Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/43hLg4tOOv7SoGn-XftXhK9a-NE.roa
File: 43hLg4tOOv7SoGn-XftXhK9a-NE.roa (raw, json)
Hash identifier: fTCV6jJu7vHlfoEQtZwLz0NW5RubKgDanJcVlL86nkI=
Subject key identifier: E3:78:4B:83:8B:4E:3A:FE:D2:A0:69:FE:5D:FB:57:84:AF:5A:F8:D1
Certificate issuer: /CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
Certificate serial: 0194258F008537D88D2643444574F759E7C0
Authority key identifier: 0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/43hLg4tOOv7SoGn-XftXhK9a-NE.roa
Signing time: Thu 02 Jan 2025 05:48:36 +0000
ROA not before: Thu 02 Jan 2025 05:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400040
IP address blocks: 45.12.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:00:85:37:d8:8d:26:43:44:45:74:f7:59:e7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a30b635d357468d7f932d3e1f59d5373cf9f465
Validity
Not Before: Jan 2 05:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3784b838b4e3afed2a069fe5dfb5784af5af8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a9:ae:26:1a:fd:a4:34:79:a3:60:24:57:2e:
01:fa:f4:31:e2:a7:4e:ae:22:b8:19:b2:a1:1a:cd:
93:1b:32:7a:2f:46:a2:c6:1f:52:45:ea:28:e3:6f:
f6:8a:fc:f4:d5:de:03:6c:88:94:f8:98:3d:89:9a:
d3:1e:75:ae:69:29:e1:aa:10:d7:b7:73:fe:73:2e:
0d:60:01:93:73:ec:94:a7:db:4e:73:4d:c7:42:2c:
a7:ad:de:9c:1b:cb:7d:2c:a8:b0:33:cc:c2:28:7a:
e2:97:0d:d4:6c:27:f0:68:7a:1d:72:f1:84:89:d8:
de:0b:88:8d:27:8a:96:b7:4f:2b:3d:c0:c2:e1:fa:
d1:4b:68:21:b9:c4:69:f1:45:a7:17:8c:46:a0:85:
9d:98:8d:c0:7c:51:e2:89:93:b4:38:72:18:77:c7:
7c:10:07:20:c5:22:6c:ad:1c:69:bf:de:fa:16:8f:
c2:2e:40:ae:32:5a:70:46:a0:43:6c:33:d2:43:89:
45:3a:ae:59:52:e7:ed:47:90:78:b9:ca:72:07:80:
d0:44:da:46:0d:2d:99:ca:85:d8:2c:aa:86:6d:ce:
a9:e2:e7:b7:1d:01:a1:ef:4b:49:40:79:34:98:51:
ff:0a:84:f7:da:a4:36:d2:80:eb:75:b1:ee:fc:b2:
5f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:78:4B:83:8B:4E:3A:FE:D2:A0:69:FE:5D:FB:57:84:AF:5A:F8:D1
X509v3 Authority Key Identifier:
keyid:0A:30:B6:35:D3:57:46:8D:7F:93:2D:3E:1F:59:D5:37:3C:F9:F4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjC2NdNXRo1_ky0-H1nVNzz59GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/43hLg4tOOv7SoGn-XftXhK9a-NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1785f1-ae23-40f0-83f2-6def398ce5c9/1/CjC2NdNXRo1_ky0-H1nVNzz59GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.187.0/24
Signature Algorithm: sha256WithRSAEncryption
89:ec:8e:d0:c6:23:cb:0a:0d:38:7e:ae:b8:e5:1d:51:70:67:
36:22:b9:e7:0f:66:f1:54:9f:cf:2c:7d:9f:e3:ef:17:d7:c1:
e9:6e:24:99:09:63:fe:38:3a:af:75:74:69:1f:15:d0:4b:cd:
6f:48:67:44:8d:b5:28:e2:31:4f:5d:1f:4e:01:6b:2e:67:d4:
72:ce:8d:1b:69:19:25:57:7f:47:25:98:5f:5f:a8:68:2c:22:
44:61:90:3f:ba:c4:0a:98:4f:be:96:83:65:f2:d5:f8:5b:56:
41:ba:1f:79:3d:62:0b:68:3b:6c:35:3e:3d:b7:81:85:6d:40:
09:d0:40:ba:ff:6f:e7:ca:87:91:f9:29:58:6f:3b:e8:b3:a1:
b5:31:92:30:b7:f2:38:9a:6b:51:93:a0:1c:03:80:1f:84:b4:
99:a8:45:5a:66:cc:4d:ac:ae:42:9c:95:54:ad:08:b9:61:66:
46:91:13:3b:ee:13:bf:71:f9:9c:b7:9c:9c:a8:4f:47:14:73:
a5:13:c6:cc:08:c6:b9:1b:de:a5:07:6b:dd:8f:3e:91:3e:67:
ca:82:7d:8c:d5:74:83:ad:03:27:75:75:ad:52:91:4e:c9:73:
fd:bc:44:63:7e:90:76:a3:f3:62:1e:af:58:ba:c7:e1:f5:a8:
b2:b9:94:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljwCFN9iNJkNERXT3WefAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzBiNjM1ZDM1NzQ2OGQ3ZjkzMmQzZTFmNTlkNTM3M2Nm
OWY0NjUwHhcNMjUwMTAyMDU0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzc4NGI4MzhiNGUzYWZlZDJhMDY5ZmU1ZGZiNTc4NGFmNWFmOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6muJhr9pDR5o2AkVy4B+vQx4qdO
riK4GbKhGs2TGzJ6L0aixh9SReoo42/2ivz01d4DbIiU+Jg9iZrTHnWuaSnhqhDX
t3P+cy4NYAGTc+yUp9tOc03HQiynrd6cG8t9LKiwM8zCKHrilw3UbCfwaHodcvGE
idjeC4iNJ4qWt08rPcDC4frRS2ghucRp8UWnF4xGoIWdmI3AfFHiiZO0OHIYd8d8
EAcgxSJsrRxpv976Fo/CLkCuMlpwRqBDbDPSQ4lFOq5ZUuftR5B4ucpyB4DQRNpG
DS2ZyoXYLKqGbc6p4ue3HQGh70tJQHk0mFH/CoT32qQ20oDrdbHu/LJfrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFON4S4OLTjr+0qBp/l37V4SvWvjRMB8GA1UdIwQY
MBaAFAowtjXTV0aNf5MtPh9Z1Tc8+fRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pDMk5kTlhSbzFfa3kwLUgxblZOeno1OUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xNzg1ZjEtYWUyMy00MGYwLTgzZjIt
NmRlZjM5OGNlNWM5LzEvNDNoTGc0dE9PdjdTb0duLVhmdFhoSzlhLU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xNzg1ZjEtYWUyMy00MGYwLTgzZjItNmRlZjM5OGNlNWM5
LzEvQ2pDMk5kTlhSbzFfa3kwLUgxblZOeno1OUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQy7MA0G
CSqGSIb3DQEBCwUAA4IBAQCJ7I7QxiPLCg04fq645R1RcGc2IrnnD2bxVJ/PLH2f
4+8X18HpbiSZCWP+ODqvdXRpHxXQS81vSGdEjbUo4jFPXR9OAWsuZ9Ryzo0baRkl
V39HJZhfX6hoLCJEYZA/usQKmE++loNl8tX4W1ZBuh95PWILaDtsNT49t4GFbUAJ
0EC6/2/nyoeR+SlYbzvos6G1MZIwt/I4mmtRk6AcA4AfhLSZqEVaZsxNrK5CnJVU
rQi5YWZGkRM77hO/cfmct5ycqE9HFHOlE8bMCMa5G96lB2vdjz6RPmfKgn2M1XSD
rQMndXWtUpFOyXP9vERjfpB2o/NiHq9Yusfh9aiyuZT7
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:38:44 2025 by rpki-client