Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/RapiYjPFflAnaMtkPVWPXTl439w.roa
File: RapiYjPFflAnaMtkPVWPXTl439w.roa (raw, json)
Hash identifier: s+OdN+eLLr1VRT97Tt5oOtcf144Rb+fj5jeLZsJwMQ8=
Subject key identifier: 45:AA:62:62:33:C5:7E:50:27:68:CB:64:3D:55:8F:5D:39:78:DF:DC
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 01856EC2084044668F23DAA51B023E9F1212
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/RapiYjPFflAnaMtkPVWPXTl439w.roa
Signing time: Sun 01 Jan 2023 19:14:47 +0000
ROA not before: Sun 01 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 328543
IP address blocks: 45.149.148.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:08:40:44:66:8f:23:da:a5:1b:02:3e:9f:12:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45aa626233c57e502768cb643d558f5d3978dfdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:35:7e:ff:c8:34:bc:42:6b:3b:1f:b1:c9:33:
5f:9c:11:35:81:e5:eb:f2:3f:05:cd:8a:2b:33:c2:
27:99:fb:e8:ae:43:0b:43:d6:77:d1:26:b4:7b:eb:
fe:4b:04:3b:2a:d3:d4:fc:35:43:79:1d:f7:74:aa:
46:92:c6:8e:e7:da:2c:ed:6a:7b:97:e9:d0:45:dc:
7b:65:ff:17:87:91:b5:25:37:a8:3d:20:0a:7d:e5:
83:59:9a:44:73:f7:1c:9c:01:4f:f2:52:95:fa:a2:
60:67:c1:52:9e:ad:46:6d:ec:2c:9b:ef:71:59:eb:
9c:e6:d6:03:e0:8a:2c:5d:9f:2a:1b:75:2b:cd:fe:
44:1b:61:62:1d:43:41:56:14:68:89:d2:1d:ed:cb:
7c:af:04:7f:a1:5e:c9:46:63:1b:b7:b7:de:2a:5c:
75:80:ac:aa:61:c3:6e:5a:03:2f:40:d7:d0:02:1d:
ec:a9:b5:3f:58:d0:fb:4e:d9:1a:61:96:75:0e:5b:
1f:c6:48:2c:67:97:e3:f8:4d:d7:10:fd:f8:f1:75:
f3:4f:9f:8a:8c:0b:81:6c:d7:e7:f3:75:e6:ac:d1:
6c:0d:d4:eb:93:c5:f1:1a:7c:1d:3a:e0:8d:e4:34:
d1:cd:fd:50:48:fc:cf:fa:5b:f9:4f:00:38:6c:26:
a7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AA:62:62:33:C5:7E:50:27:68:CB:64:3D:55:8F:5D:39:78:DF:DC
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/RapiYjPFflAnaMtkPVWPXTl439w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.148.0/22
Signature Algorithm: sha256WithRSAEncryption
88:4d:38:de:1b:be:c5:a8:bb:40:c4:cf:97:74:d8:de:e3:7a:
fd:cb:43:da:ea:e9:39:cd:fe:f6:18:5b:dc:0b:8f:c3:d7:b2:
b5:c9:25:1d:dd:f2:c3:01:2c:8b:64:3b:72:8f:82:c6:1c:ae:
42:ce:2e:d9:3a:1f:f5:36:9b:be:b3:e9:b6:28:72:5e:8d:56:
49:f0:50:99:65:55:9d:37:27:fd:8a:11:cd:64:cd:7a:3a:ee:
20:8c:82:52:a5:f0:59:5a:24:c1:71:7d:d7:a4:4e:0b:e7:8d:
eb:bf:71:8e:d8:6f:ee:41:58:0a:64:d6:33:ce:6f:48:f5:46:
3f:00:8e:26:6a:90:c0:ba:46:bb:26:b9:fd:38:d8:e9:0c:13:
c1:d9:5c:9c:7e:8f:12:4b:62:df:e7:87:ff:3b:87:ba:67:5c:
b3:ad:03:a4:2b:9a:67:9a:cd:d7:4e:1b:50:6a:14:8d:ef:56:
a4:88:52:33:5f:e1:1f:f4:a8:27:00:67:f5:65:1b:8b:a4:63:
43:d5:17:da:53:d5:b1:84:26:04:b1:a3:10:21:68:22:74:3d:
0b:5d:c2:98:f1:ae:3f:96:1a:fb:60:aa:92:c0:f1:58:1a:fd:
d6:ff:33:c8:f0:b0:9e:03:bb:7f:1a:cf:4b:93:49:19:03:0b:
8e:53:1f:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwghARGaPI9qlGwI+nxISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwMTAxMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWFhNjI2MjMzYzU3ZTUwMjc2OGNiNjQzZDU1OGY1ZDM5NzhkZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjV+/8g0vEJrOx+xyTNfnBE1geXr
8j8FzYorM8InmfvorkMLQ9Z30Sa0e+v+SwQ7KtPU/DVDeR33dKpGksaO59os7Wp7
l+nQRdx7Zf8Xh5G1JTeoPSAKfeWDWZpEc/ccnAFP8lKV+qJgZ8FSnq1Gbewsm+9x
Weuc5tYD4IosXZ8qG3Urzf5EG2FiHUNBVhRoidId7ct8rwR/oV7JRmMbt7feKlx1
gKyqYcNuWgMvQNfQAh3sqbU/WND7TtkaYZZ1DlsfxkgsZ5fj+E3XEP348XXzT5+K
jAuBbNfn83XmrNFsDdTrk8XxGnwdOuCN5DTRzf1QSPzP+lv5TwA4bCanmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWqYmIzxX5QJ2jLZD1Vj105eN/cMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvUmFwaVlqUEZmbEFuYU10a1BWV1BYVGw0Mzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZWUMA0G
CSqGSIb3DQEBCwUAA4IBAQCITTjeG77FqLtAxM+XdNje43r9y0Pa6uk5zf72GFvc
C4/D17K1ySUd3fLDASyLZDtyj4LGHK5Czi7ZOh/1Npu+s+m2KHJejVZJ8FCZZVWd
Nyf9ihHNZM16Ou4gjIJSpfBZWiTBcX3XpE4L543rv3GO2G/uQVgKZNYzzm9I9UY/
AI4mapDAuka7Jrn9ONjpDBPB2Vycfo8SS2Lf54f/O4e6Z1yzrQOkK5pnms3XThtQ
ahSN71akiFIzX+Ef9KgnAGf1ZRuLpGND1RfaU9WxhCYEsaMQIWgidD0LXcKY8a4/
lhr7YKqSwPFYGv3W/zPI8LCeA7t/Gs9Lk0kZAwuOUx/e
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:03:12 2025 by rpki-client