Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/jOTtZQcz5CD0eIF7zgXcfyooUME.roa
File: jOTtZQcz5CD0eIF7zgXcfyooUME.roa (raw, json)
Hash identifier: n7TWbhbMTRNfsoNNdyGYWkmPwoq9ACx/VZl0EabCgC0=
Subject key identifier: 8C:E4:ED:65:07:33:E4:20:F4:78:81:7B:CE:05:DC:7F:2A:28:50:C1
Certificate issuer: /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial: 019566F2D0B75347EFF33612C22287BBFC31
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/jOTtZQcz5CD0eIF7zgXcfyooUME.roa
Signing time: Wed 05 Mar 2025 15:35:43 +0000
ROA not before: Wed 05 Mar 2025 15:35:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 45.145.55.0/24 maxlen: 24
194.34.245.0/24 maxlen: 24
194.34.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:f2:d0:b7:53:47:ef:f3:36:12:c2:22:87:bb:fc:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Validity
Not Before: Mar 5 15:35:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ce4ed650733e420f478817bce05dc7f2a2850c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c0:b4:45:e2:06:09:83:4a:d1:12:4a:3f:9e:
de:ff:83:81:e3:bc:a8:d3:15:f3:eb:52:70:30:a9:
92:a5:30:e4:1d:40:1d:de:30:98:13:e7:a9:8b:06:
ea:4d:8d:1b:4f:b8:5c:41:67:8a:bd:59:37:b1:51:
af:c7:c7:ea:4f:70:9c:6d:6e:73:a0:14:1d:e9:0b:
7d:af:da:ae:31:a9:97:38:af:62:3b:f7:ad:23:42:
f2:0b:ea:2e:31:24:59:bf:45:36:2c:d7:4b:a1:fb:
ff:ef:8d:d6:44:26:8c:09:6e:62:48:ef:87:92:2f:
d7:b6:1c:55:2c:c6:c4:82:36:0c:3b:41:c7:ae:26:
99:ea:41:ad:82:23:48:28:da:11:0d:9f:2e:66:81:
1d:18:be:12:6e:c6:f0:1e:e0:51:34:ac:43:e1:f4:
2b:58:0f:e3:34:55:fa:37:e3:55:71:1a:1a:79:75:
21:b2:78:66:c4:9a:16:1c:44:aa:0d:ae:2c:32:fc:
de:cb:01:fd:d2:f2:ec:78:7a:70:e1:9f:37:6a:0c:
d6:b5:05:00:c8:b0:85:a9:76:da:9c:d9:77:fc:94:
0a:1f:14:32:8c:3e:4e:5a:4c:d1:16:26:bf:18:51:
b7:a0:cd:8d:3d:db:2b:49:52:c4:cc:c4:d7:72:15:
ff:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E4:ED:65:07:33:E4:20:F4:78:81:7B:CE:05:DC:7F:2A:28:50:C1
X509v3 Authority Key Identifier:
keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/jOTtZQcz5CD0eIF7zgXcfyooUME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.55.0/24
194.34.245.0/24
194.34.247.0/24
Signature Algorithm: sha256WithRSAEncryption
37:d6:11:bc:c5:ac:d5:0c:67:ad:54:8a:7b:df:99:fd:90:c4:
c5:18:aa:b1:15:a1:51:03:5f:04:01:c3:92:a1:63:c3:ef:b7:
63:3a:08:3b:d5:64:92:50:c1:ff:56:1a:fc:e4:be:40:d3:59:
5a:7a:bc:cd:fd:9a:5e:3d:54:9d:0b:70:3c:9c:83:6d:3a:fe:
c7:9a:5a:37:6c:10:0a:45:9c:22:b4:ab:08:93:da:f9:fa:7c:
75:1e:7c:9c:21:97:51:68:fb:5a:b5:d2:02:74:9c:ea:4b:23:
c8:50:17:75:f8:1b:3c:da:9a:eb:22:85:a1:75:41:76:03:39:
c0:a7:38:46:19:81:e3:34:5a:5d:fa:1e:7e:e5:c0:e2:79:a5:
30:bd:8a:63:71:80:22:08:c1:96:ab:a3:ab:7b:fe:b4:63:f0:
54:78:dc:ce:c1:2c:f1:0f:ed:38:ad:ac:10:51:0b:c1:f6:2a:
2d:90:c3:a7:af:ca:31:94:05:ab:7a:ec:06:ce:aa:d5:05:87:
97:9d:2d:c9:b6:09:2e:16:12:9b:bb:25:53:cc:70:c8:77:a5:
8d:84:21:7b:a0:db:44:bc:40:96:04:5a:d5:34:41:6d:a3:c3:
1b:26:88:a1:08:26:12:0f:ea:15:bb:6b:49:b1:6a:2c:83:02:
6b:fa:bf:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVm8tC3U0fv8zYSwiKHu/wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjUwMzA1MTUzNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2U0ZWQ2NTA3MzNlNDIwZjQ3ODgxN2JjZTA1ZGM3ZjJhMjg1MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcC0ReIGCYNK0RJKP57e/4OB47yo
0xXz61JwMKmSpTDkHUAd3jCYE+epiwbqTY0bT7hcQWeKvVk3sVGvx8fqT3CcbW5z
oBQd6Qt9r9quMamXOK9iO/etI0LyC+ouMSRZv0U2LNdLofv/743WRCaMCW5iSO+H
ki/XthxVLMbEgjYMO0HHriaZ6kGtgiNIKNoRDZ8uZoEdGL4SbsbwHuBRNKxD4fQr
WA/jNFX6N+NVcRoaeXUhsnhmxJoWHESqDa4sMvzeywH90vLseHpw4Z83agzWtQUA
yLCFqXbanNl3/JQKHxQyjD5OWkzRFia/GFG3oM2NPdsrSVLEzMTXchX/cQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIzk7WUHM+Qg9HiBe84F3H8qKFDBMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEvak9UdFpRY3o1Q0QwZUlGN3pnWGNmeW9vVU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZE3AwQA
wiL1AwQAwiL3MA0GCSqGSIb3DQEBCwUAA4IBAQA31hG8xazVDGetVIp735n9kMTF
GKqxFaFRA18EAcOSoWPD77djOgg71WSSUMH/Vhr85L5A01laerzN/ZpePVSdC3A8
nINtOv7Hmlo3bBAKRZwitKsIk9r5+nx1HnycIZdRaPtatdICdJzqSyPIUBd1+Bs8
2prrIoWhdUF2AznApzhGGYHjNFpd+h5+5cDieaUwvYpjcYAiCMGWq6Ore/60Y/BU
eNzOwSzxD+04rawQUQvB9iotkMOnr8oxlAWreuwGzqrVBYeXnS3JtgkuFhKbuyVT
zHDId6WNhCF7oNtEvECWBFrVNEFto8MbJoihCCYSD+oVu2tJsWosgwJr+r9V
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:14 2025 by rpki-client