Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/2l9HvGAv8P1Jy3ZUM5BucE0OQI4.roa
File: 2l9HvGAv8P1Jy3ZUM5BucE0OQI4.roa (raw, json)
Hash identifier: MQG+JjBeKwq4UVNwgry/zgGOcF+CBWysFpgF6fBzTKI=
Subject key identifier: DA:5F:47:BC:60:2F:F0:FD:49:CB:76:54:33:90:6E:70:4D:0E:40:8E
Certificate issuer: /CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Certificate serial: 018900DAF62AF126989D5157725AE0FC97E1
Authority key identifier: 6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/2l9HvGAv8P1Jy3ZUM5BucE0OQI4.roa
Signing time: Wed 28 Jun 2023 07:14:57 +0000
ROA not before: Wed 28 Jun 2023 07:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.150.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:00:da:f6:2a:f1:26:98:9d:51:57:72:5a:e0:fc:97:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Validity
Not Before: Jun 28 07:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da5f47bc602ff0fd49cb765433906e704d0e408e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fc:ee:5e:b3:52:29:2d:2d:88:f9:c7:11:c8:
fe:10:62:47:aa:2f:0d:06:17:a3:1f:84:8d:fa:10:
93:0a:b3:a5:29:6f:9f:50:11:79:30:cc:52:32:3f:
65:99:20:ab:64:0c:92:1d:21:d1:d6:85:cf:76:27:
a6:d5:0c:cf:4a:b0:3b:d4:58:9c:11:7b:44:e5:28:
33:20:15:03:b2:c0:9d:ff:15:d3:56:5e:03:61:54:
3b:bf:81:5f:2d:9b:df:50:c7:a9:7e:e3:80:79:13:
05:1d:6d:17:76:52:e1:c4:f5:d9:66:c3:a3:91:ab:
46:da:14:30:0e:fd:f7:dc:dd:75:fa:41:75:fe:38:
91:7a:44:15:ab:2d:20:69:83:b9:d3:11:dd:d9:5f:
d1:bf:1c:91:8d:c5:67:ec:d8:50:61:5b:1d:4c:a3:
8b:02:e9:ef:6a:dd:b0:1f:b0:6b:4d:cb:b6:76:bd:
ee:87:44:45:07:3c:56:9f:a0:2e:8a:13:94:22:3d:
ce:fb:85:24:a9:9b:d9:7d:c2:db:c6:99:d2:d7:8a:
21:d1:b2:32:87:41:e2:a5:34:01:50:6a:29:f6:f0:
79:52:e9:4f:35:0e:ad:7f:42:1e:01:d7:be:26:ab:
9a:38:b7:28:a9:55:96:b6:fb:68:45:1a:c0:c6:fa:
01:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5F:47:BC:60:2F:F0:FD:49:CB:76:54:33:90:6E:70:4D:0E:40:8E
X509v3 Authority Key Identifier:
keyid:6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/2l9HvGAv8P1Jy3ZUM5BucE0OQI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/a9DFs_psKIhgzLbZAgDLuOV9t_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.4.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:6a:2b:86:49:e5:c9:6b:1d:30:4f:2d:36:6a:43:47:8f:4c:
3a:0c:82:74:5a:d0:a8:b7:e7:c2:8e:2c:8a:0b:c2:82:80:eb:
95:fc:2e:dd:dc:d9:be:ad:53:19:d7:0f:12:c9:ea:3b:76:e2:
37:ac:d1:04:08:08:b3:93:25:4b:da:c8:d8:dd:5d:d2:65:41:
4d:e8:89:aa:70:17:f3:2f:03:95:0d:99:d8:f7:52:e7:09:75:
f7:6b:6c:f5:ee:3d:58:e7:e0:52:ea:57:cd:66:38:cd:50:cb:
d3:07:4a:1b:02:c0:fd:17:b8:56:24:29:16:3a:c1:46:01:e4:
6a:eb:a4:a2:dd:00:d6:6e:03:c4:7e:33:f5:e9:fd:02:fe:50:
76:d9:1a:dc:47:dd:ca:e3:96:2c:65:73:8f:27:d9:a7:a7:29:
ac:94:bc:3a:b3:79:c2:c8:57:a9:d3:c9:fd:5b:75:fd:c7:83:
99:3a:0d:eb:93:b1:b3:3d:05:29:1c:27:43:77:0f:04:f1:bc:
97:c9:b3:dc:fa:c2:a9:5b:58:7d:1b:ba:88:91:91:be:35:7d:
c0:6f:a7:22:df:8a:70:a1:93:b4:46:9e:80:c9:b7:ea:f8:4f:
7a:58:c5:5a:47:fc:04:ad:ba:80:a1:fe:62:13:25:6d:40:58:
aa:90:e7:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkA2vYq8SaYnVFXclrg/JfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZDBjNWIzZmE2YzI4ODg2MGNjYjZkOTAyMDBjYmI4ZTU3
ZGI3ZjcwHhcNMjMwNjI4MDcxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTVmNDdiYzYwMmZmMGZkNDljYjc2NTQzMzkwNmU3MDRkMGU0MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPzuXrNSKS0tiPnHEcj+EGJHqi8N
BhejH4SN+hCTCrOlKW+fUBF5MMxSMj9lmSCrZAySHSHR1oXPdiem1QzPSrA71Fic
EXtE5SgzIBUDssCd/xXTVl4DYVQ7v4FfLZvfUMepfuOAeRMFHW0XdlLhxPXZZsOj
katG2hQwDv333N11+kF1/jiRekQVqy0gaYO50xHd2V/RvxyRjcVn7NhQYVsdTKOL
Aunvat2wH7BrTcu2dr3uh0RFBzxWn6AuihOUIj3O+4UkqZvZfcLbxpnS14oh0bIy
h0HipTQBUGop9vB5UulPNQ6tf0IeAde+JquaOLcoqVWWtvtoRRrAxvoBlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpfR7xgL/D9Sct2VDOQbnBNDkCOMB8GA1UdIwQY
MBaAFGvQxbP6bCiIYMy22QIAy7jlfbf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmIt
YzQ2MjBmYWIxZjE5LzEvMmw5SHZHQXY4UDFKeTNaVU01QnVjRTBPUUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmItYzQ2MjBmYWIxZjE5
LzEvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZYEMA0G
CSqGSIb3DQEBCwUAA4IBAQBaaiuGSeXJax0wTy02akNHj0w6DIJ0WtCot+fCjiyK
C8KCgOuV/C7d3Nm+rVMZ1w8Syeo7duI3rNEECAizkyVL2sjY3V3SZUFN6ImqcBfz
LwOVDZnY91LnCXX3a2z17j1Y5+BS6lfNZjjNUMvTB0obAsD9F7hWJCkWOsFGAeRq
66Si3QDWbgPEfjP16f0C/lB22RrcR93K45YsZXOPJ9mnpymslLw6s3nCyFep08n9
W3X9x4OZOg3rk7GzPQUpHCdDdw8E8byXybPc+sKpW1h9G7qIkZG+NX3Ab6ci34pw
oZO0Rp6Aybfq+E96WMVaR/wErbqAof5iEyVtQFiqkOf8
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:47:56 2025 by rpki-client