Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JP7oM-C5JIRFNYxduW1mvmxH_sg.roa
File: JP7oM-C5JIRFNYxduW1mvmxH_sg.roa (raw, json)
Hash identifier: PKJDMlXeLA5g+RUD8PjqgIT1i3KB7BKxEJeEaICVba8=
Subject key identifier: 24:FE:E8:33:E0:B9:24:84:45:35:8C:5D:B9:6D:66:BE:6C:47:FE:C8
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01946E67DA500778CA1CF8252B5189224138
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JP7oM-C5JIRFNYxduW1mvmxH_sg.roa
Signing time: Thu 16 Jan 2025 09:18:07 +0000
ROA not before: Thu 16 Jan 2025 09:18:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:67:da:50:07:78:ca:1c:f8:25:2b:51:89:22:41:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 16 09:18:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24fee833e0b9248445358c5db96d66be6c47fec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:8c:c4:7e:a4:fa:ec:46:c5:06:e7:56:d3:
c9:62:0b:14:01:1f:7a:db:61:3d:36:0c:02:6c:42:
22:37:36:75:f0:ed:f7:d5:08:a8:00:69:c8:2b:af:
30:ff:c2:8c:d4:75:94:c2:d3:a8:d7:b3:8d:84:58:
e5:7c:9a:ca:ba:90:c2:2d:40:ff:7f:0e:bf:06:0c:
27:ff:d0:f0:8d:aa:c7:69:ec:e2:98:40:0f:09:0a:
f6:e8:33:0c:e3:ea:a6:26:82:77:fc:c4:7d:b2:f9:
9e:2b:4b:0a:37:46:e5:02:13:00:74:7b:43:b5:a6:
7c:30:4a:e4:58:c6:10:53:96:31:a8:c3:a9:18:1a:
58:cc:d2:45:27:80:19:c5:96:68:34:6c:11:51:46:
06:fc:6e:77:d7:4a:72:3b:7c:4a:09:6e:e1:47:14:
37:7b:8c:93:bf:36:e4:b8:cc:c6:13:11:c3:27:2b:
c2:57:10:63:81:bb:a5:78:83:56:b4:13:0b:73:34:
5e:2c:9e:c3:fc:71:a7:ac:5a:39:57:2d:c9:8a:63:
d6:b4:d8:23:93:84:20:46:7b:a3:29:cd:ad:94:48:
5b:2e:73:ae:1c:dc:67:1d:f0:45:88:44:92:a5:39:
84:61:a0:23:e1:b3:03:60:f2:10:dd:21:c5:c8:a4:
ff:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FE:E8:33:E0:B9:24:84:45:35:8C:5D:B9:6D:66:BE:6C:47:FE:C8
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/JP7oM-C5JIRFNYxduW1mvmxH_sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.211.48.0-185.211.50.255
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
6a:12:14:cf:7c:c2:a4:e4:b9:f3:2c:3b:c8:8e:6e:3e:ef:bf:
f1:99:00:6a:92:c2:de:a2:91:0b:6f:bd:a4:5b:5c:f7:fa:c9:
2a:88:a7:4e:a3:e6:aa:db:4e:01:07:27:c5:d1:c3:f1:03:e8:
14:28:bc:ad:c8:bc:a9:51:60:46:82:53:56:08:e0:75:2c:55:
a7:d3:01:fe:0b:f7:14:23:61:75:05:fd:e3:91:92:3e:3b:ce:
07:10:07:aa:cf:a7:14:79:56:13:34:83:a0:97:6e:5f:68:45:
f2:bf:13:c6:ea:0c:d1:28:a3:17:b0:6d:9f:c7:25:b0:ac:43:
6e:b5:16:7f:d1:29:a2:54:67:88:c0:0e:4e:6a:65:35:81:d3:
25:e7:56:08:7e:a7:01:f6:47:3f:80:7f:ba:a2:e6:13:ad:c6:
b5:2d:f4:32:cc:a6:b0:20:78:d8:c2:b2:1d:df:30:33:7b:ad:
e3:b9:4e:3f:bc:c9:13:e0:11:92:10:48:c8:d6:35:da:69:83:
8d:ea:73:8e:06:02:d7:72:1e:36:3a:68:de:1b:00:01:68:17:
57:1b:28:3f:11:d5:80:a7:32:53:01:1c:1b:f9:99:90:31:d0:
d6:38:5d:78:32:6a:45:74:4d:86:11:67:39:06:9d:06:4d:a6:
ea:be:1f:be
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZRuZ9pQB3jKHPglK1GJIkE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTE2MDkxODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZlZTgzM2UwYjkyNDg0NDUzNThjNWRiOTZkNjZiZTZjNDdmZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHGMxH6k+uxGxQbnVtPJYgsUAR96
22E9NgwCbEIiNzZ18O331QioAGnIK68w/8KM1HWUwtOo17ONhFjlfJrKupDCLUD/
fw6/Bgwn/9DwjarHaezimEAPCQr26DMM4+qmJoJ3/MR9svmeK0sKN0blAhMAdHtD
taZ8MErkWMYQU5YxqMOpGBpYzNJFJ4AZxZZoNGwRUUYG/G5310pyO3xKCW7hRxQ3
e4yTvzbkuMzGExHDJyvCVxBjgbuleINWtBMLczReLJ7D/HGnrFo5Vy3JimPWtNgj
k4QgRnujKc2tlEhbLnOuHNxnHfBFiESSpTmEYaAj4bMDYPIQ3SHFyKT/mQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCT+6DPguSSERTWMXbltZr5sR/7IMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvSlA3b00tQzVKSVJGTll4ZHVXMW12bXhIX3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCLYgAAwQA
gAB3AwQCuXUUMAwDBAS50zADBAC50zIwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0B
AQsFAAOCAQEAahIUz3zCpOS58yw7yI5uPu+/8ZkAapLC3qKRC2+9pFtc9/rJKoin
TqPmqttOAQcnxdHD8QPoFCi8rci8qVFgRoJTVgjgdSxVp9MB/gv3FCNhdQX945GS
PjvOBxAHqs+nFHlWEzSDoJduX2hF8r8TxuoM0SijF7Btn8clsKxDbrUWf9EpolRn
iMAOTmplNYHTJedWCH6nAfZHP4B/uqLmE63GtS30MsymsCB42MKyHd8wM3ut47lO
P7zJE+ARkhBIyNY12mmDjepzjgYC13IeNjpo3hsAAWgXVxsoPxHVgKcyUwEcG/mZ
kDHQ1jhdeDJqRXRNhhFnOQadBk2m6r4fvg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:49:01 2025 by rpki-client