Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/iqWrVdpLadD0ZhS_LKD_HbFqb7s.roa
File: iqWrVdpLadD0ZhS_LKD_HbFqb7s.roa (raw, json)
Hash identifier: Tdz1rYCCKR8boOv5XZ6tOhQL6CYygZ0GN04QKLcP9mw=
Subject key identifier: 8A:A5:AB:55:DA:4B:69:D0:F4:66:14:BF:2C:A0:FF:1D:B1:6A:6F:BB
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0194236A5B68A0A466C4F3F7D15E24A731D6
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/iqWrVdpLadD0ZhS_LKD_HbFqb7s.roa
Signing time: Wed 01 Jan 2025 19:49:20 +0000
ROA not before: Wed 01 Jan 2025 19:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1162
IP address blocks: 145.100.9.0/30 maxlen: 30
145.100.32.0/22 maxlen: 22
2001:610:108:203a::/64 maxlen: 64
2001:610:108:3014::/64 maxlen: 64
2001:610:108:3017::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:5b:68:a0:a4:66:c4:f3:f7:d1:5e:24:a7:31:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 1 19:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aa5ab55da4b69d0f46614bf2ca0ff1db16a6fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3e:22:74:55:c7:aa:be:05:fe:5e:a0:73:dc:
3f:2c:ca:72:a4:ac:4d:43:39:d7:72:b5:79:9e:61:
ab:64:9a:fe:1b:93:bf:dc:02:38:c6:5a:5d:2d:57:
5f:c6:99:9f:8e:7a:71:62:84:85:56:00:5b:b8:a4:
23:34:90:00:35:75:96:21:d3:83:b7:d2:9a:a0:ef:
02:51:1f:60:23:be:a1:72:98:0a:ac:5a:8c:d7:75:
bf:43:98:bd:91:b2:17:78:75:2f:63:42:cc:71:9e:
99:d8:0c:7e:6a:b2:c9:de:14:a9:0d:6a:aa:8e:14:
d7:ce:04:be:06:d5:6a:8e:bb:09:58:03:32:67:39:
a6:4d:fd:ee:d0:6f:36:10:88:e8:94:67:8d:c0:a5:
8e:0c:1b:e1:77:49:29:c6:e3:99:0d:64:0d:11:76:
19:5c:64:a9:1e:63:46:27:87:86:5c:5b:17:ef:54:
e4:6d:7d:7c:db:42:3d:64:9f:7b:06:f6:3d:fd:a1:
72:55:ac:70:a2:4e:f9:84:cf:c1:36:0f:56:ed:e4:
e9:fb:d0:e2:d2:1d:3c:92:73:3b:61:c9:fd:c6:b8:
d4:96:f5:77:ad:4e:d7:f1:24:ca:85:fc:17:dd:23:
f2:b5:db:4f:dc:cd:10:5c:8b:33:d0:20:35:8c:42:
13:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A5:AB:55:DA:4B:69:D0:F4:66:14:BF:2C:A0:FF:1D:B1:6A:6F:BB
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/iqWrVdpLadD0ZhS_LKD_HbFqb7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.100.9.0/30
145.100.32.0/22
IPv6:
2001:610:108:203a::/64
2001:610:108:3014::/64
2001:610:108:3017::/64
Signature Algorithm: sha256WithRSAEncryption
b3:63:be:3e:97:c5:56:4a:c9:6e:cb:d6:07:f7:1c:e2:18:0e:
75:b3:b1:55:d0:49:74:7d:d1:79:57:d9:d9:1c:b0:ff:44:8f:
0b:42:fd:2b:08:d0:0d:3d:e3:16:cd:4a:ed:7b:ef:cd:7b:3f:
46:01:78:af:d1:f5:aa:aa:da:95:e6:75:bf:d7:f2:b5:bb:e1:
e7:1e:6f:90:8c:61:38:f1:61:63:b0:8b:f6:d2:21:aa:4f:04:
54:a7:08:ce:ed:09:f2:40:09:26:47:3b:26:3b:4b:15:de:9f:
39:9c:af:60:29:95:a8:69:34:a4:8c:56:5a:ce:ec:2b:fe:02:
38:27:fe:1b:2f:6d:e3:ef:5b:fa:13:e9:14:56:77:fc:8a:7c:
dd:91:2c:8f:e9:ca:35:01:08:10:7b:a3:ad:a8:43:09:30:32:
4c:03:8e:35:72:ae:95:3f:2e:1d:25:44:dc:8e:9e:4a:68:07:
1a:1b:c8:3f:f8:c4:31:2f:a2:3f:c6:b8:03:e9:09:e6:2b:d9:
2a:0b:c9:e6:bc:a7:67:4f:0e:ec:f4:94:52:40:27:10:5a:c1:
fd:bf:94:6d:84:26:38:cc:65:bb:23:a6:89:2d:48:a7:a7:f6:
45:36:bb:98:9f:00:a7:f5:7b:69:a3:05:dc:65:b1:2f:68:95:
d5:a1:6c:8e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQjaltooKRmxPP30V4kpzHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwMTAxMTk0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE1YWI1NWRhNGI2OWQwZjQ2NjE0YmYyY2EwZmYxZGIxNmE2ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T4idFXHqr4F/l6gc9w/LMpypKxN
QznXcrV5nmGrZJr+G5O/3AI4xlpdLVdfxpmfjnpxYoSFVgBbuKQjNJAANXWWIdOD
t9KaoO8CUR9gI76hcpgKrFqM13W/Q5i9kbIXeHUvY0LMcZ6Z2Ax+arLJ3hSpDWqq
jhTXzgS+BtVqjrsJWAMyZzmmTf3u0G82EIjolGeNwKWODBvhd0kpxuOZDWQNEXYZ
XGSpHmNGJ4eGXFsX71TkbX1820I9ZJ97BvY9/aFyVaxwok75hM/BNg9W7eTp+9Di
0h08knM7Ycn9xrjUlvV3rU7X8STKhfwX3SPytdtP3M0QXIsz0CA1jEITFQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIqlq1XaS2nQ9GYUvyyg/x2xam+7MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvaXFXclZkcExhZEQwWmhTX0xLRF9IYkZxYjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjATBAIAATANAwUCkWQJAAME
ApFkIDAnBAIAAjAhAwkAIAEGEAEIIDoDCQAgAQYQAQgwFAMJACABBhABCDAXMA0G
CSqGSIb3DQEBCwUAA4IBAQCzY74+l8VWSsluy9YH9xziGA51s7FV0El0fdF5V9nZ
HLD/RI8LQv0rCNANPeMWzUrte+/Nez9GAXiv0fWqqtqV5nW/1/K1u+HnHm+QjGE4
8WFjsIv20iGqTwRUpwjO7QnyQAkmRzsmO0sV3p85nK9gKZWoaTSkjFZazuwr/gI4
J/4bL23j71v6E+kUVnf8inzdkSyP6co1AQgQe6OtqEMJMDJMA441cq6VPy4dJUTc
jp5KaAcaG8g/+MQxL6I/xrgD6QnmK9kqC8nmvKdnTw7s9JRSQCcQWsH9v5RthCY4
zGW7I6aJLUinp/ZFNruYnwCn9XtpowXcZbEvaJXVoWyO
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:29:17 2025 by rpki-client