Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/x-oHQjnwxvG7zZvcQkuRXWO2h4Q.roa
File: x-oHQjnwxvG7zZvcQkuRXWO2h4Q.roa (raw, json)
Hash identifier: QRsXLezrt6W9iYwytMlCkOMS0u3CyU/UmS4vgAyjWJg=
Subject key identifier: C7:EA:07:42:39:F0:C6:F1:BB:CD:9B:DC:42:4B:91:5D:63:B6:87:84
Certificate issuer: /CN=667d377dd4c830c246cb48a934699699e4b37741
Certificate serial: 01941F8C1A9F6239F1335ACD71DC4BA98FD4
Authority key identifier: 66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/x-oHQjnwxvG7zZvcQkuRXWO2h4Q.roa
Signing time: Wed 01 Jan 2025 01:47:42 +0000
ROA not before: Wed 01 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43619
IP address blocks: 45.66.108.0/22 maxlen: 24
2a09:6840::/32 maxlen: 48
2a09:6841::/32 maxlen: 48
2a09:6842::/32 maxlen: 48
2a09:6843::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1a:9f:62:39:f1:33:5a:cd:71:dc:4b:a9:8f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=667d377dd4c830c246cb48a934699699e4b37741
Validity
Not Before: Jan 1 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7ea074239f0c6f1bbcd9bdc424b915d63b68784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:10:dd:b2:86:f2:44:c9:51:84:8b:04:a2:46:
54:31:3c:e1:80:36:d4:42:47:77:1e:77:58:2d:87:
dc:57:87:ba:1e:d1:af:79:20:61:00:97:31:38:8f:
dd:2d:b9:1d:0a:1c:6c:0e:46:bd:c2:c7:50:8c:10:
79:b2:a9:d2:b2:5b:9d:13:a2:89:20:a3:79:94:06:
5b:28:3a:86:ac:78:29:65:c6:39:40:5d:6a:48:2d:
8e:43:ce:56:a7:b6:ae:8f:40:93:57:03:f3:30:f2:
a0:bc:6e:2d:92:7d:dd:8f:d2:06:77:e4:56:77:d5:
51:40:fd:65:45:b8:05:d6:73:89:7d:b9:c1:99:8f:
bf:4e:41:4c:e4:79:0d:00:89:43:41:aa:e6:dc:f8:
78:43:1e:d4:cf:bd:f6:4a:f7:03:b3:bc:6a:18:bb:
a3:f7:95:2b:0e:37:9b:65:ea:40:7f:8a:df:ef:04:
b7:18:06:0d:34:08:e3:7e:11:66:a4:c9:d0:d0:37:
06:68:40:b7:29:c6:30:c2:79:ce:ba:1c:02:6b:cf:
97:85:65:b0:3c:61:d0:be:80:0a:33:59:4e:31:c9:
bd:3d:32:7d:fc:78:85:c2:87:16:6e:81:71:63:de:
97:f3:db:a1:5a:5f:d7:b3:5b:8c:b6:46:cb:f6:af:
63:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:EA:07:42:39:F0:C6:F1:BB:CD:9B:DC:42:4B:91:5D:63:B6:87:84
X509v3 Authority Key Identifier:
keyid:66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/x-oHQjnwxvG7zZvcQkuRXWO2h4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/Zn03fdTIMMJGy0ipNGmWmeSzd0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.108.0/22
IPv6:
2a09:6840::/30
Signature Algorithm: sha256WithRSAEncryption
47:d2:34:15:0f:c1:d5:19:ce:c8:0b:97:ad:2b:37:ba:13:08:
8d:d6:e3:cf:10:d2:6f:ff:8c:fd:dd:12:39:b2:e6:a5:45:d6:
5a:6f:01:71:76:a0:e6:41:2a:77:40:84:18:fc:88:f7:b5:06:
10:13:a5:f4:51:42:4b:65:2a:30:be:b8:9d:66:41:4e:a9:bb:
90:c3:b6:ed:d5:0d:23:43:46:0e:c2:85:5f:e1:2e:37:8e:2e:
a0:bc:db:c4:73:3d:c4:da:24:57:2e:df:e9:ab:f6:7b:fe:7a:
ec:67:b2:d7:0c:15:96:3f:36:0a:e9:b7:a4:57:81:d7:89:6d:
6d:29:18:76:3f:a1:c0:a8:71:ca:b6:42:2e:6d:9f:9f:a8:78:
80:9e:cc:8e:70:09:4c:a5:50:18:12:88:7c:4d:5a:5b:09:56:
92:80:03:8b:0b:72:5f:48:f2:38:6e:c7:cb:2a:bc:41:83:56:
8e:e1:13:fb:bf:c8:8f:c1:84:df:e9:e8:d4:25:a2:84:a6:dd:
18:9f:ad:54:b2:bc:0e:90:b4:1b:5c:5c:c5:a4:65:b3:03:2b:
84:3b:ac:6b:ca:85:16:17:17:70:e1:d4:04:4c:70:83:3f:c2:
de:c2:26:36:f9:61:4e:85:a5:7f:4f:ed:af:7f:cd:ec:75:33:
88:ab:2b:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjBqfYjnxM1rNcdxLqY/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2N2QzNzdkZDRjODMwYzI0NmNiNDhhOTM0Njk5Njk5ZTRi
Mzc3NDEwHhcNMjUwMTAxMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2VhMDc0MjM5ZjBjNmYxYmJjZDliZGM0MjRiOTE1ZDYzYjY4Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxDdsobyRMlRhIsEokZUMTzhgDbU
Qkd3HndYLYfcV4e6HtGveSBhAJcxOI/dLbkdChxsDka9wsdQjBB5sqnSsludE6KJ
IKN5lAZbKDqGrHgpZcY5QF1qSC2OQ85Wp7auj0CTVwPzMPKgvG4tkn3dj9IGd+RW
d9VRQP1lRbgF1nOJfbnBmY+/TkFM5HkNAIlDQarm3Ph4Qx7Uz732SvcDs7xqGLuj
95UrDjebZepAf4rf7wS3GAYNNAjjfhFmpMnQ0DcGaEC3KcYwwnnOuhwCa8+XhWWw
PGHQvoAKM1lOMcm9PTJ9/HiFwocWboFxY96X89uhWl/Xs1uMtkbL9q9j5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMfqB0I58Mbxu82b3EJLkV1jtoeEMB8GA1UdIwQY
MBaAFGZ9N33UyDDCRstIqTRplpnks3dBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEt
MTIxZmY0NjAxOGYzLzEveC1vSFFqbnd4dkc3elp2Y1FrdVJYV08yaDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEtMTIxZmY0NjAxOGYz
LzEvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUJsMA0E
AgACMAcDBQIqCWhAMA0GCSqGSIb3DQEBCwUAA4IBAQBH0jQVD8HVGc7IC5etKze6
EwiN1uPPENJv/4z93RI5sualRdZabwFxdqDmQSp3QIQY/Ij3tQYQE6X0UUJLZSow
vridZkFOqbuQw7bt1Q0jQ0YOwoVf4S43ji6gvNvEcz3E2iRXLt/pq/Z7/nrsZ7LX
DBWWPzYK6bekV4HXiW1tKRh2P6HAqHHKtkIubZ+fqHiAnsyOcAlMpVAYEoh8TVpb
CVaSgAOLC3JfSPI4bsfLKrxBg1aO4RP7v8iPwYTf6ejUJaKEpt0Yn61UsrwOkLQb
XFzFpGWzAyuEO6xryoUWFxdw4dQETHCDP8LewiY2+WFOhaV/T+2vf83sdTOIqyt7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:11 2025 by rpki-client