Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/r65snBkCxmVCv6a1bEi8pZGolWo.roa
File: r65snBkCxmVCv6a1bEi8pZGolWo.roa (raw, json)
Hash identifier: NX+tHwBkSjP3NLwoijFkhK/edgjW3zCjFTYn6NhOhSI=
Subject key identifier: AF:AE:6C:9C:19:02:C6:65:42:BF:A6:B5:6C:48:BC:A5:91:A8:95:6A
Certificate issuer: /CN=46eb3b3b579c90b4b996a7fe40f20503913a25cf
Certificate serial: 01856C53CE3B717F2F5AD5A2D19F2EF3B617
Authority key identifier: 46:EB:3B:3B:57:9C:90:B4:B9:96:A7:FE:40:F2:05:03:91:3A:25:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rus7O1eckLS5lqf-QPIFA5E6Jc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/r65snBkCxmVCv6a1bEi8pZGolWo.roa
Signing time: Sun 01 Jan 2023 07:55:09 +0000
ROA not before: Sun 01 Jan 2023 07:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45035
IP address blocks: 85.204.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ce:3b:71:7f:2f:5a:d5:a2:d1:9f:2e:f3:b6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb3b3b579c90b4b996a7fe40f20503913a25cf
Validity
Not Before: Jan 1 07:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afae6c9c1902c66542bfa6b56c48bca591a8956a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:78:f6:68:79:78:34:db:9c:9f:6a:2c:5a:f3:
67:1e:b3:cb:a8:81:0e:be:06:d1:97:8e:ce:c9:31:
6a:90:3a:6f:25:a0:85:83:7b:9b:a0:1f:e0:df:28:
10:4c:05:8a:2c:1e:1c:f1:c8:50:46:b1:06:51:0c:
78:44:50:b3:55:22:d8:21:5a:2e:48:54:52:8f:b0:
de:6f:d3:14:be:92:1a:a4:b3:a8:ea:e9:15:1b:98:
26:79:aa:fb:a7:a5:ea:b1:9b:60:06:22:4f:60:25:
84:cd:25:46:f1:ca:c3:2c:61:1c:39:6d:18:73:f8:
30:3d:c9:45:2b:41:56:c7:0c:b5:3c:8c:2c:88:a5:
c6:74:28:53:1a:d1:3b:d9:91:55:d1:be:05:ff:ba:
90:9f:02:4f:94:84:ab:3a:99:ce:b3:4f:c4:2c:f3:
65:12:d9:cf:ab:10:1f:43:2e:17:b1:cd:3e:81:a6:
85:d5:ff:1c:e7:49:57:c7:b1:e8:cb:94:74:4f:e6:
6d:43:25:be:77:ad:7c:46:bd:b2:70:1b:38:2e:91:
b5:e0:0c:ef:7d:96:ec:d4:f7:f1:de:4d:21:7b:0c:
e6:c7:f3:b2:e6:b8:60:f1:90:23:61:3b:b4:1e:e6:
da:a7:e0:d4:2b:76:3d:e0:db:2e:90:3e:ed:07:f0:
15:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AE:6C:9C:19:02:C6:65:42:BF:A6:B5:6C:48:BC:A5:91:A8:95:6A
X509v3 Authority Key Identifier:
keyid:46:EB:3B:3B:57:9C:90:B4:B9:96:A7:FE:40:F2:05:03:91:3A:25:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rus7O1eckLS5lqf-QPIFA5E6Jc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/r65snBkCxmVCv6a1bEi8pZGolWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/Rus7O1eckLS5lqf-QPIFA5E6Jc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.45.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a1:26:af:45:83:5e:22:4d:d6:12:89:b8:17:8d:8e:70:95:
b8:94:8a:97:9d:5a:2d:df:8d:e9:65:fc:81:db:87:5b:3e:fa:
85:d3:af:45:31:35:dd:1e:5c:93:44:e9:94:3f:50:a1:95:23:
52:78:a8:b1:29:9b:e3:8c:1e:bf:e7:99:77:8f:86:a5:cc:1c:
f4:46:11:2f:42:dc:69:3c:7b:69:6f:61:0a:21:51:ce:2b:90:
66:e6:b2:ff:26:69:a7:29:82:5c:7c:09:7d:81:bb:43:16:24:
8b:16:96:98:fa:a4:15:ad:51:29:37:6f:92:dd:06:1f:0e:c1:
c2:38:49:f4:5c:d6:c4:b9:1c:27:a6:8d:e5:5b:62:7c:73:13:
bb:f2:18:e3:61:3a:ff:c3:77:cf:6e:79:6e:9b:8d:40:42:9c:
b3:2d:18:8d:e7:33:84:70:37:99:bf:3c:b5:5f:56:63:4d:82:
ba:4b:ec:16:43:ef:5e:cf:83:a6:d5:a8:35:08:51:83:34:7d:
17:fa:83:9b:98:eb:38:b0:10:ec:32:f5:bd:58:50:84:eb:de:
f7:9c:31:fd:99:81:80:06:d2:04:d4:e3:64:da:30:bc:a8:3d:
8f:01:2c:a4:a4:59:fc:fc:f0:fe:f9:ae:dc:0a:e4:ed:b3:de:
f5:80:74:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU847cX8vWtWi0Z8u87YXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWIzYjNiNTc5YzkwYjRiOTk2YTdmZTQwZjIwNTAzOTEz
YTI1Y2YwHhcNMjMwMTAxMDc1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmFlNmM5YzE5MDJjNjY1NDJiZmE2YjU2YzQ4YmNhNTkxYTg5NTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3j2aHl4NNucn2osWvNnHrPLqIEO
vgbRl47OyTFqkDpvJaCFg3uboB/g3ygQTAWKLB4c8chQRrEGUQx4RFCzVSLYIVou
SFRSj7Deb9MUvpIapLOo6ukVG5gmear7p6XqsZtgBiJPYCWEzSVG8crDLGEcOW0Y
c/gwPclFK0FWxwy1PIwsiKXGdChTGtE72ZFV0b4F/7qQnwJPlISrOpnOs0/ELPNl
EtnPqxAfQy4Xsc0+gaaF1f8c50lXx7Hoy5R0T+ZtQyW+d618Rr2ycBs4LpG14Azv
fZbs1Pfx3k0hewzmx/Oy5rhg8ZAjYTu0Hubap+DUK3Y94NsukD7tB/AVsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+ubJwZAsZlQr+mtWxIvKWRqJVqMB8GA1UdIwQY
MBaAFEbrOztXnJC0uZan/kDyBQOROiXPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnVzN08xZWNrTFM1bHFmLVFQSUZBNUU2SmM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNmFkOWYtOGQ2OS00NmVhLWJkN2Mt
MzJiMTUwZjhlNjFmLzEvcjY1c25Ca0N4bVZDdjZhMWJFaThwWkdvbFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNmFkOWYtOGQ2OS00NmVhLWJkN2MtMzJiMTUwZjhlNjFm
LzEvUnVzN08xZWNrTFM1bHFmLVFQSUZBNUU2SmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcwtMA0G
CSqGSIb3DQEBCwUAA4IBAQBQoSavRYNeIk3WEom4F42OcJW4lIqXnVot343pZfyB
24dbPvqF069FMTXdHlyTROmUP1ChlSNSeKixKZvjjB6/55l3j4alzBz0RhEvQtxp
PHtpb2EKIVHOK5Bm5rL/JmmnKYJcfAl9gbtDFiSLFpaY+qQVrVEpN2+S3QYfDsHC
OEn0XNbEuRwnpo3lW2J8cxO78hjjYTr/w3fPbnlum41AQpyzLRiN5zOEcDeZvzy1
X1ZjTYK6S+wWQ+9ez4Om1ag1CFGDNH0X+oObmOs4sBDsMvW9WFCE6973nDH9mYGA
BtIE1ONk2jC8qD2PASykpFn8/PD++a7cCuTts971gHTf
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:04:49 2025 by rpki-client