Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/o1EPY-XxVbxJyaIoWSUC8RQCjcc.roa
File: o1EPY-XxVbxJyaIoWSUC8RQCjcc.roa (raw, json)
Hash identifier: Kquty1N0A29MJH0xvyL5yuCvTt71jZz0jcczxSEKzL0=
Subject key identifier: A3:51:0F:63:E5:F1:55:BC:49:C9:A2:28:59:25:02:F1:14:02:8D:C7
Certificate issuer: /CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Certificate serial: 019423D6B6B9544A599CAE05B25A1B6394DC
Authority key identifier: 42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/o1EPY-XxVbxJyaIoWSUC8RQCjcc.roa
Signing time: Wed 01 Jan 2025 21:47:41 +0000
ROA not before: Wed 01 Jan 2025 21:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207671
IP address blocks: 45.91.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b6:b9:54:4a:59:9c:ae:05:b2:5a:1b:63:94:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Validity
Not Before: Jan 1 21:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3510f63e5f155bc49c9a228592502f114028dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:03:5c:f7:9c:fd:c3:b3:f7:60:4c:cd:0f:e7:
b9:a3:8e:38:6f:5c:45:15:ac:6a:49:11:fc:dd:80:
b3:69:93:22:a8:5a:cc:79:ba:3a:66:93:f1:a8:9b:
e2:a9:b8:2a:5f:2b:05:cd:58:76:27:44:5d:6d:3a:
22:34:af:8b:ac:23:c2:47:84:fc:6a:2a:73:c3:dd:
4c:28:57:25:f2:50:3d:c0:87:7f:23:89:44:ad:03:
ff:57:b1:20:9d:75:d9:8f:52:69:7b:65:1f:e1:6d:
f3:99:71:a8:c6:0e:22:10:50:f3:7d:3b:42:d7:af:
93:e0:45:e9:93:5f:4e:5e:2d:92:fc:b8:7f:3b:f3:
71:8f:f7:ae:42:92:52:e1:20:44:77:c4:f0:4f:a1:
de:9f:b3:6d:11:5e:f4:78:34:da:b5:fb:09:00:9f:
d0:ef:00:14:68:5e:6b:40:70:b0:5f:0c:6a:ff:47:
12:19:48:f2:5d:9a:7c:41:00:74:cf:87:43:1f:86:
3b:ff:fd:12:00:48:a3:d0:4b:a5:91:03:65:55:18:
00:dc:c4:60:3d:9c:8f:b6:e9:a0:7c:bc:7c:99:2e:
0f:c8:7e:ec:ff:54:44:f5:2c:b9:13:33:f5:84:b3:
ae:20:31:5e:36:af:c2:0b:6a:b9:b5:7a:27:0d:06:
b9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:51:0F:63:E5:F1:55:BC:49:C9:A2:28:59:25:02:F1:14:02:8D:C7
X509v3 Authority Key Identifier:
keyid:42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/o1EPY-XxVbxJyaIoWSUC8RQCjcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.77.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:45:0f:eb:bf:57:9d:e3:93:b1:e7:d7:8d:56:a7:b8:11:ec:
19:5d:36:a1:c5:54:88:b2:6d:55:e8:bd:77:e8:ab:50:81:a3:
21:71:54:65:2a:75:dd:94:b2:48:27:93:db:36:44:6c:40:2e:
55:9f:38:d7:f2:05:fa:84:83:b8:b4:55:51:4f:69:7a:62:f1:
a4:b4:f7:85:58:27:e3:08:d4:83:f0:02:e7:46:00:c3:62:43:
10:e7:5f:76:f6:9a:6e:e5:27:c2:21:6b:7f:fa:8c:7c:58:1b:
19:14:58:c7:e8:38:1f:12:cb:4b:18:94:f6:e1:42:af:c2:29:
a7:c0:08:93:a6:f0:14:44:46:f6:a5:ab:8c:be:d1:7a:58:ec:
d6:60:d0:1f:99:2a:73:44:9c:8b:86:72:d6:2a:f4:c4:e2:02:
ff:6a:53:8e:3c:f7:bd:35:62:b9:37:89:93:fb:95:08:2e:38:
66:11:84:a9:27:53:e0:19:df:c4:8d:f9:e4:8a:4c:01:77:f3:
57:b3:e9:2e:29:a4:7f:24:ac:ae:19:56:02:73:30:21:6a:b1:
29:26:18:fa:33:9d:41:e3:e7:7c:90:5f:3c:88:3e:85:7d:fb:
00:29:1a:a2:2d:49:1a:68:f7:5d:bf:3b:f1:94:d3:5e:a9:f6:
a6:cb:84:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1ra5VEpZnK4FslobY5TcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWM1NGJlMWRhN2U3MzhlM2M5NmZmYjQxZjFlYTM5MDBh
NjdiZTgwHhcNMjUwMTAxMjE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUxMGY2M2U1ZjE1NWJjNDljOWEyMjg1OTI1MDJmMTE0MDI4ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsANc95z9w7P3YEzND+e5o444b1xF
FaxqSRH83YCzaZMiqFrMebo6ZpPxqJviqbgqXysFzVh2J0RdbToiNK+LrCPCR4T8
aipzw91MKFcl8lA9wId/I4lErQP/V7EgnXXZj1Jpe2Uf4W3zmXGoxg4iEFDzfTtC
16+T4EXpk19OXi2S/Lh/O/Nxj/euQpJS4SBEd8TwT6Hen7NtEV70eDTatfsJAJ/Q
7wAUaF5rQHCwXwxq/0cSGUjyXZp8QQB0z4dDH4Y7//0SAEij0EulkQNlVRgA3MRg
PZyPtumgfLx8mS4PyH7s/1RE9Sy5EzP1hLOuIDFeNq/CC2q5tXonDQa5DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNRD2Pl8VW8ScmiKFklAvEUAo3HMB8GA1UdIwQY
MBaAFEKcVL4dp+c448lv+0Hx6jkApnvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEt
M2Q4NTg0Y2Y1M2ZlLzEvbzFFUFktWHhWYnhKeWFJb1dTVUM4UlFDamNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEtM2Q4NTg0Y2Y1M2Zl
LzEvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVtNMA0G
CSqGSIb3DQEBCwUAA4IBAQBeRQ/rv1ed45Ox59eNVqe4EewZXTahxVSIsm1V6L13
6KtQgaMhcVRlKnXdlLJIJ5PbNkRsQC5VnzjX8gX6hIO4tFVRT2l6YvGktPeFWCfj
CNSD8ALnRgDDYkMQ51929ppu5SfCIWt/+ox8WBsZFFjH6DgfEstLGJT24UKvwimn
wAiTpvAUREb2pauMvtF6WOzWYNAfmSpzRJyLhnLWKvTE4gL/alOOPPe9NWK5N4mT
+5UILjhmEYSpJ1PgGd/EjfnkikwBd/NXs+kuKaR/JKyuGVYCczAharEpJhj6M51B
4+d8kF88iD6FffsAKRqiLUkaaPddvzvxlNNeqfamy4Tt
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:50 2025 by rpki-client