Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/40d893-e099-4148-b28e-9e614f4466c5/1/kUpP9yOySUTwOXnjnt4QbkLJjjk.roa
File: kUpP9yOySUTwOXnjnt4QbkLJjjk.roa (raw, json)
Hash identifier: OkWnfIfoQhtv+T7++DqmGRcYD6JbuN66n6ieBaFWE5A=
Subject key identifier: 91:4A:4F:F7:23:B2:49:44:F0:39:79:E3:9E:DE:10:6E:42:C9:8E:39
Certificate issuer: /CN=edf54be1b5ed5fd592faca468df1110095f3ea0a
Certificate serial: 07141702
Authority key identifier: ED:F5:4B:E1:B5:ED:5F:D5:92:FA:CA:46:8D:F1:11:00:95:F3:EA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7fVL4bXtX9WS-spGjfERAJXz6go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/40d893-e099-4148-b28e-9e614f4466c5/1/kUpP9yOySUTwOXnjnt4QbkLJjjk.roa
Signing time: Sat 01 Jan 2022 13:58:47 +0000
ROA not before: Sat 01 Jan 2022 13:58:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.129.55.0/24 maxlen: 32
45.129.52.0/24 maxlen: 32
45.129.54.0/24 maxlen: 32
45.129.53.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118757122 (0x7141702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edf54be1b5ed5fd592faca468df1110095f3ea0a
Validity
Not Before: Jan 1 13:58:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=914a4ff723b24944f03979e39ede106e42c98e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:40:27:72:0a:8f:50:b1:a5:ae:02:24:ee:
64:66:36:1c:7f:12:1a:23:81:34:cb:05:0f:fa:ff:
59:0e:fd:6e:ef:7f:62:76:f9:fa:9d:89:bb:b7:29:
45:9a:9f:ef:84:bf:0e:6b:53:64:98:f0:06:4c:5b:
f5:21:35:4b:19:d5:e3:c1:fc:3f:aa:55:4a:89:a8:
ee:6b:b4:cd:bc:3f:b4:bd:85:54:4b:86:d7:e8:c0:
bc:01:50:c2:c5:4a:cc:06:b3:3e:fa:ec:b5:5f:ca:
bf:ca:7f:83:fe:99:49:a8:3a:cb:a2:0d:99:3d:94:
37:73:c8:88:13:e9:bf:fa:14:1f:13:b2:82:49:ac:
86:77:ec:47:f2:84:d2:79:cc:23:07:91:e1:bf:6e:
5b:70:16:4c:f9:58:e9:62:8f:96:20:0b:16:de:72:
05:ad:7f:52:4f:aa:d0:30:8d:5f:ba:05:19:ee:82:
3c:7a:0d:65:ed:ee:a0:b4:54:67:d7:ee:52:a0:4d:
f0:3d:68:28:2d:44:14:b1:ff:69:30:37:7d:66:a7:
ff:83:2e:e2:1a:a1:7d:aa:e9:bd:81:fd:aa:ed:c8:
e9:e2:14:5c:30:d4:2e:dc:4b:2c:54:5f:c6:f3:94:
01:54:40:4a:36:9d:17:16:72:a3:83:e4:9e:a7:dc:
8b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4A:4F:F7:23:B2:49:44:F0:39:79:E3:9E:DE:10:6E:42:C9:8E:39
X509v3 Authority Key Identifier:
keyid:ED:F5:4B:E1:B5:ED:5F:D5:92:FA:CA:46:8D:F1:11:00:95:F3:EA:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fVL4bXtX9WS-spGjfERAJXz6go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/40d893-e099-4148-b28e-9e614f4466c5/1/kUpP9yOySUTwOXnjnt4QbkLJjjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/40d893-e099-4148-b28e-9e614f4466c5/1/7fVL4bXtX9WS-spGjfERAJXz6go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.52.0/22
Signature Algorithm: sha256WithRSAEncryption
28:78:9a:88:1d:b2:a7:65:e7:b7:cd:8a:66:7a:da:1a:4c:27:
56:fb:6e:73:ee:08:bd:fd:ba:c9:a8:8f:f6:0a:11:f9:c5:57:
8d:e8:cf:fb:fa:4a:0a:1e:dd:22:56:15:ab:6d:9f:fb:6d:9e:
18:3c:ca:9f:b2:21:e0:87:06:cd:d1:a1:40:18:93:e5:97:cc:
97:bd:a3:24:39:10:20:83:d6:a5:e6:09:47:5f:92:70:b0:b0:
09:25:2f:fb:b2:20:1e:13:36:5e:88:11:b9:e8:e4:be:c0:45:
96:14:6c:fe:af:49:5b:de:ec:ac:c2:4a:84:8f:4b:4c:0b:64:
1f:7d:fa:b5:6e:04:23:e0:12:6a:91:61:6f:56:28:08:7b:24:
f3:bf:f6:28:b7:ee:07:75:e4:da:7f:9f:aa:1f:a0:c9:fb:64:
c1:80:e1:4f:62:3c:cf:ef:f9:c0:4e:e1:e3:0c:57:1a:1b:b5:
c3:e0:d1:4a:97:b6:98:8c:b6:ae:2a:6f:0b:8b:50:07:2d:88:
7f:eb:23:03:f1:74:fb:2d:f6:9c:fe:df:45:64:9f:2a:b2:8a:
3f:a8:2c:43:10:39:8e:72:dc:7f:80:f6:8f:4b:ed:f0:bf:1d:
db:5c:5f:da:00:85:2c:2a:02:07:4b:ff:97:97:15:94:ae:b6:
f5:68:cb:36
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBxQXAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZGY1NGJlMWI1ZWQ1ZmQ1OTJmYWNhNDY4ZGYxMTEwMDk1ZjNlYTBhMB4XDTIyMDEw
MTEzNTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTE0YTRmZjcyM2Iy
NDk0NGYwMzk3OWUzOWVkZTEwNmU0MmM5OGUzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5uQCdyCo9QsaWuAiTuZGY2HH8SGiOBNMsFD/r/WQ79bu9/
Ynb5+p2Ju7cpRZqf74S/DmtTZJjwBkxb9SE1SxnV48H8P6pVSomo7mu0zbw/tL2F
VEuG1+jAvAFQwsVKzAazPvrstV/Kv8p/g/6ZSag6y6INmT2UN3PIiBPpv/oUHxOy
gkmshnfsR/KE0nnMIweR4b9uW3AWTPlY6WKPliALFt5yBa1/Uk+q0DCNX7oFGe6C
PHoNZe3uoLRUZ9fuUqBN8D1oKC1EFLH/aTA3fWan/4Mu4hqhfarpvYH9qu3I6eIU
XDDULtxLLFRfxvOUAVRASjadFxZyo4Pknqfci0kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSRSk/3I7JJRPA5eeOe3hBuQsmOOTAfBgNVHSMEGDAWgBTt9Uvhte1f1ZL6
ykaN8REAlfPqCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdmVkw0Ylh0WDlXUy1zcEdqZkVSQUpYejZnby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvNDBkODkzLWUwOTktNDE0OC1iMjhlLTllNjE0ZjQ0NjZjNS8x
L2tVcFA5eU95U1VUd09YbmpudDRRYmtMSmpqay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
NDBkODkzLWUwOTktNDE0OC1iMjhlLTllNjE0ZjQ0NjZjNS8xLzdmVkw0Ylh0WDlX
Uy1zcEdqZkVSQUpYejZnby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2BNDANBgkqhkiG9w0BAQsFAAOC
AQEAKHiaiB2yp2Xnt82KZnraGkwnVvtuc+4Ivf26yaiP9goR+cVXjejP+/pKCh7d
IlYVq22f+22eGDzKn7Ih4IcGzdGhQBiT5ZfMl72jJDkQIIPWpeYJR1+ScLCwCSUv
+7IgHhM2XogRuejkvsBFlhRs/q9JW97srMJKhI9LTAtkH336tW4EI+ASapFhb1Yo
CHsk87/2KLfuB3Xk2n+fqh+gyftkwYDhT2I8z+/5wE7h4wxXGhu1w+DRSpe2mIy2
ripvC4tQBy2If+sjA/F0+y32nP7fRWSfKrKKP6gsQxA5jnLcf4D2j0vt8L8d21xf
2gCFLCoCB0v/l5cVlK629WjLNg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:30 2025 by rpki-client