Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/Ql6WTEtIaOKOpfcRV_m5Ny9TlVQ.roa
File: Ql6WTEtIaOKOpfcRV_m5Ny9TlVQ.roa (raw, json)
Hash identifier: 7Du50zsDhNAu0FlOkSynSOIpYCZXMPRcpC0+1u0ue/M=
Subject key identifier: 42:5E:96:4C:4B:48:68:E2:8E:A5:F7:11:57:F9:B9:37:2F:53:95:54
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 018CC26D4D299C28B47B6B294DA94CBA1CDC
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/Ql6WTEtIaOKOpfcRV_m5Ny9TlVQ.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198465
IP address blocks: 45.129.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4d:29:9c:28:b4:7b:6b:29:4d:a9:4c:ba:1c:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=425e964c4b4868e28ea5f71157f9b9372f539554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:34:c1:1c:8a:3c:6d:3f:b2:13:b9:68:2b:19:
a1:0c:04:3e:c9:6c:d4:e0:ea:a7:e5:cf:a0:7d:86:
89:f4:35:67:56:eb:cf:bc:9d:dc:6d:2a:3d:13:fb:
a2:54:03:21:66:eb:3f:90:86:d1:86:34:d3:45:e1:
0f:50:1c:76:9a:a2:b4:e9:6b:4f:25:dd:90:90:b2:
d2:e9:41:0a:cb:fe:f5:b9:78:30:6e:f3:6b:49:cf:
f6:96:20:c5:4f:55:a7:23:27:b1:d1:a5:c7:85:f8:
ff:c9:7c:9e:36:2c:37:4b:18:cf:45:86:ec:f6:a3:
38:56:ed:10:6d:d0:5e:a4:74:9e:11:b9:57:2b:6f:
e3:63:b8:9b:38:5f:12:db:34:3d:0c:e2:9e:b0:2e:
c9:e3:41:65:e6:de:26:a3:c2:fa:5c:9e:27:f3:f6:
20:21:36:9f:2f:ce:7c:05:97:a5:eb:cc:bb:84:5d:
4d:ad:ed:5d:1e:ff:6c:98:f1:ca:29:3a:da:43:90:
87:64:06:2e:ce:db:ef:0a:ee:b6:9e:f2:9a:40:0a:
14:ca:1f:7b:06:75:99:21:95:40:50:27:1d:0a:c7:
a5:e4:54:fc:9d:24:98:99:79:10:48:a1:61:46:78:
4b:b9:e6:a7:b3:75:6e:b5:25:9d:59:91:2d:e6:0c:
c0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5E:96:4C:4B:48:68:E2:8E:A5:F7:11:57:F9:B9:37:2F:53:95:54
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/Ql6WTEtIaOKOpfcRV_m5Ny9TlVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.14.0/24
Signature Algorithm: sha256WithRSAEncryption
65:b1:c3:1d:6b:79:e5:87:5c:f7:02:2a:f2:e3:5a:b0:bd:60:
ae:03:2d:37:7d:24:14:47:e1:27:e9:9e:95:e3:45:f5:f9:46:
30:86:5e:61:d8:ff:03:da:34:60:b1:bc:13:c0:d2:e7:49:32:
cf:8c:f6:91:75:e0:9e:96:eb:60:10:b3:05:53:5e:12:77:53:
f1:43:49:37:81:6b:ca:02:4e:da:a5:8d:fe:45:7b:2c:6a:75:
61:eb:5a:1e:c0:5a:a6:37:4a:57:b6:5e:e9:62:de:f7:c8:4f:
b5:94:80:2d:d9:a2:1d:6c:dc:d3:ef:3a:69:44:88:a1:24:00:
c3:bb:33:e3:58:ae:17:2f:3b:07:26:0c:54:58:ec:30:09:bf:
9b:2a:6c:af:d0:9f:39:82:1a:97:4c:29:8d:1e:ff:1d:b7:fc:
22:2d:ee:cc:fe:7f:0a:d6:1a:9f:44:d3:ee:e0:35:f0:6d:02:
9d:76:04:d3:8e:df:bb:bc:79:ed:85:a8:76:ff:a6:3d:d4:da:
68:65:da:ba:5e:a6:a3:25:0c:15:5a:4b:18:67:81:69:11:7b:
76:1c:b1:31:1c:c5:38:c5:94:c0:a4:1a:66:b9:57:e1:58:c1:
34:87:98:7e:bc:f0:0c:b7:cf:f7:06:42:57:0a:51:6e:90:90:
8a:37:e0:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbU0pnCi0e2spTalMuhzcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjVlOTY0YzRiNDg2OGUyOGVhNWY3MTE1N2Y5YjkzNzJmNTM5NTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDTBHIo8bT+yE7loKxmhDAQ+yWzU
4Oqn5c+gfYaJ9DVnVuvPvJ3cbSo9E/uiVAMhZus/kIbRhjTTReEPUBx2mqK06WtP
Jd2QkLLS6UEKy/71uXgwbvNrSc/2liDFT1WnIyex0aXHhfj/yXyeNiw3SxjPRYbs
9qM4Vu0QbdBepHSeEblXK2/jY7ibOF8S2zQ9DOKesC7J40Fl5t4mo8L6XJ4n8/Yg
ITafL858BZel68y7hF1Nre1dHv9smPHKKTraQ5CHZAYuztvvCu62nvKaQAoUyh97
BnWZIZVAUCcdCsel5FT8nSSYmXkQSKFhRnhLueans3VutSWdWZEt5gzA+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJelkxLSGjijqX3EVf5uTcvU5VUMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvUWw2V1RFdElhT0tPcGZjUlZfbTVOeTlUbFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYEOMA0G
CSqGSIb3DQEBCwUAA4IBAQBlscMda3nlh1z3Airy41qwvWCuAy03fSQUR+En6Z6V
40X1+UYwhl5h2P8D2jRgsbwTwNLnSTLPjPaRdeCelutgELMFU14Sd1PxQ0k3gWvK
Ak7apY3+RXssanVh61oewFqmN0pXtl7pYt73yE+1lIAt2aIdbNzT7zppRIihJADD
uzPjWK4XLzsHJgxUWOwwCb+bKmyv0J85ghqXTCmNHv8dt/wiLe7M/n8K1hqfRNPu
4DXwbQKddgTTjt+7vHnthah2/6Y91NpoZdq6XqajJQwVWksYZ4FpEXt2HLExHMU4
xZTApBpmuVfhWME0h5h+vPAMt8/3BkJXClFukJCKN+A2
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:42 2025 by rpki-client