Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0h6iinVq0CvkAHqOQK3yk9V9Fu0.roa
File: 0h6iinVq0CvkAHqOQK3yk9V9Fu0.roa (raw, json)
Hash identifier: 8hl8zTyQDhZ+xQ1mZ4xf90x46odkc0W4/N0fA922pEY=
Subject key identifier: D2:1E:A2:8A:75:6A:D0:2B:E4:00:7A:8E:40:AD:F2:93:D5:7D:16:ED
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5D54AB4F7E18DA1CE339B94E1373A
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0h6iinVq0CvkAHqOQK3yk9V9Fu0.roa
Signing time: Wed 01 Jan 2025 07:47:52 +0000
ROA not before: Wed 01 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61302
IP address blocks: 45.141.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d5:4a:b4:f7:e1:8d:a1:ce:33:9b:94:e1:37:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d21ea28a756ad02be4007a8e40adf293d57d16ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:e2:34:20:a4:9e:6c:9b:0c:a2:1e:7a:db:
45:58:d3:f0:c6:0d:12:3b:13:43:ac:42:c4:62:e6:
b1:4e:d2:b9:a5:e8:f2:b7:f8:cb:f0:99:95:46:57:
09:b7:cc:5c:00:12:68:00:08:15:a2:5d:96:4a:38:
3c:4a:a4:52:24:39:69:b3:9d:ac:3b:b1:d3:96:dc:
59:fc:d0:9e:62:00:40:dd:34:27:5a:ce:d5:55:9f:
1d:65:12:da:f0:75:ff:12:47:1d:8a:22:f2:67:0b:
65:8a:f1:28:51:31:db:fb:e5:38:8b:7f:ac:bc:2c:
86:41:5e:b9:71:20:4f:cd:a6:9f:4f:3e:d3:9a:04:
d0:a8:6d:5f:d3:4b:24:20:8e:46:8c:86:f7:3b:45:
a3:a4:16:ad:d8:0c:ce:06:ce:0b:57:6e:82:a0:98:
c1:a8:22:31:4e:d2:f8:86:b8:b2:9c:47:41:dd:f7:
90:4f:7c:91:43:75:b7:3c:27:25:d7:16:f2:59:ac:
28:85:b5:a1:b5:43:4d:17:04:c4:84:5d:04:e8:03:
f5:99:14:0c:62:82:73:e7:e2:3f:fe:18:42:79:04:
21:2f:34:c8:3b:23:a9:fb:92:95:95:64:88:bc:d2:
d3:f8:2a:c0:a5:63:d8:fd:1b:34:7c:20:0e:9d:05:
9b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1E:A2:8A:75:6A:D0:2B:E4:00:7A:8E:40:AD:F2:93:D5:7D:16:ED
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0h6iinVq0CvkAHqOQK3yk9V9Fu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.184.0/24
Signature Algorithm: sha256WithRSAEncryption
70:2f:e9:97:58:4c:00:83:82:04:09:ea:55:34:c2:5a:ca:b6:
82:e7:de:fe:34:1d:31:39:48:06:1d:83:20:67:0b:f3:ac:d9:
ce:18:69:ff:f6:58:0b:6e:e0:4b:a7:12:5c:2a:68:2a:c4:8c:
35:23:98:46:ab:39:92:02:e5:71:9b:dc:75:92:d8:ce:6f:3d:
e8:6f:0f:d2:12:e8:3b:f7:c2:c2:47:97:6b:97:91:6b:8c:90:
67:9e:a8:c5:70:23:b7:e1:e7:1a:19:27:0b:b8:f8:cf:2f:25:
31:9a:cd:71:2b:54:fd:11:01:55:73:7b:cb:0e:42:96:cb:92:
c2:f3:45:43:41:f0:e3:33:09:7e:01:d6:80:22:af:44:b5:59:
76:7a:73:82:30:d0:e0:3a:3a:69:54:d8:d8:b7:1b:39:b8:9e:
dd:0d:9c:a0:c7:2b:d8:8a:de:64:b7:1c:f5:40:7b:3d:db:91:
5a:db:7e:40:7c:79:22:bd:da:34:64:fd:91:fa:21:27:9a:58:
12:00:bf:cf:15:76:dd:bd:22:e7:f6:c3:52:6a:3c:08:c6:0e:
2d:60:5e:84:c7:f2:c4:2b:e3:13:5d:fe:fc:7c:79:19:1f:b9:
69:c9:79:a8:90:44:07:94:89:27:66:cf:35:a5:ce:d7:5f:9e:
15:76:84:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dVKtPfhjaHOM5uU4Tc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFlYTI4YTc1NmFkMDJiZTQwMDdhOGU0MGFkZjI5M2Q1N2QxNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgXiNCCknmybDKIeettFWNPwxg0S
OxNDrELEYuaxTtK5pejyt/jL8JmVRlcJt8xcABJoAAgVol2WSjg8SqRSJDlps52s
O7HTltxZ/NCeYgBA3TQnWs7VVZ8dZRLa8HX/EkcdiiLyZwtlivEoUTHb++U4i3+s
vCyGQV65cSBPzaafTz7TmgTQqG1f00skII5GjIb3O0WjpBat2AzOBs4LV26CoJjB
qCIxTtL4hriynEdB3feQT3yRQ3W3PCcl1xbyWawohbWhtUNNFwTEhF0E6AP1mRQM
YoJz5+I//hhCeQQhLzTIOyOp+5KVlWSIvNLT+CrApWPY/Rs0fCAOnQWb0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIeoop1atAr5AB6jkCt8pPVfRbtMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMGg2aWluVnEwQ3ZrQUhxT1FLM3lrOVY5RnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY24MA0G
CSqGSIb3DQEBCwUAA4IBAQBwL+mXWEwAg4IECepVNMJayraC597+NB0xOUgGHYMg
ZwvzrNnOGGn/9lgLbuBLpxJcKmgqxIw1I5hGqzmSAuVxm9x1ktjObz3obw/SEug7
98LCR5drl5FrjJBnnqjFcCO34ecaGScLuPjPLyUxms1xK1T9EQFVc3vLDkKWy5LC
80VDQfDjMwl+AdaAIq9EtVl2enOCMNDgOjppVNjYtxs5uJ7dDZygxyvYit5ktxz1
QHs925Fa235AfHkivdo0ZP2R+iEnmlgSAL/PFXbdvSLn9sNSajwIxg4tYF6Ex/LE
K+MTXf78fHkZH7lpyXmokEQHlIknZs81pc7XX54VdoQv
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:42:31 2025 by rpki-client