Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kiDWSyTfVDfFa5ql5NS4vAdiF-w.roa
File: kiDWSyTfVDfFa5ql5NS4vAdiF-w.roa (raw, json)
Hash identifier: UdeO1fHkgIhxcV9fIfG9i6fOqbQwJwDge2lb3XbbO+Q=
Subject key identifier: 92:20:D6:4B:24:DF:54:37:C5:6B:9A:A5:E4:D4:B8:BC:07:62:17:EC
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A48ADE504550797C96A4C78196DB6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kiDWSyTfVDfFa5ql5NS4vAdiF-w.roa
Signing time: Wed 01 Jan 2025 19:49:15 +0000
ROA not before: Wed 01 Jan 2025 19:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133295
IP address blocks: 45.132.15.0/24 maxlen: 24
2a06:7a02::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:48:ad:e5:04:55:07:97:c9:6a:4c:78:19:6d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9220d64b24df5437c56b9aa5e4d4b8bc076217ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:03:0a:5e:c7:bc:1a:d2:bb:a7:35:d1:8d:c0:
7d:b6:22:7b:7f:d3:20:24:2d:89:42:de:8e:62:39:
a7:6d:09:ac:ff:00:d2:bf:c1:ec:bd:37:85:6b:74:
28:37:47:e4:a9:44:c0:90:5c:cc:4b:d8:72:d0:39:
bd:84:af:dd:85:7f:81:f5:59:16:f9:b8:1a:e8:17:
28:72:a6:45:d3:4d:8d:21:84:d8:8d:47:73:fd:c1:
ec:ad:fa:63:ec:43:8b:b3:a3:13:8a:db:75:fd:c1:
3c:aa:a8:96:fd:80:38:65:b3:b5:57:c7:3b:fb:91:
cd:81:5b:c9:ff:b6:86:a4:67:bb:7f:90:eb:94:98:
88:fc:59:a1:93:0a:0f:de:2d:c1:ee:35:2c:63:74:
d6:8b:a7:33:b8:2a:83:3e:e1:d4:aa:1d:53:05:0d:
a0:44:91:dc:8d:53:8a:0f:8e:01:4e:fe:88:1c:ee:
67:c9:d9:b0:dd:bf:b3:ac:7a:08:68:cf:f4:cb:8f:
fd:f1:01:bf:ac:86:25:57:6f:38:dc:48:65:6e:09:
07:c3:61:13:31:f6:25:96:b5:3a:ef:ca:0f:3a:e1:
09:d6:d2:77:d1:8e:e4:07:ac:78:48:df:24:3d:86:
62:6c:4c:f1:dd:b3:e0:7f:20:0d:44:77:a5:59:5d:
d2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:20:D6:4B:24:DF:54:37:C5:6B:9A:A5:E4:D4:B8:BC:07:62:17:EC
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/kiDWSyTfVDfFa5ql5NS4vAdiF-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.15.0/24
IPv6:
2a06:7a02::/48
Signature Algorithm: sha256WithRSAEncryption
b8:34:56:bd:61:55:f3:d6:27:b5:0c:15:82:33:5a:8f:43:0b:
9d:4f:fe:f0:d1:54:ee:f6:19:ad:fb:0a:05:99:0b:55:af:8d:
18:18:b6:a7:03:b6:f8:a1:e9:a9:37:3f:f3:0e:2d:ac:2b:71:
02:99:87:d5:e2:a7:9b:e5:6e:f2:62:0f:2d:49:a0:84:10:64:
88:4e:11:bd:05:57:5d:59:ea:c4:4d:e7:2a:83:d0:7a:1d:99:
e4:b9:b7:0c:2e:2c:d3:63:78:e2:36:ce:20:20:ca:62:f2:80:
3a:92:10:99:36:9b:8e:75:fb:a7:c3:4d:dc:ef:03:48:df:bd:
56:d2:a2:f1:c6:21:98:dd:6f:9b:59:6e:d4:38:0d:e1:db:d3:
1b:54:c2:7e:91:32:67:fe:2d:c0:58:07:04:2a:06:01:59:4d:
d7:87:1f:12:80:8e:69:4c:f1:c5:3b:4f:58:2f:90:1e:b4:80:
77:36:81:38:f5:35:6f:5f:ce:21:c2:3d:15:65:e3:36:fb:ed:
bc:df:21:54:7d:66:0b:32:64:45:40:9c:b1:3f:93:05:e4:75:
ac:1c:b0:f4:01:60:66:da:9e:bb:68:ba:f1:d7:df:e0:72:c4:
5c:3c:70:b2:26:2a:d4:f5:4f:1f:32:ca:64:ee:3c:8f:44:29:
8c:44:6f:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjakit5QRVB5fJakx4GW22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjIwZDY0YjI0ZGY1NDM3YzU2YjlhYTVlNGQ0YjhiYzA3NjIxN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AMKXse8GtK7pzXRjcB9tiJ7f9Mg
JC2JQt6OYjmnbQms/wDSv8HsvTeFa3QoN0fkqUTAkFzMS9hy0Dm9hK/dhX+B9VkW
+bga6BcocqZF002NIYTYjUdz/cHsrfpj7EOLs6MTitt1/cE8qqiW/YA4ZbO1V8c7
+5HNgVvJ/7aGpGe7f5DrlJiI/FmhkwoP3i3B7jUsY3TWi6czuCqDPuHUqh1TBQ2g
RJHcjVOKD44BTv6IHO5nydmw3b+zrHoIaM/0y4/98QG/rIYlV2843EhlbgkHw2ET
MfYllrU678oPOuEJ1tJ30Y7kB6x4SN8kPYZibEzx3bPgfyANRHelWV3SrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJIg1ksk31Q3xWuapeTUuLwHYhfsMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEva2lEV1N5VGZWRGZGYTVxbDVOUzR2QWRpRi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALYQPMA8E
AgACMAkDBwAqBnoCAAAwDQYJKoZIhvcNAQELBQADggEBALg0Vr1hVfPWJ7UMFYIz
Wo9DC51P/vDRVO72Ga37CgWZC1WvjRgYtqcDtvih6ak3P/MOLawrcQKZh9Xip5vl
bvJiDy1JoIQQZIhOEb0FV11Z6sRN5yqD0HodmeS5twwuLNNjeOI2ziAgymLygDqS
EJk2m451+6fDTdzvA0jfvVbSovHGIZjdb5tZbtQ4DeHb0xtUwn6RMmf+LcBYBwQq
BgFZTdeHHxKAjmlM8cU7T1gvkB60gHc2gTj1NW9fziHCPRVl4zb77bzfIVR9Zgsy
ZEVAnLE/kwXkdawcsPQBYGbanrtouvHX3+ByxFw8cLImKtT1Tx8yymTuPI9EKYxE
b0Y=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:45 2025 by rpki-client