Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/sFnlwbiQ75y8_114DKwn3kP_iWc.roa
File: sFnlwbiQ75y8_114DKwn3kP_iWc.roa (raw, json)
Hash identifier: dkHr9wKemXLLSQfaJK2+kCvWwELtA6u+nMBynz2rXgQ=
Subject key identifier: B0:59:E5:C1:B8:90:EF:9C:BC:FF:5D:78:0C:AC:27:DE:43:FF:89:67
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01942747376E57EC33A98121B6AE7617778B
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/sFnlwbiQ75y8_114DKwn3kP_iWc.roa
Signing time: Thu 02 Jan 2025 13:49:26 +0000
ROA not before: Thu 02 Jan 2025 13:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207408
IP address blocks: 45.11.183.0/24 maxlen: 24
194.76.227.0/24 maxlen: 24
2a0b:7140:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:37:6e:57:ec:33:a9:81:21:b6:ae:76:17:77:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 13:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b059e5c1b890ef9cbcff5d780cac27de43ff8967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a2:58:32:83:04:51:aa:59:2e:5d:69:20:65:
d2:ba:4d:b0:a6:14:75:22:a4:46:f8:9d:3a:ff:e3:
d8:b9:d4:27:c5:73:5b:1b:ab:37:f9:d2:47:fe:9e:
c3:76:05:11:1e:d2:bf:9b:58:33:da:46:d4:aa:d9:
fb:52:a3:ff:dc:54:96:91:98:01:2b:db:10:b3:41:
4c:b7:7c:43:a9:6c:6e:25:5c:1d:03:5d:7e:e8:fc:
4a:b5:de:aa:ce:d0:45:df:b2:a7:e7:6b:d2:c1:e1:
88:04:f2:3b:50:43:11:0b:d8:de:6e:4e:88:59:29:
72:68:a9:30:ca:6e:49:5a:e6:f0:7d:50:5c:26:e0:
a0:5f:73:02:37:29:59:5b:70:2c:fe:a4:34:3a:fd:
65:02:b1:4a:d8:af:5c:46:aa:f7:6f:5e:a7:d3:82:
8a:99:72:e7:1b:4d:7d:fc:8b:a8:0a:00:cf:63:ec:
f6:27:3e:3a:69:e3:87:4d:2e:88:93:83:b1:1a:f2:
8b:96:ee:fb:48:bb:60:41:51:6b:50:1d:9e:12:9e:
17:bd:6a:fb:57:f2:f3:ee:02:cc:79:81:f0:72:06:
74:ca:ca:95:b7:f0:0d:bc:d4:2c:8d:0b:d4:d4:84:
46:21:e0:d6:d8:cf:bf:36:f1:a8:7b:fc:29:6a:a5:
ef:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:59:E5:C1:B8:90:EF:9C:BC:FF:5D:78:0C:AC:27:DE:43:FF:89:67
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/sFnlwbiQ75y8_114DKwn3kP_iWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.183.0/24
194.76.227.0/24
IPv6:
2a0b:7140:1::/48
Signature Algorithm: sha256WithRSAEncryption
09:c3:3a:0a:a2:dd:c7:ad:f8:3c:ff:76:ce:48:fe:54:cb:15:
c7:61:0b:da:16:a9:76:52:e4:ac:8b:27:fa:f3:f6:15:bb:96:
b5:47:d6:cb:76:38:f8:4c:53:7e:09:54:a8:c8:96:98:8e:f4:
32:66:ee:fc:ca:ef:90:eb:31:e7:d1:ae:8e:9d:08:d9:fe:54:
37:28:50:5d:9a:2e:73:b5:08:1f:48:9b:07:fe:ba:62:7f:6f:
1c:65:3b:bc:1d:2b:9b:70:71:7a:2f:59:d9:86:a0:f6:57:3c:
c3:ad:4c:22:06:54:55:b2:ee:61:65:f2:7c:b7:0a:10:17:dd:
26:cb:94:83:a2:6f:1b:de:dd:ac:4b:49:91:51:ea:a9:5c:c1:
b4:51:63:4b:0d:c3:25:d0:e8:a7:4c:69:91:3e:a7:b5:48:b9:
07:24:23:91:81:9e:a2:19:77:3f:0b:fd:b0:4b:81:4e:c9:02:
5f:fd:8c:e0:45:73:cf:03:42:52:a0:a1:a0:c7:12:02:2a:a1:
1c:91:67:26:62:4f:fb:40:2d:2d:ce:47:7b:ea:55:97:14:24:
18:37:ef:42:a5:5c:47:8d:37:65:f3:01:2f:2d:cb:21:cc:d1:
94:4b:c6:22:b0:ab:62:d9:f2:3d:5b:8e:0f:70:48:9c:f8:02:
fe:e7:9b:dd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQnRzduV+wzqYEhtq52F3eLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjUwMTAyMTM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDU5ZTVjMWI4OTBlZjljYmNmZjVkNzgwY2FjMjdkZTQzZmY4OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6JYMoMEUapZLl1pIGXSuk2wphR1
IqRG+J06/+PYudQnxXNbG6s3+dJH/p7DdgURHtK/m1gz2kbUqtn7UqP/3FSWkZgB
K9sQs0FMt3xDqWxuJVwdA11+6PxKtd6qztBF37Kn52vSweGIBPI7UEMRC9jebk6I
WSlyaKkwym5JWubwfVBcJuCgX3MCNylZW3As/qQ0Ov1lArFK2K9cRqr3b16n04KK
mXLnG019/IuoCgDPY+z2Jz46aeOHTS6Ik4OxGvKLlu77SLtgQVFrUB2eEp4XvWr7
V/Lz7gLMeYHwcgZ0ysqVt/ANvNQsjQvU1IRGIeDW2M+/NvGoe/wpaqXvswIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLBZ5cG4kO+cvP9deAysJ95D/4lnMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvc0ZubHdiaVE3NXk4XzExNERLd24za1BfaVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALQu3AwQA
wkzjMA8EAgACMAkDBwAqC3FAAAEwDQYJKoZIhvcNAQELBQADggEBAAnDOgqi3cet
+Dz/ds5I/lTLFcdhC9oWqXZS5KyLJ/rz9hW7lrVH1st2OPhMU34JVKjIlpiO9DJm
7vzK75DrMefRro6dCNn+VDcoUF2aLnO1CB9Imwf+umJ/bxxlO7wdK5twcXovWdmG
oPZXPMOtTCIGVFWy7mFl8ny3ChAX3SbLlIOibxve3axLSZFR6qlcwbRRY0sNwyXQ
6KdMaZE+p7VIuQckI5GBnqIZdz8L/bBLgU7JAl/9jOBFc88DQlKgoaDHEgIqoRyR
ZyZiT/tALS3OR3vqVZcUJBg370KlXEeNN2XzAS8tyyHM0ZRLxiKwq2LZ8j1bjg9w
SJz4Av7nm90=
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:05:06 2025 by rpki-client