Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/XTWjD9RxeC6l3_NvTHQsET8rn-c.roa
File: XTWjD9RxeC6l3_NvTHQsET8rn-c.roa (raw, json)
Hash identifier: ykYdh3sbXe1rY2ZTlD70M1ZUp3zC5gCXzNGTNEV3S/E=
Subject key identifier: 5D:35:A3:0F:D4:71:78:2E:A5:DF:F3:6F:4C:74:2C:11:3F:2B:9F:E7
Certificate issuer: /CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Certificate serial: 01941F8C2671013067F5C5B10C31C40DE0E3
Authority key identifier: 14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/XTWjD9RxeC6l3_NvTHQsET8rn-c.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48660
IP address blocks: 45.155.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:26:71:01:30:67:f5:c5:b1:0c:31:c4:0d:e0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d35a30fd471782ea5dff36f4c742c113f2b9fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d3:0d:ee:f4:eb:da:49:88:db:3e:af:df:7e:
d9:9f:04:7b:3e:42:8e:b8:22:29:c9:2e:31:e1:32:
dc:86:4d:f4:c1:04:0e:12:7e:68:b3:77:22:11:13:
e1:30:f3:ff:83:dc:c7:7a:40:d0:b6:69:fa:99:fe:
30:72:92:85:8e:6d:67:85:fc:91:58:de:09:ae:b0:
5e:7f:c3:f3:08:5e:71:d6:fa:a5:e3:e5:40:c5:ba:
e4:0e:67:99:fc:dd:90:89:91:d7:12:7b:ff:fb:14:
3f:7c:f1:ec:a5:24:6e:88:e5:0d:ce:3c:65:e2:c9:
a4:da:53:b3:33:c4:eb:c8:aa:c2:b2:88:dd:03:0a:
1b:11:0f:8f:fe:5e:9b:0a:19:29:0a:ea:53:c4:02:
82:de:ef:41:af:60:0b:55:b6:9b:0f:c9:26:ad:f0:
ef:40:51:3f:8f:5f:ac:b0:b5:58:7b:47:01:9a:84:
da:a6:f2:35:ac:e7:0b:68:8d:bd:94:c8:f0:1b:22:
96:99:f7:3c:5c:fe:8d:ca:3f:e6:e7:6e:01:92:30:
16:96:5a:df:b9:0a:6d:db:8e:2a:14:f8:37:94:f0:
33:d3:7b:76:cc:14:e7:24:56:93:85:b6:d1:73:eb:
ca:93:5c:bb:81:90:00:9b:da:7a:ec:fa:b0:e5:04:
8f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:35:A3:0F:D4:71:78:2E:A5:DF:F3:6F:4C:74:2C:11:3F:2B:9F:E7
X509v3 Authority Key Identifier:
keyid:14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/XTWjD9RxeC6l3_NvTHQsET8rn-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.126.0/24
Signature Algorithm: sha256WithRSAEncryption
33:b0:58:01:0e:7b:b1:1c:3e:1b:97:9f:9d:3d:3d:6f:c9:08:
b2:5f:41:d6:0c:f0:25:32:57:a1:dc:22:fa:8c:d4:52:7e:71:
73:b6:b7:92:63:7a:7d:e6:f8:3d:97:42:f9:2f:56:03:08:7c:
65:15:2d:3e:72:f7:e1:c1:63:56:86:ca:7e:8c:32:5f:8a:f9:
27:83:d9:26:06:1b:86:11:f5:de:b7:bd:84:e9:23:4f:66:1d:
1b:09:8d:d5:b3:94:40:0b:43:5a:d2:0f:7b:9f:c9:f5:97:5d:
75:3c:65:10:dc:78:3e:c4:60:3f:c3:c8:99:2a:4a:d8:8b:20:
df:4a:71:20:85:68:57:c8:7c:b9:d9:e8:32:4f:1b:d4:e4:1f:
8a:9a:0c:8f:67:fb:dc:16:b4:0d:4a:ba:7e:9c:b8:14:cd:1c:
11:20:ca:8d:de:5f:25:90:99:0c:aa:1c:09:1f:30:aa:0d:31:
31:f9:df:8c:d4:24:a5:ac:3a:6b:44:24:d8:ba:f4:7e:bc:4d:
f6:9f:fc:0f:be:1f:30:01:a2:6d:49:95:30:54:93:b7:ed:6d:
23:f1:e2:20:f6:bc:0c:47:5e:51:aa:9c:f4:b1:ee:f8:57:6d:
b8:e8:87:8e:12:16:92:36:3d:44:2a:57:53:0f:1e:1b:9a:cb:
7b:2c:7c:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCZxATBn9cWxDDHEDeDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MzIzOTY1MWRiNmFhYjFiY2I2NzMyNWY3ODViNWVlMWY0
MDI1Y2IwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM1YTMwZmQ0NzE3ODJlYTVkZmYzNmY0Yzc0MmMxMTNmMmI5ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tMN7vTr2kmI2z6v337ZnwR7PkKO
uCIpyS4x4TLchk30wQQOEn5os3ciERPhMPP/g9zHekDQtmn6mf4wcpKFjm1nhfyR
WN4JrrBef8PzCF5x1vql4+VAxbrkDmeZ/N2QiZHXEnv/+xQ/fPHspSRuiOUNzjxl
4smk2lOzM8TryKrCsojdAwobEQ+P/l6bChkpCupTxAKC3u9Br2ALVbabD8kmrfDv
QFE/j1+ssLVYe0cBmoTapvI1rOcLaI29lMjwGyKWmfc8XP6Nyj/m524BkjAWllrf
uQpt244qFPg3lPAz03t2zBTnJFaThbbRc+vKk1y7gZAAm9p67Pqw5QSPoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF01ow/UcXgupd/zb0x0LBE/K5/nMB8GA1UdIwQY
MBaAFBQyOWUdtqqxvLZzJfeFte4fQCXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQt
NmVlYzc3ZDliOTg1LzEvWFRXakQ5UnhlQzZsM19OdlRIUXNFVDhybi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQtNmVlYzc3ZDliOTg1
LzEvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZt+MA0G
CSqGSIb3DQEBCwUAA4IBAQAzsFgBDnuxHD4bl5+dPT1vyQiyX0HWDPAlMleh3CL6
jNRSfnFztreSY3p95vg9l0L5L1YDCHxlFS0+cvfhwWNWhsp+jDJfivkng9kmBhuG
EfXet72E6SNPZh0bCY3Vs5RAC0Na0g97n8n1l111PGUQ3Hg+xGA/w8iZKkrYiyDf
SnEghWhXyHy52egyTxvU5B+KmgyPZ/vcFrQNSrp+nLgUzRwRIMqN3l8lkJkMqhwJ
HzCqDTEx+d+M1CSlrDprRCTYuvR+vE32n/wPvh8wAaJtSZUwVJO37W0j8eIg9rwM
R15Rqpz0se74V2246IeOEhaSNj1EKldTDx4bmst7LHwS
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:57 2025 by rpki-client