Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0a627e-c40a-4590-8c9a-696e3d188f2a/1/p_nbD9KuiCOJzHmbdVr4OiJYuSU.roa
File: p_nbD9KuiCOJzHmbdVr4OiJYuSU.roa (raw, json)
Hash identifier: 2YfZYPYmw6whN3cTmCbCktLIftyc5bzNjj98rSEk3Io=
Subject key identifier: A7:F9:DB:0F:D2:AE:88:23:89:CC:79:9B:75:5A:F8:3A:22:58:B9:25
Certificate issuer: /CN=d6cce89eea451b8294a8bb697c4993ae44d05c6f
Certificate serial: 0194258EAEECC7EF1E40330AF71FB53E6FF6
Authority key identifier: D6:CC:E8:9E:EA:45:1B:82:94:A8:BB:69:7C:49:93:AE:44:D0:5C:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1szonupFG4KUqLtpfEmTrkTQXG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/0a627e-c40a-4590-8c9a-696e3d188f2a/1/p_nbD9KuiCOJzHmbdVr4OiJYuSU.roa
Signing time: Thu 02 Jan 2025 05:48:15 +0000
ROA not before: Thu 02 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 45.85.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:ae:ec:c7:ef:1e:40:33:0a:f7:1f:b5:3e:6f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6cce89eea451b8294a8bb697c4993ae44d05c6f
Validity
Not Before: Jan 2 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7f9db0fd2ae882389cc799b755af83a2258b925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:0f:ca:c3:6e:22:78:45:d9:95:37:e7:9d:
cd:41:d7:ff:01:33:74:a2:32:ed:47:7d:ee:4f:5d:
28:ab:60:8f:f3:40:d5:f5:df:30:dc:28:34:18:e5:
c5:29:5a:52:aa:b6:6e:4d:97:5e:28:61:6f:ed:dc:
d7:e4:04:52:c1:38:0e:ec:4b:99:61:e0:8e:50:65:
9c:7a:a6:35:b7:07:01:1a:bf:c2:e2:9e:e8:3c:9c:
25:e1:28:9e:5d:bc:61:91:9e:20:71:87:43:c6:df:
da:b9:76:2f:1c:87:a4:b4:63:ba:5d:1c:55:3e:f1:
c4:66:d2:ff:5c:3b:4e:3f:94:7d:4a:33:03:45:e4:
a1:5f:52:82:18:1f:63:12:10:37:14:85:d8:80:33:
69:0b:e0:e0:6a:a9:c8:ab:bc:5c:8a:bb:ea:f5:cf:
7d:08:b9:c0:a6:4d:b2:38:a4:6b:6e:41:68:81:00:
01:a6:42:ac:f8:17:09:d6:8d:d7:6a:2b:1f:34:98:
01:8d:95:2e:c8:96:f4:7e:c5:be:13:c6:87:d5:f6:
3c:e4:cd:f0:8a:75:69:6d:9e:13:53:00:62:ae:2a:
56:60:58:2c:99:d3:f6:9a:3e:ad:c2:e6:44:3d:b3:
2c:5c:a9:64:87:f2:97:6c:01:b6:2c:77:b8:32:6d:
51:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F9:DB:0F:D2:AE:88:23:89:CC:79:9B:75:5A:F8:3A:22:58:B9:25
X509v3 Authority Key Identifier:
keyid:D6:CC:E8:9E:EA:45:1B:82:94:A8:BB:69:7C:49:93:AE:44:D0:5C:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1szonupFG4KUqLtpfEmTrkTQXG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0a627e-c40a-4590-8c9a-696e3d188f2a/1/p_nbD9KuiCOJzHmbdVr4OiJYuSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0a627e-c40a-4590-8c9a-696e3d188f2a/1/1szonupFG4KUqLtpfEmTrkTQXG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.189.0/24
Signature Algorithm: sha256WithRSAEncryption
89:63:3c:d4:cb:c3:82:85:02:94:f9:55:a1:44:f7:8e:ae:5c:
97:c5:40:6b:8d:a3:60:fb:8a:d0:a0:70:9d:bf:ad:4e:b2:cb:
e2:d4:a8:1c:4b:98:f8:5d:79:50:f8:66:f6:f7:06:85:0f:95:
41:07:74:0f:14:4c:76:c9:b4:f8:f6:8f:97:bf:ec:86:a4:fc:
4e:fd:dd:86:5d:76:cf:52:ee:1a:fd:54:14:9e:8f:05:a7:74:
f0:21:e8:46:ab:ef:b8:fa:c1:92:ce:02:a0:c9:9c:61:e2:16:
b9:ed:21:13:67:11:c2:38:1e:98:2c:28:ec:66:be:df:cd:70:
60:a3:d4:61:e8:c3:9d:8b:ce:cc:ac:c3:a8:d9:37:5c:73:a7:
5b:43:9f:11:3e:67:a9:48:a9:04:1d:ec:30:e6:35:31:f9:f7:
53:1e:c5:2e:e9:de:14:41:da:71:29:77:7b:8a:ac:95:f6:a3:
ad:d6:04:ab:24:f2:16:82:6e:e5:a2:fa:c9:41:a8:0a:d7:76:
4d:33:83:eb:98:2b:36:6d:f4:07:d8:17:99:e8:c3:28:b0:40:
33:4c:9e:16:7f:58:fd:96:d2:f5:8b:79:69:98:94:a1:4e:7f:
3c:e1:51:b0:02:de:90:60:e9:42:cd:9f:be:9b:f5:ed:d0:9e:
b0:df:00:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljq7sx+8eQDMK9x+1Pm/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2Y2NlODllZWE0NTFiODI5NGE4YmI2OTdjNDk5M2FlNDRk
MDVjNmYwHhcNMjUwMTAyMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Y5ZGIwZmQyYWU4ODIzODljYzc5OWI3NTVhZjgzYTIyNThiOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjcPysNuInhF2ZU3553NQdf/ATN0
ojLtR33uT10oq2CP80DV9d8w3Cg0GOXFKVpSqrZuTZdeKGFv7dzX5ARSwTgO7EuZ
YeCOUGWceqY1twcBGr/C4p7oPJwl4SieXbxhkZ4gcYdDxt/auXYvHIektGO6XRxV
PvHEZtL/XDtOP5R9SjMDReShX1KCGB9jEhA3FIXYgDNpC+DgaqnIq7xcirvq9c99
CLnApk2yOKRrbkFogQABpkKs+BcJ1o3XaisfNJgBjZUuyJb0fsW+E8aH1fY85M3w
inVpbZ4TUwBiripWYFgsmdP2mj6twuZEPbMsXKlkh/KXbAG2LHe4Mm1RYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKf52w/Srogjicx5m3Va+DoiWLklMB8GA1UdIwQY
MBaAFNbM6J7qRRuClKi7aXxJk65E0FxvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXN6b251cEZHNEtVcUx0cGZFbVRya1RRWEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wYTYyN2UtYzQwYS00NTkwLThjOWEt
Njk2ZTNkMTg4ZjJhLzEvcF9uYkQ5S3VpQ09KekhtYmRWcjRPaUpZdVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wYTYyN2UtYzQwYS00NTkwLThjOWEtNjk2ZTNkMTg4ZjJh
LzEvMXN6b251cEZHNEtVcUx0cGZFbVRya1RRWEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVW9MA0G
CSqGSIb3DQEBCwUAA4IBAQCJYzzUy8OChQKU+VWhRPeOrlyXxUBrjaNg+4rQoHCd
v61Ossvi1KgcS5j4XXlQ+Gb29waFD5VBB3QPFEx2ybT49o+Xv+yGpPxO/d2GXXbP
Uu4a/VQUno8Fp3TwIehGq++4+sGSzgKgyZxh4ha57SETZxHCOB6YLCjsZr7fzXBg
o9Rh6MOdi87MrMOo2Tdcc6dbQ58RPmepSKkEHeww5jUx+fdTHsUu6d4UQdpxKXd7
iqyV9qOt1gSrJPIWgm7lovrJQagK13ZNM4PrmCs2bfQH2BeZ6MMosEAzTJ4Wf1j9
ltL1i3lpmJShTn884VGwAt6QYOlCzZ++m/Xt0J6w3wBo
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:31:37 2025 by rpki-client