Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/36e4c8-e5ab-4b59-a366-63c5c1d6bf02/1/ytCaDoGnUvYTLeY2GGOB8sNkigQ.roa
File: ytCaDoGnUvYTLeY2GGOB8sNkigQ.roa (raw, json)
Hash identifier: 9jN9TLQd/jxxeBmW7HeXT2ATPgLgzOtNS4gjTlGyu94=
Subject key identifier: CA:D0:9A:0E:81:A7:52:F6:13:2D:E6:36:18:63:81:F2:C3:64:8A:04
Certificate issuer: /CN=8e2c935e3b5b7a5d017a7839c1662c7d7fed75ef
Certificate serial: 0540958C
Authority key identifier: 8E:2C:93:5E:3B:5B:7A:5D:01:7A:78:39:C1:66:2C:7D:7F:ED:75:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jiyTXjtbel0Beng5wWYsfX_tde8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/36e4c8-e5ab-4b59-a366-63c5c1d6bf02/1/ytCaDoGnUvYTLeY2GGOB8sNkigQ.roa
Signing time: Sat 01 Jan 2022 09:02:22 +0000
ROA not before: Sat 01 Jan 2022 09:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 45.94.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88118668 (0x540958c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e2c935e3b5b7a5d017a7839c1662c7d7fed75ef
Validity
Not Before: Jan 1 09:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cad09a0e81a752f6132de636186381f2c3648a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fa:47:f3:8e:33:df:5c:cd:ee:10:99:f1:f4:
34:8e:ea:0b:5b:8f:ea:31:91:d5:13:4b:8c:44:53:
12:2b:77:f4:5f:b7:07:08:7a:42:0b:fa:35:d7:5f:
5e:78:c8:d6:75:66:5e:28:4c:8b:64:18:61:0c:41:
97:cf:ec:fb:3f:3a:ec:69:f9:a5:e7:92:16:ba:37:
b2:05:c6:8f:59:d9:68:54:0e:c4:67:8e:31:04:69:
c1:a5:13:52:3d:fc:93:0e:74:b3:46:c8:a5:ea:b6:
d1:5a:58:66:6f:b4:4e:78:37:fd:98:96:d2:3e:2f:
c4:be:b8:0d:25:95:ee:2e:13:2b:91:b2:b2:87:02:
8b:fd:65:8b:66:57:8c:7a:da:e6:bf:24:dd:88:4e:
ef:f5:2f:6c:fe:54:0a:46:6f:d9:50:5a:3e:47:88:
04:60:ce:91:30:7c:48:36:46:15:24:35:f1:3a:26:
78:c6:72:f8:2f:cd:a9:81:33:c5:1c:29:73:4f:37:
7b:e0:fa:99:a9:67:6c:51:09:ad:03:b1:a7:38:17:
0b:4b:c9:1b:50:2d:0c:6e:a6:d4:7b:42:e4:d6:7d:
d9:75:8a:49:0f:41:df:4b:d6:d6:73:f1:a6:0d:81:
cd:de:e5:fd:30:95:e2:7e:e7:01:7f:4a:76:a1:92:
fb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D0:9A:0E:81:A7:52:F6:13:2D:E6:36:18:63:81:F2:C3:64:8A:04
X509v3 Authority Key Identifier:
keyid:8E:2C:93:5E:3B:5B:7A:5D:01:7A:78:39:C1:66:2C:7D:7F:ED:75:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jiyTXjtbel0Beng5wWYsfX_tde8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/36e4c8-e5ab-4b59-a366-63c5c1d6bf02/1/ytCaDoGnUvYTLeY2GGOB8sNkigQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/36e4c8-e5ab-4b59-a366-63c5c1d6bf02/1/jiyTXjtbel0Beng5wWYsfX_tde8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b2:12:16:dd:d4:85:59:b2:b8:34:74:77:b5:d1:94:c2:28:
62:af:25:0f:66:3e:6a:82:bb:0e:05:33:47:fd:2b:ee:0b:f1:
2c:b7:0f:7a:0c:ed:b9:5d:30:80:74:73:69:4e:a8:20:01:da:
bb:c0:4b:a0:4b:57:b9:ea:36:a9:d6:b5:62:48:72:87:19:1a:
86:6b:f9:74:8d:bd:6d:72:d4:5b:c4:33:d3:21:4f:f6:87:0b:
15:35:09:48:29:d8:66:cb:0c:b8:cd:c6:bc:e1:51:a3:a1:85:
34:8b:8e:1c:72:e6:b4:39:04:7b:f2:49:ec:77:29:da:de:0a:
af:42:c4:ce:11:bb:47:be:2f:52:a4:14:48:82:76:4f:66:d9:
06:8d:f3:1f:4a:8a:c6:9a:5f:f2:a9:b8:a3:aa:c4:8d:cd:c8:
dc:5b:78:7d:03:23:3d:57:15:30:98:42:34:5e:1f:24:3c:d8:
60:44:c2:dc:43:e4:a9:4e:61:47:19:8d:83:93:55:ab:25:ae:
2b:38:21:af:20:3c:57:23:9d:cc:24:68:ef:be:b0:a4:8f:c1:
41:35:a2:71:aa:6f:81:5d:5e:d5:fb:bf:71:5a:b9:a7:f3:f1:
3b:c4:a5:f0:ea:17:61:af:0a:5d:a9:8d:f2:3a:6f:91:57:b4:
20:33:47:2a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBUCVjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTJjOTM1ZTNiNWI3YTVkMDE3YTc4MzljMTY2MmM3ZDdmZWQ3NWVmMB4XDTIyMDEw
MTA5MDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2FkMDlhMGU4MWE3
NTJmNjEzMmRlNjM2MTg2MzgxZjJjMzY0OGEwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMv6R/OOM99cze4QmfH0NI7qC1uP6jGR1RNLjERTEit39F+3
Bwh6Qgv6NddfXnjI1nVmXihMi2QYYQxBl8/s+z867Gn5peeSFro3sgXGj1nZaFQO
xGeOMQRpwaUTUj38kw50s0bIpeq20VpYZm+0Tng3/ZiW0j4vxL64DSWV7i4TK5Gy
socCi/1li2ZXjHra5r8k3YhO7/UvbP5UCkZv2VBaPkeIBGDOkTB8SDZGFSQ18Tom
eMZy+C/NqYEzxRwpc083e+D6malnbFEJrQOxpzgXC0vJG1AtDG6m1HtC5NZ92XWK
SQ9B30vW1nPxpg2Bzd7l/TCV4n7nAX9KdqGS+zUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTK0JoOgadS9hMt5jYYY4Hyw2SKBDAfBgNVHSMEGDAWgBSOLJNeO1t6XQF6
eDnBZix9f+117zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ppeVRYanRiZWwwQmVuZzV3V1lzZlhfdGRlOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMzZlNGM4LWU1YWItNGI1OS1hMzY2LTYzYzVjMWQ2YmYwMi8x
L3l0Q2FEb0duVXZZVExlWTJHR09COHNOa2lnUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MzZlNGM4LWU1YWItNGI1OS1hMzY2LTYzYzVjMWQ2YmYwMi8xL2ppeVRYanRiZWww
QmVuZzV3V1lzZlhfdGRlOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1e1jANBgkqhkiG9w0BAQsFAAOC
AQEAKbISFt3UhVmyuDR0d7XRlMIoYq8lD2Y+aoK7DgUzR/0r7gvxLLcPegztuV0w
gHRzaU6oIAHau8BLoEtXueo2qda1Ykhyhxkahmv5dI29bXLUW8Qz0yFP9ocLFTUJ
SCnYZssMuM3GvOFRo6GFNIuOHHLmtDkEe/JJ7Hcp2t4Kr0LEzhG7R74vUqQUSIJ2
T2bZBo3zH0qKxppf8qm4o6rEjc3I3Ft4fQMjPVcVMJhCNF4fJDzYYETC3EPkqU5h
RxmNg5NVqyWuKzghryA8VyOdzCRo776wpI/BQTWicapvgV1e1fu/cVq5p/PxO8Sl
8OoXYa8KXamN8jpvkVe0IDNHKg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:25:20 2025 by rpki-client