Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/GZyq4JhiMN6IbDxHDi387ilVO3Q.roa
File: GZyq4JhiMN6IbDxHDi387ilVO3Q.roa (raw, json)
Hash identifier: RAmDxoFTdOQGRBWibMySEyO1+N/egEhlrBt73Hj0G1U=
Subject key identifier: 19:9C:AA:E0:98:62:30:DE:88:6C:3C:47:0E:2D:FC:EE:29:55:3B:74
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 01955CD2972A126CFBCD514C36AE2564E5FF
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/GZyq4JhiMN6IbDxHDi387ilVO3Q.roa
Signing time: Mon 03 Mar 2025 16:24:19 +0000
ROA not before: Mon 03 Mar 2025 16:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211440
IP address blocks: 45.134.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:d2:97:2a:12:6c:fb:cd:51:4c:36:ae:25:64:e5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Mar 3 16:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=199caae0986230de886c3c470e2dfcee29553b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6c:a9:71:d7:fa:6d:5c:6f:9c:e3:f8:a7:f1:
05:f0:27:2e:78:ca:78:4a:c8:ee:9f:d1:32:b9:5d:
ae:44:62:9f:71:94:d2:08:20:bd:13:11:17:42:bd:
81:af:fa:b0:99:6c:37:ca:8a:47:64:6b:41:0d:24:
15:32:2c:83:be:ef:a8:79:ff:05:c4:6b:36:5d:e2:
39:c1:11:a6:40:d8:c9:b7:df:44:ec:b3:3d:e4:9d:
ea:5e:ca:0b:fb:5a:37:8b:42:3c:d0:95:3d:16:22:
73:8e:3c:77:c9:d1:01:91:43:a3:03:e2:f3:6a:fe:
67:0d:da:d9:2e:ce:a9:2d:3c:1e:65:90:4b:11:f4:
3b:63:f0:aa:43:fb:be:ca:0e:82:50:a2:ca:2c:8c:
c6:88:ce:2b:c6:a2:f2:9b:d1:07:25:48:26:55:1f:
e7:cc:42:7a:b6:e1:bd:2c:9f:00:05:7d:68:b2:20:
11:27:86:05:8e:91:ec:6a:ab:4e:ab:53:56:e0:5a:
88:b5:29:81:ef:3e:a9:82:51:91:49:36:f9:26:1f:
8b:ad:57:bf:8e:c1:ac:23:aa:0b:a8:21:0c:79:ad:
68:52:47:73:86:da:2c:09:ab:89:41:86:3f:4d:8a:
f9:7f:c2:59:12:d9:86:84:0b:3c:ec:04:b6:5f:0e:
35:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:9C:AA:E0:98:62:30:DE:88:6C:3C:47:0E:2D:FC:EE:29:55:3B:74
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/GZyq4JhiMN6IbDxHDi387ilVO3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.75.0/24
Signature Algorithm: sha256WithRSAEncryption
97:fd:fd:2d:a2:4d:63:a7:16:9e:aa:19:54:27:2b:9f:6c:d5:
4b:d2:74:22:dd:69:d0:53:f5:94:ca:26:f5:3d:b6:ad:c9:82:
0e:2d:2a:72:cc:03:28:81:6c:0f:05:4f:c8:35:6b:54:eb:cd:
bf:75:0c:0b:f1:b0:87:ff:ec:1f:a7:39:1d:2e:aa:cf:9a:42:
04:fc:cf:ac:4e:fa:35:e0:e4:82:24:63:8a:60:b6:cf:bf:09:
00:8e:6a:a1:62:d1:2d:eb:4d:82:f0:ab:5d:da:94:2b:7e:91:
81:12:de:70:70:52:e5:fc:0f:27:8d:38:42:6d:c4:b4:ca:a0:
59:28:ac:33:4f:cf:82:9c:34:55:67:70:13:b1:ce:18:f8:a6:
34:e6:49:d5:82:7b:4d:29:ae:ed:05:99:23:e9:79:f0:0d:51:
1f:80:31:ad:12:8c:76:34:57:99:46:60:22:f6:9c:97:72:b0:
b1:86:30:0f:ea:16:4c:87:7e:b9:ea:16:2e:cc:20:35:00:0d:
67:a0:52:95:94:91:af:a4:bb:70:5c:ac:c9:b2:c0:25:21:79:
a4:31:58:cc:21:3c:b4:4b:24:c4:32:29:5d:ee:34:09:24:7a:
db:a8:0b:26:d8:74:6e:b1:ed:c6:db:a9:0e:0d:be:c1:e0:25:
76:8c:52:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVc0pcqEmz7zVFMNq4lZOX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUwMzAzMTYyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTljYWFlMDk4NjIzMGRlODg2YzNjNDcwZTJkZmNlZTI5NTUzYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWypcdf6bVxvnOP4p/EF8CcueMp4
Ssjun9EyuV2uRGKfcZTSCCC9ExEXQr2Br/qwmWw3yopHZGtBDSQVMiyDvu+oef8F
xGs2XeI5wRGmQNjJt99E7LM95J3qXsoL+1o3i0I80JU9FiJzjjx3ydEBkUOjA+Lz
av5nDdrZLs6pLTweZZBLEfQ7Y/CqQ/u+yg6CUKLKLIzGiM4rxqLym9EHJUgmVR/n
zEJ6tuG9LJ8ABX1osiARJ4YFjpHsaqtOq1NW4FqItSmB7z6pglGRSTb5Jh+LrVe/
jsGsI6oLqCEMea1oUkdzhtosCauJQYY/TYr5f8JZEtmGhAs87AS2Xw41vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmcquCYYjDeiGw8Rw4t/O4pVTt0MB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvR1p5cTRKaGlNTjZJYkR4SERpMzg3aWxWTzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYZLMA0G
CSqGSIb3DQEBCwUAA4IBAQCX/f0tok1jpxaeqhlUJyufbNVL0nQi3WnQU/WUyib1
PbatyYIOLSpyzAMogWwPBU/INWtU682/dQwL8bCH/+wfpzkdLqrPmkIE/M+sTvo1
4OSCJGOKYLbPvwkAjmqhYtEt602C8Ktd2pQrfpGBEt5wcFLl/A8njThCbcS0yqBZ
KKwzT8+CnDRVZ3ATsc4Y+KY05knVgntNKa7tBZkj6XnwDVEfgDGtEox2NFeZRmAi
9pyXcrCxhjAP6hZMh3656hYuzCA1AA1noFKVlJGvpLtwXKzJssAlIXmkMVjMITy0
SyTEMild7jQJJHrbqAsm2HRuse3G26kODb7B4CV2jFIA
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:28:57 2025 by rpki-client