Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/FL7xyPZcMQ2IcS_NYdOw64zSnhI.roa
File: FL7xyPZcMQ2IcS_NYdOw64zSnhI.roa (raw, json)
Hash identifier: hTtsrLyKX+B71mb+xLolhfXCujGBZZVnGz4ugWVh69Q=
Subject key identifier: 14:BE:F1:C8:F6:5C:31:0D:88:71:2F:CD:61:D3:B0:EB:8C:D2:9E:12
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 019422FBE992C60BB45EB639E364668A68BD
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/FL7xyPZcMQ2IcS_NYdOw64zSnhI.roa
Signing time: Wed 01 Jan 2025 17:48:42 +0000
ROA not before: Wed 01 Jan 2025 17:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 45.95.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e9:92:c6:0b:b4:5e:b6:39:e3:64:66:8a:68:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jan 1 17:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14bef1c8f65c310d88712fcd61d3b0eb8cd29e12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:79:54:16:50:5a:77:fb:32:58:64:d5:df:f1:
7e:90:7c:37:bb:a1:54:03:8c:94:66:8f:d4:4e:ab:
66:d5:8d:54:95:cc:cf:d0:54:a4:9e:9b:99:e9:a7:
2f:7b:9a:be:cb:a3:5f:1e:76:15:a8:06:3f:2f:d2:
69:1b:5b:26:38:33:43:06:f1:71:2b:73:c3:de:fc:
43:61:c2:72:80:77:d4:e7:6a:b6:86:12:87:fb:1e:
f9:c6:b0:d6:f1:55:8e:69:02:49:de:b1:b7:e0:a4:
ec:a2:ce:4d:81:ef:74:31:ff:ed:c3:ea:da:8d:58:
7d:8a:1f:81:91:c7:99:46:e4:ca:3c:ba:09:6c:62:
db:27:71:0d:1c:a0:ed:a3:92:3e:43:c1:c7:00:67:
f0:35:c3:d8:e0:14:e4:54:04:69:12:46:38:72:3d:
e2:7b:55:ec:18:99:19:c0:fb:60:a1:d1:b1:9d:d1:
05:f1:bd:eb:15:07:8e:32:d5:b3:a4:e9:04:dc:94:
33:87:29:53:e3:31:dd:31:87:bb:a9:8f:fc:3c:a6:
93:f8:45:1f:ba:de:4e:57:b2:7d:24:22:5d:b1:43:
70:bc:79:90:1e:3f:a4:bd:54:3d:25:be:96:b8:46:
2f:fb:7a:a9:48:b2:cb:03:c6:15:a5:80:53:44:98:
87:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:BE:F1:C8:F6:5C:31:0D:88:71:2F:CD:61:D3:B0:EB:8C:D2:9E:12
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/FL7xyPZcMQ2IcS_NYdOw64zSnhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.226.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:21:fd:dc:68:3e:4c:37:e2:20:2b:f9:a0:3c:cb:98:3b:c0:
ce:b7:b4:1e:10:76:50:36:9b:b8:38:d0:f7:e4:8c:4f:30:4e:
24:3f:94:db:cb:70:92:bc:91:6e:27:cb:ce:64:b3:64:60:13:
32:e4:4c:1e:68:eb:90:22:e8:5d:4b:1b:a7:09:c2:fa:e7:33:
cb:c7:c5:88:9e:a1:92:cd:ad:78:16:5c:f1:0e:2e:68:0f:0a:
ed:ad:59:6c:05:fe:b9:b9:42:15:28:34:17:81:00:ab:31:59:
a9:8f:80:b1:ce:41:17:83:87:e0:e6:8b:c7:91:5c:51:d3:ae:
b3:35:03:9c:45:43:67:60:71:f1:7f:73:63:6d:d7:06:12:ad:
f5:d0:61:65:a2:51:d1:8e:cf:87:6b:ea:f6:71:ef:c9:4b:5f:
0e:5b:c2:e5:bb:6b:f1:7f:0e:3d:9c:8d:fa:5f:72:b5:bf:76:
d5:f4:9b:e2:6e:be:f4:bc:26:d9:6b:5d:ca:58:96:d3:7a:0a:
88:67:30:e3:e3:11:74:21:74:64:0f:e4:92:4e:3e:c4:9c:d1:
bc:28:77:e2:ce:2b:a1:76:64:fd:78:a7:c3:d5:6f:f1:25:e6:
b7:49:d9:1f:ea:ae:96:de:1b:d8:7d:42:34:d8:a0:3f:6d:9b:
ae:07:88:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi++mSxgu0XrY542Rmimi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwMTAxMTc0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGJlZjFjOGY2NWMzMTBkODg3MTJmY2Q2MWQzYjBlYjhjZDI5ZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HlUFlBad/syWGTV3/F+kHw3u6FU
A4yUZo/UTqtm1Y1UlczP0FSknpuZ6acve5q+y6NfHnYVqAY/L9JpG1smODNDBvFx
K3PD3vxDYcJygHfU52q2hhKH+x75xrDW8VWOaQJJ3rG34KTsos5Nge90Mf/tw+ra
jVh9ih+BkceZRuTKPLoJbGLbJ3ENHKDto5I+Q8HHAGfwNcPY4BTkVARpEkY4cj3i
e1XsGJkZwPtgodGxndEF8b3rFQeOMtWzpOkE3JQzhylT4zHdMYe7qY/8PKaT+EUf
ut5OV7J9JCJdsUNwvHmQHj+kvVQ9Jb6WuEYv+3qpSLLLA8YVpYBTRJiHPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBS+8cj2XDENiHEvzWHTsOuM0p4SMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvRkw3eHlQWmNNUTJJY1NfTllkT3c2NHpTbmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/iMA0G
CSqGSIb3DQEBCwUAA4IBAQB+If3caD5MN+IgK/mgPMuYO8DOt7QeEHZQNpu4OND3
5IxPME4kP5Tby3CSvJFuJ8vOZLNkYBMy5EweaOuQIuhdSxunCcL65zPLx8WInqGS
za14FlzxDi5oDwrtrVlsBf65uUIVKDQXgQCrMVmpj4CxzkEXg4fg5ovHkVxR066z
NQOcRUNnYHHxf3NjbdcGEq310GFlolHRjs+Ha+r2ce/JS18OW8Llu2vxfw49nI36
X3K1v3bV9Jvibr70vCbZa13KWJbTegqIZzDj4xF0IXRkD+SSTj7EnNG8KHfiziuh
dmT9eKfD1W/xJea3Sdkf6q6W3hvYfUI02KA/bZuuB4iW
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:49:50 2025 by rpki-client