Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/taRiNUzpRWqCUbYYFgjb2BkA5tU.roa
File: taRiNUzpRWqCUbYYFgjb2BkA5tU.roa (raw, json)
Hash identifier: UcnFuzWOLcGiH2KaCA2k9veSyP3lyzIVfkpqSiHwKhE=
Subject key identifier: B5:A4:62:35:4C:E9:45:6A:82:51:B6:18:16:08:DB:D8:19:00:E6:D5
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 019426D91E6375F545155C0EB93E8290E85F
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/taRiNUzpRWqCUbYYFgjb2BkA5tU.roa
Signing time: Thu 02 Jan 2025 11:49:10 +0000
ROA not before: Thu 02 Jan 2025 11:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:1e:63:75:f5:45:15:5c:0e:b9:3e:82:90:e8:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Jan 2 11:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5a462354ce9456a8251b6181608dbd81900e6d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:39:a0:4b:83:b6:51:13:14:8f:06:be:6d:2f:
b4:61:de:b5:76:59:7a:31:56:6d:9d:02:71:69:63:
fe:cd:35:08:0b:74:aa:d2:98:4f:7b:9b:b5:05:d3:
32:38:88:53:35:42:90:cf:4b:49:79:ef:4c:c4:78:
cd:fa:9f:59:f8:1c:64:89:b8:18:f9:c5:95:b1:86:
e5:a1:30:e2:0c:d1:89:1c:70:97:fa:60:cd:51:e3:
68:7a:df:ee:dc:3c:48:87:59:50:f9:b4:b4:83:b5:
8a:58:c4:06:87:1c:28:68:4c:d2:73:4e:8c:bd:5f:
34:3d:2f:49:f7:da:c4:1a:b9:cd:8e:0a:53:7a:e7:
f7:1c:bc:f5:50:8f:40:09:a3:b5:74:ef:6b:83:6a:
09:20:c0:00:4e:e9:7b:5e:36:fb:08:92:d2:10:ba:
48:e0:a9:61:1c:ea:57:b0:01:f2:6f:06:9a:40:b7:
2d:6b:e2:f7:b2:da:03:c4:b5:95:f7:0b:db:92:ff:
04:57:6c:fb:5f:90:a6:62:d5:f0:71:28:60:2c:8f:
5a:8f:e7:18:af:c3:15:52:3e:ee:42:d7:c6:5f:91:
94:df:79:b7:47:c2:4b:aa:f0:39:7c:e4:90:85:3e:
38:bc:36:5b:2f:6e:b0:50:26:88:5e:56:2a:cb:a9:
88:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A4:62:35:4C:E9:45:6A:82:51:B6:18:16:08:DB:D8:19:00:E6:D5
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/taRiNUzpRWqCUbYYFgjb2BkA5tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8b:9b:c5:0c:5d:f5:d1:b3:39:5b:c1:30:68:71:40:62:4d:c9:
e2:32:ea:f8:82:7a:52:47:31:fa:af:cd:d8:ef:3b:95:e0:a3:
99:cf:cc:90:00:f7:ab:87:1d:3c:cd:59:6e:0d:e4:74:00:70:
33:93:3a:00:7d:ef:6e:d7:8f:98:88:45:b8:83:13:0f:2f:02:
09:65:dd:91:d1:34:06:eb:1e:95:5a:5e:70:8d:62:8d:08:2a:
63:9c:cd:60:8e:a9:41:ee:90:82:c5:34:4a:96:9c:52:35:93:
7c:78:9c:0d:57:76:7a:12:b7:59:04:c6:c8:fb:ce:03:83:fb:
a3:c1:7c:1c:94:36:6a:6c:13:4f:4a:f0:7a:2e:93:7c:ca:c6:
43:15:ec:7e:3c:a7:6e:69:b0:4f:95:f8:1e:f7:b5:89:b6:b3:
ea:72:f1:bc:50:82:40:10:0e:47:d5:f8:d8:d7:96:b3:9b:6d:
75:d1:14:ab:d0:08:6b:1d:55:94:1f:25:ab:aa:ec:7b:fd:31:
ea:52:0d:e5:bf:51:b8:a2:05:67:7c:fc:f1:fa:4c:a6:ff:02:
f8:1f:3f:00:e9:c6:ed:87:c7:97:79:b7:de:e6:1f:59:62:e0:
ae:30:0d:b6:31:a4:3b:1b:db:f2:78:23:59:15:b0:2f:85:1e:
bc:4f:cc:9f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2R5jdfVFFVwOuT6CkOhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjUwMTAyMTE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE0NjIzNTRjZTk0NTZhODI1MWI2MTgxNjA4ZGJkODE5MDBlNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjmgS4O2URMUjwa+bS+0Yd61dll6
MVZtnQJxaWP+zTUIC3Sq0phPe5u1BdMyOIhTNUKQz0tJee9MxHjN+p9Z+BxkibgY
+cWVsYbloTDiDNGJHHCX+mDNUeNoet/u3DxIh1lQ+bS0g7WKWMQGhxwoaEzSc06M
vV80PS9J99rEGrnNjgpTeuf3HLz1UI9ACaO1dO9rg2oJIMAATul7Xjb7CJLSELpI
4KlhHOpXsAHybwaaQLcta+L3stoDxLWV9wvbkv8EV2z7X5CmYtXwcShgLI9aj+cY
r8MVUj7uQtfGX5GU33m3R8JLqvA5fOSQhT44vDZbL26wUCaIXlYqy6mIWQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLWkYjVM6UVqglG2GBYI29gZAObVMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvdGFSaU5VenBSV3FDVWJZWUZnamIyQmtBNXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQALZtjMBoE
AgACMBQwEgMHBSoQugC+4AMHASoQugC+5DANBgkqhkiG9w0BAQsFAAOCAQEAi5vF
DF310bM5W8EwaHFAYk3J4jLq+IJ6Ukcx+q/N2O87leCjmc/MkAD3q4cdPM1Zbg3k
dABwM5M6AH3vbtePmIhFuIMTDy8CCWXdkdE0BuselVpecI1ijQgqY5zNYI6pQe6Q
gsU0SpacUjWTfHicDVd2ehK3WQTGyPvOA4P7o8F8HJQ2amwTT0rwei6TfMrGQxXs
fjynbmmwT5X4Hve1ibaz6nLxvFCCQBAOR9X42NeWs5ttddEUq9AIax1VlB8lq6rs
e/0x6lIN5b9RuKIFZ3z88fpMpv8C+B8/AOnG7YfHl3m33uYfWWLgrjANtjGkOxvb
8ngjWRWwL4UevE/Mnw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:10:12 2025 by rpki-client