Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/tdI54ZE-qmzv9634glocvwlYyDY.roa
File: tdI54ZE-qmzv9634glocvwlYyDY.roa (raw, json)
Hash identifier: WStjINGJhdTFxOf8Y1sLUk5iyDI2x5+dhsWh5HIsieg=
Subject key identifier: B5:D2:39:E1:91:3E:AA:6C:EF:F7:AD:F8:82:5A:1C:BF:09:58:C8:36
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 01942067DBD855A99BCD1D01CFD7CCE587AE
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/tdI54ZE-qmzv9634glocvwlYyDY.roa
Signing time: Wed 01 Jan 2025 05:47:44 +0000
ROA not before: Wed 01 Jan 2025 05:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.156.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:db:d8:55:a9:9b:cd:1d:01:cf:d7:cc:e5:87:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jan 1 05:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5d239e1913eaa6ceff7adf8825a1cbf0958c836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:aa:84:b6:00:06:be:2a:8e:9c:a1:1a:dd:0e:
fc:cc:29:58:b7:c0:c2:4d:29:32:bb:61:60:2b:5c:
e2:69:20:f8:a4:1c:02:d0:71:4e:9e:5c:16:44:d6:
f0:2b:15:d2:4c:c4:8e:71:e6:b0:e4:a2:71:e6:bc:
6b:0b:53:8e:51:93:6c:22:03:8f:f9:a2:4a:31:78:
bf:df:f9:16:f0:85:05:4d:fb:8c:b6:f1:ef:c1:db:
e2:cb:6a:93:82:a1:95:98:be:ac:ae:ff:3b:79:c5:
49:14:12:7a:58:cd:ab:0f:a7:d5:f4:b5:5d:ac:a1:
10:de:c5:ca:59:f2:fb:6c:87:42:02:c6:7a:ed:af:
1d:c1:6a:a7:3d:27:1e:37:65:61:75:c8:cd:0c:97:
e9:36:e6:66:f3:21:db:30:2c:58:d4:e9:7f:71:df:
5c:5f:b6:df:10:bd:3a:e9:89:d6:c2:b9:42:bc:bf:
68:9f:a3:22:29:45:c2:26:3c:b5:73:0e:bb:be:76:
6d:29:ad:f4:66:40:89:cd:b4:17:33:24:a3:e0:0e:
94:a5:84:85:19:ca:ac:de:c6:f7:a7:dd:bf:b6:cd:
c9:78:27:52:09:6c:66:a5:14:3a:48:42:e3:fc:bd:
a4:5d:62:61:2c:ad:e6:49:b6:97:f6:5e:97:0e:62:
d1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D2:39:E1:91:3E:AA:6C:EF:F7:AD:F8:82:5A:1C:BF:09:58:C8:36
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/tdI54ZE-qmzv9634glocvwlYyDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.52.0/22
Signature Algorithm: sha256WithRSAEncryption
23:4f:d7:7e:af:82:e8:b1:b6:dd:72:82:2f:16:e1:d5:b1:4f:
98:19:37:05:fb:2a:9e:de:21:a1:3e:e4:f7:df:25:84:2a:b7:
fa:ef:0b:cd:bc:fe:28:05:07:08:51:1b:e7:87:8f:6b:bd:3d:
38:ee:82:22:94:0e:8a:fd:46:58:5f:bf:20:1d:d4:e4:82:23:
1c:2c:a0:c9:2c:fa:1a:7d:a3:57:01:5d:50:67:24:39:22:8e:
82:b2:1f:6a:f3:43:22:11:e9:26:70:de:c4:ea:78:69:ed:1c:
c1:c1:55:bd:2a:bd:54:7f:c1:09:7e:36:13:8a:a1:22:14:d5:
55:58:54:88:e6:90:5d:65:ab:68:9c:a2:6a:06:fa:d3:fb:90:
f1:9b:80:06:d1:2b:21:bb:49:a6:92:7f:ac:f0:27:27:1e:79:
80:f2:16:54:bf:29:eb:3e:22:1e:bb:e8:7e:75:b4:67:f0:ac:
c7:b6:0a:b9:37:11:e7:51:4c:c2:3d:06:79:13:08:ce:be:fb:
f6:7f:a9:3b:03:6d:0d:f1:35:55:92:8a:36:9b:b1:a5:39:64:
b3:9d:02:1d:71:41:f1:0e:24:ac:64:2f:c2:2e:35:c2:e0:ff:
72:52:a0:9a:58:de:7f:4c:17:0a:eb:3b:84:4f:d7:a5:79:33:
99:14:a3:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ9vYVambzR0Bz9fM5YeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjUwMTAxMDU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQyMzllMTkxM2VhYTZjZWZmN2FkZjg4MjVhMWNiZjA5NThjODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqqEtgAGviqOnKEa3Q78zClYt8DC
TSkyu2FgK1ziaSD4pBwC0HFOnlwWRNbwKxXSTMSOceaw5KJx5rxrC1OOUZNsIgOP
+aJKMXi/3/kW8IUFTfuMtvHvwdviy2qTgqGVmL6srv87ecVJFBJ6WM2rD6fV9LVd
rKEQ3sXKWfL7bIdCAsZ67a8dwWqnPSceN2VhdcjNDJfpNuZm8yHbMCxY1Ol/cd9c
X7bfEL066YnWwrlCvL9on6MiKUXCJjy1cw67vnZtKa30ZkCJzbQXMySj4A6UpYSF
Gcqs3sb3p92/ts3JeCdSCWxmpRQ6SELj/L2kXWJhLK3mSbaX9l6XDmLRDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXSOeGRPqps7/et+IJaHL8JWMg2MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvdGRJNTRaRS1xbXp2OTYzNGdsb2N2d2xZeURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZw0MA0G
CSqGSIb3DQEBCwUAA4IBAQAjT9d+r4LosbbdcoIvFuHVsU+YGTcF+yqe3iGhPuT3
3yWEKrf67wvNvP4oBQcIURvnh49rvT047oIilA6K/UZYX78gHdTkgiMcLKDJLPoa
faNXAV1QZyQ5Io6Csh9q80MiEekmcN7E6nhp7RzBwVW9Kr1Uf8EJfjYTiqEiFNVV
WFSI5pBdZatonKJqBvrT+5Dxm4AG0Sshu0mmkn+s8CcnHnmA8hZUvynrPiIeu+h+
dbRn8KzHtgq5NxHnUUzCPQZ5EwjOvvv2f6k7A20N8TVVkoo2m7GlOWSznQIdcUHx
DiSsZC/CLjXC4P9yUqCaWN5/TBcK6zuET9eleTOZFKPz
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:52:48 2025 by rpki-client