Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tY66bFhWXUYIEhOuSN9RZCdvjFk.roa
File: tY66bFhWXUYIEhOuSN9RZCdvjFk.roa (raw, json)
Hash identifier: mU6brRLLnm7lwUlPXZY2n6ANlWueEVeS4Xkr2lVS9EU=
Subject key identifier: B5:8E:BA:6C:58:56:5D:46:08:12:13:AE:48:DF:51:64:27:6F:8C:59
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC055489E994D4F537B87D90C6B524
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tY66bFhWXUYIEhOuSN9RZCdvjFk.roa
Signing time: Wed 01 Jan 2025 17:48:49 +0000
ROA not before: Wed 01 Jan 2025 17:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3561
IP address blocks: 45.95.88.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:05:54:89:e9:94:d4:f5:37:b8:7d:90:c6:b5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b58eba6c58565d46081213ae48df5164276f8c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:53:81:10:0f:3d:e4:89:6b:af:29:9a:8c:fe:
40:56:ab:45:bd:0d:b9:a9:2a:e5:2d:fd:75:2d:00:
03:ae:43:b5:10:0d:1d:20:67:97:05:bb:c5:7c:19:
83:ba:ad:6f:b6:e2:6b:7f:eb:90:08:0d:6f:58:e6:
9e:e9:f3:e6:c4:66:4b:09:e1:95:98:7b:55:0b:3f:
52:8a:ab:ec:ba:c1:e9:a6:c5:ce:c7:d5:93:1a:b3:
79:82:84:39:de:59:0d:96:8b:08:8c:b1:31:25:a2:
6a:0e:e3:51:60:65:6d:f5:fa:8f:3a:c0:76:37:b0:
40:3b:72:17:a9:4d:d2:8a:c2:8b:31:fd:7f:4b:5c:
eb:ae:69:b6:67:c4:24:ff:e0:4d:b3:92:21:1b:53:
b0:af:a3:d4:f0:89:ce:eb:47:4f:de:08:a1:2c:df:
c8:bb:c5:ad:f9:f6:41:14:38:b2:48:29:87:bd:5e:
7c:ff:eb:f5:84:a6:43:50:26:4e:8c:22:54:56:ba:
79:60:7e:fa:43:c7:77:ce:ab:cc:19:91:99:2c:32:
13:36:3a:40:02:21:aa:cb:13:57:52:dd:cc:63:40:
f2:ce:34:76:f1:0e:eb:9b:50:a0:28:bd:ba:54:a5:
b4:ea:f1:0c:78:00:08:d6:da:18:37:84:90:14:99:
02:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:8E:BA:6C:58:56:5D:46:08:12:13:AE:48:DF:51:64:27:6F:8C:59
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tY66bFhWXUYIEhOuSN9RZCdvjFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.88.0/22
Signature Algorithm: sha256WithRSAEncryption
57:3d:6c:e7:65:b9:46:97:98:ad:34:9c:f7:f9:c9:fa:7c:b8:
f1:b0:e8:f1:c9:3e:71:b0:f6:3f:72:4c:fc:2f:87:e6:c1:84:
67:75:4d:38:04:fb:05:b8:57:16:81:84:83:67:b6:09:1a:b5:
05:b3:7b:7b:33:9b:13:db:43:b5:8c:e7:41:6f:3c:c7:5e:7c:
76:75:e0:57:2f:fb:eb:58:4d:4d:51:21:bb:e0:31:72:88:2e:
68:b1:f5:3b:f6:1c:c1:f6:a6:c2:aa:47:aa:6d:20:f3:7b:97:
39:6f:d8:9e:f0:eb:55:43:de:27:4a:41:33:b7:2f:80:84:87:
eb:a1:01:7c:91:95:35:8d:81:ab:83:af:d6:d7:78:e1:89:4a:
fd:dc:d4:7a:6f:9b:c6:7c:0d:37:8e:55:0a:36:5c:a5:3a:5c:
c1:6a:e1:3c:45:04:00:f3:88:91:8a:65:e7:1f:72:51:7f:db:
4e:cc:fc:d9:2e:bb:c0:68:47:cd:5c:8c:f0:17:f5:91:70:33:
e6:0c:b9:10:73:98:42:d1:ef:7d:79:7c:35:ba:af:cf:29:ec:
74:e2:13:9c:6a:f2:16:97:00:93:8c:55:f9:ba:44:d4:2c:db:
12:12:85:8a:7c:2d:fb:49:c1:dc:cc:40:41:0f:ae:42:c4:70:
2b:e9:20:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/AVUiemU1PU3uH2QxrUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNThlYmE2YzU4NTY1ZDQ2MDgxMjEzYWU0OGRmNTE2NDI3NmY4YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFOBEA895IlrrymajP5AVqtFvQ25
qSrlLf11LQADrkO1EA0dIGeXBbvFfBmDuq1vtuJrf+uQCA1vWOae6fPmxGZLCeGV
mHtVCz9SiqvsusHppsXOx9WTGrN5goQ53lkNlosIjLExJaJqDuNRYGVt9fqPOsB2
N7BAO3IXqU3SisKLMf1/S1zrrmm2Z8Qk/+BNs5IhG1Owr6PU8InO60dP3gihLN/I
u8Wt+fZBFDiySCmHvV58/+v1hKZDUCZOjCJUVrp5YH76Q8d3zqvMGZGZLDITNjpA
AiGqyxNXUt3MY0DyzjR28Q7rm1CgKL26VKW06vEMeAAI1toYN4SQFJkC0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWOumxYVl1GCBITrkjfUWQnb4xZMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdFk2NmJGaFdYVVlJRWhPdVNOOVJaQ2R2akZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV9YMA0G
CSqGSIb3DQEBCwUAA4IBAQBXPWznZblGl5itNJz3+cn6fLjxsOjxyT5xsPY/ckz8
L4fmwYRndU04BPsFuFcWgYSDZ7YJGrUFs3t7M5sT20O1jOdBbzzHXnx2deBXL/vr
WE1NUSG74DFyiC5osfU79hzB9qbCqkeqbSDze5c5b9ie8OtVQ94nSkEzty+AhIfr
oQF8kZU1jYGrg6/W13jhiUr93NR6b5vGfA03jlUKNlylOlzBauE8RQQA84iRimXn
H3JRf9tOzPzZLrvAaEfNXIzwF/WRcDPmDLkQc5hC0e99eXw1uq/PKex04hOcavIW
lwCTjFX5ukTULNsSEoWKfC37ScHczEBBD65CxHAr6SBY
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:08:01 2025 by rpki-client