Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/AFOcU_w_QN-XxQkkQfgesDtPy4Q.roa
File: AFOcU_w_QN-XxQkkQfgesDtPy4Q.roa (raw, json)
Hash identifier: vuDPxy3QeT/X/Z21aASlCY+NXDSblPQKGqB5xLpgpdQ=
Subject key identifier: 00:53:9C:53:FC:3F:40:DF:97:C5:09:24:41:F8:1E:B0:3B:4F:CB:84
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01942144054BA134B7935CDE6987D4CF4EAE
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/AFOcU_w_QN-XxQkkQfgesDtPy4Q.roa
Signing time: Wed 01 Jan 2025 09:48:13 +0000
ROA not before: Wed 01 Jan 2025 09:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8315
IP address blocks: 145.131.0.0/20 maxlen: 24
145.131.16.0/20 maxlen: 24
145.131.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:05:4b:a1:34:b7:93:5c:de:69:87:d4:cf:4e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00539c53fc3f40df97c5092441f81eb03b4fcb84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:1e:f8:89:9e:f3:c0:84:30:44:03:08:ae:4c:
fa:bb:98:0d:de:38:78:01:0b:2b:30:55:8e:23:78:
de:99:41:05:49:e0:64:f5:b8:47:85:78:62:3c:2d:
e4:81:fd:3c:2f:91:ee:3a:2f:e7:59:b4:13:2d:44:
b2:4a:3c:fb:25:83:75:a9:1c:ef:3d:7d:56:fd:b7:
8e:5a:70:43:8c:a0:13:2a:f3:f8:a0:2c:39:6c:a2:
85:70:c1:c9:8e:ad:e1:62:37:38:4c:6b:b9:cc:10:
21:25:54:14:ab:41:33:84:d3:58:b4:23:6f:57:75:
3b:f3:ee:af:65:c1:f1:f7:3e:82:ac:dd:36:32:6b:
ab:e1:a7:d1:b8:69:44:ef:d4:ec:5e:e1:26:81:57:
45:e1:e6:6d:0f:49:66:18:70:35:98:49:7f:2a:7b:
15:ae:86:d1:25:b8:18:c1:82:94:86:73:2e:4e:33:
64:33:73:41:8d:14:fd:a2:5a:8d:11:24:67:64:e8:
92:64:11:91:40:e9:a4:ab:25:dd:36:3c:64:05:2b:
09:aa:f4:34:e2:9e:ae:09:aa:c4:83:98:24:47:5b:
05:b2:65:38:91:90:26:01:e5:70:8d:8a:d9:28:41:
f2:df:89:ec:de:c7:bf:4e:f7:38:26:c6:ad:dc:5a:
e4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:53:9C:53:FC:3F:40:DF:97:C5:09:24:41:F8:1E:B0:3B:4F:CB:84
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/AFOcU_w_QN-XxQkkQfgesDtPy4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.131.0.0-145.131.47.255
Signature Algorithm: sha256WithRSAEncryption
7a:22:b3:06:cb:24:0e:0c:25:87:bc:04:70:61:b3:0a:93:24:
21:47:bb:2d:a7:dc:51:27:29:22:69:e2:73:4d:37:d4:bf:e6:
36:ae:36:da:68:16:4a:f9:b4:b8:ee:7a:fc:e8:37:fe:73:ae:
62:8c:ac:83:9b:7c:09:8c:4f:39:58:61:63:45:9a:1d:e7:f6:
a9:9c:d8:0b:d7:32:2e:f4:c2:a5:f4:df:2c:f4:9f:81:22:2f:
4e:e0:60:92:26:44:dd:47:fe:c2:0a:b0:0d:d4:36:0b:9b:4a:
0e:d2:f7:4c:26:73:d6:c1:b2:00:50:6e:8a:84:43:3d:7b:9c:
cb:44:fe:72:b8:be:33:4d:3c:d9:1e:56:7e:7a:9b:f6:f8:26:
48:c5:08:4e:fc:69:05:d5:a3:d6:27:34:c9:84:94:a3:8b:fb:
7c:55:7c:5c:9b:56:89:49:d5:16:74:7b:44:f6:10:0b:fa:b5:
59:4d:bd:38:1c:35:2d:a0:6d:3d:2f:4f:3f:02:e2:f4:9c:cd:
a7:fa:82:d6:04:9b:ab:a8:25:68:09:dc:62:dd:d2:75:7a:c1:
30:96:d7:a3:46:5a:d8:77:5a:8d:13:f2:9c:5f:1f:c5:7b:b6:
a9:83:0c:ee:2c:bf:b5:1c:65:f2:45:bf:8e:64:2c:fa:c0:f8:
09:02:d5:fb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQhRAVLoTS3k1zeaYfUz06uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUzOWM1M2ZjM2Y0MGRmOTdjNTA5MjQ0MWY4MWViMDNiNGZjYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9R74iZ7zwIQwRAMIrkz6u5gN3jh4
AQsrMFWOI3jemUEFSeBk9bhHhXhiPC3kgf08L5HuOi/nWbQTLUSySjz7JYN1qRzv
PX1W/beOWnBDjKATKvP4oCw5bKKFcMHJjq3hYjc4TGu5zBAhJVQUq0EzhNNYtCNv
V3U78+6vZcHx9z6CrN02Mmur4afRuGlE79TsXuEmgVdF4eZtD0lmGHA1mEl/KnsV
robRJbgYwYKUhnMuTjNkM3NBjRT9olqNESRnZOiSZBGRQOmkqyXdNjxkBSsJqvQ0
4p6uCarEg5gkR1sFsmU4kZAmAeVwjYrZKEHy34ns3se/Tvc4Jsat3FrkqwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFABTnFP8P0Dfl8UJJEH4HrA7T8uEMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvQUZPY1Vfd19RTi1YeFFra1FmZ2VzRHRQeTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwCRgwME
BJGDIDANBgkqhkiG9w0BAQsFAAOCAQEAeiKzBsskDgwlh7wEcGGzCpMkIUe7Lafc
UScpImnic0031L/mNq422mgWSvm0uO56/Og3/nOuYoysg5t8CYxPOVhhY0WaHef2
qZzYC9cyLvTCpfTfLPSfgSIvTuBgkiZE3Uf+wgqwDdQ2C5tKDtL3TCZz1sGyAFBu
ioRDPXucy0T+cri+M0082R5Wfnqb9vgmSMUITvxpBdWj1ic0yYSUo4v7fFV8XJtW
iUnVFnR7RPYQC/q1WU29OBw1LaBtPS9PPwLi9JzNp/qC1gSbq6glaAncYt3SdXrB
MJbXo0Za2HdajRPynF8fxXu2qYMM7iy/tRxl8kW/jmQs+sD4CQLV+w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:51:56 2025 by rpki-client