Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xAQwzchAiZRYe5Wyn4NRl3LB_p8.roa
File: xAQwzchAiZRYe5Wyn4NRl3LB_p8.roa (raw, json)
Hash identifier: vzvKa2gGlyqF7VhJsOC8hTe6H/OsecftqPTJgO0hsT8=
Subject key identifier: C4:04:30:CD:C8:40:89:94:58:7B:95:B2:9F:83:51:97:72:C1:FE:9F
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A3933FA449CA62D5373691836EDDE
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xAQwzchAiZRYe5Wyn4NRl3LB_p8.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 45.138.210.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:39:33:fa:44:9c:a6:2d:53:73:69:18:36:ed:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c40430cdc8408994587b95b29f83519772c1fe9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:26:e9:70:a9:86:82:af:b5:b2:61:58:6d:
74:6b:3d:34:82:83:52:f5:5c:21:16:8d:4e:e8:ac:
9c:5e:dc:3e:99:9e:84:0f:88:af:66:da:40:70:17:
40:56:a7:29:1f:85:8b:35:30:55:ae:5e:51:a1:73:
3e:a8:5c:6d:31:40:8d:6f:0a:0a:2d:f1:bb:53:19:
53:ff:50:7c:1f:e7:c2:06:95:11:e4:a5:4d:ea:57:
48:f3:11:2d:6a:1d:90:27:e9:6d:2c:34:c1:20:5c:
bb:c4:3b:f4:20:c4:d0:2d:5c:fe:63:30:14:57:06:
8c:90:cd:35:be:c6:00:0a:b7:46:14:7f:85:0f:4a:
da:a6:14:d8:6b:79:7e:7d:2e:d7:6d:b9:25:ce:0a:
2d:59:31:e9:1c:05:4a:6c:fd:fb:0c:2c:db:6e:67:
6f:97:90:b6:dd:b2:2a:ff:f7:f0:93:da:d0:71:45:
18:32:52:8e:41:9d:b8:1f:87:4d:9d:6b:ae:6f:9d:
47:1b:fa:7d:e7:45:ba:f8:20:be:52:73:88:3e:d7:
41:e1:c0:65:32:23:66:09:5e:de:24:f4:4a:2c:64:
a1:57:83:89:36:05:c9:49:a2:5f:47:d7:1c:a7:e1:
8c:9f:77:8c:e5:98:b9:93:9c:00:99:ec:28:1e:90:
0d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:04:30:CD:C8:40:89:94:58:7B:95:B2:9F:83:51:97:72:C1:FE:9F
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xAQwzchAiZRYe5Wyn4NRl3LB_p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.210.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:30:ba:3b:3a:27:6e:38:f1:2f:57:d9:7f:95:23:d9:ce:86:
3b:95:98:e4:b1:b0:34:64:c9:21:6e:42:c8:3b:8b:85:fc:22:
54:d4:e9:20:0e:80:e6:90:bd:23:65:d4:41:5e:69:51:da:0f:
dd:4d:78:e4:c5:0d:2c:26:df:da:2c:0e:fa:7f:ba:d1:12:93:
5b:27:99:df:d6:a7:d8:cb:b3:d7:44:b6:7e:11:83:ae:1d:d8:
b2:35:c6:1c:06:36:f6:c0:d5:20:a9:31:87:a8:e6:ee:2e:af:
a3:64:d3:05:43:fe:40:ce:7a:3c:26:38:3d:c5:eb:be:90:96:
43:0d:aa:28:f8:f3:fe:e1:5f:17:28:c4:84:d9:d5:e9:0a:64:
83:4e:33:04:ad:d7:8c:8f:ed:03:94:45:eb:ea:7f:01:63:f3:
b8:78:fc:ee:f6:f5:44:ae:09:1e:16:bc:44:1c:e7:f9:e2:9c:
4d:8d:2b:34:9e:ab:87:a5:93:27:c4:fd:7e:a4:44:62:63:f1:
6d:cd:6c:fd:fd:41:61:79:55:1a:e4:02:e0:e3:2f:6a:f2:82:
90:05:53:8a:95:77:f0:77:ca:3a:1d:56:40:53:be:ca:75:ae:
0d:6a:20:94:8c:45:5c:38:cb:73:bf:ec:c7:82:f5:90:5f:ef:
be:9a:b0:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajkz+kScpi1Tc2kYNu3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA0MzBjZGM4NDA4OTk0NTg3Yjk1YjI5ZjgzNTE5NzcyYzFmZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXMm6XCphoKvtbJhWG10az00goNS
9VwhFo1O6KycXtw+mZ6ED4ivZtpAcBdAVqcpH4WLNTBVrl5RoXM+qFxtMUCNbwoK
LfG7UxlT/1B8H+fCBpUR5KVN6ldI8xEtah2QJ+ltLDTBIFy7xDv0IMTQLVz+YzAU
VwaMkM01vsYACrdGFH+FD0raphTYa3l+fS7XbbklzgotWTHpHAVKbP37DCzbbmdv
l5C23bIq//fwk9rQcUUYMlKOQZ24H4dNnWuub51HG/p950W6+CC+UnOIPtdB4cBl
MiNmCV7eJPRKLGShV4OJNgXJSaJfR9ccp+GMn3eM5Zi5k5wAmewoHpAN1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQEMM3IQImUWHuVsp+DUZdywf6fMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEveEFRd3pjaEFpWlJZZTVXeW40TlJsM0xCX3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYrSMA0G
CSqGSIb3DQEBCwUAA4IBAQC5MLo7OiduOPEvV9l/lSPZzoY7lZjksbA0ZMkhbkLI
O4uF/CJU1OkgDoDmkL0jZdRBXmlR2g/dTXjkxQ0sJt/aLA76f7rREpNbJ5nf1qfY
y7PXRLZ+EYOuHdiyNcYcBjb2wNUgqTGHqObuLq+jZNMFQ/5Azno8Jjg9xeu+kJZD
Daoo+PP+4V8XKMSE2dXpCmSDTjMErdeMj+0DlEXr6n8BY/O4ePzu9vVErgkeFrxE
HOf54pxNjSs0nquHpZMnxP1+pERiY/FtzWz9/UFheVUa5ALg4y9q8oKQBVOKlXfw
d8o6HVZAU77Kda4NaiCUjEVcOMtzv+zHgvWQX+++mrAD
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:13 2025 by rpki-client