Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/yDCYxQgCGV7PAeEkYcHHLEaLSCU.roa
File: yDCYxQgCGV7PAeEkYcHHLEaLSCU.roa (raw, json)
Hash identifier: 3PDivRtijYM3d1Q/S/rFBCWYtpcxjPK9AfOSmnMj7YU=
Subject key identifier: C8:30:98:C5:08:02:19:5E:CF:01:E1:24:61:C1:C7:2C:46:8B:48:25
Certificate issuer: /CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Certificate serial: 019581C052D2F83B35673A61B7E4D487D57D
Authority key identifier: 00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/yDCYxQgCGV7PAeEkYcHHLEaLSCU.roa
Signing time: Mon 10 Mar 2025 20:30:19 +0000
ROA not before: Mon 10 Mar 2025 20:30:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54852
IP address blocks: 45.129.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:c0:52:d2:f8:3b:35:67:3a:61:b7:e4:d4:87:d5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002647c801fb58fcfaac135bb48f5e61fea7e566
Validity
Not Before: Mar 10 20:30:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c83098c50802195ecf01e12461c1c72c468b4825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a4:37:6b:48:fd:ca:5e:3a:be:55:55:17:1b:
a1:dd:93:e2:d1:9a:4c:e1:1b:d5:bb:d2:69:94:5f:
50:dd:ae:ac:88:15:dc:d9:ae:70:45:4f:e6:ae:57:
a2:5b:b9:4c:a3:4e:6c:2a:68:b2:51:54:36:5e:6a:
57:50:a9:0a:3e:e8:f5:5f:16:df:0c:22:08:dc:83:
b1:ca:95:cf:c8:55:da:b5:f3:b1:73:ab:80:9f:5e:
df:f5:4b:74:39:5f:0f:f5:2f:e4:55:85:72:02:8b:
4c:39:81:3c:69:6f:a8:f7:d5:4f:c2:2b:fe:2e:fc:
06:fe:95:43:46:62:73:a1:35:27:dd:9c:ce:71:e4:
0a:61:07:c2:c1:d9:84:51:8b:6b:04:0c:30:c6:d0:
22:ee:7e:70:ed:d0:66:1c:29:33:da:2d:cc:9d:2d:
1b:65:41:e4:7a:80:41:90:e3:3f:1b:05:46:0f:5a:
a3:31:3a:45:7f:97:9a:0f:45:e1:90:31:49:48:47:
80:e2:8b:0f:a3:b6:1d:45:91:1d:31:9d:63:f3:9a:
8d:03:9e:79:9e:18:f4:c3:42:64:ba:98:20:2c:8f:
38:39:12:3a:76:a9:0d:fa:58:2a:a0:15:2f:98:73:
e1:1b:4b:98:02:70:ea:d2:8e:5d:75:02:34:dd:57:
d8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:30:98:C5:08:02:19:5E:CF:01:E1:24:61:C1:C7:2C:46:8B:48:25
X509v3 Authority Key Identifier:
keyid:00:26:47:C8:01:FB:58:FC:FA:AC:13:5B:B4:8F:5E:61:FE:A7:E5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACZHyAH7WPz6rBNbtI9eYf6n5WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/yDCYxQgCGV7PAeEkYcHHLEaLSCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/cfc06f-82be-49fb-bc82-94efbf5cecd4/1/ACZHyAH7WPz6rBNbtI9eYf6n5WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.240.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:36:2d:44:2f:b8:76:5b:72:42:32:a8:be:27:59:0f:de:51:
1b:89:34:1e:c2:38:7e:10:0f:1c:c0:b9:bf:b5:db:83:1c:97:
4c:34:22:9c:43:9f:c9:cf:43:00:96:42:53:f5:41:94:7c:39:
f5:fe:0e:83:1c:56:15:61:87:9c:7e:2a:7f:9f:e3:39:bf:6b:
18:0d:cc:c2:5e:c6:4a:ec:f9:57:c3:1a:e5:90:12:4e:a5:97:
0d:11:72:15:e7:f7:a1:eb:1a:1e:a2:8a:8a:88:8d:f8:42:2c:
bb:a1:10:e0:37:22:fc:1b:94:b1:21:34:ba:71:01:c7:89:9b:
3b:82:9f:99:6d:99:dc:06:f4:95:e3:19:ca:5a:f6:e8:2e:90:
94:dc:c0:9d:ee:65:96:41:2f:dd:c2:e1:e0:10:d8:96:d7:d4:
bf:4d:0e:e5:2e:cd:77:78:ce:14:68:7e:f2:17:c6:22:20:c7:
1d:ed:e6:33:f9:35:09:78:39:56:57:50:fa:b2:d3:02:95:eb:
50:83:4a:ff:10:8e:ed:c2:9c:cf:f3:e9:34:6e:6c:f5:2b:bf:
0e:55:dd:53:93:ee:e1:4c:6b:31:4c:9b:a9:c0:1e:56:80:42:
09:d7:57:71:f6:6c:be:f9:2b:08:40:94:82:a7:55:8e:fd:53:
cb:22:5c:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWBwFLS+Ds1Zzpht+TUh9V9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjY0N2M4MDFmYjU4ZmNmYWFjMTM1YmI0OGY1ZTYxZmVh
N2U1NjYwHhcNMjUwMzEwMjAzMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODMwOThjNTA4MDIxOTVlY2YwMWUxMjQ2MWMxYzcyYzQ2OGI0ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6Q3a0j9yl46vlVVFxuh3ZPi0ZpM
4RvVu9JplF9Q3a6siBXc2a5wRU/mrleiW7lMo05sKmiyUVQ2XmpXUKkKPuj1Xxbf
DCII3IOxypXPyFXatfOxc6uAn17f9Ut0OV8P9S/kVYVyAotMOYE8aW+o99VPwiv+
LvwG/pVDRmJzoTUn3ZzOceQKYQfCwdmEUYtrBAwwxtAi7n5w7dBmHCkz2i3MnS0b
ZUHkeoBBkOM/GwVGD1qjMTpFf5eaD0XhkDFJSEeA4osPo7YdRZEdMZ1j85qNA555
nhj0w0JkupggLI84ORI6dqkN+lgqoBUvmHPhG0uYAnDq0o5ddQI03VfYowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgwmMUIAhlezwHhJGHBxyxGi0glMB8GA1UdIwQY
MBaAFAAmR8gB+1j8+qwTW7SPXmH+p+VmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODIt
OTRlZmJmNWNlY2Q0LzEveURDWXhRZ0NHVjdQQWVFa1ljSEhMRWFMU0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jZmMwNmYtODJiZS00OWZiLWJjODItOTRlZmJmNWNlY2Q0
LzEvQUNaSHlBSDdXUHo2ckJOYnRJOWVZZjZuNVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHwMA0G
CSqGSIb3DQEBCwUAA4IBAQAtNi1EL7h2W3JCMqi+J1kP3lEbiTQewjh+EA8cwLm/
tduDHJdMNCKcQ5/Jz0MAlkJT9UGUfDn1/g6DHFYVYYecfip/n+M5v2sYDczCXsZK
7PlXwxrlkBJOpZcNEXIV5/eh6xoeooqKiI34Qiy7oRDgNyL8G5SxITS6cQHHiZs7
gp+ZbZncBvSV4xnKWvboLpCU3MCd7mWWQS/dwuHgENiW19S/TQ7lLs13eM4UaH7y
F8YiIMcd7eYz+TUJeDlWV1D6stMCletQg0r/EI7twpzP8+k0bmz1K78OVd1Tk+7h
TGsxTJupwB5WgEIJ11dx9my++SsIQJSCp1WO/VPLIlx8
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:31 2025 by rpki-client