Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/LJdSgvNxRNzQbGgl60lkTz1lbGQ.roa
File: LJdSgvNxRNzQbGgl60lkTz1lbGQ.roa (raw, json)
Hash identifier: tzx33RbFJLln2PWjeo8qaH65+0VHnGHAxYXylhjouzc=
Subject key identifier: 2C:97:52:82:F3:71:44:DC:D0:6C:68:25:EB:49:64:4F:3D:65:6C:64
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01942521B8B15D4FC30BDB5F12617501ED14
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/LJdSgvNxRNzQbGgl60lkTz1lbGQ.roa
Signing time: Thu 02 Jan 2025 03:49:14 +0000
ROA not before: Thu 02 Jan 2025 03:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 45.10.69.0/24 maxlen: 24
45.10.70.0/23 maxlen: 24
91.208.245.0/24 maxlen: 24
91.208.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:b8:b1:5d:4f:c3:0b:db:5f:12:61:75:01:ed:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 2 03:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c975282f37144dcd06c6825eb49644f3d656c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:71:72:75:df:03:d0:80:d1:f2:8b:c4:7e:
61:19:be:4b:b7:bc:57:89:b4:d2:4e:e7:11:f7:f7:
e7:da:fa:6b:8a:d6:3e:ec:6c:9f:2b:02:e8:49:cc:
54:41:a5:8e:6a:9c:25:43:fe:63:ab:c8:c9:1d:77:
cb:36:34:aa:b6:1b:47:eb:47:97:57:7f:d2:8d:fc:
25:ec:d5:85:7a:c9:d9:55:c8:d2:bb:7e:23:7e:94:
82:1d:21:17:34:20:d1:e0:f5:2f:a0:be:ea:e7:93:
83:f5:77:15:24:71:b0:47:9f:d0:9f:4f:41:8c:83:
e6:54:5d:6b:a1:d7:e3:02:74:e2:f2:55:d8:14:72:
f8:59:c9:a9:ed:5f:a1:fb:d9:e3:c7:dd:e7:69:92:
e1:91:3c:95:a2:c1:e9:54:7e:60:b9:85:2a:c4:13:
2f:2c:62:f4:8a:30:2e:33:02:fa:f0:a4:1a:8c:ed:
1c:b8:e2:ca:4e:2e:14:7c:0d:13:eb:a0:04:05:05:
8d:28:6a:28:58:41:7e:74:dc:94:ff:cf:a1:f3:69:
04:5d:10:d0:e1:d2:3e:ba:c2:10:b5:9d:25:46:0c:
9f:4e:23:48:db:d9:2d:84:73:c6:51:df:9e:b7:15:
1c:68:33:37:e2:a7:3e:16:37:fd:43:69:2d:16:c1:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:97:52:82:F3:71:44:DC:D0:6C:68:25:EB:49:64:4F:3D:65:6C:64
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/LJdSgvNxRNzQbGgl60lkTz1lbGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.69.0-45.10.71.255
91.208.245.0-91.208.246.255
Signature Algorithm: sha256WithRSAEncryption
6a:20:d4:d0:8c:16:32:d5:3a:0e:20:74:cf:ca:96:cf:0e:29:
43:02:9b:df:1c:42:e1:79:db:57:91:1e:d5:00:0d:ec:9e:1c:
35:e1:8e:53:dc:50:55:a1:99:44:d3:3e:6b:34:af:2a:12:7f:
11:3f:83:12:79:62:63:e4:6b:37:5f:9b:78:54:e0:a2:03:8e:
ca:cb:d8:e8:c8:ec:07:08:1a:2e:f7:12:d2:a1:07:99:a7:c6:
76:f5:28:c0:52:2e:b9:ae:20:46:9c:17:43:47:55:d2:23:cf:
53:7d:2d:ba:06:8c:64:63:89:78:6a:14:55:34:9d:3d:5c:1b:
49:da:1e:5b:ce:8c:f5:6a:00:b6:b7:13:56:3f:72:e7:5f:7d:
60:8f:dd:f4:b4:bd:c6:9a:9f:16:55:4c:21:98:64:0d:a5:b5:
2d:fd:2f:3d:a5:d7:e2:3f:48:74:63:20:6f:63:09:b3:14:07:
9c:cc:6f:96:50:c5:75:07:9e:ac:19:fd:6c:19:11:24:2d:aa:
b7:f0:60:bc:03:05:7c:6a:79:e0:82:40:ad:fc:fc:44:c6:8f:
40:c2:71:dd:b7:78:dd:d9:a9:d8:1c:f9:98:0a:ff:65:c4:e4:
60:a6:e3:cd:02:54:d3:0d:67:39:e4:cc:ac:22:bc:e7:3c:0c:
b0:44:e2:99
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQlIbixXU/DC9tfEmF1Ae0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjUwMTAyMDM0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzk3NTI4MmYzNzE0NGRjZDA2YzY4MjVlYjQ5NjQ0ZjNkNjU2YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt09xcnXfA9CA0fKLxH5hGb5Lt7xX
ibTSTucR9/fn2vpritY+7GyfKwLoScxUQaWOapwlQ/5jq8jJHXfLNjSqthtH60eX
V3/Sjfwl7NWFesnZVcjSu34jfpSCHSEXNCDR4PUvoL7q55OD9XcVJHGwR5/Qn09B
jIPmVF1rodfjAnTi8lXYFHL4Wcmp7V+h+9njx93naZLhkTyVosHpVH5guYUqxBMv
LGL0ijAuMwL68KQajO0cuOLKTi4UfA0T66AEBQWNKGooWEF+dNyU/8+h82kEXRDQ
4dI+usIQtZ0lRgyfTiNI29kthHPGUd+etxUcaDM34qc+Fjf9Q2ktFsE4CwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCyXUoLzcUTc0GxoJetJZE89ZWxkMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvTEpkU2d2TnhSTnpRYkdnbDYwbGtUejFsYkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAtCkUD
BAMtCkAwDAMEAFvQ9QMEAFvQ9jANBgkqhkiG9w0BAQsFAAOCAQEAaiDU0IwWMtU6
DiB0z8qWzw4pQwKb3xxC4XnbV5Ee1QAN7J4cNeGOU9xQVaGZRNM+azSvKhJ/ET+D
EnliY+RrN1+beFTgogOOysvY6MjsBwgaLvcS0qEHmafGdvUowFIuua4gRpwXQ0dV
0iPPU30tugaMZGOJeGoUVTSdPVwbSdoeW86M9WoAtrcTVj9y5199YI/d9LS9xpqf
FlVMIZhkDaW1Lf0vPaXX4j9IdGMgb2MJsxQHnMxvllDFdQeerBn9bBkRJC2qt/Bg
vAMFfGp54IJArfz8RMaPQMJx3bd43dmp2Bz5mAr/ZcTkYKbjzQJU0w1nOeTMrCK8
5zwMsETimQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:57:22 2025 by rpki-client