Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/yrE5IOAO5wezku-a_RJR7TB3CkA.roa
File: yrE5IOAO5wezku-a_RJR7TB3CkA.roa (raw, json)
Hash identifier: 7HAAXilZN5MLFA2Yt1+6x9clHUzDWGtePYkFTFw0/Hk=
Subject key identifier: CA:B1:39:20:E0:0E:E7:07:B3:92:EF:9A:FD:12:51:ED:30:77:0A:40
Certificate issuer: /CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Certificate serial: 0194274877947262F5D60161D71854060CEC
Authority key identifier: 71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/yrE5IOAO5wezku-a_RJR7TB3CkA.roa
Signing time: Thu 02 Jan 2025 13:50:48 +0000
ROA not before: Thu 02 Jan 2025 13:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201500
IP address blocks: 45.147.130.0/24 maxlen: 24
45.147.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:77:94:72:62:f5:d6:01:61:d7:18:54:06:0c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Validity
Not Before: Jan 2 13:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cab13920e00ee707b392ef9afd1251ed30770a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d5:d4:72:35:99:00:e2:f6:69:2d:b3:87:cb:
6e:08:78:dd:59:df:05:5c:64:31:7f:1a:01:4d:db:
2d:53:fb:e9:71:e2:04:05:ea:d8:9d:58:94:5c:cc:
40:eb:9d:79:82:da:e8:71:7c:01:0c:28:c7:48:bd:
db:c0:db:93:c7:d5:31:b0:15:7c:d0:e0:ff:9f:a5:
8a:ea:d2:f2:e5:3e:5e:2b:6a:5f:5c:a7:b1:65:9f:
eb:24:da:e8:78:0e:6c:a0:14:6e:54:92:6a:9d:bb:
68:16:fe:6d:7c:eb:b4:a7:72:12:9b:a6:e7:8e:40:
9b:c4:9b:27:78:56:4e:96:d5:31:e7:3c:4d:59:1b:
ea:f5:d4:d2:e3:ef:72:78:6f:24:1b:d5:c9:a5:e4:
7b:a4:7f:9b:0e:93:da:3a:4b:46:bf:0e:bb:b3:a6:
0f:11:ee:d3:a5:b6:e1:6f:c1:8a:71:6f:31:99:17:
45:56:7f:2f:21:21:2d:a8:74:cb:34:61:ab:9a:e4:
38:bb:4b:db:10:d3:4c:58:76:09:ee:14:2e:3e:6b:
36:88:2a:89:7f:97:e6:fb:36:de:63:bb:76:41:ff:
ba:f8:c6:e4:3b:ae:57:02:52:93:a1:3f:2d:e1:e8:
48:34:1f:8e:82:30:bc:f2:bb:04:1b:f3:4a:9d:4a:
b8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B1:39:20:E0:0E:E7:07:B3:92:EF:9A:FD:12:51:ED:30:77:0A:40
X509v3 Authority Key Identifier:
keyid:71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/yrE5IOAO5wezku-a_RJR7TB3CkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/cS_xHdDGbOZ_4PHXScCQnvNBjSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.130.0/23
Signature Algorithm: sha256WithRSAEncryption
90:7d:c9:f5:8b:27:fb:ec:7c:5f:3c:16:39:cf:e5:e5:a3:6a:
39:b9:e0:89:97:14:32:19:c8:7e:77:be:35:11:75:12:17:6d:
53:16:78:5b:b0:05:a1:92:26:b2:13:3c:74:e9:13:e0:da:04:
61:28:57:6a:68:f6:70:f2:34:77:70:01:4f:d7:d4:62:c3:c9:
34:b4:7f:fc:b0:1e:27:e0:72:fb:6f:5d:11:16:cb:f8:f0:13:
7b:57:b6:e4:cb:73:32:58:ad:8d:65:2f:85:d2:58:83:3b:54:
77:8f:83:8a:62:f4:fd:99:4d:83:5a:12:e7:bd:3f:63:20:86:
53:4c:5e:4e:9b:2a:cf:f2:eb:98:f9:6e:8c:b2:35:fe:32:90:
0a:dc:fa:75:1f:b0:41:f0:45:72:9f:c3:73:da:0f:49:d2:a0:
89:2a:c1:b3:f0:6a:e3:d5:22:a7:6a:00:be:0d:c9:24:f8:0e:
31:d4:ec:38:4e:ba:b9:85:c0:97:9e:6d:15:1e:85:66:71:16:
7d:15:15:12:a6:b5:c9:6a:8c:2a:ec:40:fd:c6:98:22:5d:d3:
61:7e:a3:63:f2:06:6f:b1:26:74:f6:e0:91:a4:e5:c2:e5:6b:
86:8b:78:d3:a7:73:1e:69:59:86:7a:11:18:c4:72:88:ec:d1:
9a:fa:06:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSHeUcmL11gFh1xhUBgzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmZmMTFkZDBjNjZjZTY3ZmUwZjFkNzQ5YzA5MDllZjM0
MThkMjkwHhcNMjUwMTAyMTM1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIxMzkyMGUwMGVlNzA3YjM5MmVmOWFmZDEyNTFlZDMwNzcwYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9XUcjWZAOL2aS2zh8tuCHjdWd8F
XGQxfxoBTdstU/vpceIEBerYnViUXMxA6515gtrocXwBDCjHSL3bwNuTx9UxsBV8
0OD/n6WK6tLy5T5eK2pfXKexZZ/rJNroeA5soBRuVJJqnbtoFv5tfOu0p3ISm6bn
jkCbxJsneFZOltUx5zxNWRvq9dTS4+9yeG8kG9XJpeR7pH+bDpPaOktGvw67s6YP
Ee7Tpbbhb8GKcW8xmRdFVn8vISEtqHTLNGGrmuQ4u0vbENNMWHYJ7hQuPms2iCqJ
f5fm+zbeY7t2Qf+6+MbkO65XAlKToT8t4ehINB+OgjC88rsEG/NKnUq4QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqxOSDgDucHs5Lvmv0SUe0wdwpAMB8GA1UdIwQY
MBaAFHEv8R3Qxmzmf+Dx10nAkJ7zQY0pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTct
OWQ2M2IwNDc2ZTI0LzEveXJFNUlPQU81d2V6a3UtYV9SSlI3VEIzQ2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTctOWQ2M2IwNDc2ZTI0
LzEvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZOCMA0G
CSqGSIb3DQEBCwUAA4IBAQCQfcn1iyf77HxfPBY5z+Xlo2o5ueCJlxQyGch+d741
EXUSF21TFnhbsAWhkiayEzx06RPg2gRhKFdqaPZw8jR3cAFP19Riw8k0tH/8sB4n
4HL7b10RFsv48BN7V7bky3MyWK2NZS+F0liDO1R3j4OKYvT9mU2DWhLnvT9jIIZT
TF5OmyrP8uuY+W6MsjX+MpAK3Pp1H7BB8EVyn8Nz2g9J0qCJKsGz8Grj1SKnagC+
Dckk+A4x1Ow4Trq5hcCXnm0VHoVmcRZ9FRUSprXJaowq7ED9xpgiXdNhfqNj8gZv
sSZ09uCRpOXC5WuGi3jTp3MeaVmGehEYxHKI7NGa+gb3
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:50 2025 by rpki-client