Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/XD5lyN3IK2UsJeObMTBY2xot5DU.roa
File: XD5lyN3IK2UsJeObMTBY2xot5DU.roa (raw, json)
Hash identifier: p5taUYH4AVBdxVLeGOYvbtP0mpvx/YEGj8SIqMDS618=
Subject key identifier: 5C:3E:65:C8:DD:C8:2B:65:2C:25:E3:9B:31:30:58:DB:1A:2D:E4:35
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01953CD5D9CDA9A5842EC0E7569E49633921
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/XD5lyN3IK2UsJeObMTBY2xot5DU.roa
Signing time: Tue 25 Feb 2025 11:20:02 +0000
ROA not before: Tue 25 Feb 2025 11:20:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215411
IP address blocks: 45.67.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:d5:d9:cd:a9:a5:84:2e:c0:e7:56:9e:49:63:39:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Feb 25 11:20:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c3e65c8ddc82b652c25e39b313058db1a2de435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c3:1c:89:fe:37:94:69:eb:09:19:db:51:e3:
36:3b:5b:b3:e7:14:91:79:85:0b:a1:3e:23:ec:ae:
da:62:a7:18:8a:39:ba:1a:04:52:a4:85:ac:15:36:
74:34:56:9c:b3:12:7e:0d:50:ed:61:cd:7e:fd:75:
90:0a:b5:c9:34:17:97:8c:be:21:40:dc:63:7e:01:
4f:dc:1e:d3:f8:3a:f7:ad:b7:80:f7:7b:2c:bf:45:
28:7f:26:da:6d:a2:d0:aa:8d:58:e7:27:66:ce:06:
c9:10:dc:7c:ee:0e:0f:ed:57:7f:f0:2a:0e:82:59:
f4:5b:e2:fd:dd:6a:7b:65:8b:e3:41:c0:3d:94:8f:
f0:21:d3:c0:11:af:6f:ea:81:7a:b2:d2:2e:03:ed:
b6:cd:44:e8:85:ea:87:6c:60:4d:b3:6d:ef:22:bc:
15:f6:45:bb:39:7c:0a:41:4b:66:09:ac:31:02:53:
09:86:c7:ad:47:de:d9:ca:b3:a0:60:1f:14:db:ea:
65:3f:eb:e3:e1:67:01:06:54:f5:78:db:53:56:c2:
ed:b1:3b:8a:f4:1f:53:a1:3e:54:8a:62:f9:22:d8:
f8:9c:73:c4:c1:7f:d0:1a:b2:c5:59:67:6e:b2:f1:
2e:10:07:09:85:a9:19:39:c5:9a:1d:ee:c2:32:e3:
69:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3E:65:C8:DD:C8:2B:65:2C:25:E3:9B:31:30:58:DB:1A:2D:E4:35
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/XD5lyN3IK2UsJeObMTBY2xot5DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.203.0/24
Signature Algorithm: sha256WithRSAEncryption
08:de:7b:6a:f8:80:8d:e7:09:34:0b:ca:9f:63:6b:a3:01:fa:
76:ac:be:1e:44:44:ce:2e:1f:16:91:e8:0e:ea:26:bc:d7:a6:
a2:68:75:f0:95:cc:5b:1e:86:4c:4e:b8:cb:ec:76:dc:35:fb:
65:d6:6b:b0:ea:67:df:05:cf:eb:6b:20:16:2a:85:c7:31:a6:
79:0b:ff:d1:52:5d:68:ec:76:07:37:8a:d3:c2:14:41:02:98:
93:ca:24:3b:c2:66:53:42:d9:1f:da:de:45:e3:2a:ea:fc:08:
e6:83:52:01:f0:7d:76:dc:79:7c:fd:80:39:8b:50:c4:85:0f:
a7:6a:dd:9c:11:7d:0c:f0:28:9c:e1:2f:60:b8:12:55:15:74:
a5:05:ae:59:82:e5:d5:51:75:46:5f:94:17:69:15:4f:9a:48:
cd:a5:c9:11:dd:0b:b6:a5:64:ce:f5:5d:de:89:19:f8:80:5e:
1f:b7:e7:ad:3b:7f:9d:db:6e:2f:16:74:08:a6:76:8d:97:4d:
18:c7:45:18:b6:6e:89:e4:fe:6f:ec:48:24:67:7c:4b:bc:e3:
14:dd:2f:3f:e7:d2:8a:5d:a7:6f:fb:79:06:26:89:e7:ea:73:
77:07:3f:60:26:2c:62:7c:44:a7:46:45:56:31:60:ad:3e:c7:
46:65:3e:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU81dnNqaWELsDnVp5JYzkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMjI1MTEyMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNlNjVjOGRkYzgyYjY1MmMyNWUzOWIzMTMwNThkYjFhMmRlNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8Mcif43lGnrCRnbUeM2O1uz5xSR
eYULoT4j7K7aYqcYijm6GgRSpIWsFTZ0NFacsxJ+DVDtYc1+/XWQCrXJNBeXjL4h
QNxjfgFP3B7T+Dr3rbeA93ssv0UofybabaLQqo1Y5ydmzgbJENx87g4P7Vd/8CoO
gln0W+L93Wp7ZYvjQcA9lI/wIdPAEa9v6oF6stIuA+22zUToheqHbGBNs23vIrwV
9kW7OXwKQUtmCawxAlMJhsetR97ZyrOgYB8U2+plP+vj4WcBBlT1eNtTVsLtsTuK
9B9ToT5UimL5Itj4nHPEwX/QGrLFWWdusvEuEAcJhakZOcWaHe7CMuNpxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFw+ZcjdyCtlLCXjmzEwWNsaLeQ1MB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvWEQ1bHlOM0lLMlVzSmVPYk1UQlkyeG90NURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUPLMA0G
CSqGSIb3DQEBCwUAA4IBAQAI3ntq+ICN5wk0C8qfY2ujAfp2rL4eRETOLh8WkegO
6ia816aiaHXwlcxbHoZMTrjL7HbcNftl1muw6mffBc/rayAWKoXHMaZ5C//RUl1o
7HYHN4rTwhRBApiTyiQ7wmZTQtkf2t5F4yrq/Ajmg1IB8H123Hl8/YA5i1DEhQ+n
at2cEX0M8Cic4S9guBJVFXSlBa5ZguXVUXVGX5QXaRVPmkjNpckR3Qu2pWTO9V3e
iRn4gF4ft+etO3+d224vFnQIpnaNl00Yx0UYtm6J5P5v7EgkZ3xLvOMU3S8/59KK
Xadv+3kGJonn6nN3Bz9gJixifESnRkVWMWCtPsdGZT6B
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:07 2025 by rpki-client