Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/VDBZ-Do7oLcSjkfG0QXXLZFsn18.roa
File: VDBZ-Do7oLcSjkfG0QXXLZFsn18.roa (raw, json)
Hash identifier: tsSmWQNC/m3Eo2x7t6PBKV0awmBGlt2M1agXJLIK2d8=
Subject key identifier: 54:30:59:F8:3A:3B:A0:B7:12:8E:47:C6:D1:05:D7:2D:91:6C:9F:5F
Certificate issuer: /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial: 0194266B56073D16D35BEC0484A2BFCD1657
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/VDBZ-Do7oLcSjkfG0QXXLZFsn18.roa
Signing time: Thu 02 Jan 2025 09:49:16 +0000
ROA not before: Thu 02 Jan 2025 09:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54252
IP address blocks: 45.153.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:56:07:3d:16:d3:5b:ec:04:84:a2:bf:cd:16:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Validity
Not Before: Jan 2 09:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=543059f83a3ba0b7128e47c6d105d72d916c9f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ce:62:18:69:4d:4f:b6:42:7f:ed:41:b9:2a:
3f:a8:68:3e:aa:e3:d0:46:11:df:62:c7:72:e7:73:
50:df:06:56:57:90:a1:64:d8:da:3d:50:58:26:74:
4e:16:ea:b8:35:57:c9:5f:71:3c:74:1a:29:8b:f1:
8e:ce:47:05:69:03:15:1e:30:9d:4f:74:21:f3:34:
7f:73:40:35:88:8a:4a:e1:18:c4:1b:64:70:0f:23:
40:e3:c2:e0:7c:4e:63:ef:e4:8c:82:df:b3:83:93:
eb:30:df:05:c7:12:6f:fc:be:62:48:d0:3c:5f:9d:
1f:e7:6d:d8:2f:22:58:c2:91:4e:a8:47:dc:f7:51:
b7:77:35:70:3e:52:15:84:05:63:5a:9f:96:aa:a6:
0d:78:4c:cc:23:aa:09:2a:b4:ad:52:54:de:15:30:
af:fe:44:a3:6c:74:e3:97:09:ae:ee:7f:31:ad:ce:
f7:a3:21:a3:54:41:3c:ee:dd:3d:c3:d4:e8:ed:d2:
8f:6f:c8:6c:b5:32:78:67:e1:f0:b2:77:b5:b1:18:
fe:d4:8a:d6:5e:2a:f5:ca:c7:14:e2:f4:d2:a9:69:
e3:77:49:4b:15:c3:63:b0:db:5d:b1:69:69:59:1f:
34:c6:dc:47:46:21:fb:28:62:10:a9:b3:f7:8d:0e:
5a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:30:59:F8:3A:3B:A0:B7:12:8E:47:C6:D1:05:D7:2D:91:6C:9F:5F
X509v3 Authority Key Identifier:
keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/VDBZ-Do7oLcSjkfG0QXXLZFsn18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.164.0/24
Signature Algorithm: sha256WithRSAEncryption
74:4e:b3:c0:a0:0c:b5:cf:75:68:da:09:a5:3c:68:8a:f2:26:
3d:65:46:72:b6:1e:02:4b:09:9d:14:af:af:18:ea:be:c4:08:
1e:69:3f:8d:06:1a:8d:cd:b9:99:67:f8:d4:14:72:b5:bb:bf:
ea:39:11:aa:0b:c5:8b:ef:09:28:54:5d:1d:b6:38:ec:16:4b:
96:de:84:18:7c:d4:01:8e:b0:fb:bd:78:77:d2:c6:2c:99:c6:
f2:d2:a7:f7:41:ac:35:db:cc:b5:c8:37:eb:d1:8c:46:5b:58:
d5:e4:b3:ec:47:39:5b:2f:92:b6:93:31:fa:24:71:c9:f3:75:
eb:c2:39:75:2c:24:6e:3f:1d:c8:9f:ac:5f:d3:41:a0:ec:d7:
b6:dd:e9:f5:46:a9:3d:4b:63:a1:4f:4f:8a:70:21:e9:c2:65:
43:5a:73:2c:a3:f9:e4:8d:8b:89:69:f3:00:68:63:3d:a5:6d:
12:61:dc:f5:07:b4:bf:89:cf:2d:b5:5b:4a:a2:0a:df:c7:2f:
48:7d:a1:db:2f:59:47:61:0b:83:a3:39:3b:df:a7:03:f6:ed:
98:e8:10:d9:e8:aa:02:bc:a3:2c:f4:73:b4:34:bd:e5:90:a2:
52:65:c7:77:5c:99:db:3b:65:95:7f:69:cb:8d:70:6f:e3:ec:
dc:9e:66:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma1YHPRbTW+wEhKK/zRZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjUwMTAyMDk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDMwNTlmODNhM2JhMGI3MTI4ZTQ3YzZkMTA1ZDcyZDkxNmM5ZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzc5iGGlNT7ZCf+1BuSo/qGg+quPQ
RhHfYsdy53NQ3wZWV5ChZNjaPVBYJnROFuq4NVfJX3E8dBopi/GOzkcFaQMVHjCd
T3Qh8zR/c0A1iIpK4RjEG2RwDyNA48LgfE5j7+SMgt+zg5PrMN8FxxJv/L5iSNA8
X50f523YLyJYwpFOqEfc91G3dzVwPlIVhAVjWp+WqqYNeEzMI6oJKrStUlTeFTCv
/kSjbHTjlwmu7n8xrc73oyGjVEE87t09w9To7dKPb8hstTJ4Z+Hwsne1sRj+1IrW
Xir1yscU4vTSqWnjd0lLFcNjsNtdsWlpWR80xtxHRiH7KGIQqbP3jQ5aWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQwWfg6O6C3Eo5HxtEF1y2RbJ9fMB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEvVkRCWi1EbzdvTGNTamtmRzBRWFhMWkZzbjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZmkMA0G
CSqGSIb3DQEBCwUAA4IBAQB0TrPAoAy1z3Vo2gmlPGiK8iY9ZUZyth4CSwmdFK+v
GOq+xAgeaT+NBhqNzbmZZ/jUFHK1u7/qORGqC8WL7wkoVF0dtjjsFkuW3oQYfNQB
jrD7vXh30sYsmcby0qf3Qaw128y1yDfr0YxGW1jV5LPsRzlbL5K2kzH6JHHJ83Xr
wjl1LCRuPx3In6xf00Gg7Ne23en1Rqk9S2OhT0+KcCHpwmVDWnMso/nkjYuJafMA
aGM9pW0SYdz1B7S/ic8ttVtKogrfxy9IfaHbL1lHYQuDozk736cD9u2Y6BDZ6KoC
vKMs9HO0NL3lkKJSZcd3XJnbO2WVf2nLjXBv4+zcnmbS
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:20:33 2025 by rpki-client