Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/uj7cjDvmgwbPJLWjUpBUTUAX-yQ.roa
File: uj7cjDvmgwbPJLWjUpBUTUAX-yQ.roa (raw, json)
Hash identifier: WQfWp6D0tTPTbMYdb9Xvz3QJ5Qh+vlQwWeoOBZxcKJY=
Subject key identifier: BA:3E:DC:8C:3B:E6:83:06:CF:24:B5:A3:52:90:54:4D:40:17:FB:24
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0194221F527B5584C438C3A1DC2004C96369
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/uj7cjDvmgwbPJLWjUpBUTUAX-yQ.roa
Signing time: Wed 01 Jan 2025 13:47:45 +0000
ROA not before: Wed 01 Jan 2025 13:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 45.8.26.0/24 maxlen: 24
2a10:5e80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:52:7b:55:84:c4:38:c3:a1:dc:20:04:c9:63:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 13:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba3edc8c3be68306cf24b5a35290544d4017fb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:85:e3:b4:57:a3:c5:a2:eb:83:d6:2c:59:
a6:cf:11:bc:a7:ca:2e:7e:fd:6d:d9:cf:3d:bc:39:
fb:6e:a4:77:a3:10:5c:bd:ba:c1:70:e6:72:21:d9:
0e:24:7d:b5:e1:7e:ef:6b:7f:63:14:5e:60:a0:b5:
00:a1:fe:f8:66:04:aa:c9:b7:bf:fe:df:9e:53:d8:
1d:ab:b5:94:a8:cb:a7:15:0e:ce:f7:2e:fa:ee:d3:
62:03:24:66:d1:c6:ed:5c:b0:1c:f1:be:86:33:66:
4f:88:97:2e:e0:ff:89:4b:ce:44:0e:0a:02:1d:6f:
bf:e7:fa:6b:9d:90:05:c3:e4:0a:6d:ef:32:b3:e2:
d0:fa:18:f6:80:77:00:2e:65:9c:a9:56:75:7c:7d:
34:36:cb:61:d4:ec:c3:97:76:8f:07:6a:a3:5f:3a:
2c:6e:06:2d:84:d1:88:a2:dc:0c:70:b8:39:e1:d6:
a6:34:56:c3:70:d9:33:b8:ce:22:f0:88:d1:7b:ed:
ea:92:49:c3:0e:51:de:8d:25:b2:6a:7a:40:7a:32:
ed:77:1f:8b:7a:5c:c6:a8:2f:20:63:09:2d:9a:21:
f6:f9:f2:fa:0b:3a:1e:1b:a7:7c:f5:93:95:2b:c8:
17:d5:d6:a6:6d:80:d3:ba:41:cf:f6:bc:81:14:5b:
f4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3E:DC:8C:3B:E6:83:06:CF:24:B5:A3:52:90:54:4D:40:17:FB:24
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/uj7cjDvmgwbPJLWjUpBUTUAX-yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.26.0/24
IPv6:
2a10:5e80::/32
Signature Algorithm: sha256WithRSAEncryption
02:c4:04:6f:24:01:b4:b5:6e:bc:b5:05:51:4a:0d:30:fd:76:
3e:5f:da:b1:25:86:2f:a0:e7:89:b3:ee:ee:5a:27:e7:49:69:
c2:2e:b8:2b:bb:39:dd:47:49:f5:95:0f:d3:a7:5e:ad:ca:ea:
7c:fa:a8:d1:63:92:b2:b8:8d:f9:7b:c3:9a:7d:51:07:8b:6e:
e7:fe:03:0b:a1:11:d1:cc:85:f6:d7:c3:6f:f0:f5:13:3b:2a:
5b:de:13:1d:c5:ba:8c:d0:b5:06:fc:96:06:fb:73:3f:48:4c:
72:ff:7a:83:cc:1f:7d:f5:df:cf:f5:cb:8f:02:6e:4e:00:61:
e4:03:9a:6f:0f:14:fe:11:f8:a4:6c:02:17:83:ff:a1:11:8a:
e9:d7:b0:72:2f:70:4a:2f:99:a6:b4:2c:21:6f:1f:a3:79:87:
0e:ac:b8:9e:bd:f2:37:cb:78:d2:33:90:5b:f7:41:7c:37:33:
55:2a:c0:58:03:7a:5f:a5:9a:e5:bf:c6:06:97:70:5d:0b:9d:
cf:67:fe:51:f9:d2:e7:2b:78:67:ca:f7:47:9d:c0:9e:5b:97:
aa:0b:9b:62:f2:e3:a1:16:5f:2a:9b:43:59:51:2a:d7:2a:fe:
19:6e:b8:bf:62:43:4c:be:24:25:50:df:ce:95:58:cb:63:18:
fc:fd:6a:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH1J7VYTEOMOh3CAEyWNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwMTAxMTM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNlZGM4YzNiZTY4MzA2Y2YyNGI1YTM1MjkwNTQ0ZDQwMTdmYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuyF47RXo8Wi64PWLFmmzxG8p8ou
fv1t2c89vDn7bqR3oxBcvbrBcOZyIdkOJH214X7va39jFF5goLUAof74ZgSqybe/
/t+eU9gdq7WUqMunFQ7O9y767tNiAyRm0cbtXLAc8b6GM2ZPiJcu4P+JS85EDgoC
HW+/5/prnZAFw+QKbe8ys+LQ+hj2gHcALmWcqVZ1fH00Nsth1OzDl3aPB2qjXzos
bgYthNGIotwMcLg54damNFbDcNkzuM4i8IjRe+3qkknDDlHejSWyanpAejLtdx+L
elzGqC8gYwktmiH2+fL6CzoeG6d89ZOVK8gX1dambYDTukHP9ryBFFv0sQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLo+3Iw75oMGzyS1o1KQVE1AF/skMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvdWo3Y2pEdm1nd2JQSkxXalVwQlVUVUFYLXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQgaMA0E
AgACMAcDBQAqEF6AMA0GCSqGSIb3DQEBCwUAA4IBAQACxARvJAG0tW68tQVRSg0w
/XY+X9qxJYYvoOeJs+7uWifnSWnCLrgruzndR0n1lQ/Tp16tyup8+qjRY5KyuI35
e8OafVEHi27n/gMLoRHRzIX218Nv8PUTOypb3hMdxbqM0LUG/JYG+3M/SExy/3qD
zB999d/P9cuPAm5OAGHkA5pvDxT+EfikbAIXg/+hEYrp17ByL3BKL5mmtCwhbx+j
eYcOrLievfI3y3jSM5Bb90F8NzNVKsBYA3pfpZrlv8YGl3BdC53PZ/5R+dLnK3hn
yvdHncCeW5eqC5ti8uOhFl8qm0NZUSrXKv4Zbri/YkNMviQlUN/OlVjLYxj8/WrR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:45 2025 by rpki-client