Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/kcYvWvKmOy7kSzedXNpVyk7_uRw.roa
File: kcYvWvKmOy7kSzedXNpVyk7_uRw.roa (raw, json)
Hash identifier: kepqtfACAvFInctkyweunwyojEbC/ztH4UbauJ0vWGU=
Subject key identifier: 91:C6:2F:5A:F2:A6:3B:2E:E4:4B:37:9D:5C:DA:55:CA:4E:FF:B9:1C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B23E95A1FCFBC77DA5782E5F78FCC6
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/kcYvWvKmOy7kSzedXNpVyk7_uRw.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 45.89.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3e:95:a1:fc:fb:c7:7d:a5:78:2e:5f:78:fc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91c62f5af2a63b2ee44b379d5cda55ca4effb91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b6:4d:5a:19:1d:82:e4:73:8f:a7:48:ed:f8:
dc:f3:45:5e:2e:36:04:38:6f:e2:46:a7:98:d5:d0:
7d:fb:c5:c4:27:07:a5:2e:35:d6:b1:f9:53:86:13:
27:d7:16:7b:ba:85:73:7c:49:4f:0a:c0:7f:90:2f:
97:a0:a9:73:b2:33:e8:1f:40:e0:8e:3d:c1:b9:70:
b2:49:35:0a:13:66:c7:6f:c7:ff:59:79:62:36:83:
4f:41:99:90:1a:8e:63:c0:40:08:35:50:d8:d0:f4:
5e:b1:57:12:07:d5:e6:43:2c:86:02:31:8a:6a:6b:
4b:2b:70:5d:fb:ff:62:90:67:fd:3a:be:2b:9e:02:
7e:39:a8:68:60:91:d1:f6:da:c0:7d:ea:c6:90:6e:
5a:7f:75:5b:a7:25:58:62:bf:59:8c:c7:02:28:c2:
50:1c:35:a6:eb:15:fd:90:f0:8a:54:3d:ca:14:e7:
ca:8a:43:31:60:19:19:ee:4c:56:56:a1:69:0c:98:
f6:6c:0e:1a:64:f1:ab:27:76:be:bb:f5:cc:b3:68:
3d:1f:36:73:4a:24:3a:5e:76:f1:e4:ec:a8:5a:14:
43:38:9a:c4:d0:36:d0:b1:b1:4b:c8:d7:8a:0e:40:
6f:ce:d4:0f:21:bd:2a:7e:f9:62:a8:be:17:42:f3:
df:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C6:2F:5A:F2:A6:3B:2E:E4:4B:37:9D:5C:DA:55:CA:4E:FF:B9:1C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/kcYvWvKmOy7kSzedXNpVyk7_uRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.104.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:68:52:78:3f:42:c6:1a:e4:2d:20:b6:f4:df:81:1a:1b:5b:
76:3e:15:8f:f3:f8:ed:6c:f3:20:bf:86:37:91:8e:ca:d1:40:
98:88:84:86:03:ac:b9:1c:34:1b:21:c4:0d:d9:93:1a:97:5f:
f6:9b:6c:27:40:4d:79:c1:45:ac:60:9d:6a:0c:7b:43:49:27:
68:65:f5:34:87:18:64:fc:bf:eb:4a:5e:cd:a9:d8:f5:20:56:
40:9d:c4:cb:2c:df:e4:a2:55:fa:2d:80:db:5a:a9:85:58:07:
31:0d:dc:ee:bd:21:7d:74:ac:cb:2f:bc:f8:1d:13:25:cf:6b:
fe:88:b6:47:ae:2c:fe:23:ac:fe:45:6e:c2:9f:d0:eb:90:c4:
70:f3:50:cf:a3:a7:f4:a5:92:5d:91:8b:64:2c:6c:07:c9:cc:
ec:dc:ff:85:47:a8:16:c4:6e:96:03:a7:c1:cb:11:6b:96:e1:
73:3b:6a:6e:0b:24:54:2a:e0:fe:d0:8d:0a:b6:41:fc:28:e8:
78:d5:5d:5f:d0:1e:a6:c8:1d:e6:aa:39:32:f1:ba:ac:b2:27:
96:fa:34:6a:2c:53:95:2c:d6:44:2f:7c:db:8d:36:49:d2:3d:
2c:0b:6b:11:86:1c:8a:fe:a2:80:b3:df:6e:17:48:ef:ec:87:
1b:32:48:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsj6Vofz7x32leC5fePzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM2MmY1YWYyYTYzYjJlZTQ0YjM3OWQ1Y2RhNTVjYTRlZmZiOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprZNWhkdguRzj6dI7fjc80VeLjYE
OG/iRqeY1dB9+8XEJwelLjXWsflThhMn1xZ7uoVzfElPCsB/kC+XoKlzsjPoH0Dg
jj3BuXCySTUKE2bHb8f/WXliNoNPQZmQGo5jwEAINVDY0PResVcSB9XmQyyGAjGK
amtLK3Bd+/9ikGf9Or4rngJ+OahoYJHR9trAferGkG5af3VbpyVYYr9ZjMcCKMJQ
HDWm6xX9kPCKVD3KFOfKikMxYBkZ7kxWVqFpDJj2bA4aZPGrJ3a+u/XMs2g9HzZz
SiQ6Xnbx5OyoWhRDOJrE0DbQsbFLyNeKDkBvztQPIb0qfvliqL4XQvPfMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHGL1rypjsu5Es3nVzaVcpO/7kcMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEva2NZdld2S21PeTdrU3plZFhOcFZ5azdfdVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVloMA0G
CSqGSIb3DQEBCwUAA4IBAQAbaFJ4P0LGGuQtILb034EaG1t2PhWP8/jtbPMgv4Y3
kY7K0UCYiISGA6y5HDQbIcQN2ZMal1/2m2wnQE15wUWsYJ1qDHtDSSdoZfU0hxhk
/L/rSl7Nqdj1IFZAncTLLN/kolX6LYDbWqmFWAcxDdzuvSF9dKzLL7z4HRMlz2v+
iLZHriz+I6z+RW7Cn9DrkMRw81DPo6f0pZJdkYtkLGwHyczs3P+FR6gWxG6WA6fB
yxFrluFzO2puCyRUKuD+0I0KtkH8KOh41V1f0B6myB3mqjky8bqssieW+jRqLFOV
LNZEL3zbjTZJ0j0sC2sRhhyK/qKAs99uF0jv7IcbMkhz
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:54:18 2025 by rpki-client