Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MxEoq66S0bsG48g2yoC7O2Tfwio.roa
File: MxEoq66S0bsG48g2yoC7O2Tfwio.roa (raw, json)
Hash identifier: xXRFW+NagWJ0Xl0RbSJwBv3uFljxAKiASj+feW1RJjc=
Subject key identifier: 33:11:28:AB:AE:92:D1:BB:06:E3:C8:36:CA:80:BB:3B:64:DF:C2:2A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0195A306DBE6FC650551ADF7923E51D00184
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MxEoq66S0bsG48g2yoC7O2Tfwio.roa
Signing time: Mon 17 Mar 2025 07:34:50 +0000
ROA not before: Mon 17 Mar 2025 07:34:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400536
IP address blocks: 45.12.70.0/24 maxlen: 24
185.238.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:06:db:e6:fc:65:05:51:ad:f7:92:3e:51:d0:01:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 17 07:34:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=331128abae92d1bb06e3c836ca80bb3b64dfc22a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:a1:71:83:61:a7:f1:f2:19:b4:e4:75:cc:
60:32:9f:41:ee:cb:26:62:19:85:b1:1f:25:36:c3:
ab:bf:47:21:bf:75:cd:af:e7:07:a7:a4:e4:cf:a4:
ad:eb:c4:5e:cd:47:65:29:7c:87:c9:c2:08:0b:24:
f0:97:c1:7c:3c:6b:17:08:8c:81:56:c0:f7:51:80:
77:a2:c4:42:65:5e:17:e9:f1:0f:18:dc:59:82:85:
00:f8:52:0b:1a:fa:81:4a:6b:29:aa:73:54:05:04:
1c:f9:46:0e:f6:15:b4:e5:b2:ab:c3:31:d5:e2:b2:
1f:a8:d6:0f:0f:b2:68:8d:07:42:ea:de:a3:93:9b:
b3:4e:03:10:a6:74:9f:46:e1:c7:06:ef:54:23:cb:
ca:b1:f2:27:81:78:3a:56:31:86:eb:b0:c5:90:3b:
ff:65:94:a4:77:41:45:58:2a:37:fe:69:9f:22:a2:
2a:91:59:c6:47:1b:46:bd:43:37:28:73:c2:1c:d6:
60:ac:84:cf:71:8c:ac:da:b0:38:b5:c6:6c:1a:ef:
03:bc:33:fb:53:ad:1e:36:53:3c:63:d2:50:77:c4:
f8:ce:d1:59:14:e7:5c:23:38:45:ae:e6:be:6e:01:
ff:71:e7:20:00:68:69:d8:28:ff:9e:7f:2f:38:6c:
27:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:11:28:AB:AE:92:D1:BB:06:E3:C8:36:CA:80:BB:3B:64:DF:C2:2A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MxEoq66S0bsG48g2yoC7O2Tfwio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.70.0/24
185.238.191.0/24
Signature Algorithm: sha256WithRSAEncryption
60:73:a8:1c:3a:9a:d8:11:cd:e5:56:d3:97:63:4b:c5:77:88:
38:7a:be:7d:dd:94:61:12:00:69:82:11:be:61:59:67:26:0d:
2f:45:67:62:2a:30:2c:83:49:c0:14:ef:bf:0b:01:eb:ae:a0:
7a:32:24:5b:0f:9f:74:ab:8f:c4:60:d0:6d:3b:80:c0:b1:10:
da:46:65:75:a4:cf:1a:7f:40:50:fc:9b:5a:0f:94:2b:8d:c2:
a4:55:c2:11:b8:39:52:73:67:7e:cd:2d:ce:97:45:74:8b:07:
19:5c:4a:5d:8a:5b:7f:b8:f1:1d:c3:19:20:08:cb:71:5d:7a:
c4:6b:e4:b9:7e:9d:35:35:87:e6:81:b4:ff:59:18:75:f1:8d:
1f:03:8d:f5:dc:68:5c:5e:cf:f7:d7:ed:5a:25:fb:74:bd:02:
77:75:3c:f6:b3:29:36:a0:8b:f8:1a:9a:3e:54:54:af:20:df:
55:97:09:8e:32:23:7a:2e:7b:17:e9:97:2e:46:66:41:49:d8:
6a:12:db:4a:97:12:83:1d:c5:93:eb:7c:15:55:0c:a8:ef:58:
94:a8:ff:4b:90:0f:8c:60:2c:e9:af:3c:cc:19:7c:3f:88:39:
94:f6:33:2e:29:c7:6b:e7:eb:a9:66:e0:98:60:c7:9b:46:99:
0a:19:d0:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWjBtvm/GUFUa33kj5R0AGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzE3MDczNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzExMjhhYmFlOTJkMWJiMDZlM2M4MzZjYTgwYmIzYjY0ZGZjMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEyhcYNhp/HyGbTkdcxgMp9B7ssm
YhmFsR8lNsOrv0chv3XNr+cHp6Tkz6St68RezUdlKXyHycIICyTwl8F8PGsXCIyB
VsD3UYB3osRCZV4X6fEPGNxZgoUA+FILGvqBSmspqnNUBQQc+UYO9hW05bKrwzHV
4rIfqNYPD7JojQdC6t6jk5uzTgMQpnSfRuHHBu9UI8vKsfIngXg6VjGG67DFkDv/
ZZSkd0FFWCo3/mmfIqIqkVnGRxtGvUM3KHPCHNZgrITPcYys2rA4tcZsGu8DvDP7
U60eNlM8Y9JQd8T4ztFZFOdcIzhFrua+bgH/cecgAGhp2Cj/nn8vOGwnUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDMRKKuuktG7BuPINsqAuztk38IqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTXhFb3E2NlMwYnNHNDhnMnlvQzdPMlRmd2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQxGAwQA
ue6/MA0GCSqGSIb3DQEBCwUAA4IBAQBgc6gcOprYEc3lVtOXY0vFd4g4er593ZRh
EgBpghG+YVlnJg0vRWdiKjAsg0nAFO+/CwHrrqB6MiRbD590q4/EYNBtO4DAsRDa
RmV1pM8af0BQ/JtaD5QrjcKkVcIRuDlSc2d+zS3Ol0V0iwcZXEpdilt/uPEdwxkg
CMtxXXrEa+S5fp01NYfmgbT/WRh18Y0fA4313GhcXs/31+1aJft0vQJ3dTz2syk2
oIv4Gpo+VFSvIN9VlwmOMiN6LnsX6ZcuRmZBSdhqEttKlxKDHcWT63wVVQyo71iU
qP9LkA+MYCzprzzMGXw/iDmU9jMuKcdr5+upZuCYYMebRpkKGdD9
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:05:40 2025 by rpki-client