Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/c1b548-5344-4833-aec2-f2a3fb0e70d3/1/1--7uMDOzirmB92knmeGeUNOwIV0.roa
File: 1--7uMDOzirmB92knmeGeUNOwIV0.roa (raw, json)
Hash identifier: bANqGeJDyl9wGU726XQedOCHUv1w61AW0K5NPSnEcM8=
Subject key identifier: FB:EE:EE:30:33:B3:8A:B9:81:F7:69:27:99:E1:9E:50:D3:B0:21:5D
Certificate issuer: /CN=1db853b861973fc506e64714cca796d15ccace51
Certificate serial: 0185737A8A8B4B6C49AE3B6D065219D1CA28
Authority key identifier: 1D:B8:53:B8:61:97:3F:C5:06:E6:47:14:CC:A7:96:D1:5C:CA:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HbhTuGGXP8UG5kcUzKeW0VzKzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/c1b548-5344-4833-aec2-f2a3fb0e70d3/1/1--7uMDOzirmB92knmeGeUNOwIV0.roa
Signing time: Mon 02 Jan 2023 17:14:48 +0000
ROA not before: Mon 02 Jan 2023 17:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208608
IP address blocks: 45.128.17.0/24 maxlen: 24
45.128.16.0/22 maxlen: 24
45.128.16.0/24 maxlen: 24
45.128.19.0/24 maxlen: 24
45.128.18.0/24 maxlen: 24
2a0e:3bc0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:8a:8b:4b:6c:49:ae:3b:6d:06:52:19:d1:ca:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1db853b861973fc506e64714cca796d15ccace51
Validity
Not Before: Jan 2 17:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbeeee3033b38ab981f7692799e19e50d3b0215d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:62:37:77:a4:a9:d1:c2:64:b6:05:e6:02:6b:
55:df:e7:67:02:1a:2a:2c:44:5f:2d:03:17:5c:15:
75:fb:89:92:14:76:79:bc:0d:41:73:ce:fa:cd:d9:
c8:8c:e2:16:9a:06:97:90:68:b9:a1:af:03:11:5a:
66:47:93:47:1c:e9:0b:f4:6c:92:62:66:20:cc:35:
35:de:02:f7:4a:1f:42:46:26:74:2a:68:f6:cc:d9:
42:bc:9e:e1:c9:bb:34:81:eb:34:be:19:f6:0c:07:
7b:88:d6:ab:a5:89:c4:94:49:ed:15:ac:8a:dc:1b:
e3:70:74:6c:7d:8b:de:fd:4f:d2:74:87:83:eb:e1:
17:0a:ed:e2:3d:78:d8:c6:dc:01:aa:00:8d:f6:be:
0c:72:84:a1:e8:69:c8:93:18:0b:20:19:53:30:9b:
28:ec:83:2e:70:f5:ab:5b:7e:9a:84:de:d6:c2:a3:
08:0e:97:19:82:b0:85:26:10:13:c2:cc:b0:81:98:
53:5b:a5:d9:f4:94:6d:7b:9f:de:9b:78:68:df:7d:
01:fe:86:c4:59:97:6d:f4:1a:b4:e2:77:21:89:66:
08:b4:ca:1b:53:44:57:d1:19:46:a2:8a:2b:ea:2d:
6f:74:8c:70:b9:26:c4:e8:36:4b:78:00:cc:b0:17:
10:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EE:EE:30:33:B3:8A:B9:81:F7:69:27:99:E1:9E:50:D3:B0:21:5D
X509v3 Authority Key Identifier:
keyid:1D:B8:53:B8:61:97:3F:C5:06:E6:47:14:CC:A7:96:D1:5C:CA:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HbhTuGGXP8UG5kcUzKeW0VzKzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c1b548-5344-4833-aec2-f2a3fb0e70d3/1/1--7uMDOzirmB92knmeGeUNOwIV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/c1b548-5344-4833-aec2-f2a3fb0e70d3/1/HbhTuGGXP8UG5kcUzKeW0VzKzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.16.0/22
IPv6:
2a0e:3bc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
3f:af:f0:86:9c:58:6d:ed:d4:0f:b8:46:8e:e4:f2:e0:b5:95:
c4:16:99:b2:d4:c1:ce:6b:79:90:a0:98:9d:c5:7a:00:9f:50:
6c:61:84:2c:10:ef:ec:4e:a0:9d:46:c7:ce:0d:57:51:5e:6e:
a0:2a:df:3f:3d:5e:a3:67:e8:4f:ad:d5:0f:77:2a:76:29:47:
3a:b7:e3:d3:78:eb:c8:ba:3b:a3:91:b2:6f:8b:99:41:c3:88:
90:59:55:48:62:1b:e0:fd:b7:5f:5f:25:4a:1b:7d:bd:58:96:
91:75:fb:4c:27:b0:ac:c8:b2:1e:5b:b0:37:6a:8a:66:79:ce:
9b:37:82:3b:ef:5e:06:e0:3f:d8:54:e3:dd:89:26:3e:c6:55:
70:1b:d3:a1:0c:95:b3:69:83:a0:62:a2:47:eb:af:a2:d6:cd:
08:cd:ca:d8:83:19:6b:e4:12:67:ed:d2:e9:b4:75:f3:3b:34:
2c:d0:ca:82:cc:c1:a0:53:b5:d2:56:be:1a:ac:5d:37:24:90:
bd:4e:7a:a7:d2:cc:57:4c:4a:cb:68:b2:95:df:bc:e7:56:41:
28:c6:15:6e:fc:2a:10:96:8b:ce:1b:a0:3a:b6:1c:ce:dc:9b:
52:4b:b6:6b:15:6b:a6:e5:e5:70:d5:b6:7b:38:7b:38:e4:da:
dd:ff:7e:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzeoqLS2xJrjttBlIZ0cooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjg1M2I4NjE5NzNmYzUwNmU2NDcxNGNjYTc5NmQxNWNj
YWNlNTEwHhcNMjMwMTAyMTcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVlZWUzMDMzYjM4YWI5ODFmNzY5Mjc5OWUxOWU1MGQzYjAyMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGI3d6Sp0cJktgXmAmtV3+dnAhoq
LERfLQMXXBV1+4mSFHZ5vA1Bc876zdnIjOIWmgaXkGi5oa8DEVpmR5NHHOkL9GyS
YmYgzDU13gL3Sh9CRiZ0Kmj2zNlCvJ7hybs0ges0vhn2DAd7iNarpYnElEntFayK
3BvjcHRsfYve/U/SdIeD6+EXCu3iPXjYxtwBqgCN9r4McoSh6GnIkxgLIBlTMJso
7IMucPWrW36ahN7WwqMIDpcZgrCFJhATwsywgZhTW6XZ9JRte5/em3ho330B/obE
WZdt9Bq04nchiWYItMobU0RX0RlGooor6i1vdIxwuSbE6DZLeADMsBcQCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPvu7jAzs4q5gfdpJ5nhnlDTsCFdMB8GA1UdIwQY
MBaAFB24U7hhlz/FBuZHFMynltFcys5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJoVHVHR1hQOFVHNWtjVXpLZVcwVnpLemxFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9jMWI1NDgtNTM0NC00ODMzLWFlYzIt
ZjJhM2ZiMGU3MGQzLzEvMS0tN3VNRE96aXJtQjkya25tZUdlVU5Pd0lWMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjMvYzFiNTQ4LTUzNDQtNDgzMy1hZWMyLWYyYTNmYjBlNzBk
My8xL0hiaFR1R0dYUDhVRzVrY1V6S2VXMFZ6S3psRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAi2AEDAP
BAIAAjAJAwcAKg47wAABMA0GCSqGSIb3DQEBCwUAA4IBAQA/r/CGnFht7dQPuEaO
5PLgtZXEFpmy1MHOa3mQoJidxXoAn1BsYYQsEO/sTqCdRsfODVdRXm6gKt8/PV6j
Z+hPrdUPdyp2KUc6t+PTeOvIujujkbJvi5lBw4iQWVVIYhvg/bdfXyVKG329WJaR
dftMJ7CsyLIeW7A3aopmec6bN4I7714G4D/YVOPdiSY+xlVwG9OhDJWzaYOgYqJH
66+i1s0IzcrYgxlr5BJn7dLptHXzOzQs0MqCzMGgU7XSVr4arF03JJC9Tnqn0sxX
TErLaLKV37znVkEoxhVu/CoQlovOG6A6thzO3JtSS7ZrFWum5eVw1bZ7OHs45Nrd
/34G
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:44 2025 by rpki-client