Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/lrAHSYHMcT-QnCBgDWbaE1MqczQ.roa
File: lrAHSYHMcT-QnCBgDWbaE1MqczQ.roa (raw, json)
Hash identifier: Q9wjRPgLxrPVhdjep0bc5VmCtdpQhpNo8k2oXqLLi1E=
Subject key identifier: 96:B0:07:49:81:CC:71:3F:90:9C:20:60:0D:66:DA:13:53:2A:73:34
Certificate issuer: /CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Certificate serial: 018CC94E6B757250C28779FD44E11615CE21
Authority key identifier: 6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/lrAHSYHMcT-QnCBgDWbaE1MqczQ.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 45.150.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6b:75:72:50:c2:87:79:fd:44:e1:16:15:ce:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96b0074981cc713f909c20600d66da13532a7334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:49:1d:c5:f3:9a:59:97:9e:e5:0d:1e:8d:c5:
35:96:d6:46:27:6f:00:62:1b:f9:89:56:26:9b:73:
f1:ed:0a:b3:de:8d:ed:fc:ee:e2:3f:d2:b0:e1:72:
60:00:b0:5c:7e:e1:43:06:c6:96:16:30:9d:1b:ae:
2d:2d:1e:a3:4b:c7:43:18:74:7c:72:15:38:e4:00:
9a:68:1d:37:bb:fa:8a:12:f5:2f:2d:d1:23:11:99:
29:dd:72:50:f8:90:3f:ac:a0:b1:0a:24:80:13:75:
e7:6c:31:26:46:77:39:eb:ea:27:d6:9b:dd:47:a5:
c5:ee:94:89:f9:f0:c0:0b:c8:69:00:73:dc:bd:e1:
54:2e:67:49:74:8d:9a:19:d8:74:89:4a:f0:45:0d:
cd:76:c3:0f:9e:f6:12:48:dd:bc:f8:79:cf:75:10:
79:ee:f8:31:13:47:36:69:f3:66:bb:0a:1a:87:f0:
21:f8:75:5a:2a:ae:d8:09:4a:5a:c7:ca:09:dc:37:
ef:e6:c6:37:d0:a5:52:2a:4a:64:3b:b8:eb:44:41:
db:cf:23:b8:85:8c:c6:9b:ea:3a:52:59:79:1f:d8:
a7:73:45:e4:50:5b:22:69:fc:b3:32:47:47:3c:1b:
bd:71:67:cd:84:d0:fb:c9:0a:ff:91:bf:59:6a:80:
5e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B0:07:49:81:CC:71:3F:90:9C:20:60:0D:66:DA:13:53:2A:73:34
X509v3 Authority Key Identifier:
keyid:6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/lrAHSYHMcT-QnCBgDWbaE1MqczQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/a9DFs_psKIhgzLbZAgDLuOV9t_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.4.0/24
Signature Algorithm: sha256WithRSAEncryption
36:45:c1:04:a5:72:c9:e4:c4:f6:4a:0c:69:5f:70:23:d7:ce:
48:8f:b3:69:d3:71:a4:8b:95:2e:42:d1:60:d6:cc:86:40:58:
c7:64:1d:f5:78:0c:06:fc:47:47:ed:2c:c8:d4:90:1c:45:06:
b2:d0:19:9f:eb:2d:8a:d9:a4:2c:0e:96:ed:b2:17:39:7b:78:
cc:c7:2b:08:1d:87:70:66:54:73:3d:14:9b:57:96:62:a4:2a:
b2:b2:46:07:c9:8b:72:1f:0a:0a:c3:e5:b2:84:37:2b:27:6b:
8d:69:4a:3d:64:92:25:e5:b5:8f:ea:00:30:00:d0:ca:b9:3f:
e0:c8:c3:a5:5e:aa:d4:63:7b:8a:fd:b4:07:e8:a6:a6:5f:54:
65:05:ae:61:4e:fe:16:cc:c9:af:72:67:3c:90:a5:b3:bf:6a:
3a:9a:8e:bf:91:21:47:f5:18:d8:0b:fc:30:5a:cc:c5:1c:60:
1e:ae:60:44:b2:82:4a:d7:80:6b:f3:0d:83:b1:0d:20:74:db:
6f:5d:f1:9c:6a:dd:29:7b:85:b6:79:8e:4f:48:07:a9:e9:23:
87:26:7e:41:13:5f:51:a7:89:ee:49:39:d6:c9:b6:5f:dd:78:
7a:09:4e:a3:9e:56:ce:20:ce:1e:5e:f9:b9:df:e5:84:44:86:
dd:ae:23:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmt1clDCh3n9ROEWFc4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZDBjNWIzZmE2YzI4ODg2MGNjYjZkOTAyMDBjYmI4ZTU3
ZGI3ZjcwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmIwMDc0OTgxY2M3MTNmOTA5YzIwNjAwZDY2ZGExMzUzMmE3MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEkdxfOaWZee5Q0ejcU1ltZGJ28A
Yhv5iVYmm3Px7Qqz3o3t/O7iP9Kw4XJgALBcfuFDBsaWFjCdG64tLR6jS8dDGHR8
chU45ACaaB03u/qKEvUvLdEjEZkp3XJQ+JA/rKCxCiSAE3XnbDEmRnc56+on1pvd
R6XF7pSJ+fDAC8hpAHPcveFULmdJdI2aGdh0iUrwRQ3NdsMPnvYSSN28+HnPdRB5
7vgxE0c2afNmuwoah/Ah+HVaKq7YCUpax8oJ3Dfv5sY30KVSKkpkO7jrREHbzyO4
hYzGm+o6Ull5H9inc0XkUFsiafyzMkdHPBu9cWfNhND7yQr/kb9ZaoBe5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJawB0mBzHE/kJwgYA1m2hNTKnM0MB8GA1UdIwQY
MBaAFGvQxbP6bCiIYMy22QIAy7jlfbf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmIt
YzQ2MjBmYWIxZjE5LzEvbHJBSFNZSE1jVC1RbkNCZ0RXYmFFMU1xY3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmItYzQ2MjBmYWIxZjE5
LzEvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZYEMA0G
CSqGSIb3DQEBCwUAA4IBAQA2RcEEpXLJ5MT2SgxpX3Aj185Ij7Np03Gki5UuQtFg
1syGQFjHZB31eAwG/EdH7SzI1JAcRQay0Bmf6y2K2aQsDpbtshc5e3jMxysIHYdw
ZlRzPRSbV5ZipCqyskYHyYtyHwoKw+WyhDcrJ2uNaUo9ZJIl5bWP6gAwANDKuT/g
yMOlXqrUY3uK/bQH6KamX1RlBa5hTv4WzMmvcmc8kKWzv2o6mo6/kSFH9RjYC/ww
WszFHGAermBEsoJK14Br8w2DsQ0gdNtvXfGcat0pe4W2eY5PSAep6SOHJn5BE19R
p4nuSTnWybZf3Xh6CU6jnlbOIM4eXvm53+WERIbdriPW
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:35:22 2025 by rpki-client