Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/naMdkeVl111A33pKhEZPoMbodE8.roa
File: naMdkeVl111A33pKhEZPoMbodE8.roa (raw, json)
Hash identifier: WP2FktEY/NO9HGnB/pZJXWSIZerePRbRuiTPKQhB0gk=
Subject key identifier: 9D:A3:1D:91:E5:65:D7:5D:40:DF:7A:4A:84:46:4F:A0:C6:E8:74:4F
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A40F28D0D3B0D41EBE039D05DB23A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/naMdkeVl111A33pKhEZPoMbodE8.roa
Signing time: Wed 01 Jan 2025 19:49:13 +0000
ROA not before: Wed 01 Jan 2025 19:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46261
IP address blocks: 45.138.210.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:40:f2:8d:0d:3b:0d:41:eb:e0:39:d0:5d:b2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9da31d91e565d75d40df7a4a84464fa0c6e8744f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3d:9b:f5:db:6b:f9:5f:3f:83:17:0d:31:89:
19:99:da:60:e7:d1:45:f2:30:eb:30:c9:1b:cd:cb:
68:08:3d:ce:a3:f9:d8:9d:fe:0d:2c:3c:89:f7:4b:
cc:b8:61:b7:32:eb:61:1c:1b:dc:3b:db:c1:86:26:
71:c9:b0:ef:94:5b:99:c9:80:35:68:b4:42:9c:45:
ed:77:91:a6:f6:1b:46:3a:85:fa:af:b5:35:c5:4f:
3d:a3:ec:9b:19:c6:7a:8a:d6:96:b2:13:7a:a4:31:
88:49:e6:a1:64:fc:4d:cc:41:9a:e7:d1:58:cf:b1:
48:19:32:b4:bd:8a:fe:9c:d5:16:99:90:a6:ff:8c:
e5:85:be:ab:fd:b1:eb:0a:fe:63:b3:26:d7:6d:8b:
8e:fe:ef:bd:69:f4:f9:bb:98:98:17:cd:b9:bf:5b:
70:61:52:3d:2a:7f:a1:e6:d9:f2:4c:e9:4c:5d:7b:
00:f8:02:0f:3b:4a:03:88:ac:dd:61:a6:e8:9d:a7:
79:ad:19:04:47:70:b5:86:93:a2:6e:e2:fe:9d:ac:
1a:6b:a9:cd:e1:18:d1:55:26:52:4d:db:85:8f:96:
0e:46:b8:7e:ff:2d:50:fd:0d:01:98:3f:e3:77:c1:
cf:68:43:2b:b0:62:c2:14:29:87:b4:57:2c:cc:a9:
8b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A3:1D:91:E5:65:D7:5D:40:DF:7A:4A:84:46:4F:A0:C6:E8:74:4F
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/naMdkeVl111A33pKhEZPoMbodE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.210.0/23
Signature Algorithm: sha256WithRSAEncryption
37:64:fc:cd:48:f0:75:07:6f:67:ae:b9:2c:83:c2:bb:56:4c:
d5:42:5b:94:fc:c4:91:7c:75:43:d2:3a:41:c3:c2:ad:b0:35:
89:12:cb:f1:d9:c2:d0:25:b2:cd:f0:47:6a:3c:92:c0:66:26:
33:54:30:f0:0f:bb:51:76:4d:0c:ce:d0:0f:9b:e0:c9:fb:cf:
43:7a:70:7b:af:97:67:5c:4f:51:9f:c8:ad:ff:18:2a:94:13:
b8:24:6a:8e:dd:f5:f7:fc:c4:ec:2b:ab:c4:36:87:bc:a4:fd:
be:e8:dd:91:90:eb:7e:7a:e1:b1:52:ce:f7:f9:65:ca:d5:f3:
37:b2:a8:85:07:59:d5:36:f7:98:3a:7b:11:0d:71:2b:07:af:
69:4a:79:3d:9c:a1:75:a9:e9:0a:52:7b:2f:8c:e4:a7:a5:26:
dd:2f:44:d7:60:d7:26:0f:d3:e5:67:e4:e3:24:4a:4c:ef:2b:
30:06:bc:23:e3:48:74:30:b0:4b:09:35:07:57:47:84:f8:f8:
7f:2e:aa:1e:6f:ae:05:61:d4:35:f1:f0:32:bd:e1:d6:03:42:
22:36:81:10:fe:89:8f:4a:d2:85:07:14:6b:98:1d:12:6f:dc:
37:cc:a0:73:6c:6d:0b:7c:26:5f:59:a8:1f:00:66:b8:6f:9f:
67:a0:53:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakDyjQ07DUHr4DnQXbI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGEzMWQ5MWU1NjVkNzVkNDBkZjdhNGE4NDQ2NGZhMGM2ZTg3NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD2b9dtr+V8/gxcNMYkZmdpg59FF
8jDrMMkbzctoCD3Oo/nYnf4NLDyJ90vMuGG3MuthHBvcO9vBhiZxybDvlFuZyYA1
aLRCnEXtd5Gm9htGOoX6r7U1xU89o+ybGcZ6itaWshN6pDGISeahZPxNzEGa59FY
z7FIGTK0vYr+nNUWmZCm/4zlhb6r/bHrCv5jsybXbYuO/u+9afT5u5iYF825v1tw
YVI9Kn+h5tnyTOlMXXsA+AIPO0oDiKzdYabonad5rRkER3C1hpOibuL+nawaa6nN
4RjRVSZSTduFj5YORrh+/y1Q/Q0BmD/jd8HPaEMrsGLCFCmHtFcszKmLUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2jHZHlZdddQN96SoRGT6DG6HRPMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbmFNZGtlVmwxMTFBMzNwS2hFWlBvTWJvZEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYrSMA0G
CSqGSIb3DQEBCwUAA4IBAQA3ZPzNSPB1B29nrrksg8K7VkzVQluU/MSRfHVD0jpB
w8KtsDWJEsvx2cLQJbLN8EdqPJLAZiYzVDDwD7tRdk0MztAPm+DJ+89DenB7r5dn
XE9Rn8it/xgqlBO4JGqO3fX3/MTsK6vENoe8pP2+6N2RkOt+euGxUs73+WXK1fM3
sqiFB1nVNveYOnsRDXErB69pSnk9nKF1qekKUnsvjOSnpSbdL0TXYNcmD9PlZ+Tj
JEpM7yswBrwj40h0MLBLCTUHV0eE+Ph/Lqoeb64FYdQ18fAyveHWA0IiNoEQ/omP
StKFBxRrmB0Sb9w3zKBzbG0LfCZfWagfAGa4b59noFOn
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:21 2025 by rpki-client