Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/l3hBfkW7cG49t8BkI0JG-IOgLNw.roa
File: l3hBfkW7cG49t8BkI0JG-IOgLNw.roa (raw, json)
Hash identifier: Wbpq1zd1CdCtrZVaVyIeSGCmoaGaPb6ooXAPHWSkxxY=
Subject key identifier: 97:78:41:7E:45:BB:70:6E:3D:B7:C0:64:23:42:46:F8:83:A0:2C:DC
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D72C7A8140A0B0810EC7408555EFC3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/l3hBfkW7cG49t8BkI0JG-IOgLNw.roa
Signing time: Wed 01 Jan 2025 21:48:11 +0000
ROA not before: Wed 01 Jan 2025 21:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 45.8.209.0/24 maxlen: 24
213.108.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:2c:7a:81:40:a0:b0:81:0e:c7:40:85:55:ef:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9778417e45bb706e3db7c064234246f883a02cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5d:0a:6d:18:28:8a:b6:00:40:00:5f:db:96:
1f:ec:a7:84:43:1e:54:09:fe:dd:3d:2e:08:ba:51:
0d:3b:55:98:24:2f:05:fc:41:37:e7:f4:10:9c:cc:
66:6a:2e:1e:12:47:ce:b9:c5:e8:1c:fd:19:40:20:
82:05:b5:d9:48:fa:fe:92:04:6b:f3:4e:99:09:57:
74:69:da:85:ee:d0:48:9d:b6:ba:33:47:b6:79:b3:
ba:9d:af:cf:90:11:6c:f8:60:4a:05:df:ec:a3:da:
43:8f:48:46:7c:42:47:b0:cb:2d:71:aa:7d:fa:55:
53:de:50:ea:ad:79:c6:e9:8d:d0:48:2d:ce:27:ca:
85:fb:c2:79:46:2a:86:c4:13:bc:6d:da:3d:e9:d9:
26:ee:f7:37:08:d8:b0:39:8a:e0:23:b9:e6:2b:5f:
3d:e1:ba:76:25:fc:ed:55:88:49:b6:b5:c0:8d:a9:
c0:44:47:11:aa:82:18:4f:35:43:9b:2a:45:07:c1:
6b:49:e0:b2:64:c4:23:e9:ab:44:0c:62:a0:50:f8:
4e:0f:47:d2:e7:db:cb:37:b1:3e:fc:c8:39:ea:58:
01:98:a5:9f:d6:d6:f1:81:5d:bc:04:61:81:54:c8:
b3:24:94:87:2c:ee:8d:8e:bf:f8:0a:80:21:b5:11:
44:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:78:41:7E:45:BB:70:6E:3D:B7:C0:64:23:42:46:F8:83:A0:2C:DC
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/l3hBfkW7cG49t8BkI0JG-IOgLNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.209.0/24
213.108.196.0/24
Signature Algorithm: sha256WithRSAEncryption
10:78:4e:f5:64:74:b2:c1:5e:db:26:2f:01:7b:81:0c:00:80:
d7:e1:e8:0f:34:f1:e1:34:35:13:65:80:be:4f:3a:c0:45:c2:
a4:3b:a9:ad:d6:ba:5f:e0:4b:06:64:a0:d1:14:f0:cf:c7:61:
67:50:6f:89:23:14:39:2f:79:ba:24:48:9c:8e:70:e4:fb:a1:
bf:7e:35:ae:11:ca:7c:bc:a5:df:21:ee:c8:49:06:87:14:1c:
19:64:b2:59:e8:91:84:67:4a:13:f6:03:a5:f6:5e:c1:7e:c3:
a1:fd:8e:ac:9f:a5:9b:0d:07:50:da:0c:3e:e1:87:06:20:08:
d1:42:9c:01:ba:07:16:2e:6c:2d:f3:6c:d9:44:73:5a:4b:f2:
62:93:28:c7:29:ec:a6:c5:81:9f:ec:7d:b2:bd:6f:25:79:09:
f0:0e:ea:4b:45:90:6d:25:6b:17:44:17:84:e8:35:ce:bf:76:
94:58:82:de:8f:1e:88:9d:cd:73:3a:a4:f0:b4:e9:3f:e0:c9:
10:e8:bb:65:6c:0a:b2:7f:7e:eb:25:02:3b:26:b2:5d:30:ce:
b0:eb:17:95:fa:bb:d9:bb:3a:9c:57:b0:84:b4:24:e2:48:00:
c9:2b:a4:0b:d7:aa:62:ed:11:e6:4f:20:5e:6e:b8:01:d5:40:
47:47:3f:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1yx6gUCgsIEOx0CFVe/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzc4NDE3ZTQ1YmI3MDZlM2RiN2MwNjQyMzQyNDZmODgzYTAyY2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw10KbRgoirYAQABf25Yf7KeEQx5U
Cf7dPS4IulENO1WYJC8F/EE35/QQnMxmai4eEkfOucXoHP0ZQCCCBbXZSPr+kgRr
806ZCVd0adqF7tBInba6M0e2ebO6na/PkBFs+GBKBd/so9pDj0hGfEJHsMstcap9
+lVT3lDqrXnG6Y3QSC3OJ8qF+8J5RiqGxBO8bdo96dkm7vc3CNiwOYrgI7nmK189
4bp2JfztVYhJtrXAjanAREcRqoIYTzVDmypFB8FrSeCyZMQj6atEDGKgUPhOD0fS
59vLN7E+/Mg56lgBmKWf1tbxgV28BGGBVMizJJSHLO6Njr/4CoAhtRFEXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJd4QX5Fu3BuPbfAZCNCRviDoCzcMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbDNoQmZrVzdjRzQ5dDhCa0kwSkctSU9nTE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQjRAwQA
1WzEMA0GCSqGSIb3DQEBCwUAA4IBAQAQeE71ZHSywV7bJi8Be4EMAIDX4egPNPHh
NDUTZYC+TzrARcKkO6mt1rpf4EsGZKDRFPDPx2FnUG+JIxQ5L3m6JEicjnDk+6G/
fjWuEcp8vKXfIe7ISQaHFBwZZLJZ6JGEZ0oT9gOl9l7BfsOh/Y6sn6WbDQdQ2gw+
4YcGIAjRQpwBugcWLmwt82zZRHNaS/JikyjHKeymxYGf7H2yvW8leQnwDupLRZBt
JWsXRBeE6DXOv3aUWILejx6Inc1zOqTwtOk/4MkQ6LtlbAqyf37rJQI7JrJdMM6w
6xeV+rvZuzqcV7CEtCTiSADJK6QL16pi7RHmTyBebrgB1UBHRz9s
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:55:19 2025 by rpki-client