Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u6fN8-DcfSAfQ9SiUkcV-pH3a40.roa
File: u6fN8-DcfSAfQ9SiUkcV-pH3a40.roa (raw, json)
Hash identifier: FucpQhTYYoYuxTki8EFi+FcsXULWtGCSTqGIBrZaP/Y=
Subject key identifier: BB:A7:CD:F3:E0:DC:7D:20:1F:43:D4:A2:52:47:15:FA:91:F7:6B:8D
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5D8C4DAA8ED0091B20F340DC1E750
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u6fN8-DcfSAfQ9SiUkcV-pH3a40.roa
Signing time: Wed 01 Jan 2025 07:47:53 +0000
ROA not before: Wed 01 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196695
IP address blocks: 45.147.3.0/24 maxlen: 24
91.200.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d8:c4:da:a8:ed:00:91:b2:0f:34:0d:c1:e7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bba7cdf3e0dc7d201f43d4a2524715fa91f76b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ed:71:3a:2f:4c:f0:14:ad:b0:38:63:28:ae:
34:ae:3a:bc:00:bf:60:8b:4b:fd:0f:74:16:57:de:
88:20:8c:f4:bc:65:11:3a:2a:04:3e:b9:b7:f3:17:
43:43:d6:3a:85:4e:39:d4:c3:e2:24:a9:a8:a3:0c:
6f:47:08:cf:13:3e:c8:ed:b1:b1:48:de:b7:4c:c3:
02:d0:f1:75:4b:47:a9:7e:65:9e:8a:59:2b:0e:57:
51:6b:b7:c1:16:91:b8:64:5f:0c:76:b0:31:82:f4:
59:48:de:60:de:d3:58:60:75:4b:9a:b4:89:24:81:
fa:62:d5:5d:2f:a6:d9:1d:c1:1a:64:5c:a7:3e:ba:
a8:2b:98:b2:de:3a:36:12:77:b5:11:29:fe:ce:69:
3c:b3:e8:7d:5d:09:00:d2:99:05:4d:92:c7:d6:35:
17:4a:39:f2:20:da:ff:e5:d7:77:89:66:d1:25:57:
48:6a:89:30:b5:42:14:38:92:86:90:f8:8e:33:dd:
82:7d:45:fe:b9:28:5a:a0:a3:47:3d:80:55:03:dd:
46:86:92:45:e3:4b:6a:22:fe:f8:62:a6:33:3f:68:
ed:4c:ab:e3:28:8c:fd:44:2d:16:f7:43:4f:27:be:
fc:f4:23:3c:2a:1b:d5:31:8d:89:ac:5b:c1:cf:d3:
c1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A7:CD:F3:E0:DC:7D:20:1F:43:D4:A2:52:47:15:FA:91:F7:6B:8D
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u6fN8-DcfSAfQ9SiUkcV-pH3a40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.3.0/24
91.200.146.0/24
Signature Algorithm: sha256WithRSAEncryption
41:b4:c7:f3:a4:4b:e7:45:ba:ef:37:9e:af:67:2e:14:5f:28:
87:82:01:9c:48:8b:da:5e:ea:ed:57:ea:cf:27:1f:6a:8e:a3:
e2:da:f9:60:6c:55:30:cf:25:9a:ee:58:59:70:18:f4:e1:ad:
ad:24:ef:e7:04:83:9d:b8:52:41:fd:a1:df:e5:82:e6:75:fb:
1c:73:85:68:62:ac:58:5a:9a:85:82:04:2e:ad:b4:00:d0:be:
fc:86:ad:f7:c6:82:c4:f9:c4:82:6e:c6:43:78:fd:21:02:69:
2f:33:25:bf:97:9d:a9:cb:4d:d3:af:e9:db:dd:35:d8:7e:1c:
ee:a3:32:34:31:c6:b9:25:55:ec:31:ea:fa:99:cd:1e:47:c4:
42:1e:41:f0:62:51:db:53:03:14:8d:ca:ea:4b:6a:ef:63:f0:
b2:f3:a7:78:d5:1b:d5:76:1a:97:16:32:ad:1c:63:be:d7:4a:
7d:6d:18:cf:2e:8e:77:ba:f3:80:69:c6:e0:f6:39:3a:89:85:
c7:a6:f0:f6:63:6c:3d:d0:0c:58:9d:20:ed:f0:7b:ad:18:2e:
68:d9:20:1e:63:79:1a:5f:ba:ed:a7:0a:db:e3:f0:11:93:b9:
d3:81:4f:53:35:77:5c:fa:30:69:43:a4:be:c2:9f:99:92:c0:
39:28:ab:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1djE2qjtAJGyDzQNwedQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmE3Y2RmM2UwZGM3ZDIwMWY0M2Q0YTI1MjQ3MTVmYTkxZjc2YjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru1xOi9M8BStsDhjKK40rjq8AL9g
i0v9D3QWV96IIIz0vGUROioEPrm38xdDQ9Y6hU451MPiJKmoowxvRwjPEz7I7bGx
SN63TMMC0PF1S0epfmWeilkrDldRa7fBFpG4ZF8MdrAxgvRZSN5g3tNYYHVLmrSJ
JIH6YtVdL6bZHcEaZFynPrqoK5iy3jo2Ene1ESn+zmk8s+h9XQkA0pkFTZLH1jUX
SjnyINr/5dd3iWbRJVdIaokwtUIUOJKGkPiOM92CfUX+uShaoKNHPYBVA91GhpJF
40tqIv74YqYzP2jtTKvjKIz9RC0W90NPJ7789CM8KhvVMY2JrFvBz9PBcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLunzfPg3H0gH0PUolJHFfqR92uNMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvdTZmTjgtRGNmU0FmUTlTaVVrY1YtcEgzYTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZMDAwQA
W8iSMA0GCSqGSIb3DQEBCwUAA4IBAQBBtMfzpEvnRbrvN56vZy4UXyiHggGcSIva
XurtV+rPJx9qjqPi2vlgbFUwzyWa7lhZcBj04a2tJO/nBIOduFJB/aHf5YLmdfsc
c4VoYqxYWpqFggQurbQA0L78hq33xoLE+cSCbsZDeP0hAmkvMyW/l52py03Tr+nb
3TXYfhzuozI0Mca5JVXsMer6mc0eR8RCHkHwYlHbUwMUjcrqS2rvY/Cy86d41RvV
dhqXFjKtHGO+10p9bRjPLo53uvOAacbg9jk6iYXHpvD2Y2w90AxYnSDt8HutGC5o
2SAeY3kaX7rtpwrb4/ARk7nTgU9TNXdc+jBpQ6S+wp+ZksA5KKv+
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:00:41 2025 by rpki-client