Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/xSKsEIQAXbMZA-ud3ATebyj6_YU.roa
File: xSKsEIQAXbMZA-ud3ATebyj6_YU.roa (raw, json)
Hash identifier: Z88RsaMvjOoVGNQZE/AaGPfU9Jwr1Z+0yqyurCTG934=
Subject key identifier: C5:22:AC:10:84:00:5D:B3:19:03:EB:9D:DC:04:DE:6F:28:FA:FD:85
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019424451ADF9B7D307A73B501DE3D614C41
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/xSKsEIQAXbMZA-ud3ATebyj6_YU.roa
Signing time: Wed 01 Jan 2025 23:48:16 +0000
ROA not before: Wed 01 Jan 2025 23:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49661
IP address blocks: 45.142.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:1a:df:9b:7d:30:7a:73:b5:01:de:3d:61:4c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c522ac1084005db31903eb9ddc04de6f28fafd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:5a:84:52:17:44:cb:5a:0d:f8:05:97:3b:ff:
3d:5e:e9:53:8e:93:38:64:98:2c:3e:cd:4f:9f:6b:
76:4a:b0:a8:56:87:6b:96:64:17:05:38:4a:65:3b:
23:ba:d4:dc:7e:8b:f4:42:65:85:10:15:4e:d1:b1:
b3:f1:7f:da:9c:56:fa:d5:c7:f7:cb:4c:f9:4c:88:
17:66:21:1d:0c:4d:f5:c0:2b:bf:5b:2e:33:97:95:
9c:64:84:85:d0:76:8d:87:99:8b:ee:61:5f:4c:cd:
64:43:bf:a8:a8:97:54:e0:ff:cc:9a:f9:67:15:1d:
9d:ae:ec:81:ed:4d:93:0b:8c:76:64:74:14:61:5f:
67:29:e6:27:b5:ec:10:6d:b2:19:6f:61:99:3b:a0:
f7:81:74:d3:ea:4a:36:de:70:cc:50:a1:a5:df:42:
dc:b0:e5:13:71:98:04:2e:24:f0:12:1b:08:d5:06:
77:d1:a6:f0:ce:b5:53:24:a7:b1:43:75:a8:8d:79:
0c:bc:91:ad:3d:60:62:98:a5:e9:30:51:d8:d7:3d:
e2:a1:97:29:7a:50:2a:1b:28:71:e6:bd:1d:4b:21:
48:90:4c:45:bb:cb:68:ab:28:12:28:9c:ad:fb:0b:
54:2e:b1:ca:4f:e1:cf:b3:57:7d:0c:22:4f:7b:43:
e2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:22:AC:10:84:00:5D:B3:19:03:EB:9D:DC:04:DE:6F:28:FA:FD:85
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/xSKsEIQAXbMZA-ud3ATebyj6_YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.38.0/24
Signature Algorithm: sha256WithRSAEncryption
86:2f:9c:c4:6e:bd:d4:8e:b8:db:30:71:db:b6:f1:8b:ab:35:
57:3f:b4:62:72:59:d9:12:29:b9:5c:f6:fa:93:df:be:2a:50:
6b:30:6a:00:fe:e7:d2:ea:e0:aa:33:04:ae:a6:42:d9:24:d1:
4a:5a:fa:52:0d:fd:ce:f6:c3:48:75:c9:3d:39:e9:a8:56:61:
9a:8b:d2:89:ce:cb:36:a3:34:5b:16:2a:09:b6:f3:25:51:06:
e4:f1:65:85:03:49:be:1e:ef:fe:b9:1e:0d:81:40:9b:53:5f:
3e:b8:7c:46:f4:a1:27:18:d3:82:6e:b0:f9:aa:ea:04:3d:79:
9c:0d:f0:aa:fa:2a:88:65:4d:8b:0c:de:28:eb:dc:1e:75:19:
11:e5:f9:f9:e7:88:28:97:ce:9e:7a:f1:77:47:bd:00:2a:97:
3a:a2:89:ab:8a:dd:3a:63:ab:ce:17:5c:46:94:63:01:f9:49:
ce:9d:fa:35:48:46:00:ef:e0:56:db:27:ee:cd:ac:99:3e:38:
7f:0c:ef:7d:47:56:8b:53:73:3d:04:0e:cc:7d:f0:23:1e:6f:
e2:ac:ac:38:43:ea:77:b4:4b:7e:91:c5:6f:d5:dc:3b:a7:bd:
55:2b:40:ab:22:c2:e7:84:d4:69:2a:c3:31:32:c2:98:d8:75:
d2:3a:00:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRRrfm30wenO1Ad49YUxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTIyYWMxMDg0MDA1ZGIzMTkwM2ViOWRkYzA0ZGU2ZjI4ZmFmZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FqEUhdEy1oN+AWXO/89XulTjpM4
ZJgsPs1Pn2t2SrCoVodrlmQXBThKZTsjutTcfov0QmWFEBVO0bGz8X/anFb61cf3
y0z5TIgXZiEdDE31wCu/Wy4zl5WcZISF0HaNh5mL7mFfTM1kQ7+oqJdU4P/Mmvln
FR2druyB7U2TC4x2ZHQUYV9nKeYntewQbbIZb2GZO6D3gXTT6ko23nDMUKGl30Lc
sOUTcZgELiTwEhsI1QZ30abwzrVTJKexQ3WojXkMvJGtPWBimKXpMFHY1z3ioZcp
elAqGyhx5r0dSyFIkExFu8toqygSKJyt+wtULrHKT+HPs1d9DCJPe0PiuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUirBCEAF2zGQPrndwE3m8o+v2FMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEveFNLc0VJUUFYYk1aQS11ZDNBVGVieWo2X1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY4mMA0G
CSqGSIb3DQEBCwUAA4IBAQCGL5zEbr3UjrjbMHHbtvGLqzVXP7RiclnZEim5XPb6
k9++KlBrMGoA/ufS6uCqMwSupkLZJNFKWvpSDf3O9sNIdck9OemoVmGai9KJzss2
ozRbFioJtvMlUQbk8WWFA0m+Hu/+uR4NgUCbU18+uHxG9KEnGNOCbrD5quoEPXmc
DfCq+iqIZU2LDN4o69wedRkR5fn554gol86eevF3R70AKpc6oomrit06Y6vOF1xG
lGMB+UnOnfo1SEYA7+BW2yfuzayZPjh/DO99R1aLU3M9BA7MffAjHm/irKw4Q+p3
tEt+kcVv1dw7p71VK0CrIsLnhNRpKsMxMsKY2HXSOgBA
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:35:19 2025 by rpki-client