Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/o1B4C1l0Mq7pJhpeC8kXzQs678g.roa
File: o1B4C1l0Mq7pJhpeC8kXzQs678g.roa (raw, json)
Hash identifier: clxBP9F/5mNfnpK2z7praUjYynLRRDpCuraRiLWjpCM=
Subject key identifier: A3:50:78:0B:59:74:32:AE:E9:26:1A:5E:0B:C9:17:CD:0B:3A:EF:C8
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5D71D54D3793E555A1FE790869EDB
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/o1B4C1l0Mq7pJhpeC8kXzQs678g.roa
Signing time: Wed 01 Jan 2025 07:47:52 +0000
ROA not before: Wed 01 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62300
IP address blocks: 45.139.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d7:1d:54:d3:79:3e:55:5a:1f:e7:90:86:9e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a350780b597432aee9261a5e0bc917cd0b3aefc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:48:bf:b1:0a:4c:0a:48:96:99:2f:73:9b:57:
ee:8d:86:fd:91:51:37:49:9a:32:59:aa:56:5a:10:
1a:97:7c:5c:06:2a:74:75:ad:2e:a3:32:bb:11:16:
46:61:69:86:bb:fa:6a:8e:61:81:9e:34:97:dd:61:
34:c1:d4:f4:ff:c6:d8:f4:ec:44:ab:cd:a1:e4:8e:
d0:a1:61:20:b1:c3:bf:be:1e:3e:e3:53:f1:0a:11:
8c:af:64:08:d2:42:27:b4:5f:f9:41:3a:24:61:f0:
9c:59:35:b7:77:fd:23:7b:3b:f5:a6:30:a1:5c:9a:
6d:6b:68:52:38:c4:08:12:e4:67:ff:5d:6a:09:b3:
14:d4:22:d8:59:b9:f1:23:dc:64:41:ef:97:09:3d:
60:5a:39:27:a2:43:49:57:e4:7c:3f:ef:4f:ac:89:
0c:46:70:03:aa:1f:f2:89:4f:38:2f:b8:f5:11:3a:
9a:a1:a9:ca:03:d4:3d:6f:43:c0:d6:2b:d5:92:47:
33:e6:4a:7c:65:17:8a:1b:3e:66:fe:62:0d:4c:ae:
06:27:30:e8:d5:ea:32:97:1f:bf:0a:03:5f:4f:37:
70:54:fd:3e:04:a2:a5:84:67:20:32:03:18:b3:f4:
5a:0b:a8:23:9c:e6:8d:61:8b:3a:c4:fd:97:a4:a5:
ec:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:50:78:0B:59:74:32:AE:E9:26:1A:5E:0B:C9:17:CD:0B:3A:EF:C8
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/o1B4C1l0Mq7pJhpeC8kXzQs678g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.179.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:82:d1:69:9f:ab:a3:62:9a:34:f5:23:e4:4e:51:84:f1:b9:
29:bd:14:7b:28:90:dc:46:8c:79:77:55:a0:2f:cf:6a:11:0e:
2a:81:23:c3:4d:10:c2:fd:74:99:68:8f:ae:7a:30:18:8b:33:
90:40:8c:84:6c:a9:50:d9:8c:fe:f6:67:89:44:33:93:17:e6:
a4:fb:d4:62:88:dc:84:75:1e:50:50:df:5e:ea:ba:b6:05:05:
eb:ec:33:be:e0:2e:80:fb:86:2f:70:27:28:c1:6a:0c:f8:55:
85:20:4d:c9:be:3b:c2:81:bc:a6:2d:0c:07:54:a7:68:e4:90:
08:8b:e2:3a:44:bf:b0:32:b2:dd:2a:16:a9:9b:6f:a4:c2:c2:
15:06:b3:00:e0:67:31:a7:d6:b4:bb:ba:82:c4:5b:02:8b:1c:
71:20:4d:fd:fe:14:cd:c9:20:67:ad:67:2e:02:6d:36:f4:03:
64:28:b4:e4:a1:dc:74:53:9e:b0:c9:20:12:c8:ed:f6:7d:c8:
95:23:bf:b4:41:47:cb:b1:6b:66:6c:98:e8:a5:f5:fc:94:54:
ea:11:5a:9e:a8:a2:d8:2e:e8:a5:7f:38:39:6c:e5:a1:c1:fb:
2c:4a:fb:9c:00:41:a9:e2:7f:8c:5c:d9:7f:a4:8c:39:75:93:
93:f1:16:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dcdVNN5PlVaH+eQhp7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUwNzgwYjU5NzQzMmFlZTkyNjFhNWUwYmM5MTdjZDBiM2FlZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEi/sQpMCkiWmS9zm1fujYb9kVE3
SZoyWapWWhAal3xcBip0da0uozK7ERZGYWmGu/pqjmGBnjSX3WE0wdT0/8bY9OxE
q82h5I7QoWEgscO/vh4+41PxChGMr2QI0kIntF/5QTokYfCcWTW3d/0jezv1pjCh
XJpta2hSOMQIEuRn/11qCbMU1CLYWbnxI9xkQe+XCT1gWjknokNJV+R8P+9PrIkM
RnADqh/yiU84L7j1ETqaoanKA9Q9b0PA1ivVkkcz5kp8ZReKGz5m/mINTK4GJzDo
1eoylx+/CgNfTzdwVP0+BKKlhGcgMgMYs/RaC6gjnOaNYYs6xP2XpKXsOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNQeAtZdDKu6SYaXgvJF80LOu/IMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvbzFCNEMxbDBNcTdwSmhwZUM4a1h6UXM2NzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYuzMA0G
CSqGSIb3DQEBCwUAA4IBAQBOgtFpn6ujYpo09SPkTlGE8bkpvRR7KJDcRox5d1Wg
L89qEQ4qgSPDTRDC/XSZaI+uejAYizOQQIyEbKlQ2Yz+9meJRDOTF+ak+9RiiNyE
dR5QUN9e6rq2BQXr7DO+4C6A+4YvcCcowWoM+FWFIE3JvjvCgbymLQwHVKdo5JAI
i+I6RL+wMrLdKhapm2+kwsIVBrMA4Gcxp9a0u7qCxFsCixxxIE39/hTNySBnrWcu
Am029ANkKLTkodx0U56wySASyO32fciVI7+0QUfLsWtmbJjopfX8lFTqEVqeqKLY
Luilfzg5bOWhwfssSvucAEGp4n+MXNl/pIw5dZOT8RbG
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:11:45 2025 by rpki-client