Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/45QNBd-5GTwZothRF1UjO9T91qY.roa
File: 45QNBd-5GTwZothRF1UjO9T91qY.roa (raw, json)
Hash identifier: 9p37w7++o+hUEK0gjhkkatFf2YmEncTMhV0P7agQ6rM=
Subject key identifier: E3:94:0D:05:DF:B9:19:3C:19:A2:D8:51:17:55:23:3B:D4:FD:D6:A6
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422202FD25B034AFA3793711BCB408566
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/45QNBd-5GTwZothRF1UjO9T91qY.roa
Signing time: Wed 01 Jan 2025 13:48:42 +0000
ROA not before: Wed 01 Jan 2025 13:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203738
IP address blocks: 2a0e:8f02:f041::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2f:d2:5b:03:4a:fa:37:93:71:1b:cb:40:85:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3940d05dfb9193c19a2d8511755233bd4fdd6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:05:b7:c9:a7:24:28:e7:3c:9a:00:b5:7b:d2:
45:dd:e4:63:eb:7c:65:83:eb:7f:36:a1:8d:fd:a3:
72:01:c5:e0:4e:a5:d9:fe:e5:36:03:54:3e:ea:ca:
9f:73:a0:86:68:5d:96:42:9d:80:03:1a:ac:bc:48:
fc:3b:eb:5b:af:10:55:fa:68:50:7c:fd:64:30:9a:
1d:3d:54:35:43:d0:d3:48:06:dd:3c:f1:1a:ee:80:
58:33:eb:2a:4c:c8:74:1c:3c:5e:18:e8:82:ee:19:
7f:20:f7:65:02:7f:22:7c:a6:36:4d:e8:d4:0b:25:
bb:33:b9:2d:cd:4c:e8:42:41:f4:fc:be:2c:a3:ae:
0f:41:67:5c:bf:07:92:13:2b:d2:62:f4:df:a9:7f:
e2:5d:52:06:f1:17:56:1c:f7:4b:88:b5:1c:f4:a5:
0d:70:d7:a4:cb:15:13:9c:72:28:b4:62:48:5e:7a:
2e:85:f0:07:4e:88:43:6b:58:6a:59:97:c5:59:54:
be:f4:45:dc:53:18:71:0d:bf:1d:03:6e:4c:a2:d2:
74:96:34:4b:34:f4:92:fd:5d:95:f3:ef:d1:8a:ae:
7d:64:4f:d2:14:0c:b7:dd:6a:ae:a7:87:7e:7d:c2:
bc:80:9e:c3:b3:e5:89:1d:f3:cb:0d:3a:93:32:5f:
b3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:94:0D:05:DF:B9:19:3C:19:A2:D8:51:17:55:23:3B:D4:FD:D6:A6
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/45QNBd-5GTwZothRF1UjO9T91qY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f041::/48
Signature Algorithm: sha256WithRSAEncryption
20:96:ed:43:2d:2e:49:b3:4d:b3:08:bf:33:10:06:0f:19:f4:
f8:e6:07:65:7e:0a:a0:6c:2f:34:53:82:4e:f2:12:79:bc:a0:
87:28:41:7c:0c:23:08:e1:e0:05:c3:97:e3:cc:61:24:12:9b:
d4:3e:0d:11:a7:18:d1:52:1b:c3:67:88:f8:c1:05:7b:a5:ad:
f4:06:e5:e4:a5:b4:40:89:93:e8:4b:d1:10:16:e1:fc:5f:4c:
20:7e:1e:dd:eb:56:74:2b:97:1c:be:ec:62:e8:5d:f5:be:82:
31:aa:aa:65:0a:d0:87:ba:a4:29:78:c6:e7:3b:fe:35:20:8f:
a4:41:b7:0b:bd:00:23:6f:c8:d1:74:31:88:80:7e:d9:15:33:
11:bd:4f:25:32:b3:11:8d:4e:af:36:06:16:0e:00:a7:3f:27:
10:9a:18:4b:2f:cb:93:53:b5:75:e7:14:39:5e:90:3f:31:d6:
7b:5c:27:b3:2c:a3:5b:3b:79:c8:8e:54:a3:a5:3f:47:dc:6b:
18:09:4c:14:e9:1f:1c:d9:84:f7:b3:0a:42:80:43:d2:9c:c6:
5c:fc:92:b2:34:a0:aa:b0:34:1a:d4:b4:ce:43:d2:94:08:2c:
d4:0f:52:35:7b:51:b6:7c:57:b1:62:f6:87:6d:74:8c:a5:4d:
6f:54:9c:79
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIC/SWwNK+jeTcRvLQIVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk0MGQwNWRmYjkxOTNjMTlhMmQ4NTExNzU1MjMzYmQ0ZmRkNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQW3yackKOc8mgC1e9JF3eRj63xl
g+t/NqGN/aNyAcXgTqXZ/uU2A1Q+6sqfc6CGaF2WQp2AAxqsvEj8O+tbrxBV+mhQ
fP1kMJodPVQ1Q9DTSAbdPPEa7oBYM+sqTMh0HDxeGOiC7hl/IPdlAn8ifKY2TejU
CyW7M7ktzUzoQkH0/L4so64PQWdcvweSEyvSYvTfqX/iXVIG8RdWHPdLiLUc9KUN
cNekyxUTnHIotGJIXnouhfAHTohDa1hqWZfFWVS+9EXcUxhxDb8dA25MotJ0ljRL
NPSS/V2V8+/Riq59ZE/SFAy33Wqup4d+fcK8gJ7Ds+WJHfPLDTqTMl+zJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOOUDQXfuRk8GaLYURdVIzvU/damMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvNDVRTkJkLTVHVHdab3RoUkYxVWpPOVQ5MXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBB
MA0GCSqGSIb3DQEBCwUAA4IBAQAglu1DLS5Js02zCL8zEAYPGfT45gdlfgqgbC80
U4JO8hJ5vKCHKEF8DCMI4eAFw5fjzGEkEpvUPg0RpxjRUhvDZ4j4wQV7pa30BuXk
pbRAiZPoS9EQFuH8X0wgfh7d61Z0K5ccvuxi6F31voIxqqplCtCHuqQpeMbnO/41
II+kQbcLvQAjb8jRdDGIgH7ZFTMRvU8lMrMRjU6vNgYWDgCnPycQmhhLL8uTU7V1
5xQ5XpA/MdZ7XCezLKNbO3nIjlSjpT9H3GsYCUwU6R8c2YT3swpCgEPSnMZc/JKy
NKCqsDQa1LTOQ9KUCCzUD1I1e1G2fFexYvaHbXSMpU1vVJx5
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:29 2025 by rpki-client