Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/1-g043uZGbcoJpf0hDKUAK6KYjMY.roa
File: 1-g043uZGbcoJpf0hDKUAK6KYjMY.roa (raw, json)
Hash identifier: oXh/AdBAL+hhAJ60ylz2T4fDifmqPlRHNnfI4LxfO4g=
Subject key identifier: FA:0D:38:DE:E6:46:6D:CA:09:A5:FD:21:0C:A5:00:2B:A2:98:8C:C6
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 0194221FA3A270059B884F0F63D5906D27C5
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/1-g043uZGbcoJpf0hDKUAK6KYjMY.roa
Signing time: Wed 01 Jan 2025 13:48:06 +0000
ROA not before: Wed 01 Jan 2025 13:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214295
IP address blocks: 45.142.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a3:a2:70:05:9b:88:4f:0f:63:d5:90:6d:27:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 1 13:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa0d38dee6466dca09a5fd210ca5002ba2988cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:10:2a:ed:3a:3a:90:58:00:c1:ce:66:b2:25:
8b:5c:d9:1a:18:3e:5b:b7:a1:01:0c:a5:5c:92:13:
f9:b7:78:3c:c9:64:74:b4:58:07:6b:92:a9:40:45:
d1:d5:c1:d3:12:5e:86:b5:1e:ce:d6:bb:e1:04:fe:
24:dc:4a:5f:fa:aa:0a:8c:ec:a8:f6:df:aa:69:62:
8f:8e:27:8e:af:1d:fc:49:01:56:65:96:24:bc:60:
23:ab:93:8d:ca:df:66:3d:1c:92:b4:1e:02:c9:8c:
18:74:e4:11:dd:1e:13:a9:47:22:bb:24:ab:81:97:
52:24:0f:68:1f:e0:79:77:e0:e3:9f:30:90:26:d4:
88:11:0c:d3:1d:c2:ef:62:7b:7a:23:a7:af:a4:6d:
70:8b:af:fe:b2:4c:ff:5e:35:b5:5e:dc:97:63:65:
2a:34:8f:fe:77:9f:c1:29:84:cd:bb:e3:9b:22:0f:
10:7a:0b:cb:fc:f2:72:ac:83:25:c2:d4:4c:d6:34:
3a:8a:dc:a0:c4:3d:66:f0:e4:71:91:81:fc:2f:fc:
bc:77:10:06:68:b7:dc:89:ea:70:fa:f9:ac:dc:a2:
24:49:75:11:f2:0f:70:1b:75:ad:06:4d:60:6d:50:
c2:91:a7:8b:75:88:51:82:77:9a:81:c2:79:58:fd:
1f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0D:38:DE:E6:46:6D:CA:09:A5:FD:21:0C:A5:00:2B:A2:98:8C:C6
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/1-g043uZGbcoJpf0hDKUAK6KYjMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.193.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bb:5c:54:47:ce:7c:60:1c:6a:ab:06:1e:fa:a7:ca:33:dd:
ef:88:bc:cb:94:c6:b7:c0:61:f6:5f:d8:ce:53:1a:af:5d:c1:
b1:06:e7:42:07:18:bb:0d:a2:26:8d:e3:e0:15:dd:78:f8:8b:
67:c3:cd:97:3b:b6:d3:37:5e:77:5b:9e:3b:76:91:da:0b:ea:
33:cc:f3:34:d5:76:48:20:19:e1:12:b6:c0:cd:b6:ef:c4:2c:
fa:e7:e1:ec:33:8c:87:1d:49:a7:54:a8:2d:d6:05:85:84:fd:
34:94:01:65:ba:5f:af:79:8d:99:9d:a8:9c:e2:ea:27:03:d3:
26:fc:56:15:a1:b9:64:a0:ab:63:3b:b5:81:4b:97:95:19:74:
1d:73:e3:a5:f2:e6:6a:42:a7:fc:57:27:d0:89:0f:2b:23:ac:
2c:96:ea:9b:ba:c6:25:7c:75:a0:58:d5:40:3e:11:68:ad:e5:
de:0c:38:ed:45:f6:72:0f:9c:42:4f:40:ff:5f:ee:9f:e3:0e:
57:58:0e:d1:df:6f:71:05:51:36:1d:63:22:a2:61:f6:bc:e9:
83:c4:96:73:4d:0d:d3:e1:b0:68:a9:4d:1a:a7:5d:73:64:30:
1a:8d:f3:b6:5c:65:73:30:38:32:ae:b5:ec:4d:ab:ea:fc:99:
de:a7:b6:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH6OicAWbiE8PY9WQbSfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjUwMTAxMTM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBkMzhkZWU2NDY2ZGNhMDlhNWZkMjEwY2E1MDAyYmEyOTg4Y2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRAq7To6kFgAwc5msiWLXNkaGD5b
t6EBDKVckhP5t3g8yWR0tFgHa5KpQEXR1cHTEl6GtR7O1rvhBP4k3Epf+qoKjOyo
9t+qaWKPjieOrx38SQFWZZYkvGAjq5ONyt9mPRyStB4CyYwYdOQR3R4TqUciuySr
gZdSJA9oH+B5d+DjnzCQJtSIEQzTHcLvYnt6I6evpG1wi6/+skz/XjW1XtyXY2Uq
NI/+d5/BKYTNu+ObIg8QegvL/PJyrIMlwtRM1jQ6itygxD1m8ORxkYH8L/y8dxAG
aLfciepw+vms3KIkSXUR8g9wG3WtBk1gbVDCkaeLdYhRgneagcJ5WP0fuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoNON7mRm3KCaX9IQylACuimIzGMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvMS1nMDQzdVpHYmNvSnBmMGhES1VBSzZLWWpNWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvM2ViYjQ2LWI5ZGQtNDY5NS04MTVjLTQ2ZWU1NzhhMGJm
ZS8xL3dzRXJVbnBkSDR1THp5TU90aEgxTHhIVks3OC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2OwTAN
BgkqhkiG9w0BAQsFAAOCAQEADrtcVEfOfGAcaqsGHvqnyjPd74i8y5TGt8Bh9l/Y
zlMar13BsQbnQgcYuw2iJo3j4BXdePiLZ8PNlzu20zded1ueO3aR2gvqM8zzNNV2
SCAZ4RK2wM2278Qs+ufh7DOMhx1Jp1SoLdYFhYT9NJQBZbpfr3mNmZ2onOLqJwPT
JvxWFaG5ZKCrYzu1gUuXlRl0HXPjpfLmakKn/Fcn0IkPKyOsLJbqm7rGJXx1oFjV
QD4RaK3l3gw47UX2cg+cQk9A/1/un+MOV1gO0d9vcQVRNh1jIqJh9rzpg8SWc00N
0+GwaKlNGqddc2QwGo3ztlxlczA4Mq617E2r6vyZ3qe2Qg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:34 2025 by rpki-client