Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/3oKx6h0eBr3yZ2nfockvN65K1_o.roa
File: 3oKx6h0eBr3yZ2nfockvN65K1_o.roa (raw, json)
Hash identifier: geWao+6sgTP3cLFpfRuFIKY1lyLCLqYJA9Pcg4p46Gs=
Subject key identifier: DE:82:B1:EA:1D:1E:06:BD:F2:67:69:DF:A1:C9:2F:37:AE:4A:D7:FA
Certificate issuer: /CN=a04de87501c7d3082c76659f4debd9428843b4cb
Certificate serial: 01942068329B28F61432ABF265D88E30783D
Authority key identifier: A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/3oKx6h0eBr3yZ2nfockvN65K1_o.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41529
IP address blocks: 45.131.84.0/22 maxlen: 22
45.131.84.0/24 maxlen: 24
45.131.85.0/24 maxlen: 24
45.131.86.0/24 maxlen: 24
45.131.87.0/24 maxlen: 24
2a0e:5f40::/29 maxlen: 29
2a0e:5f40:84::/48 maxlen: 48
2a0e:5f40:85::/48 maxlen: 48
2a0e:5f40:86::/48 maxlen: 48
2a0e:5f40:87::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:32:9b:28:f6:14:32:ab:f2:65:d8:8e:30:78:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04de87501c7d3082c76659f4debd9428843b4cb
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de82b1ea1d1e06bdf26769dfa1c92f37ae4ad7fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c0:31:5d:7b:a2:d4:2c:b5:d6:7e:8b:79:83:
cb:74:ff:b2:98:3a:cf:ca:b9:9d:10:a7:9b:fb:a5:
0b:7a:a8:2c:6a:78:e7:31:de:75:2d:1a:b7:5f:bd:
2a:5e:36:5e:6b:08:70:e4:0a:b4:c9:85:c3:a4:45:
ba:1d:89:9b:e0:fd:38:aa:24:bc:5f:03:26:fd:27:
a3:35:f2:c8:b4:37:dd:f1:16:4e:4a:2c:4b:0d:43:
7a:3a:85:e6:6e:fc:aa:e1:69:f0:4c:ec:74:a7:6f:
66:68:aa:dd:98:f5:a6:65:77:83:b2:6b:68:78:15:
ce:a5:8f:cf:9e:64:80:b8:61:37:17:ba:21:3f:57:
5b:ec:5d:4d:d1:a5:d7:1b:b1:70:d6:17:b8:57:3d:
b0:52:86:8f:98:4e:7f:93:82:3d:ca:c3:e1:d2:80:
62:b6:67:b1:27:31:b9:4b:22:c0:35:6a:76:dc:4c:
17:18:e4:9d:b2:88:53:df:a2:88:40:19:f7:44:f9:
4c:f0:f6:c3:ad:aa:e1:99:01:f8:ca:7d:62:af:11:
80:ba:9d:c8:d5:23:98:1a:5c:8b:ea:e1:0e:5e:f2:
a9:d2:eb:77:57:a0:72:f9:0c:bf:37:3d:10:3c:72:
74:ed:6f:af:70:a9:59:a9:fa:57:1c:4b:59:6c:bc:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:82:B1:EA:1D:1E:06:BD:F2:67:69:DF:A1:C9:2F:37:AE:4A:D7:FA
X509v3 Authority Key Identifier:
keyid:A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/3oKx6h0eBr3yZ2nfockvN65K1_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.84.0/22
IPv6:
2a0e:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
59:47:4a:d4:f2:fe:04:e3:7a:2c:42:9d:dc:7f:86:47:76:31:
7b:b4:22:99:44:1a:b1:dc:51:c2:36:26:33:f7:bd:10:18:43:
42:d9:9d:90:50:16:58:22:88:23:96:66:75:c1:14:0a:51:fc:
64:5c:9e:1f:09:9e:c6:04:e2:b2:c6:35:5e:e6:34:58:24:76:
1a:46:69:cc:f3:11:bc:de:10:ef:78:bd:2b:b0:5d:d1:01:6b:
ef:2f:9a:f0:20:33:51:ad:28:8d:53:98:13:cc:53:b1:16:46:
7d:95:21:75:02:3f:40:6f:6a:64:8c:05:f8:16:a4:22:9e:b1:
7b:60:2c:75:4f:16:4e:12:72:17:78:77:1b:bc:6f:78:f0:a5:
cb:a9:fe:57:db:8d:5c:b1:d0:4c:af:ff:de:a7:06:2d:f7:22:
cb:5e:eb:62:9b:a5:09:33:34:f2:88:00:76:a7:97:ee:5c:99:
4b:7e:71:a2:f8:e3:b4:5d:33:12:9b:37:0b:66:7e:0e:68:fd:
4d:87:88:a1:eb:44:20:19:7e:08:73:7d:11:97:1b:78:8e:99:
2b:e2:54:50:18:22:ab:5d:81:5e:61:01:fb:48:ef:ac:2c:d8:
8d:16:1e:ef:82:c8:3f:6c:eb:3c:d8:5f:d9:27:60:db:11:ca:
c9:a3:91:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaDKbKPYUMqvyZdiOMHg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNGRlODc1MDFjN2QzMDgyYzc2NjU5ZjRkZWJkOTQyODg0
M2I0Y2IwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTgyYjFlYTFkMWUwNmJkZjI2NzY5ZGZhMWM5MmYzN2FlNGFkN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcAxXXui1Cy11n6LeYPLdP+ymDrP
yrmdEKeb+6ULeqgsanjnMd51LRq3X70qXjZeawhw5Aq0yYXDpEW6HYmb4P04qiS8
XwMm/SejNfLItDfd8RZOSixLDUN6OoXmbvyq4WnwTOx0p29maKrdmPWmZXeDsmto
eBXOpY/PnmSAuGE3F7ohP1db7F1N0aXXG7Fw1he4Vz2wUoaPmE5/k4I9ysPh0oBi
tmexJzG5SyLANWp23EwXGOSdsohT36KIQBn3RPlM8PbDrarhmQH4yn1irxGAup3I
1SOYGlyL6uEOXvKp0ut3V6By+Qy/Nz0QPHJ07W+vcKlZqfpXHEtZbLydNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN6CseodHga98mdp36HJLzeuStf6MB8GA1UdIwQY
MBaAFKBN6HUBx9MILHZln03r2UKIQ7TLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5Njkt
NzQ4Zjc4NzgzODhhLzEvM29LeDZoMGVCcjN5WjJuZm9ja3ZONjVLMV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5NjktNzQ4Zjc4NzgzODhh
LzEvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYNUMA0E
AgACMAcDBQMqDl9AMA0GCSqGSIb3DQEBCwUAA4IBAQBZR0rU8v4E43osQp3cf4ZH
djF7tCKZRBqx3FHCNiYz970QGENC2Z2QUBZYIogjlmZ1wRQKUfxkXJ4fCZ7GBOKy
xjVe5jRYJHYaRmnM8xG83hDveL0rsF3RAWvvL5rwIDNRrSiNU5gTzFOxFkZ9lSF1
Aj9Ab2pkjAX4FqQinrF7YCx1TxZOEnIXeHcbvG948KXLqf5X241csdBMr//epwYt
9yLLXutim6UJMzTyiAB2p5fuXJlLfnGi+OO0XTMSmzcLZn4OaP1Nh4ih60QgGX4I
c30Rlxt4jpkr4lRQGCKrXYFeYQH7SO+sLNiNFh7vgsg/bOs82F/ZJ2DbEcrJo5E2
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:09 2025 by rpki-client