Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/tcAOvX2JVQ4PKm-lNI8KuapK7Kk.roa
File: tcAOvX2JVQ4PKm-lNI8KuapK7Kk.roa (raw, json)
Hash identifier: zEUlrMdSx1XEO6nITfckAddCeacPaNoy7iHflkwOAW8=
Subject key identifier: B5:C0:0E:BD:7D:89:55:0E:0F:2A:6F:A5:34:8F:0A:B9:AA:4A:EC:A9
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 0194228E37F116383F84703EED34A5999CD0
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/tcAOvX2JVQ4PKm-lNI8KuapK7Kk.roa
Signing time: Wed 01 Jan 2025 15:48:53 +0000
ROA not before: Wed 01 Jan 2025 15:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.143.161.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:37:f1:16:38:3f:84:70:3e:ed:34:a5:99:9c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jan 1 15:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5c00ebd7d89550e0f2a6fa5348f0ab9aa4aeca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f4:11:ae:6d:aa:6e:42:fd:17:e9:ea:63:90:
1a:2a:2f:16:2e:13:0d:a9:28:69:c8:5d:a2:29:d5:
ad:b4:3e:02:25:1e:1d:f2:68:62:1a:34:cf:7b:99:
9b:d0:f2:e4:00:66:fc:04:51:b7:94:9a:47:b2:d1:
58:bd:cf:eb:39:ce:96:9c:9c:88:4f:75:af:2b:e9:
8f:af:a6:d6:4f:5d:2e:9f:3d:da:64:7d:0a:6b:27:
a8:1f:ec:81:43:11:e3:e9:73:92:ab:1b:f7:bf:51:
0e:f8:d8:68:57:f6:ff:ad:ab:21:d4:04:95:1b:76:
23:2e:19:47:4e:f4:23:23:e2:d2:e3:66:70:74:a5:
b6:f3:5d:4f:f3:56:e3:b8:4f:77:94:fa:25:73:31:
15:28:39:f9:1c:4e:7e:f7:43:bf:e1:16:1c:c3:e8:
4b:a0:3f:3b:6b:9b:4f:8b:79:cf:4a:e0:1d:85:1c:
33:94:d3:eb:b3:88:c4:fc:2b:c7:e7:ca:ae:e1:bf:
b1:cd:cb:cb:11:bd:22:0c:ef:e6:43:84:a4:fd:09:
63:8f:77:27:e4:3a:e4:3a:af:4b:d1:f2:4d:17:b3:
f0:4c:30:5e:1b:22:f4:86:58:aa:9d:6e:2d:e7:b3:
70:ec:8a:e4:4e:7e:e9:95:19:ab:a7:84:e5:6d:8b:
de:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C0:0E:BD:7D:89:55:0E:0F:2A:6F:A5:34:8F:0A:B9:AA:4A:EC:A9
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/tcAOvX2JVQ4PKm-lNI8KuapK7Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.161.0/24
Signature Algorithm: sha256WithRSAEncryption
68:3f:31:fc:84:12:06:2b:9b:64:ed:f2:a1:fa:d0:37:94:da:
77:7d:ed:10:aa:63:e5:69:3b:ff:8d:5c:08:2e:d7:69:ca:68:
f9:69:40:30:5e:b9:58:bb:d6:b4:c3:fa:ee:98:1e:fc:a6:72:
3f:0d:ab:c6:8c:de:7a:c9:47:b1:d5:5f:56:40:8b:43:8e:3f:
fa:d2:10:e8:f2:79:a3:73:f0:65:5a:35:d2:f0:3a:4a:a5:44:
57:96:89:66:4e:63:66:80:c6:b6:d7:35:5f:6d:53:57:22:01:
bc:83:f3:a0:6f:48:02:ea:51:e8:0f:b4:41:24:5d:1d:96:e1:
61:8d:0f:9b:13:86:48:93:86:c1:2c:e3:81:0a:90:22:8f:ab:
b6:4a:3c:12:4d:2e:bc:13:d7:b2:d1:c5:35:2a:ae:61:ba:16:
f7:ee:1d:a1:66:9d:db:40:97:90:20:6c:0a:d0:72:f2:2b:7f:
06:39:ed:c5:c0:24:5b:e0:a7:48:7a:57:90:e8:7b:5d:8a:1c:
22:86:a3:ea:8f:50:15:28:f4:7f:f6:63:81:e2:60:1a:38:3a:
4b:bb:63:27:77:35:d2:54:0c:f3:c3:91:0a:66:d9:94:a7:18:
8a:ff:5e:78:aa:ec:69:3a:ff:97:e1:cb:7b:d9:c7:0b:d7:a5:
39:cd:10:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjfxFjg/hHA+7TSlmZzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjUwMTAxMTU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWMwMGViZDdkODk1NTBlMGYyYTZmYTUzNDhmMGFiOWFhNGFlY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvQRrm2qbkL9F+nqY5AaKi8WLhMN
qShpyF2iKdWttD4CJR4d8mhiGjTPe5mb0PLkAGb8BFG3lJpHstFYvc/rOc6WnJyI
T3WvK+mPr6bWT10unz3aZH0KayeoH+yBQxHj6XOSqxv3v1EO+NhoV/b/rash1ASV
G3YjLhlHTvQjI+LS42ZwdKW2811P81bjuE93lPolczEVKDn5HE5+90O/4RYcw+hL
oD87a5tPi3nPSuAdhRwzlNPrs4jE/CvH58qu4b+xzcvLEb0iDO/mQ4Sk/Qljj3cn
5DrkOq9L0fJNF7PwTDBeGyL0hliqnW4t57Nw7IrkTn7plRmrp4TlbYveDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXADr19iVUODypvpTSPCrmqSuypMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvdGNBT3ZYMkpWUTRQS20tbE5JOEt1YXBLN0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+hMA0G
CSqGSIb3DQEBCwUAA4IBAQBoPzH8hBIGK5tk7fKh+tA3lNp3fe0QqmPlaTv/jVwI
Ltdpymj5aUAwXrlYu9a0w/rumB78pnI/DavGjN56yUex1V9WQItDjj/60hDo8nmj
c/BlWjXS8DpKpURXlolmTmNmgMa21zVfbVNXIgG8g/Ogb0gC6lHoD7RBJF0dluFh
jQ+bE4ZIk4bBLOOBCpAij6u2SjwSTS68E9ey0cU1Kq5huhb37h2hZp3bQJeQIGwK
0HLyK38GOe3FwCRb4KdIeleQ6HtdihwihqPqj1AVKPR/9mOB4mAaODpLu2MndzXS
VAzzw5EKZtmUpxiK/154quxpOv+X4ct72ccL16U5zRDD
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:52:01 2025 by rpki-client