Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3ApZtw3qja5s8cKpBb7FoEcP2KY.roa
File: 3ApZtw3qja5s8cKpBb7FoEcP2KY.roa (raw, json)
Hash identifier: DbTWqpH1960AKxi6VjgWAOU23WslaheKJgmBriyZqVM=
Subject key identifier: DC:0A:59:B7:0D:EA:8D:AE:6C:F1:C2:A9:05:BE:C5:A0:47:0F:D8:A6
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E7B4E8F448D1BE7764B0BFB0E20D3
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3ApZtw3qja5s8cKpBb7FoEcP2KY.roa
Signing time: Mon 02 Jan 2023 06:15:01 +0000
ROA not before: Mon 02 Jan 2023 06:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210732
IP address blocks: 45.154.99.0/24 maxlen: 24
2a0c:b641:4d0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:7b:4e:8f:44:8d:1b:e7:76:4b:0b:fb:0e:20:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc0a59b70dea8dae6cf1c2a905bec5a0470fd8a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e0:c8:24:bf:0f:db:79:0e:9b:70:e1:3c:66:
99:d2:8e:b0:0c:a6:5a:8b:0c:7f:99:da:5b:31:4b:
18:4e:bb:e4:58:bf:52:5d:8a:2f:f6:61:d3:8b:81:
b7:d6:fb:b6:91:39:da:d9:6a:67:5f:9f:6f:f2:b8:
85:bc:5e:ed:83:94:b8:c9:3f:b3:92:07:f9:40:66:
14:2e:a4:d8:65:77:5e:c4:dd:6a:f7:da:69:84:ba:
45:7b:01:fb:ef:c7:d8:8d:7e:21:9c:e0:66:a4:24:
ea:08:f1:38:7e:b3:b6:af:07:4c:3e:7c:b8:c1:29:
09:e3:e3:b8:0d:6c:16:de:71:e1:e6:24:ba:f5:f8:
fc:a9:a1:e5:63:e9:68:b6:a9:9c:5d:09:d7:a3:f6:
5a:01:b0:b3:9b:34:b6:cc:b8:33:fc:30:2a:e3:34:
9f:83:84:94:65:85:c7:ba:0a:dd:55:a4:ea:be:3a:
a5:20:39:21:18:8a:cd:b5:3e:3d:11:e4:e2:6f:72:
fa:fd:1c:76:e2:91:b4:92:39:6e:ea:a4:aa:fc:2b:
f1:fc:13:3f:30:54:df:04:a2:b6:da:d9:00:e4:ce:
71:43:81:10:72:ba:95:cf:19:86:cb:2d:3c:9f:40:
d4:1e:cc:d3:89:6b:af:c1:bb:3d:35:81:b2:82:48:
2f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0A:59:B7:0D:EA:8D:AE:6C:F1:C2:A9:05:BE:C5:A0:47:0F:D8:A6
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3ApZtw3qja5s8cKpBb7FoEcP2KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.99.0/24
IPv6:
2a0c:b641:4d0::/44
Signature Algorithm: sha256WithRSAEncryption
31:a2:ec:d9:17:60:0f:af:ee:6f:a8:2f:e6:c2:01:08:c1:1f:
3c:90:56:66:59:7f:dc:a0:bc:f6:06:71:72:e3:69:7d:b6:d1:
af:fa:8d:c4:2c:c8:d4:c6:99:71:64:44:4a:c2:84:f9:0c:ff:
99:99:f5:97:9b:21:dd:07:8c:75:22:5d:ca:59:ab:7f:a2:b1:
d7:6d:83:1f:0e:91:87:08:5e:e5:38:f6:52:d7:bc:06:0f:6f:
a7:ca:72:af:6b:d6:64:0b:47:74:1b:7b:33:a5:f7:59:2c:bb:
1e:44:60:d8:b0:1f:63:19:e8:93:3e:80:de:44:0e:2f:55:72:
ea:a2:f8:57:0a:86:47:3e:c6:ab:dd:3f:0a:64:bb:13:45:1a:
99:88:3b:85:f7:0e:de:17:93:51:2b:83:c6:32:56:b5:65:59:
62:0e:53:3e:75:1c:89:80:dc:3c:25:b6:be:d5:02:d5:71:4e:
1e:93:a1:9f:70:cd:bf:06:6a:53:75:2e:af:96:ba:96:70:f2:
8b:83:b8:c2:e3:93:fd:32:5a:e7:12:58:24:6d:6a:bb:29:cd:
52:ec:49:39:6f:db:78:90:d8:a0:90:ee:39:64:3a:84:1c:f6:
2b:73:59:3d:d8:3f:8b:35:0d:70:46:e6:45:5c:14:6f:1a:e8:
a9:75:34:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxHntOj0SNG+d2Swv7DiDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBhNTliNzBkZWE4ZGFlNmNmMWMyYTkwNWJlYzVhMDQ3MGZkOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjODIJL8P23kOm3DhPGaZ0o6wDKZa
iwx/mdpbMUsYTrvkWL9SXYov9mHTi4G31vu2kTna2WpnX59v8riFvF7tg5S4yT+z
kgf5QGYULqTYZXdexN1q99pphLpFewH778fYjX4hnOBmpCTqCPE4frO2rwdMPny4
wSkJ4+O4DWwW3nHh5iS69fj8qaHlY+lotqmcXQnXo/ZaAbCzmzS2zLgz/DAq4zSf
g4SUZYXHugrdVaTqvjqlIDkhGIrNtT49EeTib3L6/Rx24pG0kjlu6qSq/Cvx/BM/
MFTfBKK22tkA5M5xQ4EQcrqVzxmGyy08n0DUHszTiWuvwbs9NYGygkgvDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNwKWbcN6o2ubPHCqQW+xaBHD9imMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvM0FwWnR3M3FqYTVzOGNLcEJiN0ZvRWNQMktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZpjMA8E
AgACMAkDBwQqDLZBBNAwDQYJKoZIhvcNAQELBQADggEBADGi7NkXYA+v7m+oL+bC
AQjBHzyQVmZZf9ygvPYGcXLjaX220a/6jcQsyNTGmXFkRErChPkM/5mZ9ZebId0H
jHUiXcpZq3+isddtgx8OkYcIXuU49lLXvAYPb6fKcq9r1mQLR3QbezOl91ksux5E
YNiwH2MZ6JM+gN5EDi9Vcuqi+FcKhkc+xqvdPwpkuxNFGpmIO4X3Dt4Xk1Erg8Yy
VrVlWWIOUz51HImA3Dwltr7VAtVxTh6ToZ9wzb8GalN1Lq+WupZw8ouDuMLjk/0y
WucSWCRtarspzVLsSTlv23iQ2KCQ7jlkOoQc9itzWT3YP4s1DXBG5kVcFG8a6Kl1
NNQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:41:17 2025 by rpki-client