Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/2zI93eWS4MAq1q_HzWCmHMK0vvc.roa
File: 2zI93eWS4MAq1q_HzWCmHMK0vvc.roa (raw, json)
Hash identifier: OPrS0FrS6pSekQT7FXidaqihz4eIxPAHQ00wl3WWNU8=
Subject key identifier: DB:32:3D:DD:E5:92:E0:C0:2A:D6:AF:C7:CD:60:A6:1C:C2:B4:BE:F7
Certificate issuer: /CN=6040732fdbcaa52900db2462075bf4ef15159695
Certificate serial: 019426D9B83C6E309BDAABBA48A8E9BB31BE
Authority key identifier: 60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/2zI93eWS4MAq1q_HzWCmHMK0vvc.roa
Signing time: Thu 02 Jan 2025 11:49:50 +0000
ROA not before: Thu 02 Jan 2025 11:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208973
IP address blocks: 45.67.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b8:3c:6e:30:9b:da:ab:ba:48:a8:e9:bb:31:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6040732fdbcaa52900db2462075bf4ef15159695
Validity
Not Before: Jan 2 11:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db323ddde592e0c02ad6afc7cd60a61cc2b4bef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:41:0b:a0:45:b2:72:7e:25:7c:5c:27:88:4e:
35:48:de:9e:20:e5:86:35:33:ca:f8:12:e4:15:16:
c5:dd:ed:23:0d:33:d8:29:14:5a:b9:53:8f:cc:eb:
43:29:c5:c3:f3:8a:0c:8d:7d:0d:dd:80:83:56:76:
a6:86:19:ee:cb:64:c3:a2:17:4f:9d:85:36:36:ac:
a6:72:c8:5e:32:91:7e:37:54:97:b6:3b:cc:e1:e6:
a0:0e:59:44:df:79:4d:27:23:50:95:b0:6e:96:03:
2e:c3:4d:29:c1:38:52:62:38:60:88:7d:74:5b:f1:
24:92:02:3c:ec:91:cf:d1:92:a9:6c:f8:4d:e4:70:
de:d7:5b:cd:90:87:c3:e4:bf:ac:e5:0a:1e:a2:17:
1a:c2:9d:4f:47:9e:24:e0:c1:4f:24:78:9b:49:28:
3f:77:d3:a7:3a:f7:8c:33:80:a4:75:2c:fe:87:be:
de:32:c8:d1:ed:26:d1:29:3a:89:e9:f8:67:ce:03:
69:3e:c5:aa:77:2d:6b:60:bb:b3:37:af:2a:d1:e4:
3b:b7:33:ce:a9:90:20:60:40:f9:64:2d:8c:10:bb:
5e:c6:c2:c8:3d:ee:87:6b:78:65:a6:c9:4b:88:b8:
b5:1d:b9:36:b3:f2:c9:e9:da:e6:87:c5:9d:6c:f3:
f1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:32:3D:DD:E5:92:E0:C0:2A:D6:AF:C7:CD:60:A6:1C:C2:B4:BE:F7
X509v3 Authority Key Identifier:
keyid:60:40:73:2F:DB:CA:A5:29:00:DB:24:62:07:5B:F4:EF:15:15:96:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YEBzL9vKpSkA2yRiB1v07xUVlpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/2zI93eWS4MAq1q_HzWCmHMK0vvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5676a3-9c39-4db0-951e-d2b6982bc484/1/YEBzL9vKpSkA2yRiB1v07xUVlpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.104.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:30:c5:e7:ae:ab:aa:f9:ec:95:2b:30:ab:35:58:e4:bf:e4:
16:d2:8b:0b:ec:8e:c5:bb:ef:0e:0b:32:bc:26:97:64:21:12:
d8:71:36:62:16:c1:c8:56:a2:fe:bc:70:63:93:12:7f:3d:44:
30:3a:59:a3:ac:ec:46:33:d7:1d:25:5f:f7:1e:37:70:26:51:
b4:c4:04:da:75:00:6d:64:ff:85:92:88:90:89:c6:7e:d9:37:
b4:7f:eb:1a:08:b1:e3:1b:81:74:2d:dd:c1:98:f0:b6:a6:5e:
76:60:9b:aa:1d:16:51:6f:24:c9:27:bd:73:93:ad:dc:02:16:
1d:2b:66:f3:1f:30:49:66:52:1c:8a:5e:3b:07:34:a9:95:a4:
29:0e:0e:79:a3:4a:d4:32:bb:f7:c8:c4:bb:75:07:13:ae:f2:
89:5f:d4:87:35:79:0d:4a:d6:7a:7d:93:61:94:a6:cd:a1:f9:
40:03:bb:f6:bf:de:97:b2:42:e0:5d:b7:33:35:00:9a:5e:fb:
de:3a:ff:20:25:17:8c:3d:b2:40:2f:e2:97:b3:aa:d3:5e:09:
16:aa:ab:65:f6:45:d6:83:a9:78:8a:19:ff:04:29:12:d0:55:
a9:26:50:9c:44:1f:a2:b9:9c:06:d0:1e:3d:12:9e:18:83:39:
f5:3f:5e:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2bg8bjCb2qu6SKjpuzG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNDA3MzJmZGJjYWE1MjkwMGRiMjQ2MjA3NWJmNGVmMTUx
NTk2OTUwHhcNMjUwMTAyMTE0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMyM2RkZGU1OTJlMGMwMmFkNmFmYzdjZDYwYTYxY2MyYjRiZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUELoEWycn4lfFwniE41SN6eIOWG
NTPK+BLkFRbF3e0jDTPYKRRauVOPzOtDKcXD84oMjX0N3YCDVnamhhnuy2TDohdP
nYU2NqymcsheMpF+N1SXtjvM4eagDllE33lNJyNQlbBulgMuw00pwThSYjhgiH10
W/EkkgI87JHP0ZKpbPhN5HDe11vNkIfD5L+s5Qoeohcawp1PR54k4MFPJHibSSg/
d9OnOveMM4CkdSz+h77eMsjR7SbRKTqJ6fhnzgNpPsWqdy1rYLuzN68q0eQ7tzPO
qZAgYED5ZC2MELtexsLIPe6Ha3hlpslLiLi1Hbk2s/LJ6drmh8WdbPPxUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNsyPd3lkuDAKtavx81gphzCtL73MB8GA1UdIwQY
MBaAFGBAcy/byqUpANskYgdb9O8VFZaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUt
ZDJiNjk4MmJjNDg0LzEvMnpJOTNlV1M0TUFxMXFfSHpXQ21ITUswdnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81Njc2YTMtOWMzOS00ZGIwLTk1MWUtZDJiNjk4MmJjNDg0
LzEvWUVCekw5dktwU2tBMnlSaUIxdjA3eFVWbHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUNoMA0G
CSqGSIb3DQEBCwUAA4IBAQAPMMXnrquq+eyVKzCrNVjkv+QW0osL7I7Fu+8OCzK8
JpdkIRLYcTZiFsHIVqL+vHBjkxJ/PUQwOlmjrOxGM9cdJV/3HjdwJlG0xATadQBt
ZP+FkoiQicZ+2Te0f+saCLHjG4F0Ld3BmPC2pl52YJuqHRZRbyTJJ71zk63cAhYd
K2bzHzBJZlIcil47BzSplaQpDg55o0rUMrv3yMS7dQcTrvKJX9SHNXkNStZ6fZNh
lKbNoflAA7v2v96XskLgXbczNQCaXvveOv8gJReMPbJAL+KXs6rTXgkWqqtl9kXW
g6l4ihn/BCkS0FWpJlCcRB+iuZwG0B49Ep4Ygzn1P17G
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:48 2025 by rpki-client