Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J71qpUSGlu91U9IMTjNd7sLhTkY.roa
File: J71qpUSGlu91U9IMTjNd7sLhTkY.roa (raw, json)
Hash identifier: E2gcQzYAruJ22SGktnRxp7YXx683Mb85Nw+oNG7r/HY=
Subject key identifier: 27:BD:6A:A5:44:86:96:EF:75:53:D2:0C:4E:33:5D:EE:C2:E1:4E:46
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01954D6C55D3AFDB803E996966332AD36BA9
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J71qpUSGlu91U9IMTjNd7sLhTkY.roa
Signing time: Fri 28 Feb 2025 16:38:20 +0000
ROA not before: Fri 28 Feb 2025 16:38:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214706
IP address blocks: 45.43.162.0/24 maxlen: 24
216.173.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:6c:55:d3:af:db:80:3e:99:69:66:33:2a:d3:6b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 28 16:38:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27bd6aa5448696ef7553d20c4e335deec2e14e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:79:ab:a2:9d:e4:6d:6b:b5:18:50:f8:2d:
99:b7:87:d1:95:56:38:89:b8:73:8c:b4:d8:ea:97:
8c:65:76:9b:31:e8:e5:e8:b5:c3:d9:97:02:96:06:
7c:99:84:aa:81:d6:64:67:e9:47:12:bd:95:26:94:
a0:00:d1:88:eb:31:3d:10:a7:c2:d1:01:2b:17:f7:
9f:62:2a:28:38:30:3f:1a:22:87:b1:b2:df:f0:ce:
55:34:b2:66:d0:f3:0c:54:5b:f9:f8:74:21:fc:c7:
5d:d9:7f:9f:26:6e:6d:9e:14:9e:ff:c1:2e:fa:27:
97:a9:de:94:03:3b:ef:f5:cd:6c:eb:77:2b:1d:52:
f4:44:3c:88:4d:1b:ab:ea:1c:97:a0:14:ee:b6:49:
ec:d1:56:13:7b:f3:a5:16:cd:f8:6a:fa:a3:e1:06:
f1:3c:25:d0:10:70:e7:c5:6e:16:c2:5f:0e:35:ab:
b7:cb:eb:0c:ff:f2:8b:75:df:f8:74:ff:c4:e8:f1:
80:fd:75:a1:04:ce:6b:0c:2d:b1:64:9c:9f:f8:b4:
e6:01:a3:5f:00:82:8a:cd:94:f7:8c:1c:ba:b1:89:
c3:38:55:66:3d:7f:82:ad:88:9b:28:9d:b5:dd:16:
0e:76:b2:92:63:76:56:f0:59:9f:d4:7b:69:55:3c:
27:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BD:6A:A5:44:86:96:EF:75:53:D2:0C:4E:33:5D:EE:C2:E1:4E:46
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J71qpUSGlu91U9IMTjNd7sLhTkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.162.0/24
216.173.95.0/24
Signature Algorithm: sha256WithRSAEncryption
89:a1:6a:cf:cc:16:fd:75:01:af:75:61:71:b7:f2:5d:66:72:
6d:f8:51:03:88:da:bc:fd:e4:89:74:a4:0e:a3:5f:dd:d8:81:
41:0f:2f:e2:81:6d:30:7e:ae:d5:08:f2:e8:3a:b1:c9:40:65:
88:0a:70:a9:5d:b0:90:a4:8b:43:07:4c:26:76:35:83:4d:50:
c6:40:12:96:68:ca:ed:6d:51:a0:60:49:92:35:4e:1e:03:cd:
ef:4b:89:fc:98:31:67:01:ab:4b:ae:0f:3d:82:ce:25:6f:03:
f9:84:63:32:06:6c:58:dc:5e:0a:48:62:82:1b:17:d9:93:fd:
6a:8c:e8:61:f8:ea:da:bb:55:ac:6e:c8:e1:43:3c:ae:e7:0a:
44:62:fa:c6:a4:55:86:0f:16:57:99:6f:6a:f4:69:2d:6b:94:
8b:66:02:3a:dd:e1:1f:42:33:c7:fa:3a:8e:cc:82:3f:0d:e3:
6c:61:f9:d1:4d:68:30:af:68:f0:d8:16:02:30:a9:53:15:48:
e0:e7:4d:7e:f1:22:92:f6:ab:8b:fd:06:3f:b0:f3:11:d7:37:
95:04:c8:9a:f0:e4:e9:58:6a:b2:bf:ee:c9:e8:1a:7d:6b:8f:
2f:84:b9:02:38:44:da:a2:3a:38:74:0b:fd:6d:ce:2b:1b:e2:
50:e2:93:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVNbFXTr9uAPplpZjMq02upMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMjI4MTYzODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JkNmFhNTQ0ODY5NmVmNzU1M2QyMGM0ZTMzNWRlZWMyZTE0ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIh5q6Kd5G1rtRhQ+C2Zt4fRlVY4
ibhzjLTY6peMZXabMejl6LXD2ZcClgZ8mYSqgdZkZ+lHEr2VJpSgANGI6zE9EKfC
0QErF/efYiooODA/GiKHsbLf8M5VNLJm0PMMVFv5+HQh/Mdd2X+fJm5tnhSe/8Eu
+ieXqd6UAzvv9c1s63crHVL0RDyITRur6hyXoBTutkns0VYTe/OlFs34avqj4Qbx
PCXQEHDnxW4Wwl8ONau3y+sM//KLdd/4dP/E6PGA/XWhBM5rDC2xZJyf+LTmAaNf
AIKKzZT3jBy6sYnDOFVmPX+CrYibKJ213RYOdrKSY3ZW8Fmf1HtpVTwnUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCe9aqVEhpbvdVPSDE4zXe7C4U5GMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSjcxcXBVU0dsdTkxVTlJTVRqTmQ3c0xoVGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSuiAwQA
2K1fMA0GCSqGSIb3DQEBCwUAA4IBAQCJoWrPzBb9dQGvdWFxt/JdZnJt+FEDiNq8
/eSJdKQOo1/d2IFBDy/igW0wfq7VCPLoOrHJQGWICnCpXbCQpItDB0wmdjWDTVDG
QBKWaMrtbVGgYEmSNU4eA83vS4n8mDFnAatLrg89gs4lbwP5hGMyBmxY3F4KSGKC
GxfZk/1qjOhh+Orau1WsbsjhQzyu5wpEYvrGpFWGDxZXmW9q9Gkta5SLZgI63eEf
QjPH+jqOzII/DeNsYfnRTWgwr2jw2BYCMKlTFUjg501+8SKS9quL/QY/sPMR1zeV
BMia8OTpWGqyv+7J6Bp9a48vhLkCOETaojo4dAv9bc4rG+JQ4pOG
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:33:19 2025 by rpki-client