Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tn4VrmK0v7MuXhaa9hBt3mUF6hA.roa
File: tn4VrmK0v7MuXhaa9hBt3mUF6hA.roa (raw, json)
Hash identifier: nnZu2G9bABJ3xapqsRmxAiszA8UiMx9lFXRwO2ER/go=
Subject key identifier: B6:7E:15:AE:62:B4:BF:B3:2E:5E:16:9A:F6:10:6D:DE:65:05:EA:10
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01942220550401015CF7020E4E801C2EAB55
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tn4VrmK0v7MuXhaa9hBt3mUF6hA.roa
Signing time: Wed 01 Jan 2025 13:48:51 +0000
ROA not before: Wed 01 Jan 2025 13:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215026
IP address blocks: 45.131.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:55:04:01:01:5c:f7:02:0e:4e:80:1c:2e:ab:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b67e15ae62b4bfb32e5e169af6106dde6505ea10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:86:9b:42:d3:da:c5:4a:a5:ad:5e:69:af:5c:
49:0a:a9:48:61:32:c0:9e:17:3a:12:68:a7:5b:11:
43:d9:bd:ab:7a:18:d8:46:78:70:68:78:03:e1:eb:
f9:e2:a4:28:82:69:3c:65:87:6e:5a:65:cf:bc:2f:
f8:e7:53:cb:ef:14:cd:e2:f2:de:6c:5b:cc:98:3f:
02:01:ef:b9:3d:33:5a:2f:37:fa:8b:86:8c:43:1b:
a5:a8:0e:b1:dd:20:a3:b0:f4:85:18:81:cd:8d:0c:
58:d7:37:0b:48:be:71:8d:94:28:34:24:69:75:c9:
30:73:30:6e:75:39:b0:e0:af:8a:9b:35:8d:37:74:
ff:9c:cd:9a:c7:96:75:55:e8:fe:3b:33:08:9f:f1:
5e:9e:2d:d8:13:9e:59:0a:be:07:ec:09:7c:09:61:
51:65:36:30:e4:79:fd:94:ca:1d:ac:ca:1f:23:a8:
cd:27:60:9d:cb:bb:d3:a7:61:49:27:bb:d5:77:da:
fa:bf:92:db:eb:19:1e:7a:ea:6f:49:4d:04:49:42:
5d:25:3c:fd:00:20:6e:30:e8:4f:1e:70:82:a9:b5:
68:44:54:a5:f1:12:a5:c7:c2:68:91:57:2d:9a:3f:
70:ad:1c:94:fa:47:0a:78:5f:b8:dd:59:02:bd:cc:
84:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7E:15:AE:62:B4:BF:B3:2E:5E:16:9A:F6:10:6D:DE:65:05:EA:10
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tn4VrmK0v7MuXhaa9hBt3mUF6hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.135.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:c0:b5:78:87:e3:56:2b:b5:ab:34:fd:4a:aa:1e:27:36:83:
24:3a:53:1d:ab:9c:76:a8:92:f9:09:b8:bd:1e:b1:21:93:98:
a5:43:4e:4c:82:ab:e2:b4:40:76:13:ca:f3:45:71:cb:18:a3:
63:42:40:b5:68:74:47:f1:57:f6:f0:ad:a3:8f:74:b5:02:6e:
7b:e0:2d:05:8e:f7:97:2b:f5:be:a6:fe:b2:59:6d:3e:4c:e3:
f3:38:be:be:f5:5a:4e:e9:77:10:a6:17:59:63:1a:b7:c9:29:
7c:7a:b4:0c:dd:50:b3:00:9f:cd:af:87:4d:56:61:e4:43:9c:
20:86:4e:29:7d:11:d4:a0:6e:ce:4f:33:46:a1:62:af:b8:cd:
a0:8d:56:f1:bf:59:03:f2:5a:da:af:eb:f9:1c:77:e2:b7:43:
16:0b:19:fb:54:03:bc:32:2d:f5:8a:06:f5:08:40:11:1f:fb:
81:5b:b0:a3:c0:04:f4:89:e4:c5:8d:55:fe:d3:98:94:d2:ff:
f4:19:28:81:85:66:f7:7e:35:ba:a3:03:91:f8:77:62:6d:37:
04:37:b1:da:44:b1:46:47:ba:a7:77:78:20:35:33:ba:d0:9f:
ca:70:80:e1:67:94:f5:e3:bd:bf:96:80:19:32:29:b8:6a:1e:
8a:1b:a5:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIFUEAQFc9wIOToAcLqtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdlMTVhZTYyYjRiZmIzMmU1ZTE2OWFmNjEwNmRkZTY1MDVlYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIabQtPaxUqlrV5pr1xJCqlIYTLA
nhc6EminWxFD2b2rehjYRnhwaHgD4ev54qQogmk8ZYduWmXPvC/451PL7xTN4vLe
bFvMmD8CAe+5PTNaLzf6i4aMQxulqA6x3SCjsPSFGIHNjQxY1zcLSL5xjZQoNCRp
dckwczBudTmw4K+KmzWNN3T/nM2ax5Z1Vej+OzMIn/Feni3YE55ZCr4H7Al8CWFR
ZTYw5Hn9lModrMofI6jNJ2Cdy7vTp2FJJ7vVd9r6v5Lb6xkeeupvSU0ESUJdJTz9
ACBuMOhPHnCCqbVoRFSl8RKlx8JokVctmj9wrRyU+kcKeF+43VkCvcyEgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZ+Fa5itL+zLl4WmvYQbd5lBeoQMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdG40VnJtSzB2N011WGhhYTloQnQzbVVGNmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYOHMA0G
CSqGSIb3DQEBCwUAA4IBAQC1wLV4h+NWK7WrNP1Kqh4nNoMkOlMdq5x2qJL5Cbi9
HrEhk5ilQ05MgqvitEB2E8rzRXHLGKNjQkC1aHRH8Vf28K2jj3S1Am574C0FjveX
K/W+pv6yWW0+TOPzOL6+9VpO6XcQphdZYxq3ySl8erQM3VCzAJ/Nr4dNVmHkQ5wg
hk4pfRHUoG7OTzNGoWKvuM2gjVbxv1kD8lrar+v5HHfit0MWCxn7VAO8Mi31igb1
CEARH/uBW7CjwAT0ieTFjVX+05iU0v/0GSiBhWb3fjW6owOR+HdibTcEN7HaRLFG
R7qnd3ggNTO60J/KcIDhZ5T1472/loAZMim4ah6KG6Xk
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:32:26 2025 by rpki-client