Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/kLdYNlBxoUsO0xToRjcSbRZEf5M.roa
File: kLdYNlBxoUsO0xToRjcSbRZEf5M.roa (raw, json)
Hash identifier: uSz8pizyGPkpRJKc5zYo+RcDvjmGd3gE3D8JNJ5Va40=
Subject key identifier: 90:B7:58:36:50:71:A1:4B:0E:D3:14:E8:46:37:12:6D:16:44:7F:93
Certificate issuer: /CN=66759f7a8f90672ea8353af4d11d6ac5e9fd8206
Certificate serial: 0194258E2BA879692EA0C9FB4AE64D7570D5
Authority key identifier: 66:75:9F:7A:8F:90:67:2E:A8:35:3A:F4:D1:1D:6A:C5:E9:FD:82:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/kLdYNlBxoUsO0xToRjcSbRZEf5M.roa
Signing time: Thu 02 Jan 2025 05:47:41 +0000
ROA not before: Thu 02 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18013
IP address blocks: 45.149.16.0/24 maxlen: 24
45.149.17.0/24 maxlen: 24
45.149.18.0/24 maxlen: 24
45.149.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:2b:a8:79:69:2e:a0:c9:fb:4a:e6:4d:75:70:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66759f7a8f90672ea8353af4d11d6ac5e9fd8206
Validity
Not Before: Jan 2 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90b758365071a14b0ed314e84637126d16447f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b3:e1:45:9f:25:8f:a7:64:40:20:c7:90:b6:
1e:2b:df:bc:d3:be:a2:e6:e6:dc:65:23:ab:88:51:
00:dd:01:3d:d7:7c:38:8a:18:56:5f:f8:40:d0:d9:
af:63:16:f4:0d:40:fe:89:57:3d:c7:06:ab:98:9f:
ff:5e:62:2f:2c:6e:39:5b:cb:7b:f3:c0:a8:16:83:
1c:38:43:e2:12:22:e7:fc:ed:10:6f:9d:98:1a:9a:
ce:3c:66:13:ec:fb:13:8f:17:67:dc:b3:55:36:de:
01:e8:06:ae:71:db:f7:a7:33:26:66:79:f6:15:7e:
47:12:1c:1d:20:72:86:38:54:a6:22:bd:28:4e:32:
b4:b6:e0:ce:64:77:21:57:e8:ac:25:5e:bd:14:0d:
60:26:9b:8e:c9:bb:2c:3f:38:86:b0:93:72:d6:e3:
38:b0:49:78:1f:6c:69:ae:68:f4:3e:1b:e2:f9:b3:
57:2a:6a:60:c3:dc:0a:f7:86:31:b7:1e:36:25:1b:
8c:99:11:22:b4:14:c8:71:41:cc:8e:d1:fb:1d:c6:
7f:4d:6e:0f:97:1b:98:88:da:1a:39:33:9a:70:b1:
3a:5b:f1:b4:2a:57:94:b2:5f:94:eb:93:5a:f3:5b:
23:83:3b:54:42:99:51:c1:03:18:44:fb:62:7b:94:
54:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B7:58:36:50:71:A1:4B:0E:D3:14:E8:46:37:12:6D:16:44:7F:93
X509v3 Authority Key Identifier:
keyid:66:75:9F:7A:8F:90:67:2E:A8:35:3A:F4:D1:1D:6A:C5:E9:FD:82:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/kLdYNlBxoUsO0xToRjcSbRZEf5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/ZnWfeo-QZy6oNTr00R1qxen9ggY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.16.0/22
Signature Algorithm: sha256WithRSAEncryption
19:e2:b8:46:63:26:61:9a:1b:81:b8:5a:19:4c:f5:10:56:88:
a1:4f:d3:fd:69:ec:ba:d1:d7:3c:20:0c:ef:af:25:29:02:ac:
d1:1a:2e:38:82:c5:fb:c1:05:f9:ae:e5:2f:b1:f1:5a:bf:d5:
21:c2:de:43:9d:43:94:03:28:2e:0e:ab:12:2f:6c:f1:a0:4c:
25:22:4e:9d:3a:0e:c4:15:99:8d:d4:3f:ed:93:26:0e:d3:7c:
87:01:bb:f0:1c:3a:1d:d2:60:b5:de:8a:06:30:ed:30:41:20:
b8:17:ba:d8:24:fc:d1:53:d9:b2:1b:cc:30:67:10:84:62:36:
11:0c:60:48:02:b5:2b:73:bb:c8:ea:e6:8e:5d:fe:d6:83:d2:
69:2d:39:8f:21:82:70:cf:a5:73:9f:a7:3e:12:cd:ff:3a:72:
63:f8:33:f4:bf:f1:a8:1e:4f:52:f4:a0:15:dd:ad:89:9d:50:
fe:84:71:b3:d5:62:14:c4:f0:3f:9d:78:fd:de:c6:a5:9d:6a:
31:97:07:c1:6a:7e:7b:f9:c6:b8:70:cb:9f:0d:c2:ab:2e:35:
46:21:b6:13:c9:8d:df:ab:ca:a8:cd:7d:6e:7c:c6:3b:eb:3e:
bb:06:8b:ec:c6:bc:52:53:f8:b1:aa:d1:4c:cc:c8:36:85:ab:
74:6f:30:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljiuoeWkuoMn7SuZNdXDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NzU5ZjdhOGY5MDY3MmVhODM1M2FmNGQxMWQ2YWM1ZTlm
ZDgyMDYwHhcNMjUwMTAyMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI3NTgzNjUwNzFhMTRiMGVkMzE0ZTg0NjM3MTI2ZDE2NDQ3ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbPhRZ8lj6dkQCDHkLYeK9+8076i
5ubcZSOriFEA3QE913w4ihhWX/hA0NmvYxb0DUD+iVc9xwarmJ//XmIvLG45W8t7
88CoFoMcOEPiEiLn/O0Qb52YGprOPGYT7PsTjxdn3LNVNt4B6Aaucdv3pzMmZnn2
FX5HEhwdIHKGOFSmIr0oTjK0tuDOZHchV+isJV69FA1gJpuOybssPziGsJNy1uM4
sEl4H2xprmj0Phvi+bNXKmpgw9wK94Yxtx42JRuMmREitBTIcUHMjtH7HcZ/TW4P
lxuYiNoaOTOacLE6W/G0KleUsl+U65Na81sjgztUQplRwQMYRPtie5RUqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJC3WDZQcaFLDtMU6EY3Em0WRH+TMB8GA1UdIwQY
MBaAFGZ1n3qPkGcuqDU69NEdasXp/YIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5XZmVvLVFaeTZvTlRyMDBSMXF4ZW45Z2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xNzhiMDItOTQ4Yy00NjI0LTk3Yjgt
ZTRlMTdlNGI1MTgwLzEva0xkWU5sQnhvVXNPMHhUb1JqY1NiUlpFZjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xNzhiMDItOTQ4Yy00NjI0LTk3YjgtZTRlMTdlNGI1MTgw
LzEvWm5XZmVvLVFaeTZvTlRyMDBSMXF4ZW45Z2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZUQMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ4rhGYyZhmhuBuFoZTPUQVoihT9P9aey60dc8IAzv
ryUpAqzRGi44gsX7wQX5ruUvsfFav9Uhwt5DnUOUAyguDqsSL2zxoEwlIk6dOg7E
FZmN1D/tkyYO03yHAbvwHDod0mC13ooGMO0wQSC4F7rYJPzRU9myG8wwZxCEYjYR
DGBIArUrc7vI6uaOXf7Wg9JpLTmPIYJwz6Vzn6c+Es3/OnJj+DP0v/GoHk9S9KAV
3a2JnVD+hHGz1WIUxPA/nXj93salnWoxlwfBan57+ca4cMufDcKrLjVGIbYTyY3f
q8qozX1ufMY76z67BovsxrxSU/ixqtFMzMg2hat0bzD6
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:20 2025 by rpki-client