Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PYmXmsMd06oVdIA17ozb-YMb2NE.roa
File: PYmXmsMd06oVdIA17ozb-YMb2NE.roa (raw, json)
Hash identifier: C3HXJjGBwPAPWCL1pjPeVruuO+bIL7jZXowh5brVexc=
Subject key identifier: 3D:89:97:9A:C3:1D:D3:AA:15:74:80:35:EE:8C:DB:F9:83:1B:D8:D1
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0194244513B351C84D849D2D3BB3A8A5EDDA
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PYmXmsMd06oVdIA17ozb-YMb2NE.roa
Signing time: Wed 01 Jan 2025 23:48:14 +0000
ROA not before: Wed 01 Jan 2025 23:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39476
IP address blocks: 45.139.124.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:13:b3:51:c8:4d:84:9d:2d:3b:b3:a8:a5:ed:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d89979ac31dd3aa15748035ee8cdbf9831bd8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b8:84:37:a3:58:79:47:73:c4:5a:b4:8a:7b:
44:5a:80:d8:ff:53:ad:77:5c:f6:4f:b4:fd:7f:40:
9f:46:b2:12:e9:e3:02:82:61:f4:de:ac:a6:8d:cc:
9f:eb:36:ea:87:9a:9e:49:62:29:2e:9c:be:95:3d:
4f:47:27:e9:e7:b9:4b:f2:82:49:43:8e:bf:39:4d:
b9:20:0a:2a:80:e1:e0:bb:99:83:ca:21:00:ec:c9:
db:b8:98:38:f0:0d:d5:5c:fb:2a:27:5b:2f:13:1a:
b8:45:d0:54:1e:d5:4f:d0:52:6a:6c:a3:fa:66:5f:
7c:ca:e3:1b:6a:4d:68:c1:39:f1:5a:66:75:80:cc:
9c:f2:9a:6d:0b:aa:22:f3:e5:a2:93:e6:e4:94:dc:
e8:6f:fa:66:39:18:ba:d5:2d:f2:a5:e0:b3:45:b1:
25:05:29:cb:a1:cc:01:f8:f4:3f:86:1f:0f:74:03:
58:33:b0:bf:96:fc:bd:11:92:0d:a2:2f:90:ac:4a:
97:d9:0d:e1:27:e5:94:5f:88:19:d6:33:77:c1:ae:
be:3a:14:11:63:47:54:65:82:5d:8c:96:98:57:89:
c5:ef:41:09:96:57:38:2a:b5:09:d5:a9:a7:96:0a:
dd:7b:f7:e9:2d:b5:18:5d:d1:13:9c:71:6f:42:78:
78:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:89:97:9A:C3:1D:D3:AA:15:74:80:35:EE:8C:DB:F9:83:1B:D8:D1
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PYmXmsMd06oVdIA17ozb-YMb2NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.124.0/24
Signature Algorithm: sha256WithRSAEncryption
83:78:4d:c0:63:d2:a2:52:0d:54:47:4c:ad:c3:11:0e:1d:48:
a3:9d:e0:1d:dc:e9:42:fe:d4:a0:47:e3:ed:92:18:17:20:d0:
8a:ed:bf:5e:d4:4c:7b:61:b6:8d:c2:fc:4b:82:08:91:53:76:
c0:9d:b0:f8:3c:3f:73:9a:2c:69:4c:42:9c:06:b5:6b:88:47:
7c:69:53:da:a9:ec:2c:24:53:35:31:88:67:57:17:26:11:48:
37:58:45:94:4b:73:dd:a8:b0:98:b6:1f:61:c1:15:70:5f:81:
98:00:82:38:08:06:e0:a0:da:5f:d9:5e:0e:5c:45:a4:6e:22:
ed:c1:1c:60:d5:a6:94:63:fa:c9:6e:f4:6e:f5:09:91:c6:9b:
0c:b6:d4:b7:d6:8a:10:81:0a:ff:7c:8a:71:28:66:92:cd:60:
1f:d4:c2:5a:69:0a:a7:fc:b2:73:ca:3f:52:a3:80:7d:a5:a4:
b2:bf:c0:98:19:1d:b9:ce:21:37:a2:e9:6f:06:83:35:03:f0:
40:a2:68:21:75:72:81:d7:84:cf:92:01:eb:70:53:18:68:33:
33:e5:d4:ff:20:e6:38:5b:1f:77:41:c3:dd:e9:fe:f0:88:f4:
f3:23:71:23:14:13:c6:5b:00:2b:b7:4e:4d:4c:ee:bd:c4:c1:
cd:ed:0c:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRROzUchNhJ0tO7Oope3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDg5OTc5YWMzMWRkM2FhMTU3NDgwMzVlZThjZGJmOTgzMWJkOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA87iEN6NYeUdzxFq0intEWoDY/1Ot
d1z2T7T9f0CfRrIS6eMCgmH03qymjcyf6zbqh5qeSWIpLpy+lT1PRyfp57lL8oJJ
Q46/OU25IAoqgOHgu5mDyiEA7MnbuJg48A3VXPsqJ1svExq4RdBUHtVP0FJqbKP6
Zl98yuMbak1owTnxWmZ1gMyc8pptC6oi8+Wik+bklNzob/pmORi61S3ypeCzRbEl
BSnLocwB+PQ/hh8PdANYM7C/lvy9EZINoi+QrEqX2Q3hJ+WUX4gZ1jN3wa6+OhQR
Y0dUZYJdjJaYV4nF70EJllc4KrUJ1amnlgrde/fpLbUYXdETnHFvQnh4AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2Jl5rDHdOqFXSANe6M2/mDG9jRMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUFltWG1zTWQwNm9WZElBMTdvemItWU1iMk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYt8MA0G
CSqGSIb3DQEBCwUAA4IBAQCDeE3AY9KiUg1UR0ytwxEOHUijneAd3OlC/tSgR+Pt
khgXINCK7b9e1Ex7YbaNwvxLggiRU3bAnbD4PD9zmixpTEKcBrVriEd8aVPaqews
JFM1MYhnVxcmEUg3WEWUS3PdqLCYth9hwRVwX4GYAII4CAbgoNpf2V4OXEWkbiLt
wRxg1aaUY/rJbvRu9QmRxpsMttS31ooQgQr/fIpxKGaSzWAf1MJaaQqn/LJzyj9S
o4B9paSyv8CYGR25ziE3oulvBoM1A/BAomghdXKB14TPkgHrcFMYaDMz5dT/IOY4
Wx93QcPd6f7wiPTzI3EjFBPGWwArt05NTO69xMHN7QwF
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:34:09 2025 by rpki-client