Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/682ece-ebe2-4a23-8ab5-36e64ac64542/1/NUME3F4fpbFpPHXxjqL2riACA_g.roa
File: NUME3F4fpbFpPHXxjqL2riACA_g.roa (raw, json)
Hash identifier: Z+teIa+r/TFgEavQJJhMqBljQBI3IWDjmFWxiwAKUe0=
Subject key identifier: 35:43:04:DC:5E:1F:A5:B1:69:3C:75:F1:8E:A2:F6:AE:20:02:03:F8
Certificate issuer: /CN=b334fc2b5b8227b6df3f21d1ad3a74b14ec0685a
Certificate serial: 018CC34954B9CAA1279CC3DE5258BA2CBBBF
Authority key identifier: B3:34:FC:2B:5B:82:27:B6:DF:3F:21:D1:AD:3A:74:B1:4E:C0:68:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/szT8K1uCJ7bfPyHRrTp0sU7AaFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/682ece-ebe2-4a23-8ab5-36e64ac64542/1/NUME3F4fpbFpPHXxjqL2riACA_g.roa
Signing time: Mon 01 Jan 2024 04:30:12 +0000
ROA not before: Mon 01 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.159.224.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:54:b9:ca:a1:27:9c:c3:de:52:58:ba:2c:bb:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b334fc2b5b8227b6df3f21d1ad3a74b14ec0685a
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=354304dc5e1fa5b1693c75f18ea2f6ae200203f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3a:00:01:73:30:f3:cd:14:88:98:0d:c6:94:
7b:3b:e2:cb:b2:81:56:81:2c:8e:57:19:aa:b8:4a:
79:cf:30:a2:49:2d:77:66:ee:a8:bc:f4:37:30:d8:
73:45:a1:7d:73:87:40:ec:e7:60:64:ee:e0:51:ed:
b4:e8:87:46:bf:00:86:96:5b:bb:09:74:57:ae:34:
6f:7f:cf:79:bc:a2:06:74:d1:66:ad:cd:f3:b9:ee:
31:33:79:d2:e0:a5:97:7f:4c:9f:ad:d9:e3:39:fd:
d3:7d:b1:b1:34:5d:94:22:ac:d2:a1:54:f5:f0:c0:
5f:25:c2:3e:f0:d8:57:83:fc:53:b5:e0:57:7d:91:
7c:92:7a:50:88:7c:3f:18:0e:9c:00:57:e3:cb:1b:
c1:74:ad:3f:3a:9c:bf:a0:9f:4a:c2:4b:1c:c2:72:
ad:c6:e7:7d:f7:0d:f4:df:12:35:20:38:56:0f:c8:
24:08:02:68:7b:68:e6:00:5d:b0:11:94:44:80:ba:
53:48:5c:c4:da:02:0b:50:99:ef:cd:f8:1e:48:6e:
92:b1:cd:4e:e6:15:1d:cb:bb:9a:97:53:65:12:0d:
b4:67:bc:f6:53:5e:1b:63:8c:5a:7c:87:0f:e0:d6:
46:3d:9e:c8:71:07:fb:d6:c9:05:9d:cd:14:22:34:
f3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:43:04:DC:5E:1F:A5:B1:69:3C:75:F1:8E:A2:F6:AE:20:02:03:F8
X509v3 Authority Key Identifier:
keyid:B3:34:FC:2B:5B:82:27:B6:DF:3F:21:D1:AD:3A:74:B1:4E:C0:68:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/szT8K1uCJ7bfPyHRrTp0sU7AaFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/682ece-ebe2-4a23-8ab5-36e64ac64542/1/NUME3F4fpbFpPHXxjqL2riACA_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/682ece-ebe2-4a23-8ab5-36e64ac64542/1/szT8K1uCJ7bfPyHRrTp0sU7AaFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.224.0/22
Signature Algorithm: sha256WithRSAEncryption
21:d1:88:2d:94:02:de:6f:f7:4d:7d:5f:7d:05:df:3a:eb:24:
f2:8e:35:a5:e5:65:0a:90:58:d0:70:f4:77:10:49:fc:bf:25:
c5:87:25:e2:dd:5b:4b:67:d6:c6:37:54:78:3d:5b:57:cb:73:
cf:ac:f8:bd:54:9d:4e:db:33:82:fc:a5:e6:e5:a1:33:b9:97:
64:64:54:53:ac:54:e2:73:41:b3:b8:37:b7:7e:e1:09:a4:d2:
e8:59:f9:e1:be:fa:aa:88:67:a6:31:1d:4c:d4:a8:63:d8:cf:
ff:f4:64:e9:90:be:89:e6:61:ff:03:73:bd:c5:08:8a:58:d5:
4a:76:a6:36:43:9b:17:47:49:ba:d3:93:2a:f8:fc:61:f2:3b:
0e:5d:eb:1a:a3:bf:d5:12:82:eb:c6:8d:2c:02:57:db:91:49:
d0:f3:aa:81:1a:a3:08:f3:d6:6b:f8:bf:53:b3:35:dd:5f:08:
0b:cb:61:93:19:dc:af:20:75:0f:2d:40:8f:b6:28:6c:7b:05:
dd:db:cd:23:1e:9d:28:62:ad:4e:11:cb:f4:6f:79:a5:c0:67:
69:e8:98:39:63:bc:8a:02:33:0f:54:6c:0d:a1:50:14:3e:4b:
0b:68:58:06:4a:d0:7f:9d:a0:a6:75:de:7a:fc:14:cc:3e:f7:
9c:91:4b:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVS5yqEnnMPeUli6LLu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMzRmYzJiNWI4MjI3YjZkZjNmMjFkMWFkM2E3NGIxNGVj
MDY4NWEwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQzMDRkYzVlMWZhNWIxNjkzYzc1ZjE4ZWEyZjZhZTIwMDIwM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwToAAXMw880UiJgNxpR7O+LLsoFW
gSyOVxmquEp5zzCiSS13Zu6ovPQ3MNhzRaF9c4dA7OdgZO7gUe206IdGvwCGllu7
CXRXrjRvf895vKIGdNFmrc3zue4xM3nS4KWXf0yfrdnjOf3TfbGxNF2UIqzSoVT1
8MBfJcI+8NhXg/xTteBXfZF8knpQiHw/GA6cAFfjyxvBdK0/Opy/oJ9KwkscwnKt
xud99w303xI1IDhWD8gkCAJoe2jmAF2wEZREgLpTSFzE2gILUJnvzfgeSG6Ssc1O
5hUdy7ual1NlEg20Z7z2U14bY4xafIcP4NZGPZ7IcQf71skFnc0UIjTzJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVDBNxeH6WxaTx18Y6i9q4gAgP4MB8GA1UdIwQY
MBaAFLM0/Ctbgie23z8h0a06dLFOwGhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3pUOEsxdUNKN2JmUHlIUnJUcDBzVTdBYUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC82ODJlY2UtZWJlMi00YTIzLThhYjUt
MzZlNjRhYzY0NTQyLzEvTlVNRTNGNGZwYkZwUEhYeGpxTDJyaUFDQV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC82ODJlY2UtZWJlMi00YTIzLThhYjUtMzZlNjRhYzY0NTQy
LzEvc3pUOEsxdUNKN2JmUHlIUnJUcDBzVTdBYUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ/gMA0G
CSqGSIb3DQEBCwUAA4IBAQAh0YgtlALeb/dNfV99Bd866yTyjjWl5WUKkFjQcPR3
EEn8vyXFhyXi3VtLZ9bGN1R4PVtXy3PPrPi9VJ1O2zOC/KXm5aEzuZdkZFRTrFTi
c0GzuDe3fuEJpNLoWfnhvvqqiGemMR1M1Khj2M//9GTpkL6J5mH/A3O9xQiKWNVK
dqY2Q5sXR0m605Mq+Pxh8jsOXesao7/VEoLrxo0sAlfbkUnQ86qBGqMI89Zr+L9T
szXdXwgLy2GTGdyvIHUPLUCPtihsewXd280jHp0oYq1OEcv0b3mlwGdp6Jg5Y7yK
AjMPVGwNoVAUPksLaFgGStB/naCmdd56/BTMPveckUuE
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:45:03 2025 by rpki-client