Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/kRLM9L8QUwHNuS_OtKSZmUlWIXU.roa
File: kRLM9L8QUwHNuS_OtKSZmUlWIXU.roa (raw, json)
Hash identifier: agNxKyH0P1G2GXEo+I7nKtCRGOR8YSBp8r/b8jCgWYU=
Subject key identifier: 91:12:CC:F4:BF:10:53:01:CD:B9:2F:CE:B4:A4:99:99:49:56:21:75
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0194221F4D25E4D5CA52BD81E48BC2F553DE
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/kRLM9L8QUwHNuS_OtKSZmUlWIXU.roa
Signing time: Wed 01 Jan 2025 13:47:44 +0000
ROA not before: Wed 01 Jan 2025 13:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.24.0/24 maxlen: 24
45.8.25.0/24 maxlen: 24
2a0e:4201::/32 maxlen: 48
2a0e:4202::/32 maxlen: 48
2a0e:4205::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:4d:25:e4:d5:ca:52:bd:81:e4:8b:c2:f5:53:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 13:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9112ccf4bf105301cdb92fceb4a4999949562175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d8:b1:6b:eb:49:1b:1c:2a:d4:2d:13:e9:c6:
92:f6:81:29:8b:34:8a:7a:15:b5:95:f2:a3:af:da:
d1:04:b7:6b:fd:9c:d8:80:a5:d7:9c:66:7e:cc:13:
a6:67:1c:26:91:10:72:de:67:e5:1e:ec:59:ca:53:
a6:5d:97:c4:6e:b6:bd:f6:36:c2:04:6a:64:66:17:
b7:34:ee:25:83:5c:08:70:b2:e9:aa:1a:8d:42:81:
13:04:7c:31:d3:d5:13:92:da:8f:1f:ed:74:15:eb:
e1:9f:ff:4f:ac:8e:12:a5:e3:07:08:79:0b:6e:74:
54:ac:63:81:c8:28:45:d3:49:39:31:0b:89:f1:15:
ee:94:16:b2:80:54:9a:01:77:82:1d:d6:b4:8a:49:
f9:60:ec:c9:56:81:88:c0:f7:f8:48:e2:9c:87:c8:
78:97:1c:06:81:50:4c:bd:3c:fc:95:8d:ec:cb:fc:
62:37:cb:59:b3:13:ea:8d:16:ca:3b:16:d7:40:75:
b3:0e:15:b7:6d:fb:7a:3e:72:61:a6:7c:af:a8:ef:
10:3c:62:94:50:91:47:f1:12:01:d2:5f:a6:ab:38:
68:69:cb:23:6a:1a:8d:f6:56:08:78:51:69:96:97:
38:3e:0f:cf:ba:fe:c6:0c:1e:ab:83:7c:68:71:0c:
c3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:12:CC:F4:BF:10:53:01:CD:B9:2F:CE:B4:A4:99:99:49:56:21:75
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/kRLM9L8QUwHNuS_OtKSZmUlWIXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.24.0/23
IPv6:
2a0e:4201::-2a0e:4202:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:4205::/32
Signature Algorithm: sha256WithRSAEncryption
6c:4e:c8:ec:95:1b:0f:b6:0e:d7:39:42:3a:87:31:7c:e8:83:
d0:f8:70:f5:7c:ef:0c:e5:9f:63:20:5d:ec:e7:86:aa:1d:b7:
ff:71:68:e6:a2:a9:7f:06:93:13:74:5b:e7:c2:0e:41:87:6e:
24:f9:71:08:1d:16:bb:a7:40:49:7c:0a:5c:8d:7d:49:b9:bf:
1f:b2:8f:e6:b7:ec:3f:e5:55:b0:fe:c6:e1:fe:c2:c1:79:bf:
f5:5b:3b:cf:f7:7a:d9:a1:55:e6:81:0a:d4:6d:4e:ae:d2:0a:
fc:70:69:6e:70:7e:f0:1e:b4:5f:65:c1:bd:22:70:27:a8:73:
b2:b2:f4:57:82:0f:85:24:8e:f7:f0:98:ad:5e:aa:5e:fa:ca:
ec:47:d9:31:bd:fd:f6:7a:5b:eb:76:3f:a3:d0:aa:64:00:fc:
bc:0f:35:f0:08:73:70:6c:ea:8f:67:30:40:1a:e5:95:94:4d:
9f:ad:49:be:85:c7:ca:08:2c:bd:7e:63:66:7b:cc:15:da:ca:
65:d1:70:7c:eb:0b:b9:00:e4:5b:e9:b4:a2:48:c0:9e:2d:0f:
6b:d3:17:9b:4e:a1:33:ea:5e:22:6e:8c:d9:45:29:ed:7e:74:
27:cc:ff:6a:53:0a:76:16:6e:45:45:78:8a:39:26:11:f9:ef:
60:a4:9f:d2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQiH00l5NXKUr2B5IvC9VPeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwMTAxMTM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTEyY2NmNGJmMTA1MzAxY2RiOTJmY2ViNGE0OTk5OTQ5NTYyMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dixa+tJGxwq1C0T6caS9oEpizSK
ehW1lfKjr9rRBLdr/ZzYgKXXnGZ+zBOmZxwmkRBy3mflHuxZylOmXZfEbra99jbC
BGpkZhe3NO4lg1wIcLLpqhqNQoETBHwx09UTktqPH+10Fevhn/9PrI4SpeMHCHkL
bnRUrGOByChF00k5MQuJ8RXulBaygFSaAXeCHda0ikn5YOzJVoGIwPf4SOKch8h4
lxwGgVBMvTz8lY3sy/xiN8tZsxPqjRbKOxbXQHWzDhW3bft6PnJhpnyvqO8QPGKU
UJFH8RIB0l+mqzhoacsjahqN9lYIeFFplpc4Pg/Puv7GDB6rg3xocQzD7QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJESzPS/EFMBzbkvzrSkmZlJViF1MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEva1JMTTlMOFFVd0hOdVNfT3RLU1ptVWxXSVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQBLQgYMB0E
AgACMBcwDgMFACoOQgEDBQAqDkICAwUAKg5CBTANBgkqhkiG9w0BAQsFAAOCAQEA
bE7I7JUbD7YO1zlCOocxfOiD0Phw9XzvDOWfYyBd7OeGqh23/3Fo5qKpfwaTE3Rb
58IOQYduJPlxCB0Wu6dASXwKXI19Sbm/H7KP5rfsP+VVsP7G4f7CwXm/9Vs7z/d6
2aFV5oEK1G1OrtIK/HBpbnB+8B60X2XBvSJwJ6hzsrL0V4IPhSSO9/CYrV6qXvrK
7EfZMb399npb63Y/o9CqZAD8vA818AhzcGzqj2cwQBrllZRNn61JvoXHyggsvX5j
ZnvMFdrKZdFwfOsLuQDkW+m0okjAni0Pa9MXm06hM+peIm6M2UUp7X50J8z/alMK
dhZuRUV4ijkmEfnvYKSf0g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:27 2025 by rpki-client