Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/gf5XFlgvC8pERwrlK5LoL2sXlHE.roa
File: gf5XFlgvC8pERwrlK5LoL2sXlHE.roa (raw, json)
Hash identifier: JPyHl8l/41KirDeXfkpcWORF22TQZRLVrNb1aXqrS3E=
Subject key identifier: 81:FE:57:16:58:2F:0B:CA:44:47:0A:E5:2B:92:E8:2F:6B:17:94:71
Certificate issuer: /CN=a1d71853324eb060fbafc988233860499c96c53a
Certificate serial: 019425213C839504097C418A01C67DA211BB
Authority key identifier: A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/gf5XFlgvC8pERwrlK5LoL2sXlHE.roa
Signing time: Thu 02 Jan 2025 03:48:42 +0000
ROA not before: Thu 02 Jan 2025 03:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22427
IP address blocks: 45.148.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:3c:83:95:04:09:7c:41:8a:01:c6:7d:a2:11:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d71853324eb060fbafc988233860499c96c53a
Validity
Not Before: Jan 2 03:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81fe5716582f0bca44470ae52b92e82f6b179471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:30:bd:00:f8:da:c0:3b:46:bf:c4:64:e7:d0:
ed:66:5d:9f:77:b6:53:0e:9c:04:9f:ef:aa:8a:be:
c4:d5:4a:37:23:29:8f:c6:e0:ef:00:fb:fa:d1:7b:
5a:d1:45:e7:87:9c:0a:f8:b8:c2:df:94:68:ce:f2:
83:14:6b:15:9b:51:a3:1c:bf:db:60:d2:9f:4e:9a:
75:e1:a8:5e:6a:fe:01:88:66:ba:c6:55:ec:11:25:
cd:7f:1f:ab:91:68:3e:ff:3a:dd:d9:d2:5f:f9:f9:
b3:a3:31:47:0f:c4:ae:54:56:a4:96:03:98:54:91:
d3:62:76:de:e9:6e:c5:44:8b:79:6f:f3:a0:2a:1b:
8d:14:29:ff:1e:75:f3:d4:33:bf:9c:92:d8:1d:b9:
4e:e4:67:b4:a5:0b:69:1d:67:8b:d5:d8:92:4e:26:
07:27:c7:57:4f:27:17:d4:99:6b:b7:32:3a:55:61:
d8:99:24:18:15:4e:44:59:3e:cd:66:10:b2:1f:87:
88:8c:b7:75:85:f2:04:01:3c:f1:e6:5e:dc:6c:ea:
4e:f2:4d:83:40:81:3d:0f:6e:f6:e3:36:8b:c3:41:
b8:b1:06:65:c1:ba:b4:b5:ec:1c:d4:54:41:1a:9b:
87:32:78:fc:2d:7b:3f:13:c9:2f:9c:41:03:98:da:
59:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:FE:57:16:58:2F:0B:CA:44:47:0A:E5:2B:92:E8:2F:6B:17:94:71
X509v3 Authority Key Identifier:
keyid:A1:D7:18:53:32:4E:B0:60:FB:AF:C9:88:23:38:60:49:9C:96:C5:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odcYUzJOsGD7r8mIIzhgSZyWxTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/gf5XFlgvC8pERwrlK5LoL2sXlHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7656db-94a5-45be-9435-7061356bef1b/1/odcYUzJOsGD7r8mIIzhgSZyWxTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.134.0/24
Signature Algorithm: sha256WithRSAEncryption
84:93:8b:f9:6d:29:fb:b3:97:29:8b:fe:80:d3:3e:34:9f:45:
6d:83:a0:2f:46:a0:c5:b1:7e:8c:1f:22:cb:9f:c1:6f:f0:60:
cc:63:0c:0d:c3:28:08:61:17:50:c8:96:6e:a3:00:b9:25:40:
0f:da:82:17:e5:a2:1f:c9:3c:fc:8f:af:a6:5d:4b:58:ef:f5:
91:46:92:cf:cd:ce:7d:42:5d:9c:aa:66:80:0a:c8:d1:36:90:
3c:19:b8:b1:87:f6:b9:c1:e9:a4:b2:d0:17:3d:5a:8b:bf:08:
13:02:bb:a9:e5:9d:d9:3f:8f:c6:b4:91:67:6b:89:5b:32:28:
30:85:00:5f:b2:d3:ec:30:ba:20:02:2d:c1:0d:f7:41:a8:65:
a3:10:e0:d9:13:96:a3:7c:8e:15:94:ef:7b:94:99:2c:a8:96:
f9:d7:b1:84:53:19:41:e2:a3:4a:f4:3e:39:71:dc:9b:e9:25:
5f:10:19:70:43:8d:5c:3d:38:7d:7d:66:93:fe:55:00:58:84:
a5:03:bd:39:3c:cb:d6:51:91:58:3f:0c:76:af:3b:98:f5:d2:
15:d1:dd:4e:27:99:12:47:60:56:1a:1f:20:25:e6:b2:fe:36:
0c:89:07:bc:0a:7f:7a:0a:15:26:a2:dc:f1:df:4d:50:36:8a:
56:47:24:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlITyDlQQJfEGKAcZ9ohG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDcxODUzMzI0ZWIwNjBmYmFmYzk4ODIzMzg2MDQ5OWM5
NmM1M2EwHhcNMjUwMTAyMDM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWZlNTcxNjU4MmYwYmNhNDQ0NzBhZTUyYjkyZTgyZjZiMTc5NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jC9APjawDtGv8Rk59DtZl2fd7ZT
DpwEn++qir7E1Uo3IymPxuDvAPv60Xta0UXnh5wK+LjC35RozvKDFGsVm1GjHL/b
YNKfTpp14aheav4BiGa6xlXsESXNfx+rkWg+/zrd2dJf+fmzozFHD8SuVFaklgOY
VJHTYnbe6W7FRIt5b/OgKhuNFCn/HnXz1DO/nJLYHblO5Ge0pQtpHWeL1diSTiYH
J8dXTycX1JlrtzI6VWHYmSQYFU5EWT7NZhCyH4eIjLd1hfIEATzx5l7cbOpO8k2D
QIE9D2724zaLw0G4sQZlwbq0tewc1FRBGpuHMnj8LXs/E8kvnEEDmNpZAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIH+VxZYLwvKREcK5SuS6C9rF5RxMB8GA1UdIwQY
MBaAFKHXGFMyTrBg+6/JiCM4YEmclsU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUt
NzA2MTM1NmJlZjFiLzEvZ2Y1WEZsZ3ZDOHBFUndybEs1TG9MMnNYbEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NjU2ZGItOTRhNS00NWJlLTk0MzUtNzA2MTM1NmJlZjFi
LzEvb2RjWVV6Sk9zR0Q3cjhtSUl6aGdTWnlXeFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZSGMA0G
CSqGSIb3DQEBCwUAA4IBAQCEk4v5bSn7s5cpi/6A0z40n0Vtg6AvRqDFsX6MHyLL
n8Fv8GDMYwwNwygIYRdQyJZuowC5JUAP2oIX5aIfyTz8j6+mXUtY7/WRRpLPzc59
Ql2cqmaACsjRNpA8Gbixh/a5wemkstAXPVqLvwgTArup5Z3ZP4/GtJFna4lbMigw
hQBfstPsMLogAi3BDfdBqGWjEODZE5ajfI4VlO97lJksqJb517GEUxlB4qNK9D45
cdyb6SVfEBlwQ41cPTh9fWaT/lUAWISlA705PMvWUZFYPwx2rzuY9dIV0d1OJ5kS
R2BWGh8gJeay/jYMiQe8Cn96ChUmotzx301QNopWRyTE
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:43 2025 by rpki-client