Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tbfZ7Mvbuy6LSKg4xMuYjB6es1Q.roa
File: tbfZ7Mvbuy6LSKg4xMuYjB6es1Q.roa (raw, json)
Hash identifier: g/8RxHJeilm+Olps6kCauA6tXRpC8iygMNrvSQgAeO8=
Subject key identifier: B5:B7:D9:EC:CB:DB:BB:2E:8B:48:A8:38:C4:CB:98:8C:1E:9E:B3:54
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427481ABE574F2AA848D34E2D30FE8BE9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tbfZ7Mvbuy6LSKg4xMuYjB6es1Q.roa
Signing time: Thu 02 Jan 2025 13:50:24 +0000
ROA not before: Thu 02 Jan 2025 13:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 45.128.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1a:be:57:4f:2a:a8:48:d3:4e:2d:30:fe:8b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5b7d9eccbdbbb2e8b48a838c4cb988c1e9eb354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:61:2e:7b:56:3f:a3:3c:b1:e7:9b:0c:d9:33:
dd:35:7d:6c:c9:a5:cc:bf:ed:55:be:b0:bb:76:fc:
93:0a:98:4e:b2:d2:86:9e:3a:34:41:2d:af:28:02:
56:9e:42:d6:9a:ea:a5:33:ab:94:59:42:ea:d8:af:
c5:90:6d:d0:61:ff:cd:06:47:ef:0d:4b:a8:26:9f:
5c:45:3f:9d:c2:0f:61:6f:09:6e:cc:c8:d6:ff:c0:
b8:0b:cf:72:ec:2c:18:0b:81:b0:1b:b9:a8:09:35:
3c:e3:a8:9d:7c:4c:b8:05:77:9f:45:a1:4f:3f:50:
0c:57:76:d3:26:d0:89:4b:88:6f:18:be:08:18:97:
84:de:4a:6b:20:4f:f1:9e:9a:95:5f:ae:46:95:9b:
80:19:30:b3:af:12:35:2e:aa:5d:bc:9f:07:ad:74:
ea:ab:99:d9:0c:dd:d7:14:17:93:70:62:0e:a3:e2:
bf:02:75:b9:72:0a:e0:e9:4f:e6:c4:ac:b6:08:ce:
e2:39:10:5e:c7:e1:1f:1b:30:63:f3:a2:f1:16:29:
28:c4:2a:7c:9d:ef:67:d0:26:c5:0e:05:fe:e4:87:
bf:ed:cb:c7:c3:d8:6d:a6:f5:5b:a4:8c:cf:8d:f4:
74:df:5c:d9:78:07:de:e3:5e:73:72:6e:f2:08:00:
65:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B7:D9:EC:CB:DB:BB:2E:8B:48:A8:38:C4:CB:98:8C:1E:9E:B3:54
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tbfZ7Mvbuy6LSKg4xMuYjB6es1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.78.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ac:b7:d7:52:be:83:b4:39:a7:18:e7:02:d4:7f:25:d8:d6:
2c:cb:5b:b2:6e:94:8c:bb:5d:d7:d5:9c:c7:0d:85:3d:f5:86:
28:e9:6b:c4:ce:d7:36:3a:b2:e2:a0:d0:45:64:3d:85:e2:23:
f2:c0:1b:b0:01:8c:81:5f:f6:1e:2a:67:9c:2a:0d:c0:28:e2:
19:ee:1f:05:94:2a:61:84:15:d0:8f:b1:55:b3:ab:66:24:7f:
e1:78:71:92:71:6e:00:86:17:00:4f:7a:99:71:8b:13:a2:68:
a6:a0:63:dd:9a:81:04:43:e7:46:5f:3b:0b:20:39:a0:54:34:
3a:aa:6c:21:46:58:02:17:ac:93:1a:88:24:79:5e:1a:14:e4:
92:35:95:2b:ae:27:20:9d:8e:b6:a3:bf:7a:e1:ee:c7:c8:6e:
be:67:8e:27:82:a2:aa:4c:f4:d1:a1:76:9d:1d:cc:24:bf:ff:
c0:59:f5:55:c5:c6:36:df:93:b1:a1:69:2d:30:6d:d1:24:38:
3b:97:4c:db:c7:5e:13:13:ad:8c:22:26:4d:ce:af:76:bb:2d:
31:f2:b1:e4:99:82:86:0c:59:03:cf:fc:bd:2f:da:c4:43:06:
be:fd:07:0e:69:a6:94:0b:b2:9d:fa:24:cf:46:9f:23:82:c5:
00:29:5e:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSBq+V08qqEjTTi0w/ovpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI3ZDllY2NiZGJiYjJlOGI0OGE4MzhjNGNiOTg4YzFlOWViMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGEue1Y/ozyx55sM2TPdNX1syaXM
v+1VvrC7dvyTCphOstKGnjo0QS2vKAJWnkLWmuqlM6uUWULq2K/FkG3QYf/NBkfv
DUuoJp9cRT+dwg9hbwluzMjW/8C4C89y7CwYC4GwG7moCTU846idfEy4BXefRaFP
P1AMV3bTJtCJS4hvGL4IGJeE3kprIE/xnpqVX65GlZuAGTCzrxI1LqpdvJ8HrXTq
q5nZDN3XFBeTcGIOo+K/AnW5cgrg6U/mxKy2CM7iORBex+EfGzBj86LxFikoxCp8
ne9n0CbFDgX+5Ie/7cvHw9htpvVbpIzPjfR031zZeAfe415zcm7yCABlrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLW32ezL27sui0ioOMTLmIwenrNUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdGJmWjdNdmJ1eTZMU0tnNHhNdVlqQjZlczFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYBOMA0G
CSqGSIb3DQEBCwUAA4IBAQCjrLfXUr6DtDmnGOcC1H8l2NYsy1uybpSMu13X1ZzH
DYU99YYo6WvEztc2OrLioNBFZD2F4iPywBuwAYyBX/YeKmecKg3AKOIZ7h8FlCph
hBXQj7FVs6tmJH/heHGScW4AhhcAT3qZcYsTomimoGPdmoEEQ+dGXzsLIDmgVDQ6
qmwhRlgCF6yTGogkeV4aFOSSNZUrricgnY62o7964e7HyG6+Z44ngqKqTPTRoXad
Hcwkv//AWfVVxcY235OxoWktMG3RJDg7l0zbx14TE62MIiZNzq92uy0x8rHkmYKG
DFkDz/y9L9rEQwa+/QcOaaaUC7Kd+iTPRp8jgsUAKV78
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:12:51 2025 by rpki-client