Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/MIlrmDyeh2Gw5nZXpHwXA10utvs.roa
File: MIlrmDyeh2Gw5nZXpHwXA10utvs.roa (raw, json)
Hash identifier: p7ozlo1FzsyA0vjUlUQa269LV8guWlviSsPK/gn1xNc=
Subject key identifier: 30:89:6B:98:3C:9E:87:61:B0:E6:76:57:A4:7C:17:03:5D:2E:B6:FB
Certificate issuer: /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial: 01942068292AC60244476CCE072DBA135F5E
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/MIlrmDyeh2Gw5nZXpHwXA10utvs.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34827
IP address blocks: 45.158.124.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:29:2a:c6:02:44:47:6c:ce:07:2d:ba:13:5f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30896b983c9e8761b0e67657a47c17035d2eb6fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:8c:3c:16:1f:66:d3:c5:d4:67:7c:04:4e:
7b:1f:a7:80:5a:dc:7b:92:05:db:86:2e:06:9c:23:
b8:9a:20:c2:f1:55:a6:c9:cb:27:be:96:d1:c9:8a:
b1:03:60:86:71:90:98:2b:a2:fc:42:23:d5:3d:c3:
60:e8:f4:07:87:5d:85:7b:58:6a:d4:b0:e9:08:42:
23:e5:dc:b4:28:1e:bd:44:45:94:43:d7:5d:9e:4c:
d7:c0:80:e4:5f:01:b3:7d:f9:a5:ef:e8:33:1f:2e:
77:07:82:2c:2b:7d:0f:2e:ea:9c:fe:98:61:d1:c5:
c8:5d:e9:d2:5c:d9:04:3a:09:69:87:cd:6b:56:dd:
77:e4:a9:28:23:15:d8:b4:9d:e0:f7:58:28:e3:1a:
fd:8f:0a:13:7b:5b:97:52:99:51:74:4c:28:af:57:
d4:82:48:62:32:28:61:2f:35:22:b2:a7:31:c1:be:
e6:d7:e7:b1:40:eb:a6:51:42:d5:99:7d:bf:e7:bf:
47:8e:07:05:52:5f:f9:bf:94:ce:8d:2f:68:09:9b:
d8:69:b0:94:17:13:7e:e0:30:99:45:2e:5b:26:23:
29:84:28:da:4f:5d:b7:a6:06:db:a9:56:46:a8:56:
fa:88:c3:71:fc:9f:be:dd:12:f6:aa:bb:ed:63:ec:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:89:6B:98:3C:9E:87:61:B0:E6:76:57:A4:7C:17:03:5D:2E:B6:FB
X509v3 Authority Key Identifier:
keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/MIlrmDyeh2Gw5nZXpHwXA10utvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.124.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:4e:43:2e:77:d5:5e:4d:14:f1:c9:45:49:a9:00:b8:63:38:
7e:82:16:7b:03:50:75:b4:48:db:16:47:dd:14:ea:5c:6b:3c:
70:19:ab:ec:62:d9:cd:8c:01:7c:15:16:a9:33:57:25:45:8b:
bb:73:24:f0:76:db:2b:19:4d:8b:02:7b:18:ac:a8:21:82:14:
47:1b:ff:05:ce:57:ab:65:a0:1d:83:41:1c:fe:a3:12:08:51:
aa:65:d9:75:80:22:b0:e4:04:a6:0a:02:17:b1:c5:b0:2b:cc:
c6:dc:2e:0e:1d:17:0f:3e:eb:62:27:f9:2a:af:a2:df:6f:29:
3f:5b:4a:7d:40:f4:d2:c1:33:ab:a6:92:d4:58:98:e5:48:06:
f1:70:d3:32:a0:f4:bd:5b:ab:be:be:f3:e4:2e:82:47:79:34:
bd:20:ee:ad:da:8b:e0:bd:51:09:c7:4a:a3:12:ef:3d:c9:90:
83:36:85:ee:b1:a5:85:94:2b:95:1d:cc:39:62:f4:a2:4f:c7:
1d:ef:32:39:f1:86:9e:b5:ee:f4:f3:c6:c8:b6:66:7e:60:e6:
4b:15:2a:e7:9c:4d:59:99:07:60:52:34:1f:82:7c:ef:aa:ba:
d0:a5:6a:04:4e:8d:8c:3d:9d:20:67:86:48:7e:69:51:66:6e:
cb:43:59:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaCkqxgJER2zOBy26E19eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDg5NmI5ODNjOWU4NzYxYjBlNjc2NTdhNDdjMTcwMzVkMmViNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLKMPBYfZtPF1Gd8BE57H6eAWtx7
kgXbhi4GnCO4miDC8VWmycsnvpbRyYqxA2CGcZCYK6L8QiPVPcNg6PQHh12Fe1hq
1LDpCEIj5dy0KB69REWUQ9ddnkzXwIDkXwGzffml7+gzHy53B4IsK30PLuqc/phh
0cXIXenSXNkEOglph81rVt135KkoIxXYtJ3g91go4xr9jwoTe1uXUplRdEwor1fU
gkhiMihhLzUisqcxwb7m1+exQOumUULVmX2/579HjgcFUl/5v5TOjS9oCZvYabCU
FxN+4DCZRS5bJiMphCjaT123pgbbqVZGqFb6iMNx/J++3RL2qrvtY+z7KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCJa5g8nodhsOZ2V6R8FwNdLrb7MB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvTUlscm1EeWVoMkd3NW5aWHBId1hBMTB1dHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ58MA0G
CSqGSIb3DQEBCwUAA4IBAQArTkMud9VeTRTxyUVJqQC4Yzh+ghZ7A1B1tEjbFkfd
FOpcazxwGavsYtnNjAF8FRapM1clRYu7cyTwdtsrGU2LAnsYrKghghRHG/8Fzler
ZaAdg0Ec/qMSCFGqZdl1gCKw5ASmCgIXscWwK8zG3C4OHRcPPutiJ/kqr6Lfbyk/
W0p9QPTSwTOrppLUWJjlSAbxcNMyoPS9W6u+vvPkLoJHeTS9IO6t2ovgvVEJx0qj
Eu89yZCDNoXusaWFlCuVHcw5YvSiT8cd7zI58Yaete7088bItmZ+YOZLFSrnnE1Z
mQdgUjQfgnzvqrrQpWoETo2MPZ0gZ4ZIfmlRZm7LQ1kY
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:26:00 2025 by rpki-client