Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/yrP7gVuY1Ge1BoC_b6btyPyfCvA.roa
File: yrP7gVuY1Ge1BoC_b6btyPyfCvA.roa (raw, json)
Hash identifier: GlxZEe6SKUxBIs0VQkk3NwZDSxxUfOhs9CGXEBUwKTw=
Subject key identifier: CA:B3:FB:81:5B:98:D4:67:B5:06:80:BF:6F:A6:ED:C8:FC:9F:0A:F0
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 0193D82D8752BE5412B063200285BE370F8E
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/yrP7gVuY1Ge1BoC_b6btyPyfCvA.roa
Signing time: Wed 18 Dec 2024 05:11:22 +0000
ROA not before: Wed 18 Dec 2024 05:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 45.140.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d8:2d:87:52:be:54:12:b0:63:20:02:85:be:37:0f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Dec 18 05:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cab3fb815b98d467b50680bf6fa6edc8fc9f0af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c1:84:e8:e0:02:c9:72:76:9b:81:69:b8:d8:
30:22:e1:d3:73:c9:36:87:9e:44:9c:d0:77:20:b0:
3b:4c:c4:22:fc:fb:e0:0c:43:54:ca:ae:90:97:7b:
34:e8:30:fd:58:df:a7:f3:41:6f:cd:c2:73:a7:f1:
e6:43:7f:87:62:e8:37:49:31:3a:27:90:f4:fe:a3:
a2:c8:e5:a1:1b:ef:b7:5a:17:b8:86:0e:1f:c5:49:
01:04:95:cd:28:d5:1e:35:be:b6:e8:1c:7b:87:d4:
ad:a9:b9:ee:1e:26:81:8f:56:23:f5:01:b3:45:40:
3c:6d:a1:f7:12:16:be:13:7d:47:3c:15:ac:0a:3e:
15:7b:87:45:95:08:69:d9:3a:3f:56:1d:e2:ba:68:
a5:25:19:db:34:e3:f0:56:12:e0:bd:36:69:0b:96:
7c:3f:10:e9:be:13:29:8b:eb:72:18:65:3b:77:aa:
7b:74:14:aa:af:a5:1e:48:1f:46:d5:eb:74:e4:c7:
be:6a:ee:63:d0:67:a5:b3:3d:8a:0b:53:59:f5:d8:
25:eb:44:08:bf:d6:02:e0:fb:eb:56:f1:bf:d3:f8:
42:ad:8d:b6:2b:3b:6e:9b:f2:35:7e:62:e2:8b:3b:
a4:b5:d5:32:d7:27:61:e5:c8:cf:3d:97:15:ba:6e:
17:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B3:FB:81:5B:98:D4:67:B5:06:80:BF:6F:A6:ED:C8:FC:9F:0A:F0
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/yrP7gVuY1Ge1BoC_b6btyPyfCvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.247.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:5e:b8:38:e1:07:dd:0f:3e:75:e5:48:c1:b9:5e:f3:76:5e:
5f:cd:3e:10:a3:58:3c:21:64:6d:4b:d3:25:84:33:08:94:b0:
39:52:ae:8c:11:73:e5:12:51:77:7a:f8:b2:3c:86:a0:9a:b1:
35:db:3c:14:7d:60:1d:7c:c2:28:21:f9:1d:4b:74:45:8f:15:
86:fd:91:36:6c:ab:29:13:bf:62:eb:22:ad:7c:d3:ab:27:a4:
29:99:0a:de:6a:60:f5:2a:a2:92:a2:5e:63:19:d9:1d:e5:bd:
65:b6:c9:55:83:96:76:11:a7:8c:fa:31:3a:17:f0:49:05:0d:
ff:3d:72:f2:c2:d1:3b:eb:5e:b0:f0:11:d9:7d:92:f1:3a:fa:
93:cc:54:06:82:e3:75:71:38:ca:53:e2:65:fc:d3:41:cb:cc:
7e:be:42:b5:6e:9f:10:52:96:12:fd:24:29:17:b9:e3:e1:cb:
42:6b:39:f5:d2:a0:fa:67:3f:db:81:bd:58:c8:10:a4:a8:71:
fb:ea:63:56:ec:2c:2e:ec:f0:a0:d3:57:41:da:0b:e2:eb:ea:
c2:c3:00:92:da:22:64:22:3c:a0:ba:da:91:10:c0:44:f1:6e:
2d:d8:50:df:bc:89:e8:e0:e8:b5:c0:3b:ee:eb:b6:fa:d8:6c:
4f:ab:f3:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPYLYdSvlQSsGMgAoW+Nw+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQxMjE4MDUxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIzZmI4MTViOThkNDY3YjUwNjgwYmY2ZmE2ZWRjOGZjOWYwYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cGE6OACyXJ2m4FpuNgwIuHTc8k2
h55EnNB3ILA7TMQi/PvgDENUyq6Ql3s06DD9WN+n80FvzcJzp/HmQ3+HYug3STE6
J5D0/qOiyOWhG++3Whe4hg4fxUkBBJXNKNUeNb626Bx7h9StqbnuHiaBj1Yj9QGz
RUA8baH3Eha+E31HPBWsCj4Ve4dFlQhp2To/Vh3iumilJRnbNOPwVhLgvTZpC5Z8
PxDpvhMpi+tyGGU7d6p7dBSqr6UeSB9G1et05Me+au5j0Gelsz2KC1NZ9dgl60QI
v9YC4PvrVvG/0/hCrY22Kztum/I1fmLiizuktdUy1ydh5cjPPZcVum4XawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqz+4FbmNRntQaAv2+m7cj8nwrwMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEveXJQN2dWdVkxR2UxQm9DX2I2YnR5UHlmQ3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYz3MA0G
CSqGSIb3DQEBCwUAA4IBAQA8Xrg44QfdDz515UjBuV7zdl5fzT4Qo1g8IWRtS9Ml
hDMIlLA5Uq6MEXPlElF3eviyPIagmrE12zwUfWAdfMIoIfkdS3RFjxWG/ZE2bKsp
E79i6yKtfNOrJ6QpmQreamD1KqKSol5jGdkd5b1ltslVg5Z2EaeM+jE6F/BJBQ3/
PXLywtE7616w8BHZfZLxOvqTzFQGguN1cTjKU+Jl/NNBy8x+vkK1bp8QUpYS/SQp
F7nj4ctCazn10qD6Zz/bgb1YyBCkqHH76mNW7Cwu7PCg01dB2gvi6+rCwwCS2iJk
IjygutqREMBE8W4t2FDfvIno4Oi1wDvu67b62GxPq/NS
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:12:23 2025 by rpki-client