Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/U9JKjRKHCxdIsPDNQPOR88OqmCg.roa
File: U9JKjRKHCxdIsPDNQPOR88OqmCg.roa (raw, json)
Hash identifier: lajLKbejzI40eVa7BHAS4fdbPpPskr27n+GpeXAUSBk=
Subject key identifier: 53:D2:4A:8D:12:87:0B:17:48:B0:F0:CD:40:F3:91:F3:C3:AA:98:28
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0194258F281081567DBEF4FF69C1CC8DF8C5
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/U9JKjRKHCxdIsPDNQPOR88OqmCg.roa
Signing time: Thu 02 Jan 2025 05:48:46 +0000
ROA not before: Thu 02 Jan 2025 05:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212219
IP address blocks: 45.136.6.0/24 maxlen: 24
45.141.151.0/24 maxlen: 24
45.147.46.0/24 maxlen: 24
45.147.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:28:10:81:56:7d:be:f4:ff:69:c1:cc:8d:f8:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jan 2 05:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53d24a8d12870b1748b0f0cd40f391f3c3aa9828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:83:e8:d7:1b:48:bb:01:7a:eb:fa:86:63:78:
9d:55:b9:01:5a:ab:ae:7f:55:01:16:4e:7b:b9:67:
9c:97:ec:b5:2e:02:91:ee:ae:8a:81:e9:18:c1:59:
18:b9:55:1f:5e:a9:dd:4e:4f:b1:59:50:e5:13:d8:
aa:bb:e3:68:8c:56:dd:f2:46:0b:45:90:3b:3a:95:
93:6b:a1:93:28:06:6d:ea:83:aa:f1:48:b3:c1:32:
83:fd:e0:ba:f3:8e:df:21:ff:32:4e:a5:be:6d:62:
8a:9d:84:6b:df:0d:ba:20:b2:ea:b1:8b:73:32:12:
f8:e4:74:13:63:7b:d8:2c:32:9c:5f:0d:6e:a7:2d:
81:6c:f5:8b:5d:41:8b:74:2b:ce:0e:8e:8e:a1:08:
e7:51:3a:c5:cf:52:d8:9f:8b:af:17:72:4f:d8:0f:
9e:e4:33:c2:d5:fc:5c:29:13:88:31:10:01:1f:4e:
85:b7:98:54:d7:fa:be:69:79:5d:6b:09:b9:aa:d7:
a5:c0:5e:a9:f5:94:81:be:68:b7:26:00:f7:9f:2b:
98:5e:ab:83:88:d2:f3:23:a1:ae:e3:19:43:40:4e:
4d:0a:0e:c1:85:4a:7d:1b:0c:be:f8:b8:d0:7c:46:
5b:7e:61:46:b7:6a:2a:a2:6b:cd:0f:7c:9b:6a:54:
e0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D2:4A:8D:12:87:0B:17:48:B0:F0:CD:40:F3:91:F3:C3:AA:98:28
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/U9JKjRKHCxdIsPDNQPOR88OqmCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.6.0/24
45.141.151.0/24
45.147.46.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:73:b5:24:b4:37:a6:b4:53:43:2a:f8:e6:88:b1:13:4e:9b:
1a:a2:26:87:0c:9b:32:f8:1d:85:ff:16:db:f3:42:8d:fa:b3:
fc:b9:1d:e6:98:33:aa:13:38:fb:fa:f2:cb:b5:cf:59:5e:6c:
38:1e:01:1e:e5:16:7c:90:7e:ce:97:74:12:3d:0d:b9:0c:cb:
0f:13:f1:2e:9a:db:12:bf:25:09:61:bc:9b:5b:d0:22:68:b1:
56:88:97:08:14:9a:a1:1a:34:0f:45:55:44:37:fb:af:28:20:
7b:39:50:23:ca:0e:75:07:ed:da:cc:9b:b8:d1:b9:4a:f6:16:
ac:2f:46:4a:0f:46:86:2a:19:d8:39:cf:6f:9b:0a:c5:ff:10:
de:fc:91:aa:1c:a9:f8:e9:63:2b:75:b0:1f:98:68:68:c6:14:
da:8e:4a:10:23:b1:52:21:61:7f:5f:2b:9f:45:17:a1:53:02:
24:48:8c:20:f1:61:ec:40:bc:0b:0a:ab:2a:1e:60:9e:db:6e:
2f:85:97:3c:2b:b0:63:75:28:f0:e3:6f:e5:fb:6f:0e:6f:74:
56:63:d7:a2:ef:a1:6b:31:7a:d8:96:e5:70:77:a5:48:98:01:
3a:ff:c2:ed:3a:94:86:9d:6b:79:b1:31:63:0f:fb:ab:66:1f:
67:a5:e0:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQljygQgVZ9vvT/acHMjfjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QyNGE4ZDEyODcwYjE3NDhiMGYwY2Q0MGYzOTFmM2MzYWE5ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloPo1xtIuwF66/qGY3idVbkBWquu
f1UBFk57uWecl+y1LgKR7q6KgekYwVkYuVUfXqndTk+xWVDlE9iqu+NojFbd8kYL
RZA7OpWTa6GTKAZt6oOq8UizwTKD/eC6847fIf8yTqW+bWKKnYRr3w26ILLqsYtz
MhL45HQTY3vYLDKcXw1upy2BbPWLXUGLdCvODo6OoQjnUTrFz1LYn4uvF3JP2A+e
5DPC1fxcKROIMRABH06Ft5hU1/q+aXldawm5qtelwF6p9ZSBvmi3JgD3nyuYXquD
iNLzI6Gu4xlDQE5NCg7BhUp9Gwy++LjQfEZbfmFGt2oqomvND3ybalTg8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFPSSo0ShwsXSLDwzUDzkfPDqpgoMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVTlKS2pSS0hDeGRJc1BETlFQT1I4OE9xbUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYgGAwQA
LY2XAwQBLZMuMA0GCSqGSIb3DQEBCwUAA4IBAQBPc7UktDemtFNDKvjmiLETTpsa
oiaHDJsy+B2F/xbb80KN+rP8uR3mmDOqEzj7+vLLtc9ZXmw4HgEe5RZ8kH7Ol3QS
PQ25DMsPE/EumtsSvyUJYbybW9AiaLFWiJcIFJqhGjQPRVVEN/uvKCB7OVAjyg51
B+3azJu40blK9hasL0ZKD0aGKhnYOc9vmwrF/xDe/JGqHKn46WMrdbAfmGhoxhTa
jkoQI7FSIWF/XyufRRehUwIkSIwg8WHsQLwLCqsqHmCe224vhZc8K7BjdSjw42/l
+28Ob3RWY9ei76FrMXrYluVwd6VImAE6/8LtOpSGnWt5sTFjD/urZh9npeD4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:09 2025 by rpki-client