Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/JXUpuOiDJbpAQ6wJyegYg23uwQY.roa
File: JXUpuOiDJbpAQ6wJyegYg23uwQY.roa (raw, json)
Hash identifier: IcXnbwWR3QdHkuBHHjMtVeQKCG9JaMJJR88n+O+Lv4g=
Subject key identifier: 25:75:29:B8:E8:83:25:BA:40:43:AC:09:C9:E8:18:83:6D:EE:C1:06
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01952764593976B9847B38A93A4DE6BD2E0D
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/JXUpuOiDJbpAQ6wJyegYg23uwQY.roa
Signing time: Fri 21 Feb 2025 07:24:02 +0000
ROA not before: Fri 21 Feb 2025 07:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 45.145.17.0/24 maxlen: 24
62.68.93.0/24 maxlen: 24
80.91.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:64:59:39:76:b9:84:7b:38:a9:3a:4d:e6:bd:2e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Feb 21 07:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=257529b8e88325ba4043ac09c9e818836deec106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:81:4c:f2:a3:b9:a7:ab:c5:e1:5e:22:ff:75:
75:c3:38:65:ce:4e:5a:c5:6a:b8:fd:ec:bd:e2:45:
15:bd:5c:18:e0:56:17:f6:22:0e:27:f6:40:84:17:
f2:b4:42:e3:77:ef:12:4a:10:ab:fd:69:32:05:46:
16:9e:35:d3:36:c5:a3:24:65:66:9b:8e:96:64:8a:
bc:60:ea:6e:aa:66:d9:cd:4d:b5:a9:2a:ae:20:5d:
bf:5e:b9:69:f5:bf:7d:c1:ef:ec:0a:59:b9:c9:8b:
30:3c:ed:53:5f:12:c9:99:b8:02:fe:6e:eb:35:37:
ed:62:31:98:58:39:a6:72:a6:a9:62:8d:15:aa:5f:
ef:3a:08:34:7a:c5:46:a1:a5:52:ba:80:bb:7c:19:
56:a2:8e:f5:0e:f7:d2:4b:54:0d:61:64:e6:91:dc:
09:2a:a0:cd:70:c8:38:ad:39:16:62:89:7a:d7:a2:
84:df:94:57:ef:01:9f:2c:b0:e0:ce:f8:30:15:30:
dd:28:c9:7f:b2:f9:46:2a:69:3f:0f:f3:f1:68:ee:
48:b9:5b:98:6c:86:ed:5d:6a:e9:00:c9:9c:ee:0e:
11:23:3f:24:fc:7b:3e:d2:bb:c5:dc:dc:0e:55:4c:
8f:20:2c:a5:0d:ef:82:59:7b:2d:60:35:36:00:90:
ed:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:75:29:B8:E8:83:25:BA:40:43:AC:09:C9:E8:18:83:6D:EE:C1:06
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/JXUpuOiDJbpAQ6wJyegYg23uwQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.17.0/24
62.68.93.0/24
80.91.221.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:d2:6e:9a:26:7a:b3:6a:1a:e0:28:9a:04:37:1d:83:24:c5:
3c:bc:a3:e8:03:4a:7b:cb:80:1c:02:aa:3c:01:ba:bb:e8:a3:
a5:84:67:31:6b:f4:27:12:65:a7:33:ab:f0:c7:28:68:ad:a9:
f5:cc:82:46:33:66:f1:3a:c8:aa:51:69:17:ad:de:6e:13:36:
75:75:64:5b:70:a2:29:5d:07:86:63:d1:a6:88:d7:f3:26:6a:
23:a5:b3:88:d9:ef:d4:48:70:e8:4d:b5:24:9a:02:46:fe:35:
66:6e:8a:49:4d:21:82:f9:7c:c6:98:9a:06:c9:dd:75:08:a0:
b6:c6:3f:72:f5:88:be:92:9c:60:50:55:89:e8:3c:df:56:63:
f8:84:c9:e1:d6:74:8a:ac:af:81:f6:78:e8:47:21:eb:59:80:
18:88:5b:5e:38:27:35:aa:35:65:4e:16:c9:96:b0:fa:55:a4:
db:ab:6f:01:88:50:9d:14:9d:5b:03:15:ea:12:42:29:a3:dc:
cc:a5:9b:1c:d1:9c:fc:48:43:93:df:2b:17:4d:40:d7:a6:89:
3e:92:0d:dd:c0:b2:0e:2f:b2:22:a8:e5:7e:00:07:9a:46:50:
bf:30:92:da:bd:b4:53:50:31:83:62:f4:94:67:65:fe:85:27:
5f:f4:0b:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUnZFk5drmEezipOk3mvS4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMjIxMDcyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc1MjliOGU4ODMyNWJhNDA0M2FjMDljOWU4MTg4MzZkZWVjMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIFM8qO5p6vF4V4i/3V1wzhlzk5a
xWq4/ey94kUVvVwY4FYX9iIOJ/ZAhBfytELjd+8SShCr/WkyBUYWnjXTNsWjJGVm
m46WZIq8YOpuqmbZzU21qSquIF2/Xrlp9b99we/sClm5yYswPO1TXxLJmbgC/m7r
NTftYjGYWDmmcqapYo0Vql/vOgg0esVGoaVSuoC7fBlWoo71DvfSS1QNYWTmkdwJ
KqDNcMg4rTkWYol616KE35RX7wGfLLDgzvgwFTDdKMl/svlGKmk/D/PxaO5IuVuY
bIbtXWrpAMmc7g4RIz8k/Hs+0rvF3NwOVUyPICylDe+CWXstYDU2AJDtuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCV1KbjogyW6QEOsCcnoGINt7sEGMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvSlhVcHVPaURKYnBBUTZ3SnllZ1lnMjN1d1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZERAwQA
PkRdAwQAUFvdMA0GCSqGSIb3DQEBCwUAA4IBAQDW0m6aJnqzahrgKJoENx2DJMU8
vKPoA0p7y4AcAqo8Abq76KOlhGcxa/QnEmWnM6vwxyhoran1zIJGM2bxOsiqUWkX
rd5uEzZ1dWRbcKIpXQeGY9GmiNfzJmojpbOI2e/USHDoTbUkmgJG/jVmbopJTSGC
+XzGmJoGyd11CKC2xj9y9Yi+kpxgUFWJ6DzfVmP4hMnh1nSKrK+B9njoRyHrWYAY
iFteOCc1qjVlThbJlrD6VaTbq28BiFCdFJ1bAxXqEkIpo9zMpZsc0Zz8SEOT3ysX
TUDXpok+kg3dwLIOL7IiqOV+AAeaRlC/MJLavbRTUDGDYvSUZ2X+hSdf9AtZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:13 2025 by rpki-client