:4d:3e:3a:37:66:e7:
fe:d2:1b:33:40:29:14:b5:45:ae:16:8f:b4:de:4e:9a:d3:89:
fc:b2:e8:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/I+D7XS19rI4/0n/ICG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjFkY2QzZWI1MGM4M2Q2ODA2MGJjYmE0YWYxNTIyMDQx
OTM1MDMwHhcNMjUwMTAyMDc0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U2MjA0ZjYwZTlmMzVjMzA5NzEzNzg2MjE1MDUyNDhkNjNiZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMyVjIbuUvkBHlcymzIagGbRtfG6
Pr9OEDVr5FZOjKJb8Zs1a9DDh+toCzXW7N0rJpIQDrewXvq41Q1n88ChfiI0Crwd
Cwd7gCv3PtizjE0qaTmOdR7CJTUiA6A59uHOqfG7AzQ2ZIysu7Ao6VlQLJM6nJ58
yzH6O30g9orcUakPIuaLnOy6mR7I4H8EArmc2lBL54er79Ee8knDSkdTk28sqoKa
aYfi2xRcwSeeXhM3IWgDRTVfWY4nIjMw4p7se23jd7cAtPVbn+KZ/xExaDOS40Gg
gqMt+FpL9ryxx/UYOj4YskAcYPDSLok9GXnPMJiUe72rjCdI/gzEtfgaJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfmIE9g6fNcMJcTeGIVBSSNY7+mMB8GA1UdIwQY
MBaAFFxh3NPrUMg9aAYLy6SvFSIEGTUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2Qt
YzM2ZDFjNDYwZTJmLzEvMS1ZZ1QyRHA4MXd3bHhONFloVUZKSTFqdjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NGExNTUtNGQwMi00MDAyLThmM2QtYzM2ZDFjNDYwZTJm
LzEvWEdIYzAtdFF5RDFvQmd2THBLOFZJZ1FaTlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYB4MA0G
CSqGSIb3DQEBCwUAA4IBAQAhXdzLJNZ1lnG8rbuehLXtKscSUQVFzF6V84iEt5rv
TALuMExZhA+oBkmcUd8bWxhKLMpthms030hfxk16lSrlBQxuS81YUOXEFqscAqnP
hgUEPSILj85Qgj8apZvzF7UyNfUJwq9cKx7azquEewvHJZI1Xra5ibCdOxTM9qOD
OSypeLEt5QSHRj2xx8qmN8GdsC85CTrPj+4S3+4jBIFY23mMkQVJeV8WGI/Lp8Vq
HnFaY6al/M0ZOqMCwYb+FXC05u92MQEocWmn0LNsrpZa8CvXwKElhgmRRC9r3IpR
cYUE3ShNPjo3Zuf+0hszQCkUtUWuFo+03k6a04n8sugM
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:07 2025 by rpki-client