Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/rXJZFmG2fExX2PgdhmMI1znr1Ys.roa
File: rXJZFmG2fExX2PgdhmMI1znr1Ys.roa (raw, json)
Hash identifier: jLirKW8uoxxjWyg59lIt3L6simlxOfJjoRXDdsPT8aQ=
Subject key identifier: AD:72:59:16:61:B6:7C:4C:57:D8:F8:1D:86:63:08:D7:39:EB:D5:8B
Certificate issuer: /CN=1644e6c50cb692dfb640f6f88e228a2d9b06c679
Certificate serial: 019422FC2F29741CEAB40445B666FFF7D284
Authority key identifier: 16:44:E6:C5:0C:B6:92:DF:B6:40:F6:F8:8E:22:8A:2D:9B:06:C6:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FkTmxQy2kt-2QPb4jiKKLZsGxnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/rXJZFmG2fExX2PgdhmMI1znr1Ys.roa
Signing time: Wed 01 Jan 2025 17:49:00 +0000
ROA not before: Wed 01 Jan 2025 17:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208776
IP address blocks: 45.14.56.0/22 maxlen: 22
45.14.56.0/23 maxlen: 23
45.14.56.0/24 maxlen: 24
45.14.57.0/24 maxlen: 24
45.14.58.0/23 maxlen: 23
45.14.58.0/24 maxlen: 24
45.14.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2f:29:74:1c:ea:b4:04:45:b6:66:ff:f7:d2:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1644e6c50cb692dfb640f6f88e228a2d9b06c679
Validity
Not Before: Jan 1 17:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad72591661b67c4c57d8f81d866308d739ebd58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:bd:ea:85:3e:f2:54:ad:32:8c:42:ed:51:
49:3d:57:cb:98:c0:5f:5d:62:67:56:b5:a3:0d:5d:
00:b4:48:c7:ca:57:83:2e:e8:32:a2:f2:d2:74:f5:
29:ca:08:47:1a:73:aa:8a:ca:57:d3:cf:53:32:d5:
06:3f:df:de:69:46:2d:45:00:1b:ad:23:08:8e:1a:
30:00:66:c0:b2:41:a2:0d:e8:d3:93:e9:c4:28:fa:
70:05:74:60:b7:c6:78:dd:a1:2d:38:a9:8f:06:8c:
88:fe:e4:08:6a:13:ba:0d:90:83:78:e9:7e:8c:7b:
be:1f:91:13:dd:e8:5f:a9:e1:d3:99:86:f2:9c:95:
9b:2f:56:e1:68:9a:94:55:6a:57:6e:51:8e:4b:cc:
c0:92:4b:f0:2e:cb:07:da:fd:50:a8:75:38:a5:07:
34:1e:4c:7d:66:a3:26:7d:30:36:bf:f5:e2:28:83:
f9:13:8e:61:5d:d2:19:f6:43:54:64:d1:44:46:d1:
f7:b4:76:1e:0a:98:9c:9b:95:be:d9:0d:07:04:8f:
67:33:83:18:93:6b:fb:1e:d7:1e:61:9e:48:5b:c2:
16:f9:f4:57:17:c9:e0:30:be:0e:5e:3a:dd:20:96:
8e:01:11:48:8a:f3:16:b3:3a:c3:7a:6c:8c:e6:dc:
31:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:72:59:16:61:B6:7C:4C:57:D8:F8:1D:86:63:08:D7:39:EB:D5:8B
X509v3 Authority Key Identifier:
keyid:16:44:E6:C5:0C:B6:92:DF:B6:40:F6:F8:8E:22:8A:2D:9B:06:C6:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FkTmxQy2kt-2QPb4jiKKLZsGxnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/rXJZFmG2fExX2PgdhmMI1znr1Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2e14e-f900-4ab0-93fd-fdebf125b48e/1/FkTmxQy2kt-2QPb4jiKKLZsGxnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.56.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:8c:7d:1c:05:c1:95:a9:de:c6:54:79:11:fe:31:88:73:d1:
b3:67:60:04:5c:d9:52:05:fb:f7:e4:45:a0:b5:c4:c4:79:70:
12:1a:8b:b5:7d:e1:d6:b8:dd:e3:db:0b:d7:5b:64:3e:6b:0a:
83:92:00:e0:d4:3b:6e:8b:b5:1e:f2:45:81:37:da:77:ff:f1:
2e:c7:83:7b:91:0a:80:15:b0:54:47:a0:e5:4a:e9:fe:f9:d9:
4d:63:70:6e:f9:67:fc:1d:2f:85:e7:79:a3:62:64:d3:f6:2d:
ce:ab:a5:3a:82:c8:50:84:83:83:b3:59:e0:ac:5c:72:b3:b1:
02:0c:aa:b5:ea:d4:c9:b0:e9:79:0e:20:1b:6b:de:34:40:b8:
e4:c3:2e:66:eb:7b:b1:fd:44:e8:ee:7a:75:f4:86:e8:00:34:
78:fd:da:b1:f1:b5:de:d1:1a:15:3a:ee:99:be:ee:d9:46:01:
ad:14:8d:da:53:32:91:62:bf:e1:6a:46:0e:a7:42:2f:d8:10:
a2:2c:9c:ba:28:d1:66:da:f8:3d:a5:f9:b5:f9:77:9c:cd:05:
a7:ee:04:94:dd:fb:d3:41:27:db:aa:1a:72:17:dc:38:35:18:
87:10:81:67:12:b5:8b:ff:af:b6:12:34:a1:2b:6d:5f:4b:b9:
29:ca:99:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/C8pdBzqtARFtmb/99KEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NDRlNmM1MGNiNjkyZGZiNjQwZjZmODhlMjI4YTJkOWIw
NmM2NzkwHhcNMjUwMTAxMTc0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDcyNTkxNjYxYjY3YzRjNTdkOGY4MWQ4NjYzMDhkNzM5ZWJkNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGO96oU+8lStMoxC7VFJPVfLmMBf
XWJnVrWjDV0AtEjHyleDLugyovLSdPUpyghHGnOqispX089TMtUGP9/eaUYtRQAb
rSMIjhowAGbAskGiDejTk+nEKPpwBXRgt8Z43aEtOKmPBoyI/uQIahO6DZCDeOl+
jHu+H5ET3ehfqeHTmYbynJWbL1bhaJqUVWpXblGOS8zAkkvwLssH2v1QqHU4pQc0
Hkx9ZqMmfTA2v/XiKIP5E45hXdIZ9kNUZNFERtH3tHYeCpicm5W+2Q0HBI9nM4MY
k2v7HtceYZ5IW8IW+fRXF8ngML4OXjrdIJaOARFIivMWszrDemyM5twxfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK1yWRZhtnxMV9j4HYZjCNc569WLMB8GA1UdIwQY
MBaAFBZE5sUMtpLftkD2+I4iii2bBsZ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmtUbXhReTJrdC0yUVBiNGppS0tMWnNHeG5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmUxNGUtZjkwMC00YWIwLTkzZmQt
ZmRlYmYxMjViNDhlLzEvclhKWkZtRzJmRXhYMlBnZGhtTUkxem5yMVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmUxNGUtZjkwMC00YWIwLTkzZmQtZmRlYmYxMjViNDhl
LzEvRmtUbXhReTJrdC0yUVBiNGppS0tMWnNHeG5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ44MA0G
CSqGSIb3DQEBCwUAA4IBAQCKjH0cBcGVqd7GVHkR/jGIc9GzZ2AEXNlSBfv35EWg
tcTEeXASGou1feHWuN3j2wvXW2Q+awqDkgDg1Dtui7Ue8kWBN9p3//Eux4N7kQqA
FbBUR6DlSun++dlNY3Bu+Wf8HS+F53mjYmTT9i3Oq6U6gshQhIODs1ngrFxys7EC
DKq16tTJsOl5DiAba940QLjkwy5m63ux/UTo7np19IboADR4/dqx8bXe0RoVOu6Z
vu7ZRgGtFI3aUzKRYr/hakYOp0Iv2BCiLJy6KNFm2vg9pfm1+XeczQWn7gSU3fvT
QSfbqhpyF9w4NRiHEIFnErWL/6+2EjShK21fS7kpyplp
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:04 2025 by rpki-client