Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/hI2E3ZjYmgtrm9OV5uV8KVFZFFc.roa
File: hI2E3ZjYmgtrm9OV5uV8KVFZFFc.roa (raw, json)
Hash identifier: tE6Wa1tgj3Aoh1FeZXyjGFAoSLL+sDQ+OfIFAkY7L40=
Subject key identifier: 84:8D:84:DD:98:D8:9A:0B:6B:9B:D3:95:E6:E5:7C:29:51:59:14:57
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0194221F48E221C08FE32A7EAE3CDFC3122E
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/hI2E3ZjYmgtrm9OV5uV8KVFZFFc.roa
Signing time: Wed 01 Jan 2025 13:47:43 +0000
ROA not before: Wed 01 Jan 2025 13:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8452
IP address blocks: 45.85.188.0/24 maxlen: 24
2a0e:4200::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:48:e2:21:c0:8f:e3:2a:7e:ae:3c:df:c3:12:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 13:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=848d84dd98d89a0b6b9bd395e6e57c2951591457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b8:4c:72:9b:76:ea:32:83:b2:1c:3e:b4:bc:
73:11:48:d6:90:90:91:2f:66:f1:01:74:62:08:21:
0c:3f:99:2f:81:75:64:df:54:5f:0b:29:13:e7:2a:
90:8c:7f:1e:a2:5a:07:80:47:ae:81:2b:95:b2:b5:
d3:e6:73:60:65:99:5a:c6:5f:25:20:a0:f7:97:fa:
93:16:76:06:e5:a2:ed:e8:42:1f:21:92:bb:88:ab:
44:1f:93:a3:36:b5:2d:99:5d:3c:5a:ee:b7:2a:02:
3d:e3:95:13:5d:e3:a0:43:f4:55:ac:ac:08:30:9d:
b1:19:0e:1c:ed:64:8b:80:68:7a:ec:17:37:31:16:
d2:82:5d:00:3f:60:05:12:03:7f:62:19:bc:3a:df:
36:50:8f:6c:bc:39:37:e4:7f:53:98:34:a6:d0:d6:
c5:32:80:e2:66:59:25:44:cb:69:1c:16:cb:a2:62:
b0:b0:96:9a:e8:fe:d5:62:08:bf:68:4f:de:2a:6a:
57:8c:36:02:9e:90:85:c8:06:e6:ca:73:81:9b:79:
46:21:85:e4:18:be:bd:9d:d0:07:eb:db:37:49:47:
ab:d4:2a:0e:9c:54:9d:a5:21:92:25:1e:e2:5f:06:
c4:3e:72:5f:2b:73:fb:15:be:6c:da:a8:59:d1:3d:
21:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8D:84:DD:98:D8:9A:0B:6B:9B:D3:95:E6:E5:7C:29:51:59:14:57
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/hI2E3ZjYmgtrm9OV5uV8KVFZFFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.188.0/24
IPv6:
2a0e:4200::/32
Signature Algorithm: sha256WithRSAEncryption
07:3f:aa:bc:51:ad:b6:93:bf:52:f9:44:a6:c9:19:af:a0:a4:
b7:bf:2d:b3:0d:81:66:38:71:1c:a6:3f:e1:f8:da:fb:1d:5a:
e9:07:e9:3b:6b:51:33:ed:59:97:47:e4:4b:fb:ef:7a:da:2b:
5d:19:0f:0e:cf:15:64:63:7b:f5:c2:f3:a5:8c:79:98:49:81:
dd:8f:ca:ec:15:53:0f:54:be:4c:9c:43:b0:a1:d1:ed:22:88:
9b:81:7a:24:ad:92:8d:f3:e1:f0:8b:5f:e3:52:3f:80:b4:91:
69:d3:37:1a:ee:77:f0:92:b6:c1:6d:71:df:b5:f9:ad:66:c7:
bc:b4:a3:dc:54:60:49:92:84:22:c4:ac:86:c3:b7:55:23:66:
38:1a:27:93:6a:0e:bd:66:e2:1b:bb:fd:d1:29:5c:e2:16:a5:
2e:64:7a:ce:d0:10:df:35:55:69:2d:bd:79:39:1c:b1:c6:34:
75:d1:87:c0:3d:56:27:05:fb:7f:c1:4b:ba:a5:ef:8d:14:d1:
b2:67:19:94:20:de:7d:af:1d:35:fd:91:06:18:8c:bc:af:37:
4e:f5:24:d1:92:4b:fa:d4:4d:3b:2d:c4:bb:9e:bd:b5:cd:8d:
26:27:61:d6:e5:b1:6f:24:49:1b:b5:9e:f9:58:30:8d:0a:02:
22:0a:b8:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH0jiIcCP4yp+rjzfwxIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwMTAxMTM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDhkODRkZDk4ZDg5YTBiNmI5YmQzOTVlNmU1N2MyOTUxNTkxNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLhMcpt26jKDshw+tLxzEUjWkJCR
L2bxAXRiCCEMP5kvgXVk31RfCykT5yqQjH8eoloHgEeugSuVsrXT5nNgZZlaxl8l
IKD3l/qTFnYG5aLt6EIfIZK7iKtEH5OjNrUtmV08Wu63KgI945UTXeOgQ/RVrKwI
MJ2xGQ4c7WSLgGh67Bc3MRbSgl0AP2AFEgN/Yhm8Ot82UI9svDk35H9TmDSm0NbF
MoDiZlklRMtpHBbLomKwsJaa6P7VYgi/aE/eKmpXjDYCnpCFyAbmynOBm3lGIYXk
GL69ndAH69s3SUer1CoOnFSdpSGSJR7iXwbEPnJfK3P7Fb5s2qhZ0T0hNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFISNhN2Y2JoLa5vTleblfClRWRRXMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvaEkyRTNaalltZ3RybTlPVjV1VjhLVkZaRkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVW8MA0E
AgACMAcDBQAqDkIAMA0GCSqGSIb3DQEBCwUAA4IBAQAHP6q8Ua22k79S+USmyRmv
oKS3vy2zDYFmOHEcpj/h+Nr7HVrpB+k7a1Ez7VmXR+RL++962itdGQ8OzxVkY3v1
wvOljHmYSYHdj8rsFVMPVL5MnEOwodHtIoibgXokrZKN8+Hwi1/jUj+AtJFp0zca
7nfwkrbBbXHftfmtZse8tKPcVGBJkoQixKyGw7dVI2Y4GieTag69ZuIbu/3RKVzi
FqUuZHrO0BDfNVVpLb15ORyxxjR10YfAPVYnBft/wUu6pe+NFNGyZxmUIN59rx01
/ZEGGIy8rzdO9STRkkv61E07LcS7nr21zY0mJ2HW5bFvJEkbtZ75WDCNCgIiCrjn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:20 2025 by rpki-client