Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/_9tck5mtbi0xO7Fr7Y11NL5EZIM.roa
File: _9tck5mtbi0xO7Fr7Y11NL5EZIM.roa (raw, json)
Hash identifier: UXCxozlRWrWF5uvq8QkTh0T+21/yBrNobwddT7TkTjM=
Subject key identifier: FF:DB:5C:93:99:AD:6E:2D:31:3B:B1:6B:ED:8D:75:34:BE:44:64:83
Certificate issuer: /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial: 01941FFA5CCF152810F71CA50BD8ED884747
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/_9tck5mtbi0xO7Fr7Y11NL5EZIM.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212384
IP address blocks: 45.9.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5c:cf:15:28:10:f7:1c:a5:0b:d8:ed:88:47:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffdb5c9399ad6e2d313bb16bed8d7534be446483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:85:c4:86:b1:9d:76:8d:c8:ce:c1:1c:b6:c0:
7e:81:a3:97:80:db:c0:9a:ba:38:78:c2:e1:9d:2d:
a3:72:6a:e5:db:4a:59:a3:38:db:51:81:d9:a9:be:
1c:44:39:c3:af:28:80:fb:97:0c:4b:6f:0b:bf:8f:
b4:81:6d:2b:24:bd:70:ad:40:42:bb:48:78:c0:eb:
22:26:43:50:78:d4:2d:8d:92:43:de:67:88:a1:c3:
c4:8e:b7:54:bc:9a:69:b4:05:e0:5c:85:5c:f4:f7:
c6:55:0a:97:5b:69:16:b6:c0:57:d4:5f:c3:8d:b8:
b7:91:2a:8b:3c:99:61:36:22:a9:2d:f2:40:e4:45:
b1:57:07:6a:8c:0a:dc:41:4f:57:b9:c8:98:4e:db:
8d:b6:0e:d8:90:b0:89:95:05:19:f9:59:d5:ce:53:
e1:0b:d2:c9:38:e2:cd:2f:62:97:65:34:bd:d8:10:
c5:d7:c7:42:1a:22:06:29:47:90:91:e7:c1:e0:a7:
99:a1:3a:e0:b2:11:f0:77:4b:df:4c:cc:a7:60:95:
e7:1b:b1:b4:c7:d7:7d:ba:de:e4:a7:4e:73:4d:ba:
ca:be:a9:27:d7:8a:a8:01:df:d1:f1:af:b3:d6:68:
ab:ee:ac:b8:db:be:bc:8b:7f:1b:56:44:c0:f9:33:
5e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DB:5C:93:99:AD:6E:2D:31:3B:B1:6B:ED:8D:75:34:BE:44:64:83
X509v3 Authority Key Identifier:
keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/_9tck5mtbi0xO7Fr7Y11NL5EZIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.124.0/22
Signature Algorithm: sha256WithRSAEncryption
82:ff:16:d8:4f:e9:db:20:de:91:f8:c7:b3:ed:e9:f3:61:b1:
f6:8c:08:85:11:30:3e:8c:41:75:ae:e1:3f:93:cf:d3:23:66:
e4:fa:13:20:49:f3:bf:27:1f:fb:2d:22:5e:af:95:7b:7e:31:
b2:fb:42:78:ae:e5:e0:0e:6a:91:07:64:82:06:aa:f4:7e:8c:
4b:49:8c:5d:34:81:95:61:c0:73:26:dc:8c:ae:ee:d3:5c:b8:
f8:81:a5:3d:41:9c:5e:90:e0:dd:0b:65:99:8f:39:ef:c6:ec:
eb:bb:dd:65:36:58:46:17:a5:d8:54:f9:a9:21:1d:8d:70:3e:
18:88:35:ac:54:86:cb:83:2e:ac:34:d4:86:d1:6b:ac:7d:61:
46:26:43:f0:e0:62:8b:1d:aa:a3:c7:e5:70:13:68:ab:8a:3a:
48:45:17:56:a1:78:ce:68:df:ad:70:92:5a:24:42:e2:9c:24:
fc:ad:43:6b:40:51:24:45:95:6b:14:a7:15:46:4c:12:0c:09:
3e:4f:61:95:a5:f7:15:2a:a9:90:f1:2c:b6:4b:9f:f8:0f:75:
c0:0e:4a:00:5d:3b:1d:b3:b5:e8:80:e2:84:0c:1d:15:ff:70:
9c:fc:78:9f:16:23:a8:31:27:d9:e6:83:b8:b8:0f:e5:e5:de:
2a:d4:fc:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lzPFSgQ9xylC9jtiEdHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjI4MDVkODc3NmVlZGViN2FhNGNiZTVhZjU2OGNkYjI2
MjlmYzIwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRiNWM5Mzk5YWQ2ZTJkMzEzYmIxNmJlZDhkNzUzNGJlNDQ2NDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIXEhrGddo3IzsEctsB+gaOXgNvA
mro4eMLhnS2jcmrl20pZozjbUYHZqb4cRDnDryiA+5cMS28Lv4+0gW0rJL1wrUBC
u0h4wOsiJkNQeNQtjZJD3meIocPEjrdUvJpptAXgXIVc9PfGVQqXW2kWtsBX1F/D
jbi3kSqLPJlhNiKpLfJA5EWxVwdqjArcQU9XuciYTtuNtg7YkLCJlQUZ+VnVzlPh
C9LJOOLNL2KXZTS92BDF18dCGiIGKUeQkefB4KeZoTrgshHwd0vfTMynYJXnG7G0
x9d9ut7kp05zTbrKvqkn14qoAd/R8a+z1mir7qy42768i38bVkTA+TNeswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/bXJOZrW4tMTuxa+2NdTS+RGSDMB8GA1UdIwQY
MBaAFPOygF2Hdu7et6pMvlr1aM2yYp/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgt
ODNiYzc5NzI3OGUyLzEvXzl0Y2s1bXRiaTB4TzdGcjdZMTFOTDVFWklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgtODNiYzc5NzI3OGUy
LzEvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQl8MA0G
CSqGSIb3DQEBCwUAA4IBAQCC/xbYT+nbIN6R+Mez7enzYbH2jAiFETA+jEF1ruE/
k8/TI2bk+hMgSfO/Jx/7LSJer5V7fjGy+0J4ruXgDmqRB2SCBqr0foxLSYxdNIGV
YcBzJtyMru7TXLj4gaU9QZxekODdC2WZjznvxuzru91lNlhGF6XYVPmpIR2NcD4Y
iDWsVIbLgy6sNNSG0WusfWFGJkPw4GKLHaqjx+VwE2irijpIRRdWoXjOaN+tcJJa
JELinCT8rUNrQFEkRZVrFKcVRkwSDAk+T2GVpfcVKqmQ8Sy2S5/4D3XADkoAXTsd
s7XogOKEDB0V/3Cc/HifFiOoMSfZ5oO4uA/l5d4q1Pxc
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:12 2025 by rpki-client