Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/vfJBN6YAJ9E5jrFPbYOGoSp5GU8.roa
File: vfJBN6YAJ9E5jrFPbYOGoSp5GU8.roa (raw, json)
Hash identifier: Ov7BVgCwX/dG7TW+x2Byr6NrR8itL7FnYiz6IOzEA0M=
Subject key identifier: BD:F2:41:37:A6:00:27:D1:39:8E:B1:4F:6D:83:86:A1:2A:79:19:4F
Certificate issuer: /CN=d5b6d2a0a8c538e917fb94aa96791a3be7b8063a
Certificate serial: 018CC8DF45A6DF503BB8695D9B0F412D34DB
Authority key identifier: D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/vfJBN6YAJ9E5jrFPbYOGoSp5GU8.roa
Signing time: Tue 02 Jan 2024 06:32:04 +0000
ROA not before: Tue 02 Jan 2024 06:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208417
IP address blocks: 45.129.17.0/24 maxlen: 24
45.129.16.0/24 maxlen: 24
45.129.18.0/24 maxlen: 24
45.129.19.0/24 maxlen: 24
2a0e:3640::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:45:a6:df:50:3b:b8:69:5d:9b:0f:41:2d:34:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b6d2a0a8c538e917fb94aa96791a3be7b8063a
Validity
Not Before: Jan 2 06:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdf24137a60027d1398eb14f6d8386a12a79194f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b0:1a:3f:78:64:01:33:65:f3:c5:ab:16:31:
2d:f9:53:7c:94:ea:9a:5f:cd:7a:54:2a:82:a4:ad:
de:51:82:80:d6:34:66:74:a2:ff:27:1e:02:a1:c0:
62:11:c4:a3:3a:66:25:07:bb:4f:50:34:a2:71:01:
f1:d9:71:87:1f:d8:33:32:ce:fd:53:50:29:de:6e:
36:68:59:cc:fb:01:58:d8:37:4a:48:01:21:a1:d2:
62:0c:ed:41:cb:08:09:8d:d6:95:51:9e:a0:bc:ed:
ff:07:70:ad:a4:fe:37:3f:62:d7:56:e3:a2:12:14:
cf:16:af:5f:85:e0:b7:60:f4:d4:26:47:28:a7:0c:
b5:de:d1:c3:87:6d:39:1b:54:74:d6:62:0c:36:c0:
4d:5f:80:b3:9b:ee:1d:af:a4:66:1e:0e:c3:94:98:
6c:ec:07:d2:1a:dd:fe:f1:5a:79:2a:ed:1a:32:d3:
3b:3b:63:39:2c:e2:87:f6:0a:55:0e:b1:2c:6d:a9:
2d:0d:4f:f6:09:44:2d:73:31:60:85:04:75:b3:e9:
79:28:fe:a8:bd:13:53:b5:d1:20:80:ab:7e:3e:e8:
2f:73:13:9c:bc:6b:1b:70:72:8d:71:ed:15:65:fa:
8b:07:d8:25:f9:de:3b:aa:f7:3b:08:a0:7c:1a:f8:
17:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F2:41:37:A6:00:27:D1:39:8E:B1:4F:6D:83:86:A1:2A:79:19:4F
X509v3 Authority Key Identifier:
keyid:D5:B6:D2:A0:A8:C5:38:E9:17:FB:94:AA:96:79:1A:3B:E7:B8:06:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/vfJBN6YAJ9E5jrFPbYOGoSp5GU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/bbf319-15a9-40d9-beec-36a86f0d0e13/1/1bbSoKjFOOkX-5SqlnkaO-e4Bjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.16.0/22
IPv6:
2a0e:3640::/48
Signature Algorithm: sha256WithRSAEncryption
58:09:3a:ce:b1:67:0e:87:f6:5c:f9:2b:58:ef:39:84:5f:7a:
32:58:f0:e8:65:ce:9c:44:89:96:07:3f:f9:22:1f:60:55:3c:
0f:fa:4c:fa:4c:4d:86:9d:74:07:c2:81:7a:5e:89:c1:17:8a:
ec:d4:39:09:a9:64:5a:37:3c:9e:5c:8b:f6:e4:93:0c:36:98:
cd:2f:d1:70:01:dd:a3:28:d6:fb:85:d5:89:9e:5e:90:d5:c1:
d3:e9:15:8d:08:66:f4:30:44:1d:42:5b:cc:87:61:f4:f4:89:
ce:e4:f1:51:8e:22:1c:24:d5:fc:f0:11:7b:f5:a7:7a:ac:c5:
f4:f8:14:54:ad:26:a2:e8:8e:27:38:36:bf:c5:f7:83:cc:33:
5b:39:16:f8:88:da:cb:1c:fb:79:45:72:19:0c:7d:4a:20:ac:
66:1a:e5:cb:a3:e6:56:71:f5:a3:d4:73:84:70:b7:22:27:c9:
4e:b0:22:9e:b2:3c:1c:9e:0f:ae:b0:d6:17:42:09:30:9a:c0:
12:f6:e7:b3:f6:df:30:0f:da:65:2b:e1:07:8a:19:49:79:ee:
86:8f:52:dc:44:fd:59:ab:d8:d1:3f:bf:53:5d:cd:89:08:bb:
ec:98:19:5c:5d:9f:fc:63:cf:cc:af:af:24:0c:cc:67:70:aa:
f9:56:51:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI30Wm31A7uGldmw9BLTTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjZkMmEwYThjNTM4ZTkxN2ZiOTRhYTk2NzkxYTNiZTdi
ODA2M2EwHhcNMjQwMTAyMDYzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGYyNDEzN2E2MDAyN2QxMzk4ZWIxNGY2ZDgzODZhMTJhNzkxOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibAaP3hkATNl88WrFjEt+VN8lOqa
X816VCqCpK3eUYKA1jRmdKL/Jx4CocBiEcSjOmYlB7tPUDSicQHx2XGHH9gzMs79
U1Ap3m42aFnM+wFY2DdKSAEhodJiDO1BywgJjdaVUZ6gvO3/B3CtpP43P2LXVuOi
EhTPFq9fheC3YPTUJkcopwy13tHDh205G1R01mIMNsBNX4Czm+4dr6RmHg7DlJhs
7AfSGt3+8Vp5Ku0aMtM7O2M5LOKH9gpVDrEsbaktDU/2CUQtczFghQR1s+l5KP6o
vRNTtdEggKt+PugvcxOcvGsbcHKNce0VZfqLB9gl+d47qvc7CKB8GvgXDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL3yQTemACfROY6xT22DhqEqeRlPMB8GA1UdIwQY
MBaAFNW20qCoxTjpF/uUqpZ5GjvnuAY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJiU29LakZPT2tYLTVTcWxua2FPLWU0QmpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9iYmYzMTktMTVhOS00MGQ5LWJlZWMt
MzZhODZmMGQwZTEzLzEvdmZKQk42WUFKOUU1anJGUGJZT0dvU3A1R1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9iYmYzMTktMTVhOS00MGQ5LWJlZWMtMzZhODZmMGQwZTEz
LzEvMWJiU29LakZPT2tYLTVTcWxua2FPLWU0QmpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLYEQMA8E
AgACMAkDBwAqDjZAAAAwDQYJKoZIhvcNAQELBQADggEBAFgJOs6xZw6H9lz5K1jv
OYRfejJY8OhlzpxEiZYHP/kiH2BVPA/6TPpMTYaddAfCgXpeicEXiuzUOQmpZFo3
PJ5ci/bkkww2mM0v0XAB3aMo1vuF1YmeXpDVwdPpFY0IZvQwRB1CW8yHYfT0ic7k
8VGOIhwk1fzwEXv1p3qsxfT4FFStJqLojic4Nr/F94PMM1s5FviI2ssc+3lFchkM
fUogrGYa5cuj5lZx9aPUc4RwtyInyU6wIp6yPByeD66w1hdCCTCawBL257P23zAP
2mUr4QeKGUl57oaPUtxE/Vmr2NE/v1NdzYkIu+yYGVxdn/xjz8yvryQMzGdwqvlW
UXE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:11:21 2025 by rpki-client