Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/2XDoWT6vqRxMHQPV7KWd6BUwSSk.roa
File: 2XDoWT6vqRxMHQPV7KWd6BUwSSk.roa (raw, json)
Hash identifier: 0NMEPsyPsfD94IuuxhO23wYkcwhlu/DvJeg9y5zCzro=
Subject key identifier: D9:70:E8:59:3E:AF:A9:1C:4C:1D:03:D5:EC:A5:9D:E8:15:30:49:29
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 01941FFA77D747DFB7E814BA0B44758F17DB
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/2XDoWT6vqRxMHQPV7KWd6BUwSSk.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400866
IP address blocks: 45.87.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:77:d7:47:df:b7:e8:14:ba:0b:44:75:8f:17:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d970e8593eafa91c4c1d03d5eca59de815304929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:35:38:88:5c:4d:f2:76:6a:47:3b:ea:d6:7c:
d6:38:71:74:96:51:9a:d6:9f:91:68:35:c7:52:01:
1a:fc:7d:f0:8d:4d:c1:7a:24:f5:2c:f9:a3:c4:48:
ef:7b:40:8a:3e:ca:db:9a:8e:aa:61:9d:88:e3:ba:
3e:0e:7b:7a:ae:e2:c8:66:78:91:09:e2:59:1f:6f:
bf:68:82:07:28:0d:6e:dc:91:ca:3a:e4:2a:fb:1c:
7a:e9:94:a7:81:60:36:fa:bb:d9:ea:76:85:0d:51:
4f:82:3b:0d:6c:bd:53:70:80:53:41:85:d1:66:15:
04:d6:14:0a:8c:29:0c:15:d0:91:13:ee:2a:55:fb:
48:b4:aa:fa:8e:1b:88:fa:78:1b:63:db:dd:05:83:
82:bd:d5:96:dd:64:3a:b3:df:89:a5:7a:20:9b:51:
16:fb:a6:60:ac:25:e9:40:10:21:c3:00:a0:76:17:
bc:37:38:39:4d:ea:35:35:22:ee:fb:0c:e9:58:f4:
1b:07:59:d0:d1:36:8d:d9:ca:86:07:71:72:92:66:
1a:58:ec:5d:f0:70:7a:2d:19:0e:fb:09:63:2d:71:
05:cc:ee:83:9e:b7:b0:c0:d8:c2:77:5a:e7:06:66:
59:78:1b:53:09:c0:e1:85:02:e7:a3:d8:f4:a1:9e:
43:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:70:E8:59:3E:AF:A9:1C:4C:1D:03:D5:EC:A5:9D:E8:15:30:49:29
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/2XDoWT6vqRxMHQPV7KWd6BUwSSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.100.0/24
Signature Algorithm: sha256WithRSAEncryption
26:91:f6:ff:0a:1a:09:85:0c:f4:8d:50:20:f4:45:1b:e3:c7:
24:2d:1b:e0:c5:ff:d1:61:99:94:6a:f0:bf:8b:22:a2:9f:dd:
84:b9:1d:94:5f:5b:89:7c:ac:19:8d:ea:8d:be:5a:2d:53:72:
da:69:61:b0:83:1d:2e:8b:c0:1f:35:99:e0:c5:75:32:28:c1:
05:69:dc:8c:c3:64:de:f9:17:49:41:c6:f3:eb:e0:67:dd:69:
0a:ff:5b:7a:76:e7:de:fb:a0:ce:70:5e:98:a9:41:15:cb:bb:
f7:7f:34:39:23:2b:63:86:d8:9e:6d:38:85:91:f1:3d:2e:93:
b2:e0:0f:08:a2:1e:40:02:5b:e7:c8:90:cd:37:36:eb:f1:4f:
59:5e:6b:3f:36:18:71:3d:c9:5f:a5:0c:cb:c8:33:9c:e1:a0:
64:b4:37:b6:52:76:07:8f:60:ae:e4:0d:40:88:e1:0a:ee:f5:
25:5f:31:87:e3:a8:9c:0f:03:0f:a9:d6:55:3b:7a:e2:1f:7f:
17:d4:48:b8:15:ec:f3:83:cd:35:f7:a4:ee:d9:44:93:cb:b4:
94:05:cf:61:8c:35:fb:ae:63:04:6a:82:cd:f4:34:48:a6:e5:
5e:ba:de:eb:4c:ef:95:f4:2c:1e:03:72:9d:b8:df:c8:20:1e:
bc:20:f8:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nfXR9+36BS6C0R1jxfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTcwZTg1OTNlYWZhOTFjNGMxZDAzZDVlY2E1OWRlODE1MzA0OTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jU4iFxN8nZqRzvq1nzWOHF0llGa
1p+RaDXHUgEa/H3wjU3BeiT1LPmjxEjve0CKPsrbmo6qYZ2I47o+Dnt6ruLIZniR
CeJZH2+/aIIHKA1u3JHKOuQq+xx66ZSngWA2+rvZ6naFDVFPgjsNbL1TcIBTQYXR
ZhUE1hQKjCkMFdCRE+4qVftItKr6jhuI+ngbY9vdBYOCvdWW3WQ6s9+JpXogm1EW
+6ZgrCXpQBAhwwCgdhe8Nzg5Teo1NSLu+wzpWPQbB1nQ0TaN2cqGB3FykmYaWOxd
8HB6LRkO+wljLXEFzO6DnrewwNjCd1rnBmZZeBtTCcDhhQLno9j0oZ5DAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlw6Fk+r6kcTB0D1eylnegVMEkpMB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvMlhEb1dUNnZxUnhNSFFQVjdLV2Q2QlV3U1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdkMA0G
CSqGSIb3DQEBCwUAA4IBAQAmkfb/ChoJhQz0jVAg9EUb48ckLRvgxf/RYZmUavC/
iyKin92EuR2UX1uJfKwZjeqNvlotU3LaaWGwgx0ui8AfNZngxXUyKMEFadyMw2Te
+RdJQcbz6+Bn3WkK/1t6dufe+6DOcF6YqUEVy7v3fzQ5IytjhtiebTiFkfE9LpOy
4A8Ioh5AAlvnyJDNNzbr8U9ZXms/NhhxPclfpQzLyDOc4aBktDe2UnYHj2Cu5A1A
iOEK7vUlXzGH46icDwMPqdZVO3riH38X1Ei4Fezzg80196Tu2USTy7SUBc9hjDX7
rmMEaoLN9DRIpuVeut7rTO+V9CweA3KduN/IIB68IPjI
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:14:20 2025 by rpki-client