Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/L2xzzOA8JfaZwPjrwMWqtyVALj8.roa
File: L2xzzOA8JfaZwPjrwMWqtyVALj8.roa (raw, json)
Hash identifier: X9Kq4PlbStrWO9FxwUbvnrlqsiqSHKE/+3dcCYXzI7A=
Subject key identifier: 2F:6C:73:CC:E0:3C:25:F6:99:C0:F8:EB:C0:C5:AA:B7:25:40:2E:3F
Certificate issuer: /CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Certificate serial: 0195CE34EC84D2D670826199F832AE984A71
Authority key identifier: 00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/L2xzzOA8JfaZwPjrwMWqtyVALj8.roa
Signing time: Tue 25 Mar 2025 16:48:49 +0000
ROA not before: Tue 25 Mar 2025 16:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.152.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:34:ec:84:d2:d6:70:82:61:99:f8:32:ae:98:4a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Validity
Not Before: Mar 25 16:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f6c73cce03c25f699c0f8ebc0c5aab725402e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d2:f3:22:23:a5:fd:c1:23:25:6e:84:97:7f:
bf:8a:ff:c0:4e:d9:23:f2:ec:95:56:0f:90:89:a8:
35:90:2f:e2:79:3b:af:fe:80:f3:ca:1c:bd:a4:b4:
cc:5d:55:a0:6b:07:2c:54:7e:05:a7:3c:1b:e8:d3:
ff:7d:1c:7c:e4:0a:ed:d0:d9:5b:9d:e6:13:a3:6d:
16:7f:25:9d:8d:b7:a6:9e:02:42:91:d7:8e:9b:81:
3e:e9:37:84:a9:f0:6e:25:30:53:3a:d7:46:73:fa:
5d:73:e4:25:fc:fd:0d:fa:51:c9:7a:f4:1c:1c:6b:
49:49:dd:ae:78:d0:73:54:38:5f:49:0b:85:ac:58:
72:22:6e:76:91:a0:98:49:2e:30:2e:0d:fd:26:ce:
dd:91:21:a2:9f:1c:55:9d:4e:12:91:2f:e4:64:86:
c7:bf:79:ac:bd:07:2b:a5:4a:ee:04:40:14:ee:13:
0a:b6:c3:ab:43:f3:bb:22:9b:92:9b:be:81:be:e4:
70:cb:30:6f:e4:ad:c8:c1:03:b3:f5:97:7f:ed:92:
7a:d9:96:b0:d4:73:e8:3e:c7:28:c5:82:e3:c9:92:
e3:f6:d9:72:fa:83:00:d2:ef:f8:b6:a2:5e:6b:8b:
ff:64:88:ec:b6:78:d4:50:30:b4:6e:ef:56:77:15:
71:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6C:73:CC:E0:3C:25:F6:99:C0:F8:EB:C0:C5:AA:B7:25:40:2E:3F
X509v3 Authority Key Identifier:
keyid:00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/L2xzzOA8JfaZwPjrwMWqtyVALj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.23.0/24
Signature Algorithm: sha256WithRSAEncryption
83:11:57:e2:90:0b:bf:68:8c:2e:e1:bf:ff:ce:7b:98:b3:fe:
d5:d4:52:2a:db:ba:ff:30:a1:c6:1d:8c:27:69:52:12:64:13:
b1:b7:3d:35:30:2e:74:67:7d:f8:28:be:60:43:46:7d:82:79:
a5:f4:1d:9e:ca:07:ce:10:11:0b:93:82:ae:0b:57:ae:db:72:
98:eb:09:5d:2f:1f:a3:ae:99:b4:8b:4f:1e:68:ea:8e:3c:bb:
5a:99:59:5c:25:bc:3c:37:27:6f:a9:e4:c9:a6:89:16:66:78:
5b:62:67:e5:fa:6f:97:2c:46:52:be:d9:d5:ae:56:eb:25:dd:
f9:d3:ee:60:82:b3:29:a6:b2:d5:89:20:c8:eb:64:ec:70:f6:
0b:80:e6:89:a3:c3:d9:ad:c9:51:f9:7c:8a:67:b7:bd:ef:58:
71:86:27:e4:9f:da:84:62:ea:79:53:f7:41:92:63:5b:a3:be:
71:07:02:0e:2e:de:f9:23:ed:46:cb:ce:99:26:3b:37:27:16:
7e:05:5f:b1:43:35:21:df:5f:65:96:38:36:85:ea:c2:ef:94:
bf:7c:ca:ba:b2:96:91:b0:e1:55:be:50:14:a2:9f:2c:52:da:
e9:f8:7c:77:75:af:1b:d6:39:91:dd:26:30:3c:f8:18:76:3c:
53:20:78:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXONOyE0tZwgmGZ+DKumEpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwM2IyYzM4NzEwNjkwMDJhZDBiMmY0MmIwY2JmNWU5MmUz
YmU0YjMwHhcNMjUwMzI1MTY0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjZjNzNjY2UwM2MyNWY2OTljMGY4ZWJjMGM1YWFiNzI1NDAyZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdLzIiOl/cEjJW6El3+/iv/ATtkj
8uyVVg+Qiag1kC/ieTuv/oDzyhy9pLTMXVWgawcsVH4Fpzwb6NP/fRx85Art0Nlb
neYTo20WfyWdjbemngJCkdeOm4E+6TeEqfBuJTBTOtdGc/pdc+Ql/P0N+lHJevQc
HGtJSd2ueNBzVDhfSQuFrFhyIm52kaCYSS4wLg39Js7dkSGinxxVnU4SkS/kZIbH
v3msvQcrpUruBEAU7hMKtsOrQ/O7IpuSm76BvuRwyzBv5K3IwQOz9Zd/7ZJ62Zaw
1HPoPscoxYLjyZLj9tly+oMA0u/4tqJea4v/ZIjstnjUUDC0bu9WdxVxZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9sc8zgPCX2mcD468DFqrclQC4/MB8GA1UdIwQY
MBaAFAA7LDhxBpACrQsvQrDL9ekuO+SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGIt
YjM1YTBhMTQ1M2ZiLzEvTDJ4enpPQThKZmFad1BqcndNV3F0eVZBTGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGItYjM1YTBhMTQ1M2Zi
LzEvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZgXMA0G
CSqGSIb3DQEBCwUAA4IBAQCDEVfikAu/aIwu4b//znuYs/7V1FIq27r/MKHGHYwn
aVISZBOxtz01MC50Z334KL5gQ0Z9gnml9B2eygfOEBELk4KuC1eu23KY6wldLx+j
rpm0i08eaOqOPLtamVlcJbw8NydvqeTJpokWZnhbYmfl+m+XLEZSvtnVrlbrJd35
0+5ggrMpprLViSDI62TscPYLgOaJo8PZrclR+XyKZ7e971hxhifkn9qEYup5U/dB
kmNbo75xBwIOLt75I+1Gy86ZJjs3JxZ+BV+xQzUh319lljg2herC75S/fMq6spaR
sOFVvlAUop8sUtrp+Hx3da8b1jmR3SYwPPgYdjxTIHjN
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:53:46 2025 by rpki-client