Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/4_kj9c7eaRMU4u4iUuTYZj576fo.roa
File: 4_kj9c7eaRMU4u4iUuTYZj576fo.roa (raw, json)
Hash identifier: PO5fBF6ObWzUciinbt0VhtAYJ3DoUDA1KwTdUnCJHIU=
Subject key identifier: E3:F9:23:F5:CE:DE:69:13:14:E2:EE:22:52:E4:D8:66:3E:7B:E9:FA
Certificate issuer: /CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Certificate serial: 01942068208CFC86B7FD152FFEE07F79352D
Authority key identifier: BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/4_kj9c7eaRMU4u4iUuTYZj576fo.roa
Signing time: Wed 01 Jan 2025 05:48:02 +0000
ROA not before: Wed 01 Jan 2025 05:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20853
IP address blocks: 45.145.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:20:8c:fc:86:b7:fd:15:2f:fe:e0:7f:79:35:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Validity
Not Before: Jan 1 05:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3f923f5cede691314e2ee2252e4d8663e7be9fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bf:b8:b9:46:52:20:70:fd:b8:eb:17:ac:aa:
8d:b1:4b:28:46:82:7c:9e:55:97:52:97:e7:f7:e7:
84:e5:6c:ce:d4:16:2f:7d:c8:01:d8:a8:7c:de:4e:
79:64:84:15:76:aa:25:9f:f8:cf:e9:5c:ea:37:59:
f4:69:da:3e:e8:02:ad:9b:6a:62:ef:ca:ab:11:ce:
11:69:53:27:cf:7a:07:aa:e4:15:05:02:a6:63:f1:
3c:d4:e4:e8:5c:fa:7b:7a:70:76:34:53:fc:e2:d2:
80:49:51:b1:cc:37:4d:ad:63:a8:cb:c2:c7:55:ba:
0e:6d:48:be:96:01:45:da:d6:e9:2b:05:b9:72:e4:
d1:3c:8e:41:e8:49:3a:f9:62:b9:f7:27:cd:2d:c3:
56:ac:ed:04:e2:05:10:29:ee:ab:88:7c:47:27:1a:
91:85:fd:ba:7b:52:12:6a:a8:04:53:2f:e0:f5:d4:
91:e5:0f:23:6d:6f:0f:3d:9b:96:2e:2a:e2:ca:22:
a5:76:cf:50:70:85:a2:dc:ee:3a:d2:ce:34:de:e2:
35:73:67:c0:06:9d:15:1d:9d:ea:b9:cb:45:83:6b:
7b:23:9f:f5:c4:1f:a5:46:dd:0f:77:4b:a0:d1:4e:
70:52:ed:93:02:c5:87:fb:7f:e3:52:31:90:1d:94:
14:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F9:23:F5:CE:DE:69:13:14:E2:EE:22:52:E4:D8:66:3E:7B:E9:FA
X509v3 Authority Key Identifier:
keyid:BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/4_kj9c7eaRMU4u4iUuTYZj576fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.217.0/24
Signature Algorithm: sha256WithRSAEncryption
37:86:dd:fd:1d:b2:1c:f1:ff:03:a5:2c:32:d2:97:f0:7c:46:
1c:a0:40:84:a6:a2:31:1d:d6:7c:a1:dc:1d:b1:bf:3f:51:e0:
a5:06:d5:4b:7f:7d:e9:22:58:ef:89:a6:28:a0:7e:3f:98:34:
90:1e:05:1d:35:95:20:92:4f:c7:9f:c9:d8:70:4c:cb:8d:62:
68:62:4d:8d:d4:21:8c:f5:76:14:60:9c:f6:ab:bc:13:4f:9b:
cd:db:2a:19:5a:a2:fb:93:6f:cb:a1:17:2a:41:f0:0c:ff:5f:
86:0d:9c:17:e7:45:74:1f:8d:7e:84:b4:f5:5c:46:b6:19:6e:
2b:29:16:1e:a2:41:05:77:a4:d6:30:c8:ea:9d:35:2c:06:fa:
aa:90:6c:f0:91:24:bc:bd:4b:cd:ff:19:48:ff:8f:5c:3e:c0:
26:f8:57:3c:f0:39:d5:7c:97:90:a0:96:af:30:64:b5:f9:be:
ed:d8:59:62:9f:59:cf:00:80:e3:97:9e:7b:10:1d:47:f7:77:
aa:c6:c8:46:8e:bc:0a:e0:6f:80:28:05:49:f0:14:7c:8e:58:
1b:d0:85:db:cd:98:e4:18:1a:d9:9c:6b:53:f1:5e:ea:7c:f6:
51:e6:d7:09:bd:f6:0f:37:e1:48:3c:60:aa:9a:e6:4a:2d:3e:
19:5b:18:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaCCM/Ia3/RUv/uB/eTUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjgzZTk5YmY3MjU0Zjk0ODA1N2E1ZTk4MWJlNmZhNWMy
MDU0ZGQwHhcNMjUwMTAxMDU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Y5MjNmNWNlZGU2OTEzMTRlMmVlMjI1MmU0ZDg2NjNlN2JlOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L+4uUZSIHD9uOsXrKqNsUsoRoJ8
nlWXUpfn9+eE5WzO1BYvfcgB2Kh83k55ZIQVdqoln/jP6VzqN1n0ado+6AKtm2pi
78qrEc4RaVMnz3oHquQVBQKmY/E81OToXPp7enB2NFP84tKASVGxzDdNrWOoy8LH
VboObUi+lgFF2tbpKwW5cuTRPI5B6Ek6+WK59yfNLcNWrO0E4gUQKe6riHxHJxqR
hf26e1ISaqgEUy/g9dSR5Q8jbW8PPZuWLiriyiKlds9QcIWi3O460s403uI1c2fA
Bp0VHZ3quctFg2t7I5/1xB+lRt0Pd0ug0U5wUu2TAsWH+3/jUjGQHZQUEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOP5I/XO3mkTFOLuIlLk2GY+e+n6MB8GA1UdIwQY
MBaAFL24Ppm/clT5SAV6Xpgb5vpcIFTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEt
ZTQ5NWFhYTBjYWMwLzEvNF9rajljN2VhUk1VNHU0aVV1VFlaajU3NmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEtZTQ5NWFhYTBjYWMw
LzEvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZHZMA0G
CSqGSIb3DQEBCwUAA4IBAQA3ht39HbIc8f8DpSwy0pfwfEYcoECEpqIxHdZ8odwd
sb8/UeClBtVLf33pIljviaYooH4/mDSQHgUdNZUgkk/Hn8nYcEzLjWJoYk2N1CGM
9XYUYJz2q7wTT5vN2yoZWqL7k2/LoRcqQfAM/1+GDZwX50V0H41+hLT1XEa2GW4r
KRYeokEFd6TWMMjqnTUsBvqqkGzwkSS8vUvN/xlI/49cPsAm+Fc88DnVfJeQoJav
MGS1+b7t2Flin1nPAIDjl557EB1H93eqxshGjrwK4G+AKAVJ8BR8jlgb0IXbzZjk
GBrZnGtT8V7qfPZR5tcJvfYPN+FIPGCqmuZKLT4ZWxhj
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:29:30 2025 by rpki-client