Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/CKaIKBYIzCcPY90H81mUnrr8ieM.roa
File: CKaIKBYIzCcPY90H81mUnrr8ieM.roa (raw, json)
Hash identifier: zGQhWm6ZoMgG5VPOqkXUgqVBvbX75YOW4WFE51m4zok=
Subject key identifier: 08:A6:88:28:16:08:CC:27:0F:63:DD:07:F3:59:94:9E:BA:FC:89:E3
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 01941FFA75BCD7FCBA80720670C678379032
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/CKaIKBYIzCcPY90H81mUnrr8ieM.roa
Signing time: Wed 01 Jan 2025 03:48:15 +0000
ROA not before: Wed 01 Jan 2025 03:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51847
IP address blocks: 45.87.102.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:75:bc:d7:fc:ba:80:72:06:70:c6:78:37:90:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Jan 1 03:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08a688281608cc270f63dd07f359949ebafc89e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d7:64:12:9f:3f:8e:df:3f:60:46:d5:ee:35:
1a:d6:76:e0:6f:fc:23:90:84:37:88:e8:b8:57:95:
af:7d:1d:a0:78:b3:15:ea:b0:56:06:9d:52:a2:3c:
6d:dd:77:55:58:25:69:47:da:d2:ad:bd:7c:b6:14:
ec:a4:9e:be:f2:f3:6b:e0:37:82:57:9d:d4:a7:97:
01:02:e6:41:5d:5a:a5:ea:b8:6c:97:78:b8:10:a9:
ba:17:fb:ce:30:0b:ca:e6:b3:79:3a:dd:90:b5:db:
98:38:8a:90:d9:af:7e:2c:4c:5e:e9:80:53:db:4c:
41:62:5f:b1:66:c8:2e:39:7e:55:48:61:60:68:0b:
37:43:c5:e9:bc:55:98:e3:7b:6d:09:de:fe:7d:10:
f9:4b:1e:2e:4e:6d:68:ea:73:6b:f9:c9:2c:9a:77:
02:5a:3a:4d:64:e2:d0:8c:94:ac:eb:c2:5a:39:80:
b1:08:00:c8:98:ba:0d:b6:84:27:a5:98:79:b4:c3:
f3:1f:21:87:bd:e1:d0:5e:2e:81:e9:4f:f5:cd:26:
5f:27:8f:ca:99:12:54:6c:78:d3:db:5c:2f:a5:0a:
f4:18:90:22:31:08:6e:44:ce:76:4b:84:ad:9b:8a:
7a:fe:c5:c5:0f:fb:97:19:7e:e2:a0:fa:ce:c1:1d:
b1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A6:88:28:16:08:CC:27:0F:63:DD:07:F3:59:94:9E:BA:FC:89:E3
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/CKaIKBYIzCcPY90H81mUnrr8ieM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.102.0/23
Signature Algorithm: sha256WithRSAEncryption
90:a6:3e:ac:9b:ff:cf:c6:aa:f2:29:d6:05:5e:c4:2a:9c:a1:
fc:84:69:ad:76:17:17:04:98:95:df:1b:cc:51:b5:4a:47:d9:
f9:98:aa:21:65:56:67:a7:93:75:e1:3f:ef:26:da:81:07:7c:
67:a7:75:a0:87:71:c1:1d:c0:21:44:9d:76:73:96:c0:09:60:
11:60:2b:79:99:d8:e3:3c:16:6a:38:8b:5b:48:9f:31:a5:4d:
da:9d:aa:5e:05:c5:b4:40:e4:62:9b:9f:d8:26:2a:da:09:82:
54:f5:63:59:d7:dc:3b:07:d9:5e:b3:41:b8:26:d2:4b:5b:4f:
e8:eb:a6:b3:06:03:7f:0c:9c:d3:b8:3e:e5:a6:73:fa:b8:b2:
a6:7f:b9:57:9a:89:0d:15:f8:49:20:78:b2:43:12:5d:2b:be:
cc:58:33:f0:06:ae:59:39:6c:9b:65:2f:3e:99:a9:9f:f2:d0:
eb:83:5f:b1:b4:bd:51:80:32:6d:c8:85:04:7c:5d:62:5a:c2:
d4:01:e3:36:0d:73:47:28:82:48:7d:bb:9e:53:de:ae:06:57:
0d:09:e9:68:02:fc:a3:83:19:49:84:55:66:16:50:90:b1:a4:
67:ca:8e:c8:23:f0:a5:45:34:57:10:cd:08:14:ea:16:58:13:
09:6a:fc:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+nW81/y6gHIGcMZ4N5AyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjUwMTAxMDM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGE2ODgyODE2MDhjYzI3MGY2M2RkMDdmMzU5OTQ5ZWJhZmM4OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptdkEp8/jt8/YEbV7jUa1nbgb/wj
kIQ3iOi4V5WvfR2geLMV6rBWBp1Sojxt3XdVWCVpR9rSrb18thTspJ6+8vNr4DeC
V53Up5cBAuZBXVql6rhsl3i4EKm6F/vOMAvK5rN5Ot2QtduYOIqQ2a9+LExe6YBT
20xBYl+xZsguOX5VSGFgaAs3Q8XpvFWY43ttCd7+fRD5Sx4uTm1o6nNr+cksmncC
WjpNZOLQjJSs68JaOYCxCADImLoNtoQnpZh5tMPzHyGHveHQXi6B6U/1zSZfJ4/K
mRJUbHjT21wvpQr0GJAiMQhuRM52S4Stm4p6/sXFD/uXGX7ioPrOwR2xwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAimiCgWCMwnD2PdB/NZlJ66/InjMB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvQ0thSUtCWUl6Q2NQWTkwSDgxbVVucnI4aWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVdmMA0G
CSqGSIb3DQEBCwUAA4IBAQCQpj6sm//PxqryKdYFXsQqnKH8hGmtdhcXBJiV3xvM
UbVKR9n5mKohZVZnp5N14T/vJtqBB3xnp3Wgh3HBHcAhRJ12c5bACWARYCt5mdjj
PBZqOItbSJ8xpU3anapeBcW0QORim5/YJiraCYJU9WNZ19w7B9les0G4JtJLW0/o
66azBgN/DJzTuD7lpnP6uLKmf7lXmokNFfhJIHiyQxJdK77MWDPwBq5ZOWybZS8+
mamf8tDrg1+xtL1RgDJtyIUEfF1iWsLUAeM2DXNHKIJIfbueU96uBlcNCeloAvyj
gxlJhFVmFlCQsaRnyo7II/ClRTRXEM0IFOoWWBMJavxr
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:23 2025 by rpki-client