![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/83233c-898e-491d-958c-4fea624413e4/1/yhpNCha1OXMLz6xWPCW3fJfxdR4.roa
File: yhpNCha1OXMLz6xWPCW3fJfxdR4.roa (raw, json)
Hash identifier: ztX6fjEibz4l4wIKlJDIV4tQwVzVzIO0i+JcrlfM7wo=
Subject key identifier: CA:1A:4D:0A:16:B5:39:73:0B:CF:AC:56:3C:25:B7:7C:97:F1:75:1E
Certificate issuer: /CN=00138af66eb4d557fa4b3939c6cbd961a9123560
Certificate serial: 01856F799FA4842024536A4AC4B810FDC0E9
Authority key identifier: 00:13:8A:F6:6E:B4:D5:57:FA:4B:39:39:C6:CB:D9:61:A9:12:35:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABOK9m601Vf6Szk5xsvZYakSNWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/83233c-898e-491d-958c-4fea624413e4/1/yhpNCha1OXMLz6xWPCW3fJfxdR4.roa
Signing time: Sun 01 Jan 2023 22:35:19 +0000
ROA not before: Sun 01 Jan 2023 22:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.155.157.0/24 maxlen: 24
45.155.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:9f:a4:84:20:24:53:6a:4a:c4:b8:10:fd:c0:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00138af66eb4d557fa4b3939c6cbd961a9123560
Validity
Not Before: Jan 1 22:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca1a4d0a16b539730bcfac563c25b77c97f1751e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:57:3d:1f:3d:e0:d6:6c:54:31:41:9c:85:82:
8b:6a:3f:46:7a:8a:17:7f:3a:05:13:4c:86:49:c0:
29:38:02:d2:f8:be:11:cc:13:06:4d:fe:c2:23:db:
ee:10:cb:3b:26:70:2b:03:4e:d2:9f:78:e9:2f:62:
c4:c7:b7:f4:8f:78:2c:4e:2c:fe:82:e5:49:21:37:
05:81:87:66:04:1c:4d:9f:3f:b4:c9:c4:2a:e1:0b:
f0:ae:04:9d:e5:6f:01:8f:ba:e3:ac:40:4c:94:fa:
d9:16:df:5a:4f:5c:82:f1:f8:db:8d:a7:f4:8e:1a:
de:2c:9a:af:13:99:17:ed:e1:0d:43:a0:65:e9:49:
da:7b:f5:0b:32:2f:72:32:3b:6d:d6:23:f2:62:d2:
67:00:d0:5b:54:7c:b6:f5:3a:ce:ce:72:bd:33:44:
b8:e5:94:ae:87:e1:de:df:43:f6:3d:86:6f:cc:5a:
cb:67:db:88:3c:f2:c1:d1:69:bc:92:1c:71:f3:40:
8d:6c:61:94:ee:4f:22:55:79:aa:32:f5:1e:23:9d:
38:17:ec:02:b9:bd:b2:cf:e2:21:ad:34:e1:4e:2c:
7a:6e:bd:45:62:a4:af:3f:51:b7:54:e0:81:05:45:
05:cd:47:13:25:d4:e9:01:f7:f0:42:79:08:78:ac:
1c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1A:4D:0A:16:B5:39:73:0B:CF:AC:56:3C:25:B7:7C:97:F1:75:1E
X509v3 Authority Key Identifier:
keyid:00:13:8A:F6:6E:B4:D5:57:FA:4B:39:39:C6:CB:D9:61:A9:12:35:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABOK9m601Vf6Szk5xsvZYakSNWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/83233c-898e-491d-958c-4fea624413e4/1/yhpNCha1OXMLz6xWPCW3fJfxdR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/83233c-898e-491d-958c-4fea624413e4/1/ABOK9m601Vf6Szk5xsvZYakSNWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.156.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:71:f1:8d:57:dc:09:52:17:44:e3:35:29:9c:e7:79:5d:1c:
60:77:b6:74:6b:39:1d:a8:ca:da:a2:09:a2:c1:4b:8e:48:22:
0e:a3:df:ef:ec:77:d6:76:ad:52:9d:70:13:50:54:a8:88:13:
48:24:21:ee:93:20:09:0b:6e:a8:26:e6:56:03:c9:e1:08:c0:
66:28:00:93:cf:5b:99:04:a8:a6:bd:8d:b9:35:87:57:44:bb:
7d:76:a3:82:91:d9:d8:1e:8b:b7:54:ea:4f:bd:e2:81:31:a1:
4c:96:3b:d7:d1:3b:ad:e5:e1:63:7d:05:ec:0f:87:f4:6f:52:
85:27:ff:36:e2:1a:7a:27:22:0b:78:4f:ca:0a:f3:f9:0e:c7:
7f:59:1f:93:45:4a:0f:90:9d:8b:4c:42:5c:60:b8:ce:d4:50:
6d:b0:fa:de:e0:a3:d4:c5:25:e9:50:56:2e:e4:24:1e:39:1e:
dd:08:27:fa:b5:fa:cb:dc:88:31:31:49:a3:3f:0f:fe:3d:e8:
2d:69:ff:6a:71:0f:d0:4d:17:5d:8d:ed:82:7b:58:f6:ba:ef:
09:e5:dc:e8:0d:45:98:aa:9c:6d:f9:c1:e5:05:35:4b:b2:1d:
15:13:12:96:4d:5f:b5:6e:5e:45:fe:c1:b9:ee:5a:86:59:a4:
b7:73:8f:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveZ+khCAkU2pKxLgQ/cDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTM4YWY2NmViNGQ1NTdmYTRiMzkzOWM2Y2JkOTYxYTkx
MjM1NjAwHhcNMjMwMTAxMjIzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFhNGQwYTE2YjUzOTczMGJjZmFjNTYzYzI1Yjc3Yzk3ZjE3NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlc9Hz3g1mxUMUGchYKLaj9GeooX
fzoFE0yGScApOALS+L4RzBMGTf7CI9vuEMs7JnArA07Sn3jpL2LEx7f0j3gsTiz+
guVJITcFgYdmBBxNnz+0ycQq4QvwrgSd5W8Bj7rjrEBMlPrZFt9aT1yC8fjbjaf0
jhreLJqvE5kX7eENQ6Bl6Unae/ULMi9yMjtt1iPyYtJnANBbVHy29TrOznK9M0S4
5ZSuh+He30P2PYZvzFrLZ9uIPPLB0Wm8khxx80CNbGGU7k8iVXmqMvUeI504F+wC
ub2yz+IhrTThTix6br1FYqSvP1G3VOCBBUUFzUcTJdTpAffwQnkIeKwcnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoaTQoWtTlzC8+sVjwlt3yX8XUeMB8GA1UdIwQY
MBaAFAATivZutNVX+ks5OcbL2WGpEjVgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJPSzltNjAxVmY2U3prNXhzdlpZYWtTTldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84MzIzM2MtODk4ZS00OTFkLTk1OGMt
NGZlYTYyNDQxM2U0LzEveWhwTkNoYTFPWE1MejZ4V1BDVzNmSmZ4ZFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84MzIzM2MtODk4ZS00OTFkLTk1OGMtNGZlYTYyNDQxM2U0
LzEvQUJPSzltNjAxVmY2U3prNXhzdlpZYWtTTldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZucMA0G
CSqGSIb3DQEBCwUAA4IBAQBdcfGNV9wJUhdE4zUpnOd5XRxgd7Z0azkdqMraogmi
wUuOSCIOo9/v7HfWdq1SnXATUFSoiBNIJCHukyAJC26oJuZWA8nhCMBmKACTz1uZ
BKimvY25NYdXRLt9dqOCkdnYHou3VOpPveKBMaFMljvX0Tut5eFjfQXsD4f0b1KF
J/824hp6JyILeE/KCvP5Dsd/WR+TRUoPkJ2LTEJcYLjO1FBtsPre4KPUxSXpUFYu
5CQeOR7dCCf6tfrL3IgxMUmjPw/+Pegtaf9qcQ/QTRddje2Ce1j2uu8J5dzoDUWY
qpxt+cHlBTVLsh0VExKWTV+1bl5F/sG57lqGWaS3c4/1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:41 2025 by rpki-client