Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/c-Wnlh-kFjP6q7EkrDX-duWttJc.roa
File: c-Wnlh-kFjP6q7EkrDX-duWttJc.roa (raw, json)
Hash identifier: 6Prgxqh9/nVNm4A4c9/ay2pcayT5Dd+P1lar2QOL0DQ=
Subject key identifier: 73:E5:A7:96:1F:A4:16:33:FA:AB:B1:24:AC:35:FE:76:E5:AD:B4:97
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 019422FBE54BDB435B18FF0CC1D2B1240ED3
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/c-Wnlh-kFjP6q7EkrDX-duWttJc.roa
Signing time: Wed 01 Jan 2025 17:48:41 +0000
ROA not before: Wed 01 Jan 2025 17:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 45.149.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e5:4b:db:43:5b:18:ff:0c:c1:d2:b1:24:0e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jan 1 17:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73e5a7961fa41633faabb124ac35fe76e5adb497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:73:3e:37:db:bc:ee:d3:92:5a:47:5c:f9:fa:
89:8c:42:09:55:0a:5e:ba:a4:6c:5c:ae:4a:fa:3d:
59:f4:66:9b:b5:4f:ef:f3:73:2d:32:4a:ff:8d:91:
c5:9e:09:d3:0f:7b:6f:93:19:32:7c:50:ae:2b:d4:
9e:76:ef:fe:6e:ee:cc:a9:fa:54:de:03:66:b6:0d:
ce:f7:00:2c:7e:78:3e:23:0c:e4:d9:f3:e0:c3:53:
1d:ea:8e:e6:cd:da:f4:67:f9:6b:22:38:fd:63:73:
d6:d0:74:81:aa:05:db:cf:27:1c:f4:19:28:b4:90:
6f:19:60:ee:3c:33:94:f3:e4:c7:92:da:17:31:dd:
b3:ec:b7:8e:93:f0:a0:bf:7e:f0:a1:74:62:f4:ca:
0a:6d:2a:69:c9:86:d0:fa:48:64:fb:08:38:cc:cf:
e6:71:85:68:96:c8:3b:68:c8:f3:0c:e2:fe:54:85:
0c:38:2b:de:7b:ee:8b:65:9e:ec:94:99:4b:a0:14:
ab:b0:4d:a5:82:ec:40:ea:00:1c:2a:56:80:1c:cd:
47:ba:9e:3f:e5:e9:72:c0:62:07:cc:7f:c5:32:ae:
6b:dc:ab:4a:1b:4e:92:d9:b4:cc:02:7d:a2:09:88:
ba:b3:ca:b5:db:b0:06:3a:d5:09:59:66:fc:8f:d5:
de:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E5:A7:96:1F:A4:16:33:FA:AB:B1:24:AC:35:FE:76:E5:AD:B4:97
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/c-Wnlh-kFjP6q7EkrDX-duWttJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.7.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:36:8e:de:ca:64:04:ff:00:28:42:82:fd:7d:b6:d7:8a:12:
0f:a5:19:ef:f3:90:45:fc:40:f9:88:5e:1c:2c:e1:65:a9:ba:
7a:c8:66:08:81:81:f1:59:f0:8f:ac:b2:d6:b2:5d:8d:4d:e0:
de:2c:2e:c6:6e:ca:ec:f3:a2:4d:5f:70:4e:29:a2:62:3d:00:
40:67:38:3e:59:99:68:e8:17:3c:61:5c:fe:f6:73:23:08:47:
26:5d:cb:ab:c5:6c:5d:18:29:88:99:07:c4:27:74:3a:fc:1b:
16:b2:60:82:96:3d:6b:d1:23:55:89:82:4e:07:a7:5d:c2:a5:
fb:e5:1a:93:89:7c:39:0e:fd:3f:b7:bf:11:09:00:ba:75:d5:
f0:d9:af:35:67:d6:75:6a:8c:98:db:80:c2:93:a2:6f:e8:bc:
eb:98:af:93:ca:d6:6b:22:cc:ff:63:e0:f1:43:31:eb:1f:75:
5a:ed:a8:9d:d7:e9:f8:2f:be:b6:68:b6:b4:40:86:dd:8b:10:
97:c2:78:b0:5f:bb:9f:eb:05:da:9d:b1:ea:ad:cd:ac:6a:07:
d1:e1:14:9c:41:8a:e1:89:04:df:12:b4:c6:a3:59:38:e7:24:
8f:bb:74:45:c6:a0:48:4f:25:22:a8:be:97:e0:61:e0:b4:df:
f9:a0:00:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi++VL20NbGP8MwdKxJA7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwMTAxMTc0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U1YTc5NjFmYTQxNjMzZmFhYmIxMjRhYzM1ZmU3NmU1YWRiNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nM+N9u87tOSWkdc+fqJjEIJVQpe
uqRsXK5K+j1Z9GabtU/v83MtMkr/jZHFngnTD3tvkxkyfFCuK9Sedu/+bu7MqfpU
3gNmtg3O9wAsfng+Iwzk2fPgw1Md6o7mzdr0Z/lrIjj9Y3PW0HSBqgXbzycc9Bko
tJBvGWDuPDOU8+THktoXMd2z7LeOk/Cgv37woXRi9MoKbSppyYbQ+khk+wg4zM/m
cYVolsg7aMjzDOL+VIUMOCvee+6LZZ7slJlLoBSrsE2lguxA6gAcKlaAHM1Hup4/
5elywGIHzH/FMq5r3KtKG06S2bTMAn2iCYi6s8q127AGOtUJWWb8j9Xe1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHPlp5YfpBYz+quxJKw1/nblrbSXMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvYy1XbmxoLWtGalA2cTdFa3JEWC1kdVd0dEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZUHMA0G
CSqGSIb3DQEBCwUAA4IBAQAcNo7eymQE/wAoQoL9fbbXihIPpRnv85BF/ED5iF4c
LOFlqbp6yGYIgYHxWfCPrLLWsl2NTeDeLC7Gbsrs86JNX3BOKaJiPQBAZzg+WZlo
6Bc8YVz+9nMjCEcmXcurxWxdGCmImQfEJ3Q6/BsWsmCClj1r0SNViYJOB6ddwqX7
5RqTiXw5Dv0/t78RCQC6ddXw2a81Z9Z1aoyY24DCk6Jv6LzrmK+TytZrIsz/Y+Dx
QzHrH3Va7aid1+n4L762aLa0QIbdixCXwniwX7uf6wXanbHqrc2sagfR4RScQYrh
iQTfErTGo1k45ySPu3RFxqBITyUiqL6X4GHgtN/5oABE
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:37:05 2025 by rpki-client