Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1JWotzmNATjqlfg7RBCkJrfACv4.roa
File: 1JWotzmNATjqlfg7RBCkJrfACv4.roa (raw, json)
Hash identifier: nbMhCNzHygn/hSrPN5RPChFdqMFR3ASEV2+7vb6myyg=
Subject key identifier: D4:95:A8:B7:39:8D:01:38:EA:95:F8:3B:44:10:A4:26:B7:C0:0A:FE
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC1D560F84A871255072697901BAA8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1JWotzmNATjqlfg7RBCkJrfACv4.roa
Signing time: Wed 01 Jan 2025 17:48:55 +0000
ROA not before: Wed 01 Jan 2025 17:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206847
IP address blocks: 45.143.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1d:56:0f:84:a8:71:25:50:72:69:79:01:ba:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d495a8b7398d0138ea95f83b4410a426b7c00afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:ca:98:c2:3c:21:19:30:bb:52:27:cc:54:
79:02:92:fe:57:1d:f0:5d:12:97:69:c6:b7:c0:e7:
3b:0e:9f:be:6b:49:af:e7:17:71:2a:2d:f6:a3:f5:
6d:61:ce:a0:7e:07:6e:01:8d:b0:cf:10:5b:31:91:
02:01:50:bf:e1:48:4a:f6:fd:e6:c8:ec:68:1a:4e:
5d:ef:9a:66:8b:07:6d:b1:f3:9d:d7:e6:2d:62:c0:
bc:42:7d:d4:6f:9e:dd:42:7a:a1:c7:57:d3:2d:da:
6d:20:22:2b:12:20:41:da:18:6f:b9:38:84:43:e8:
5e:e5:bf:14:62:1a:35:f3:f1:b6:d3:90:65:67:81:
8d:44:26:bf:fb:85:38:48:75:d9:bd:35:fd:ef:45:
bb:2c:65:7d:8c:d9:8c:e6:44:dd:8c:02:82:a3:05:
29:17:bf:86:64:dd:73:64:d3:a8:22:b5:f1:a1:8b:
07:44:c3:2a:e1:3e:66:b2:c8:8a:1a:5f:e9:a4:b5:
5f:6b:1e:82:5d:6d:9c:2e:28:73:80:6e:f3:e4:e9:
b2:94:9e:df:85:2c:89:08:cd:28:e7:cf:82:d9:72:
55:4f:03:c0:98:41:48:d2:ad:2a:dc:57:ed:d6:79:
2b:4b:ca:3e:be:a9:d5:1d:6b:1b:44:63:04:cc:64:
ae:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:95:A8:B7:39:8D:01:38:EA:95:F8:3B:44:10:A4:26:B7:C0:0A:FE
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1JWotzmNATjqlfg7RBCkJrfACv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:b4:6c:c3:d3:7b:e7:33:5c:46:bd:0e:24:5f:72:7c:a7:7e:
cc:91:13:ff:a3:0f:68:44:7d:eb:48:3a:a0:c3:4c:59:6f:f1:
fd:0f:59:41:b9:fe:34:4a:21:1e:79:68:ef:27:40:57:cb:06:
cc:9d:33:09:ad:c4:ea:c8:fd:ee:37:9d:73:9b:3c:5c:7b:ed:
21:94:0e:d9:4c:bf:0a:56:47:f3:8b:22:86:43:93:98:06:1f:
0b:fd:d5:ae:c0:84:57:b5:ba:96:a7:43:2f:00:dc:d5:2c:98:
e7:fc:f3:d8:55:24:7a:47:7f:8f:e9:e3:21:c4:26:f5:85:55:
3c:10:0c:63:ef:d6:7c:55:01:e6:dd:da:06:46:ab:82:20:31:
27:28:99:fb:04:e7:82:59:4f:f2:07:22:56:a7:b6:ba:a8:f6:
4b:3d:b1:3f:c4:04:1e:88:c8:a4:7a:77:30:29:19:03:73:80:
0f:44:a7:f7:0b:5f:af:dd:91:63:26:8d:e3:c6:3b:3d:5a:f7:
3f:5a:3c:2f:03:c6:34:22:fe:ac:0f:b0:34:44:54:eb:2c:cf:
c6:31:05:30:54:70:a5:ea:a9:8d:bc:83:2e:04:db:03:06:ee:
37:a5:a9:58:f8:55:a8:a8:2f:c1:1a:28:2c:f4:b0:4e:30:b2:
e2:67:d3:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/B1WD4SocSVQcml5AbqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDk1YThiNzM5OGQwMTM4ZWE5NWY4M2I0NDEwYTQyNmI3YzAwYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOjKmMI8IRkwu1InzFR5ApL+Vx3w
XRKXaca3wOc7Dp++a0mv5xdxKi32o/VtYc6gfgduAY2wzxBbMZECAVC/4UhK9v3m
yOxoGk5d75pmiwdtsfOd1+YtYsC8Qn3Ub57dQnqhx1fTLdptICIrEiBB2hhvuTiE
Q+he5b8UYho18/G205BlZ4GNRCa/+4U4SHXZvTX970W7LGV9jNmM5kTdjAKCowUp
F7+GZN1zZNOoIrXxoYsHRMMq4T5mssiKGl/ppLVfax6CXW2cLihzgG7z5OmylJ7f
hSyJCM0o58+C2XJVTwPAmEFI0q0q3Fft1nkrS8o+vqnVHWsbRGMEzGSu7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSVqLc5jQE46pX4O0QQpCa3wAr+MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMUpXb3R6bU5BVGpxbGZnN1JCQ2tKcmZBQ3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY/8MA0G
CSqGSIb3DQEBCwUAA4IBAQBOtGzD03vnM1xGvQ4kX3J8p37MkRP/ow9oRH3rSDqg
w0xZb/H9D1lBuf40SiEeeWjvJ0BXywbMnTMJrcTqyP3uN51zmzxce+0hlA7ZTL8K
VkfziyKGQ5OYBh8L/dWuwIRXtbqWp0MvANzVLJjn/PPYVSR6R3+P6eMhxCb1hVU8
EAxj79Z8VQHm3doGRquCIDEnKJn7BOeCWU/yByJWp7a6qPZLPbE/xAQeiMikencw
KRkDc4APRKf3C1+v3ZFjJo3jxjs9Wvc/WjwvA8Y0Iv6sD7A0RFTrLM/GMQUwVHCl
6qmNvIMuBNsDBu43palY+FWoqC/BGigs9LBOMLLiZ9P5
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:39:34 2025 by rpki-client