Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/AodJNt3ZkEFvmrSHAB7NYJIYRkw.roa
File: AodJNt3ZkEFvmrSHAB7NYJIYRkw.roa (raw, json)
Hash identifier: 557Th51Qmbbl6elfvhs2w+S0vEIxbLVLS/I6nCsUw1w=
Subject key identifier: 02:87:49:36:DD:D9:90:41:6F:9A:B4:87:00:1E:CD:60:92:18:46:4C
Certificate issuer: /CN=787650d0951529b1a817232c12c42e49b889e1b8
Certificate serial: 01850CC8F854B18F6C5D950B92FCE4A28281
Authority key identifier: 78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/AodJNt3ZkEFvmrSHAB7NYJIYRkw.roa
Signing time: Tue 13 Dec 2022 18:39:35 +0000
ROA not before: Tue 13 Dec 2022 18:39:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203511
IP address blocks: 45.150.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0c:c8:f8:54:b1:8f:6c:5d:95:0b:92:fc:e4:a2:82:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787650d0951529b1a817232c12c42e49b889e1b8
Validity
Not Before: Dec 13 18:39:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02874936ddd990416f9ab487001ecd609218464c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a0:a7:4a:05:44:b6:b1:54:d9:a9:96:f4:57:
16:a3:c0:fa:27:f8:53:90:e1:35:f3:8b:bd:a2:49:
44:37:f3:58:14:4f:dc:55:f8:b1:81:02:1e:e7:6b:
0e:11:00:be:d9:49:78:71:62:5f:78:bb:4f:d6:33:
95:fe:98:44:bc:8f:45:f8:a6:2c:4a:ad:6e:ea:87:
38:88:42:48:38:5a:49:9c:f2:e8:16:f6:6a:c5:e9:
09:85:7a:8b:d7:ac:3b:56:21:8a:f9:73:82:5e:15:
3f:74:28:52:31:4c:e3:9e:4a:ad:c8:52:32:2f:83:
e8:cd:54:2d:e8:7b:49:2b:22:7e:0a:cb:41:08:c4:
7f:a0:c7:d2:0e:5e:67:5a:61:d7:2c:ea:7b:94:95:
6a:b5:50:93:67:43:53:76:a3:9e:dd:cf:8c:31:e6:
d4:58:b0:2a:e7:12:10:91:1e:5a:21:2a:78:39:16:
be:18:10:2a:3c:be:5c:71:0a:35:1d:68:1b:62:c0:
b7:d2:19:b2:85:91:5e:c3:38:4f:0f:d1:09:37:00:
76:6f:4d:7f:c8:ab:30:83:74:9c:dd:e6:90:64:e3:
60:03:d3:0e:ff:27:4b:33:a8:7e:62:b2:ae:a0:01:
f6:6b:af:f2:b6:41:77:dc:19:e0:48:31:ef:f1:bf:
f9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:87:49:36:DD:D9:90:41:6F:9A:B4:87:00:1E:CD:60:92:18:46:4C
X509v3 Authority Key Identifier:
keyid:78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/AodJNt3ZkEFvmrSHAB7NYJIYRkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.149.0/24
Signature Algorithm: sha256WithRSAEncryption
01:a3:b5:1d:0f:8e:ea:78:57:51:87:bf:e8:be:73:f8:2a:6f:
a7:73:ba:6b:a1:f4:ea:f1:41:91:19:3f:54:99:f4:bb:d4:5d:
ac:78:12:5f:7b:d3:86:3f:93:fa:c8:86:4a:10:58:01:45:e8:
b1:3f:91:8e:95:3b:c4:0e:3b:22:47:32:21:c2:10:2b:13:c6:
d7:59:73:90:3e:2c:03:1c:6a:91:39:c9:7f:25:28:d8:58:c5:
8c:c5:32:e1:f8:f0:6b:ed:6a:65:68:eb:73:91:1b:3a:16:b4:
c8:25:a0:0c:f0:3c:88:e9:27:ef:44:28:78:c6:8e:2f:32:97:
a0:ce:32:f6:b9:6c:85:94:78:b1:d5:23:7f:dc:20:06:91:d8:
78:4c:c5:c7:6b:21:ca:1d:35:63:1c:f3:56:e4:bd:b0:81:a2:
bd:4a:ba:2d:52:0f:b7:01:69:5e:d0:97:df:12:75:e5:70:df:
46:00:fe:06:ea:61:40:e9:39:fb:7f:90:f3:a0:3d:72:dd:d1:
e7:f0:be:1e:11:63:d8:4e:b0:01:12:00:83:ee:ce:36:24:5d:
a0:64:64:b5:46:13:5c:8b:78:79:bd:0b:80:e2:2f:03:95:44:
b4:58:19:2a:fe:ee:75:a7:4a:9d:2b:4a:0f:12:28:d8:87:48:
3c:4a:0f:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUMyPhUsY9sXZULkvzkooKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzY1MGQwOTUxNTI5YjFhODE3MjMyYzEyYzQyZTQ5Yjg4
OWUxYjgwHhcNMjIxMjEzMTgzOTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg3NDkzNmRkZDk5MDQxNmY5YWI0ODcwMDFlY2Q2MDkyMTg0NjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6CnSgVEtrFU2amW9FcWo8D6J/hT
kOE184u9oklEN/NYFE/cVfixgQIe52sOEQC+2Ul4cWJfeLtP1jOV/phEvI9F+KYs
Sq1u6oc4iEJIOFpJnPLoFvZqxekJhXqL16w7ViGK+XOCXhU/dChSMUzjnkqtyFIy
L4PozVQt6HtJKyJ+CstBCMR/oMfSDl5nWmHXLOp7lJVqtVCTZ0NTdqOe3c+MMebU
WLAq5xIQkR5aISp4ORa+GBAqPL5ccQo1HWgbYsC30hmyhZFewzhPD9EJNwB2b01/
yKswg3Sc3eaQZONgA9MO/ydLM6h+YrKuoAH2a6/ytkF33BngSDHv8b/5EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKHSTbd2ZBBb5q0hwAezWCSGEZMMB8GA1UdIwQY
MBaAFHh2UNCVFSmxqBcjLBLELkm4ieG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmIt
OTZhNDA0Yzc5MGI3LzEvQW9kSk50M1prRUZ2bXJTSEFCN05ZSklZUmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmItOTZhNDA0Yzc5MGI3
LzEvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZaVMA0G
CSqGSIb3DQEBCwUAA4IBAQABo7UdD47qeFdRh7/ovnP4Km+nc7profTq8UGRGT9U
mfS71F2seBJfe9OGP5P6yIZKEFgBReixP5GOlTvEDjsiRzIhwhArE8bXWXOQPiwD
HGqROcl/JSjYWMWMxTLh+PBr7WplaOtzkRs6FrTIJaAM8DyI6SfvRCh4xo4vMpeg
zjL2uWyFlHix1SN/3CAGkdh4TMXHayHKHTVjHPNW5L2wgaK9SrotUg+3AWle0Jff
EnXlcN9GAP4G6mFA6Tn7f5DzoD1y3dHn8L4eEWPYTrABEgCD7s42JF2gZGS1RhNc
i3h5vQuA4i8DlUS0WBkq/u51p0qdK0oPEijYh0g8Sg8u
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:15:57 2025 by rpki-client