Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/cJX1Uua4_9D9CC5q_mwxAvWoAwU.roa
File: cJX1Uua4_9D9CC5q_mwxAvWoAwU.roa (raw, json)
Hash identifier: sTW8VJ2m/AzzGYhCXwLwoKJnoF3jHTtXRuvW0/EJtcQ=
Subject key identifier: 70:95:F5:52:E6:B8:FF:D0:FD:08:2E:6A:FE:6C:31:02:F5:A8:03:05
Certificate issuer: /CN=d5b6d2a0a8c538e917fb94aa96791a3be7b8063a
Certificate serial: 0185704BD49A42CBC9C2EEA3C64A0F448751
Authority key identifier: D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/cJX1Uua4_9D9CC5q_mwxAvWoAwU.roa
Signing time: Mon 02 Jan 2023 02:24:55 +0000
ROA not before: Mon 02 Jan 2023 02:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 45.129.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:d4:9a:42:cb:c9:c2:ee:a3:c6:4a:0f:44:87:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b6d2a0a8c538e917fb94aa96791a3be7b8063a
Validity
Not Before: Jan 2 02:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7095f552e6b8ffd0fd082e6afe6c3102f5a80305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a2:97:c4:1b:93:e4:e7:32:6a:dc:45:41:27:
dc:78:fa:f1:dd:46:00:df:ac:97:0f:4e:8d:d1:23:
11:26:10:57:4a:52:63:c8:45:ad:46:05:df:8f:a4:
b8:7a:2a:b9:06:c2:7d:a8:41:4e:2e:02:72:65:b4:
d6:72:13:bb:e1:97:ea:34:24:c4:dd:09:71:b5:f3:
30:89:41:92:17:68:15:b2:18:0e:62:dc:60:a6:c5:
53:c9:64:3a:a9:80:1e:c4:a2:83:98:f1:1a:01:73:
d9:2f:78:5a:2d:c8:93:ee:b2:33:d2:cd:0b:05:6c:
76:e1:7f:e6:2c:3d:62:d8:5c:ab:10:ca:cf:a1:0c:
28:04:d3:af:1a:6a:fb:93:bc:42:4b:9c:97:72:1b:
d4:0d:91:1f:8d:ae:6d:9e:78:b2:25:1d:de:62:06:
86:60:be:7e:e3:65:2d:fd:3e:d3:95:3b:0d:8d:7d:
bb:bc:fd:b4:ea:ce:3f:da:a9:19:47:5a:55:a4:72:
ea:b9:7d:fb:0a:91:10:8f:61:fc:c3:57:f4:a3:74:
88:fb:7f:01:7f:3b:ff:fe:d9:59:69:3e:07:4e:17:
ba:29:9c:f8:7c:af:78:7e:cb:0b:fb:78:15:c3:8b:
61:94:4b:39:08:36:40:ed:44:51:53:30:fa:45:c0:
75:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:95:F5:52:E6:B8:FF:D0:FD:08:2E:6A:FE:6C:31:02:F5:A8:03:05
X509v3 Authority Key Identifier:
keyid:D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/cJX1Uua4_9D9CC5q_mwxAvWoAwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.16.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:4d:aa:1d:be:8b:0b:3e:af:dd:7f:8f:82:85:45:ce:6e:0d:
e4:32:5e:73:a7:36:f4:3b:ea:75:24:a5:28:4b:40:73:7a:f3:
ef:18:b2:b5:6f:b6:73:05:24:d4:7f:fb:3a:be:0d:34:96:f0:
55:9c:0f:88:49:06:4a:c1:49:89:0c:04:2b:d4:ec:cc:fb:2b:
f5:71:43:b4:a0:ab:2f:0e:67:40:f3:1e:06:d1:08:46:ed:d8:
aa:84:55:31:7e:50:69:0c:39:e3:0b:70:06:89:d6:3e:f5:7b:
a2:40:10:e7:5f:21:af:78:00:ae:b3:6e:ec:d4:15:7f:f6:02:
9b:f8:b1:e1:19:90:0d:77:48:9e:0c:fa:f2:cd:da:59:4e:fd:
eb:5c:83:6a:52:96:5e:35:3a:38:c6:cb:be:86:e8:a2:14:55:
27:c4:ea:1e:9d:a8:9d:92:d0:b9:f3:19:ac:2d:cd:8a:a7:23:
87:1a:15:6d:78:88:a6:d7:e8:be:d5:95:b0:f5:e7:a2:5e:81:
6f:47:95:1c:b0:9b:52:7c:f8:ad:91:18:80:d7:81:8e:72:dd:
28:83:5b:5a:d8:92:f8:85:a8:9b:94:8a:a3:23:03:68:a9:e3:
5d:51:3e:e2:18:dd:f9:08:be:67:4b:ce:4a:9e:9a:89:e9:c5:
f1:51:50:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS9SaQsvJwu6jxkoPRIdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjZkMmEwYThjNTM4ZTkxN2ZiOTRhYTk2NzkxYTNiZTdi
ODA2M2EwHhcNMjMwMTAyMDIyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDk1ZjU1MmU2YjhmZmQwZmQwODJlNmFmZTZjMzEwMmY1YTgwMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6KXxBuT5OcyatxFQSfcePrx3UYA
36yXD06N0SMRJhBXSlJjyEWtRgXfj6S4eiq5BsJ9qEFOLgJyZbTWchO74ZfqNCTE
3QlxtfMwiUGSF2gVshgOYtxgpsVTyWQ6qYAexKKDmPEaAXPZL3haLciT7rIz0s0L
BWx24X/mLD1i2FyrEMrPoQwoBNOvGmr7k7xCS5yXchvUDZEfja5tnniyJR3eYgaG
YL5+42Ut/T7TlTsNjX27vP206s4/2qkZR1pVpHLquX37CpEQj2H8w1f0o3SI+38B
fzv//tlZaT4HThe6KZz4fK94fssL+3gVw4thlEs5CDZA7URRUzD6RcB1KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCV9VLmuP/Q/Qguav5sMQL1qAMFMB8GA1UdIwQY
MBaAFNW20qCoxTjpF/uUqpZ5GjvnuAY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJiU29LakZPT2tYLTVTcWxua2FPLWU0QmpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9iYmYzMTktMTVhOS00MGQ5LWJlZWMt
MzZhODZmMGQwZTEzLzEvY0pYMVV1YTRfOUQ5Q0M1cV9td3hBdldvQXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9iYmYzMTktMTVhOS00MGQ5LWJlZWMtMzZhODZmMGQwZTEz
LzEvMWJiU29LakZPT2tYLTVTcWxua2FPLWU0QmpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYEQMA0G
CSqGSIb3DQEBCwUAA4IBAQCpTaodvosLPq/df4+ChUXObg3kMl5zpzb0O+p1JKUo
S0BzevPvGLK1b7ZzBSTUf/s6vg00lvBVnA+ISQZKwUmJDAQr1OzM+yv1cUO0oKsv
DmdA8x4G0QhG7diqhFUxflBpDDnjC3AGidY+9XuiQBDnXyGveACus27s1BV/9gKb
+LHhGZANd0ieDPryzdpZTv3rXINqUpZeNTo4xsu+huiiFFUnxOoenaidktC58xms
Lc2KpyOHGhVteIim1+i+1ZWw9eeiXoFvR5UcsJtSfPitkRiA14GOct0og1ta2JL4
haiblIqjIwNoqeNdUT7iGN35CL5nS85KnpqJ6cXxUVDr
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:10:29 2025 by rpki-client