Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/qYm5_ZBkIHvjeiR2QXkd7kq4ygE.roa
File: qYm5_ZBkIHvjeiR2QXkd7kq4ygE.roa (raw, json)
Hash identifier: QdenYZejz+wUF3Z5BIryE97g1utt6QI4jTIq/LyfB/w=
Subject key identifier: A9:89:B9:FD:90:64:20:7B:E3:7A:24:76:41:79:1D:EE:4A:B8:CA:01
Certificate issuer: /CN=188a460189ee14abceda75997194ccbfe3c58b6b
Certificate serial: 018CC2DB15CD4A1C4531E4514AA48E1B7614
Authority key identifier: 18:8A:46:01:89:EE:14:AB:CE:DA:75:99:71:94:CC:BF:E3:C5:8B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIpGAYnuFKvO2nWZcZTMv-PFi2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/qYm5_ZBkIHvjeiR2QXkd7kq4ygE.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5524
IP address blocks: 45.11.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:15:cd:4a:1c:45:31:e4:51:4a:a4:8e:1b:76:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=188a460189ee14abceda75997194ccbfe3c58b6b
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a989b9fd9064207be37a247641791dee4ab8ca01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1e:a0:09:7c:b0:bc:b1:d5:31:d8:f3:b8:7c:
cf:d4:9c:94:66:ee:78:af:ab:7b:75:10:0a:db:4f:
3f:b3:df:37:74:ba:65:e0:3f:b4:51:c3:7f:80:8a:
67:94:0f:e9:60:49:6d:ca:b8:42:d8:76:ca:b8:93:
3d:37:d8:3d:f3:ed:f0:02:12:ce:2d:1d:f9:2c:aa:
21:8c:cd:cb:71:f8:01:c7:87:14:c8:c7:d5:50:6f:
2a:a1:40:66:13:38:5d:8e:5d:ab:a3:3f:4b:74:10:
65:c8:5a:c5:76:4a:02:43:60:f5:59:18:64:0f:70:
95:e6:3b:7e:e7:c0:72:e9:8a:a0:0a:cc:b0:08:3e:
90:50:a0:26:34:3f:bc:0d:19:f1:df:b9:b2:c2:85:
df:c5:f8:18:db:52:ec:0d:58:14:e2:67:80:80:78:
7b:03:22:ac:22:5d:2e:eb:ac:af:cd:6e:ba:d0:62:
1b:5b:ae:43:29:55:6c:29:7d:13:dc:fc:8d:c6:08:
e4:58:50:e0:61:c2:0c:56:e2:c7:fe:c5:19:8c:1f:
a0:78:b1:28:0a:f8:b1:53:9d:90:f1:40:d8:32:0f:
4b:7b:49:fe:46:7a:ac:fb:8a:83:88:ce:67:d0:17:
c8:27:ec:c1:1b:58:c1:8a:10:d9:dc:a9:75:fb:55:
ca:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:89:B9:FD:90:64:20:7B:E3:7A:24:76:41:79:1D:EE:4A:B8:CA:01
X509v3 Authority Key Identifier:
keyid:18:8A:46:01:89:EE:14:AB:CE:DA:75:99:71:94:CC:BF:E3:C5:8B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIpGAYnuFKvO2nWZcZTMv-PFi2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/qYm5_ZBkIHvjeiR2QXkd7kq4ygE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/GIpGAYnuFKvO2nWZcZTMv-PFi2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.12.0/22
Signature Algorithm: sha256WithRSAEncryption
63:cd:34:69:90:aa:f4:7c:7b:ff:70:01:7e:44:36:f6:db:7d:
7d:ec:00:8f:b7:0b:ed:ed:34:9a:6f:e8:5e:b7:7e:42:ef:e9:
8f:b7:31:c8:2d:cd:3f:ad:4d:dc:9e:2b:90:e9:29:6c:58:80:
77:8d:27:63:4a:42:67:a9:56:2d:e2:24:43:8e:34:8a:a3:bb:
2f:8d:db:94:61:8f:70:e0:4c:c5:bc:57:65:00:7e:f3:33:56:
a3:67:6f:38:ef:d7:a7:f0:41:1c:2f:fe:35:c3:f4:6c:3d:6c:
cd:1c:5a:72:31:e1:28:b2:77:56:3f:ed:99:97:c7:90:74:28:
9e:ab:8b:1c:a5:61:41:41:b6:b3:a1:22:e3:1d:89:d9:d6:5c:
a2:1b:f3:4e:37:10:19:d0:1b:b1:3c:d3:c7:10:6c:4b:6d:49:
b8:b5:06:99:2e:bf:cc:bf:57:86:3e:44:84:4c:90:14:fa:bd:
d1:4a:f6:ef:11:84:8d:a6:49:5a:e5:2c:e5:9f:cd:1a:b0:11:
c2:8f:7f:e6:ad:e5:cc:e8:0e:dc:6c:b1:6a:be:22:c2:8c:a0:
a8:c6:61:32:9f:37:59:01:5b:b4:2e:32:c8:c5:85:1b:cd:99:
9b:0c:57:f4:11:c3:59:aa:b9:da:d7:0b:64:1f:79:05:69:0c:
b1:cd:2f:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2xXNShxFMeRRSqSOG3YUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OGE0NjAxODllZTE0YWJjZWRhNzU5OTcxOTRjY2JmZTNj
NThiNmIwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTg5YjlmZDkwNjQyMDdiZTM3YTI0NzY0MTc5MWRlZTRhYjhjYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR6gCXywvLHVMdjzuHzP1JyUZu54
r6t7dRAK208/s983dLpl4D+0UcN/gIpnlA/pYEltyrhC2HbKuJM9N9g98+3wAhLO
LR35LKohjM3LcfgBx4cUyMfVUG8qoUBmEzhdjl2roz9LdBBlyFrFdkoCQ2D1WRhk
D3CV5jt+58By6YqgCsywCD6QUKAmND+8DRnx37mywoXfxfgY21LsDVgU4meAgHh7
AyKsIl0u66yvzW660GIbW65DKVVsKX0T3PyNxgjkWFDgYcIMVuLH/sUZjB+geLEo
CvixU52Q8UDYMg9Le0n+Rnqs+4qDiM5n0BfIJ+zBG1jBihDZ3Kl1+1XKtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmJuf2QZCB743okdkF5He5KuMoBMB8GA1UdIwQY
MBaAFBiKRgGJ7hSrztp1mXGUzL/jxYtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0lwR0FZbnVGS3ZPMm5XWmNaVE12LVBGaTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNmQyNDUtZWQwZS00YzU1LWI2YmEt
YmNlZTViMWJlMGNiLzEvcVltNV9aQmtJSHZqZWlSMlFYa2Q3a3E0eWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zNmQyNDUtZWQwZS00YzU1LWI2YmEtYmNlZTViMWJlMGNi
LzEvR0lwR0FZbnVGS3ZPMm5XWmNaVE12LVBGaTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQsMMA0G
CSqGSIb3DQEBCwUAA4IBAQBjzTRpkKr0fHv/cAF+RDb223197ACPtwvt7TSab+he
t35C7+mPtzHILc0/rU3cniuQ6SlsWIB3jSdjSkJnqVYt4iRDjjSKo7svjduUYY9w
4EzFvFdlAH7zM1ajZ28479en8EEcL/41w/RsPWzNHFpyMeEosndWP+2Zl8eQdCie
q4scpWFBQbazoSLjHYnZ1lyiG/NONxAZ0BuxPNPHEGxLbUm4tQaZLr/Mv1eGPkSE
TJAU+r3RSvbvEYSNpkla5Szln80asBHCj3/mreXM6A7cbLFqviLCjKCoxmEynzdZ
AVu0LjLIxYUbzZmbDFf0EcNZqrna1wtkH3kFaQyxzS8g
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:39:13 2025 by rpki-client