Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/7Ii3o_ZhGPWdlGRrqt0iNC6A45A.roa
File: 7Ii3o_ZhGPWdlGRrqt0iNC6A45A.roa (raw, json)
Hash identifier: bSJ6yN+1N4lchi22FVNmsmx0YQvJ/a2LompQsIf4Zik=
Subject key identifier: EC:88:B7:A3:F6:61:18:F5:9D:94:64:6B:AA:DD:22:34:2E:80:E3:90
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 01956A96748CC2EFBB910B61D57141D4067D
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/7Ii3o_ZhGPWdlGRrqt0iNC6A45A.roa
Signing time: Thu 06 Mar 2025 08:33:19 +0000
ROA not before: Thu 06 Mar 2025 08:33:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:1::/48 maxlen: 48
2a10:ba00:2::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:96:74:8c:c2:ef:bb:91:0b:61:d5:71:41:d4:06:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Mar 6 08:33:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec88b7a3f66118f59d94646baadd22342e80e390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5d:5b:5c:12:e1:b3:92:d4:a2:e4:af:dc:32:
87:79:38:87:fa:9d:32:c5:e5:b0:cb:c7:4f:20:7e:
62:02:df:01:8d:ff:aa:d2:5c:70:c5:43:74:08:e9:
da:95:18:2f:cd:fc:3b:2d:87:f8:f0:b9:b5:ef:98:
ad:7b:5c:99:7b:46:ac:a7:14:5f:2a:58:39:96:e4:
ff:1b:cb:c6:30:0c:37:e5:b1:ff:9f:8b:58:6b:5b:
20:a1:8a:8c:a2:96:4b:99:93:84:fc:53:bb:0d:ef:
82:c4:d6:91:59:41:a3:53:01:39:bd:76:c1:0c:61:
fe:28:2e:d2:98:4d:8b:24:1f:1a:70:be:33:6b:5f:
71:c7:43:7b:a1:74:c0:9d:6d:db:75:c1:5e:cb:a7:
a1:99:14:d4:12:c0:30:32:ef:a0:a8:7d:06:38:90:
ce:df:fe:31:7d:07:45:df:38:20:0f:90:26:d7:36:
6f:ed:13:69:64:df:a6:03:9b:2d:b2:95:13:ac:4d:
bd:8b:9c:cc:61:f1:fc:fe:8c:da:47:ce:17:f5:97:
60:0f:fe:33:00:3d:4b:29:11:69:58:94:2d:b6:ea:
93:8c:b6:36:c4:bb:7b:ef:14:f5:00:9d:f5:c5:01:
ec:95:e8:2b:20:f1:2c:eb:49:4c:a2:5f:88:00:49:
a2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:88:B7:A3:F6:61:18:F5:9D:94:64:6B:AA:DD:22:34:2E:80:E3:90
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/7Ii3o_ZhGPWdlGRrqt0iNC6A45A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:1::-2a10:ba00:2:ffff:ffff:ffff:ffff:ffff
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:ac:97:51:0c:b6:49:a3:0f:0d:6e:1e:ff:14:51:d0:6f:d2:
16:05:a4:2d:12:7b:40:9c:74:3e:84:b4:f0:56:b7:4a:d5:39:
d0:96:25:da:e6:b2:dd:b4:dc:df:03:b3:bf:4c:51:ac:4b:11:
13:7a:01:6c:e7:75:36:b5:22:93:e3:7f:72:e7:7f:65:c2:a2:
ef:f1:6d:f0:7f:0a:41:bc:12:dc:06:0f:cb:be:cb:10:e5:d3:
e6:4a:2f:59:d8:39:a6:9a:cd:c4:0e:d5:d6:4c:7a:dd:88:cd:
29:54:56:9c:04:89:4e:56:20:24:b7:8d:6c:35:f5:59:b9:12:
3e:c5:cc:ee:b6:8b:87:5f:9e:47:5d:f6:f1:92:08:dd:50:ae:
82:68:d4:91:76:bd:4e:e5:71:27:ed:8e:0c:42:28:a9:80:94:
66:b7:97:ef:c1:fd:3c:a6:a6:de:63:c6:76:63:3c:04:82:67:
cf:58:38:8b:9f:4c:8f:59:10:b5:a7:4d:a3:49:2e:55:36:33:
a9:63:31:33:76:4d:3a:6f:b2:f1:77:da:82:54:48:57:6a:c4:
08:20:58:85:49:a5:96:7e:bc:34:6f:59:7d:f8:c2:f1:cf:96:
ce:62:b7:17:3c:dd:ed:bd:d3:9f:bf:c4:3c:bb:c6:1a:08:11:
3c:1b:9e:2f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZVqlnSMwu+7kQth1XFB1AZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjUwMzA2MDgzMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg4YjdhM2Y2NjExOGY1OWQ5NDY0NmJhYWRkMjIzNDJlODBlMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8l1bXBLhs5LUouSv3DKHeTiH+p0y
xeWwy8dPIH5iAt8Bjf+q0lxwxUN0COnalRgvzfw7LYf48Lm175ite1yZe0aspxRf
Klg5luT/G8vGMAw35bH/n4tYa1sgoYqMopZLmZOE/FO7De+CxNaRWUGjUwE5vXbB
DGH+KC7SmE2LJB8acL4za19xx0N7oXTAnW3bdcFey6ehmRTUEsAwMu+gqH0GOJDO
3/4xfQdF3zggD5Am1zZv7RNpZN+mA5stspUTrE29i5zMYfH8/ozaR84X9ZdgD/4z
AD1LKRFpWJQttuqTjLY2xLt77xT1AJ31xQHslegrIPEs60lMol+IAEmi8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOyIt6P2YRj1nZRka6rdIjQugOOQMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvN0lpM29fWmhHUFdkbEdScnF0MGlOQzZBNDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQALZtjMC4E
AgACMCgwEgMHACoQugAAAQMHACoQugAAAjASAwcFKhC6AL7gAwcBKhC6AL7kMA0G
CSqGSIb3DQEBCwUAA4IBAQBArJdRDLZJow8Nbh7/FFHQb9IWBaQtEntAnHQ+hLTw
VrdK1TnQliXa5rLdtNzfA7O/TFGsSxETegFs53U2tSKT439y539lwqLv8W3wfwpB
vBLcBg/LvssQ5dPmSi9Z2Dmmms3EDtXWTHrdiM0pVFacBIlOViAkt41sNfVZuRI+
xczutouHX55HXfbxkgjdUK6CaNSRdr1O5XEn7Y4MQiipgJRmt5fvwf08pqbeY8Z2
YzwEgmfPWDiLn0yPWRC1p02jSS5VNjOpYzEzdk06b7Lxd9qCVEhXasQIIFiFSaWW
frw0b1l9+MLxz5bOYrcXPN3tvdOfv8Q8u8YaCBE8G54v
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:55:45 2025 by rpki-client