Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/a0GKpzKa2l-eFBlKQIWeWorMYWE.roa
File: a0GKpzKa2l-eFBlKQIWeWorMYWE.roa (raw, json)
Hash identifier: ToDMarZPFqTg+Vik2NKe1VnAgzMIR0HHOC5Xh17RUK0=
Subject key identifier: 6B:41:8A:A7:32:9A:DA:5F:9E:14:19:4A:40:85:9E:5A:8A:CC:61:61
Certificate issuer: /CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Certificate serial: 0194236A4977AA7DCA40C6B9D1FAB804AC6E
Authority key identifier: 98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/a0GKpzKa2l-eFBlKQIWeWorMYWE.roa
Signing time: Wed 01 Jan 2025 19:49:15 +0000
ROA not before: Wed 01 Jan 2025 19:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208959
IP address blocks: 45.15.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:49:77:aa:7d:ca:40:c6:b9:d1:fa:b8:04:ac:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Validity
Not Before: Jan 1 19:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b418aa7329ada5f9e14194a40859e5a8acc6161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:29:63:4b:cf:ad:8b:45:65:f4:6d:76:bd:ec:
9b:b2:d4:4e:96:f2:56:a0:18:63:4a:a5:be:a7:99:
22:58:d8:23:a2:f5:02:0f:c2:ce:1e:ee:91:0a:07:
22:9e:41:90:2c:e4:3e:b7:9a:0a:d9:d4:86:3d:ff:
39:e6:b7:45:73:4a:86:64:2a:46:e3:07:80:83:e4:
be:1a:53:72:49:06:d5:f2:63:cb:e9:7e:9a:18:07:
04:3e:2d:59:68:82:b2:24:44:c8:21:23:0c:7f:78:
99:f3:ac:4c:5c:d0:b3:9a:78:ea:10:5a:ae:e2:9e:
85:1c:e4:97:df:5a:c4:1c:62:d5:61:2b:e9:0b:5e:
70:55:bd:53:cf:9f:45:82:36:38:58:22:e6:05:86:
c2:e8:d9:a1:83:20:5c:c7:73:c1:f8:59:90:bb:93:
a7:27:4c:2b:c5:2f:a5:b1:61:cf:a9:e6:81:e0:55:
41:8b:60:bb:56:ba:cd:51:17:ec:3a:51:56:77:1c:
aa:70:b4:d1:0b:9a:e8:d9:e0:26:de:51:72:98:80:
d2:89:ea:f0:39:9f:21:21:3a:2b:48:b5:d3:f4:e1:
fd:db:64:ff:67:20:4c:d7:be:dc:08:e7:87:82:8e:
69:4a:3b:7b:9e:5a:06:42:c6:27:e9:e9:af:36:bf:
9a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:41:8A:A7:32:9A:DA:5F:9E:14:19:4A:40:85:9E:5A:8A:CC:61:61
X509v3 Authority Key Identifier:
keyid:98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/a0GKpzKa2l-eFBlKQIWeWorMYWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.210.0/24
Signature Algorithm: sha256WithRSAEncryption
52:ca:58:0d:24:51:68:d4:4d:74:a1:dd:c7:df:20:4f:29:d3:
8f:38:78:d0:14:4d:8a:98:e9:0f:4d:0b:97:ec:83:0f:95:6e:
07:7c:38:9f:a3:6e:f5:07:1b:47:c6:f5:13:96:7f:42:48:68:
5e:ee:65:41:5c:d6:26:75:16:24:d0:4e:f9:1e:66:b3:02:1d:
be:02:bb:b3:f8:34:89:d3:cb:ef:66:71:0f:27:f1:b1:05:01:
79:62:d6:0d:77:31:2d:a6:a1:6f:49:fb:c0:c3:6b:10:3c:ba:
8c:95:a9:9b:e8:64:d7:3f:bc:3f:0d:73:0a:f1:a5:91:58:d4:
36:a2:da:2c:d0:2c:61:47:99:06:5f:04:9f:32:a2:05:8b:f1:
ee:9b:55:9e:31:40:fb:c3:e5:33:59:92:e4:ca:e1:7b:84:ba:
77:dd:cb:bd:cc:96:21:45:32:3a:1c:9a:c6:ac:02:29:8f:e9:
48:00:e3:f3:41:76:c0:80:f5:38:71:39:26:c4:9b:6e:24:3c:
07:fe:c5:08:c2:cb:c1:8b:cb:67:4e:ff:2a:c2:f6:f6:fa:86:
46:08:42:1e:a7:c2:74:79:0c:c2:6b:b4:e2:84:4e:3d:26:c7:
f6:b8:f0:9a:13:9e:8e:52:05:e8:ec:5c:62:34:e0:f2:fb:30:
7d:0c:19:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakl3qn3KQMa50fq4BKxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjhhMTk5MmJiODAzN2RkZTgxZDBjOGNkYzA2OTVmY2Vl
MTdjMjcwHhcNMjUwMTAxMTk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQxOGFhNzMyOWFkYTVmOWUxNDE5NGE0MDg1OWU1YThhY2M2MTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yljS8+ti0Vl9G12veybstROlvJW
oBhjSqW+p5kiWNgjovUCD8LOHu6RCgcinkGQLOQ+t5oK2dSGPf855rdFc0qGZCpG
4weAg+S+GlNySQbV8mPL6X6aGAcEPi1ZaIKyJETIISMMf3iZ86xMXNCzmnjqEFqu
4p6FHOSX31rEHGLVYSvpC15wVb1Tz59FgjY4WCLmBYbC6NmhgyBcx3PB+FmQu5On
J0wrxS+lsWHPqeaB4FVBi2C7VrrNURfsOlFWdxyqcLTRC5ro2eAm3lFymIDSierw
OZ8hITorSLXT9OH922T/ZyBM177cCOeHgo5pSjt7nloGQsYn6emvNr+aRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtBiqcymtpfnhQZSkCFnlqKzGFhMB8GA1UdIwQY
MBaAFJhooZkruAN93oHQyM3AaV/O4XwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2It
ZDc4ZDU2MzFkN2Y2LzEvYTBHS3B6S2EybC1lRkJsS1FJV2VXb3JNWVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2ItZDc4ZDU2MzFkN2Y2
LzEvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ/SMA0G
CSqGSIb3DQEBCwUAA4IBAQBSylgNJFFo1E10od3H3yBPKdOPOHjQFE2KmOkPTQuX
7IMPlW4HfDifo271BxtHxvUTln9CSGhe7mVBXNYmdRYk0E75HmazAh2+Aruz+DSJ
08vvZnEPJ/GxBQF5YtYNdzEtpqFvSfvAw2sQPLqMlamb6GTXP7w/DXMK8aWRWNQ2
otos0CxhR5kGXwSfMqIFi/Hum1WeMUD7w+UzWZLkyuF7hLp33cu9zJYhRTI6HJrG
rAIpj+lIAOPzQXbAgPU4cTkmxJtuJDwH/sUIwsvBi8tnTv8qwvb2+oZGCEIep8J0
eQzCa7TihE49Jsf2uPCaE56OUgXo7FxiNODy+zB9DBlD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:23 2025 by rpki-client