Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/64bdef-5b5d-4d13-ae8e-0835e6b1e39a/1/CQD6vNCtJOYB-agUj3ozsdOR6OQ.roa
File: CQD6vNCtJOYB-agUj3ozsdOR6OQ.roa (raw, json)
Hash identifier: 5mcr5venICyJ9KJj9e5WNmrPDfbhymsvoSl1JzBgFj0=
Subject key identifier: 09:00:FA:BC:D0:AD:24:E6:01:F9:A8:14:8F:7A:33:B1:D3:91:E8:E4
Certificate issuer: /CN=e84d9482ec68d3577d93048c98fa05517380a2a8
Certificate serial: 019528F299FBD3C33FCA56235D5E98015A2D
Authority key identifier: E8:4D:94:82:EC:68:D3:57:7D:93:04:8C:98:FA:05:51:73:80:A2:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E2Uguxo01d9kwSMmPoFUXOAoqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/64bdef-5b5d-4d13-ae8e-0835e6b1e39a/1/CQD6vNCtJOYB-agUj3ozsdOR6OQ.roa
Signing time: Fri 21 Feb 2025 14:39:02 +0000
ROA not before: Fri 21 Feb 2025 14:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212891
IP address blocks: 45.129.248.0/22 maxlen: 22
2001:3c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:f2:99:fb:d3:c3:3f:ca:56:23:5d:5e:98:01:5a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84d9482ec68d3577d93048c98fa05517380a2a8
Validity
Not Before: Feb 21 14:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0900fabcd0ad24e601f9a8148f7a33b1d391e8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:db:96:af:61:f5:86:ad:8b:8a:66:b9:2b:77:
e3:43:c4:82:ab:d7:01:76:14:28:0a:8a:35:12:9f:
62:e6:6e:55:4e:a5:6f:c8:19:a7:74:60:9d:23:03:
df:23:af:a6:38:47:64:3d:af:ac:d3:35:77:f6:1c:
93:86:4c:dd:11:a5:e2:1a:bc:0c:dc:af:d4:63:b4:
b0:b5:8c:fd:c5:5b:c2:e6:a2:e1:1f:dc:78:82:70:
a3:7a:54:cf:e6:ab:c1:65:b7:0f:ef:5e:d4:a3:ed:
b2:1b:b5:48:c0:26:98:0a:bb:39:d2:f0:1d:fc:27:
64:af:4e:72:99:c0:7a:88:a9:55:c1:f6:9c:bd:91:
24:93:3c:27:8b:8f:6e:c7:92:eb:f5:99:80:f1:d0:
08:23:7d:e7:67:a5:7c:26:c6:3d:76:c9:24:61:ad:
12:00:8b:a0:41:0c:4c:81:2e:57:d4:27:ec:f3:66:
f0:bd:00:b8:ae:cc:0c:01:91:bf:5b:ca:ab:96:97:
6b:d3:1b:c8:99:bb:ef:c7:8a:bc:45:d1:ce:31:50:
50:45:b8:cb:d1:ee:bf:ce:c8:77:14:03:e0:ed:a7:
8a:db:92:b7:f1:25:3b:81:ad:68:4c:51:a1:71:c3:
7d:8a:72:5c:40:9b:2a:61:57:a1:88:0f:4f:81:d2:
b6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:00:FA:BC:D0:AD:24:E6:01:F9:A8:14:8F:7A:33:B1:D3:91:E8:E4
X509v3 Authority Key Identifier:
keyid:E8:4D:94:82:EC:68:D3:57:7D:93:04:8C:98:FA:05:51:73:80:A2:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E2Uguxo01d9kwSMmPoFUXOAoqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/64bdef-5b5d-4d13-ae8e-0835e6b1e39a/1/CQD6vNCtJOYB-agUj3ozsdOR6OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/64bdef-5b5d-4d13-ae8e-0835e6b1e39a/1/6E2Uguxo01d9kwSMmPoFUXOAoqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.248.0/22
IPv6:
2001:3c40::/29
Signature Algorithm: sha256WithRSAEncryption
5d:a2:8c:6a:82:0f:ac:05:3f:25:b0:13:85:7a:56:13:93:74:
4e:3d:2f:ad:e0:af:a6:6e:81:4f:bb:b1:7f:26:65:8d:f1:72:
d1:88:ed:25:17:14:25:84:23:90:41:37:46:7e:f5:10:1b:e3:
bd:c7:af:44:85:50:f7:5a:9f:48:bf:26:2d:41:91:d1:ad:37:
4f:09:13:b7:d1:08:f7:02:34:74:bd:c6:cd:f8:c4:84:a8:45:
c1:80:05:1b:54:7d:1c:4c:03:59:a3:61:7c:e4:8e:38:dd:5c:
a6:ae:f8:55:f0:d6:4b:e3:8b:4a:54:41:42:6f:1e:d2:38:e4:
8b:b5:a5:70:b3:ea:4b:af:a9:21:f6:c3:2f:14:2b:eb:2d:bd:
07:54:b8:db:01:95:cc:57:40:76:e9:43:55:f8:a6:4d:e4:a1:
40:eb:cc:a4:7a:16:9a:c4:8d:ec:27:47:f4:17:27:31:4a:e7:
c2:12:ff:5b:ad:28:9e:88:61:51:d1:e7:82:be:59:48:e5:7b:
ac:29:b2:eb:a4:62:94:47:4f:2a:62:43:23:4c:74:35:d0:64:
8b:91:02:26:9e:a2:79:cd:49:54:11:02:b6:61:66:87:46:66:
d6:47:aa:05:cf:eb:cc:e8:fc:c3:32:a7:d5:05:6b:89:b5:dd:
bc:2e:77:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUo8pn708M/ylYjXV6YAVotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGQ5NDgyZWM2OGQzNTc3ZDkzMDQ4Yzk4ZmEwNTUxNzM4
MGEyYTgwHhcNMjUwMjIxMTQzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAwZmFiY2QwYWQyNGU2MDFmOWE4MTQ4ZjdhMzNiMWQzOTFlOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNuWr2H1hq2Lima5K3fjQ8SCq9cB
dhQoCoo1Ep9i5m5VTqVvyBmndGCdIwPfI6+mOEdkPa+s0zV39hyThkzdEaXiGrwM
3K/UY7SwtYz9xVvC5qLhH9x4gnCjelTP5qvBZbcP717Uo+2yG7VIwCaYCrs50vAd
/Cdkr05ymcB6iKlVwfacvZEkkzwni49ux5Lr9ZmA8dAII33nZ6V8JsY9dskkYa0S
AIugQQxMgS5X1Cfs82bwvQC4rswMAZG/W8qrlpdr0xvImbvvx4q8RdHOMVBQRbjL
0e6/zsh3FAPg7aeK25K38SU7ga1oTFGhccN9inJcQJsqYVehiA9PgdK2nwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAkA+rzQrSTmAfmoFI96M7HTkejkMB8GA1UdIwQY
MBaAFOhNlILsaNNXfZMEjJj6BVFzgKKoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUyVWd1eG8wMWQ5a3dTTW1Qb0ZVWE9Bb3FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NGJkZWYtNWI1ZC00ZDEzLWFlOGUt
MDgzNWU2YjFlMzlhLzEvQ1FENnZOQ3RKT1lCLWFnVWozb3pzZE9SNk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NGJkZWYtNWI1ZC00ZDEzLWFlOGUtMDgzNWU2YjFlMzlh
LzEvNkUyVWd1eG8wMWQ5a3dTTW1Qb0ZVWE9Bb3FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYH4MA0E
AgACMAcDBQMgATxAMA0GCSqGSIb3DQEBCwUAA4IBAQBdooxqgg+sBT8lsBOFelYT
k3ROPS+t4K+mboFPu7F/JmWN8XLRiO0lFxQlhCOQQTdGfvUQG+O9x69EhVD3Wp9I
vyYtQZHRrTdPCRO30Qj3AjR0vcbN+MSEqEXBgAUbVH0cTANZo2F85I443VymrvhV
8NZL44tKVEFCbx7SOOSLtaVws+pLr6kh9sMvFCvrLb0HVLjbAZXMV0B26UNV+KZN
5KFA68ykehaaxI3sJ0f0FycxSufCEv9brSieiGFR0eeCvllI5XusKbLrpGKUR08q
YkMjTHQ10GSLkQImnqJ5zUlUEQK2YWaHRmbWR6oFz+vM6PzDMqfVBWuJtd28Lnej
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:08:09 2025 by rpki-client