Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/AVXIwLCLhIME5EnzGQR1npjdBLE.roa
File: AVXIwLCLhIME5EnzGQR1npjdBLE.roa (raw, json)
Hash identifier: 1umjvWLRSMzW2RXwAqjP/wPqEKQLsMIeWrHdQp5MSFI=
Subject key identifier: 01:55:C8:C0:B0:8B:84:83:04:E4:49:F3:19:04:75:9E:98:DD:04:B1
Certificate issuer: /CN=54404da602dab0625be7223d09320b1cd7aafced
Certificate serial: 0194214463D45512F160A9DA554891CD65E1
Authority key identifier: 54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/AVXIwLCLhIME5EnzGQR1npjdBLE.roa
Signing time: Wed 01 Jan 2025 09:48:37 +0000
ROA not before: Wed 01 Jan 2025 09:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45040
IP address blocks: 45.152.76.0/24 maxlen: 24
45.152.77.0/24 maxlen: 24
45.152.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:63:d4:55:12:f1:60:a9:da:55:48:91:cd:65:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54404da602dab0625be7223d09320b1cd7aafced
Validity
Not Before: Jan 1 09:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0155c8c0b08b848304e449f31904759e98dd04b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e9:04:e2:68:bd:c8:70:60:f4:f3:1a:0e:07:
a8:de:f1:68:ac:c2:bf:58:43:c4:e4:3f:dd:81:ef:
09:85:95:51:21:81:d8:8b:11:fd:34:1b:f3:5f:b7:
d4:d9:d4:8d:53:9b:e1:49:7e:65:02:bc:7b:78:11:
12:09:00:a8:df:cf:d6:94:03:ac:6b:b1:83:78:41:
4d:16:74:17:ea:27:00:f6:75:d5:64:e0:89:e9:b3:
fe:26:a7:72:ac:34:af:4a:bc:1f:69:1f:d1:51:8e:
d1:fc:1b:a2:13:fb:48:ce:37:7f:b6:de:de:37:5e:
2f:7b:c3:20:f6:b5:68:6c:d9:23:43:9b:8f:99:83:
1b:9b:f1:a0:e3:23:fa:9e:f8:db:08:9e:e3:74:d7:
d9:87:c9:71:6e:42:61:fe:5f:11:fb:3e:8a:ce:7a:
a8:6a:ee:46:60:f8:93:26:42:39:0f:93:92:b5:94:
55:9b:0f:a6:85:56:f0:a9:3a:54:3e:7e:cf:84:da:
f8:2e:bb:79:33:0b:13:62:af:13:b2:75:19:18:bf:
a4:5d:a3:95:87:0d:62:e3:7a:78:8a:1e:bf:3d:75:
47:1c:f7:9f:b4:4e:63:7a:45:93:e8:03:d9:64:be:
cc:4d:46:45:5c:d5:f0:2d:0a:8e:c5:47:27:26:37:
28:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:55:C8:C0:B0:8B:84:83:04:E4:49:F3:19:04:75:9E:98:DD:04:B1
X509v3 Authority Key Identifier:
keyid:54:40:4D:A6:02:DA:B0:62:5B:E7:22:3D:09:32:0B:1C:D7:AA:FC:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEBNpgLasGJb5yI9CTILHNeq_O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/AVXIwLCLhIME5EnzGQR1npjdBLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7d2cb5-bddf-4201-baf8-1b24484e55ec/1/VEBNpgLasGJb5yI9CTILHNeq_O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.76.0/23
45.152.79.0/24
Signature Algorithm: sha256WithRSAEncryption
15:2b:32:da:22:b4:a8:c0:57:25:5c:1f:b3:a2:d1:2b:4f:f7:
06:0b:52:8a:8e:bf:1d:79:5f:45:60:5c:18:2f:ce:a6:57:aa:
f1:4e:58:f3:5d:ab:a0:19:33:9e:ed:23:1c:5b:7a:57:44:cb:
53:a3:33:07:f9:e2:cf:ee:2f:77:15:f8:9f:ce:38:5a:22:9e:
8e:5c:01:1b:29:d3:db:04:df:16:d0:eb:f1:07:79:4a:0d:80:
a8:1f:bd:49:fd:d9:37:70:d4:27:76:39:12:ad:f2:42:ec:0f:
35:a5:7d:d4:67:9b:91:c3:d2:92:24:eb:54:1d:70:6e:17:85:
15:37:ea:cf:24:7a:7a:47:98:d9:c0:03:9a:ff:81:15:d0:b5:
70:b6:97:61:e0:e7:67:7c:21:7b:c2:06:6e:a0:fc:02:a8:93:
9b:1e:06:6f:c8:11:2e:08:38:f3:60:d3:9a:74:91:81:71:36:
e7:39:ba:36:dc:8b:73:00:cb:8c:53:58:16:0f:8e:8c:e8:46:
10:80:c5:4b:ef:2b:1f:11:12:d4:5d:be:36:94:46:af:2a:35:
bd:b4:f2:4f:28:26:cb:70:8e:3d:da:0b:27:93:41:e5:11:d8:
31:bd:2c:e8:76:9a:2c:11:94:56:ad:04:c1:8d:b4:3f:a6:bd:
8c:7b:1b:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhRGPUVRLxYKnaVUiRzWXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NDA0ZGE2MDJkYWIwNjI1YmU3MjIzZDA5MzIwYjFjZDdh
YWZjZWQwHhcNMjUwMTAxMDk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTU1YzhjMGIwOGI4NDgzMDRlNDQ5ZjMxOTA0NzU5ZTk4ZGQwNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzekE4mi9yHBg9PMaDgeo3vForMK/
WEPE5D/dge8JhZVRIYHYixH9NBvzX7fU2dSNU5vhSX5lArx7eBESCQCo38/WlAOs
a7GDeEFNFnQX6icA9nXVZOCJ6bP+JqdyrDSvSrwfaR/RUY7R/BuiE/tIzjd/tt7e
N14ve8Mg9rVobNkjQ5uPmYMbm/Gg4yP6nvjbCJ7jdNfZh8lxbkJh/l8R+z6Kznqo
au5GYPiTJkI5D5OStZRVmw+mhVbwqTpUPn7PhNr4Lrt5MwsTYq8TsnUZGL+kXaOV
hw1i43p4ih6/PXVHHPeftE5jekWT6APZZL7MTUZFXNXwLQqOxUcnJjco7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAFVyMCwi4SDBORJ8xkEdZ6Y3QSxMB8GA1UdIwQY
MBaAFFRATaYC2rBiW+ciPQkyCxzXqvztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVCTnBnTGFzR0piNXlJOUNUSUxITmVxX08wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83ZDJjYjUtYmRkZi00MjAxLWJhZjgt
MWIyNDQ4NGU1NWVjLzEvQVZYSXdMQ0xoSU1FNUVuekdRUjFucGpkQkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83ZDJjYjUtYmRkZi00MjAxLWJhZjgtMWIyNDQ4NGU1NWVj
LzEvVkVCTnBnTGFzR0piNXlJOUNUSUxITmVxX08wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZhMAwQA
LZhPMA0GCSqGSIb3DQEBCwUAA4IBAQAVKzLaIrSowFclXB+zotErT/cGC1KKjr8d
eV9FYFwYL86mV6rxTljzXaugGTOe7SMcW3pXRMtTozMH+eLP7i93FfifzjhaIp6O
XAEbKdPbBN8W0OvxB3lKDYCoH71J/dk3cNQndjkSrfJC7A81pX3UZ5uRw9KSJOtU
HXBuF4UVN+rPJHp6R5jZwAOa/4EV0LVwtpdh4OdnfCF7wgZuoPwCqJObHgZvyBEu
CDjzYNOadJGBcTbnObo23ItzAMuMU1gWD46M6EYQgMVL7ysfERLUXb42lEavKjW9
tPJPKCbLcI492gsnk0HlEdgxvSzodposEZRWrQTBjbQ/pr2Mext4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:36 2025 by rpki-client