Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/1-VzVTuLtoU--3cnIt-73KE26ec0.roa
File: 1-VzVTuLtoU--3cnIt-73KE26ec0.roa (raw, json)
Hash identifier: KpmLLYQNOmujNFpLlwlElOuTwkMximjGxYv4F1TGcT0=
Subject key identifier: F9:5C:D5:4E:E2:ED:A1:4F:BE:DD:C9:C8:B7:EE:F7:28:4D:BA:79:CD
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 018CC9BC5BF043A6991B90E4DD02BDB8EE69
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/1-VzVTuLtoU--3cnIt-73KE26ec0.roa
Signing time: Tue 02 Jan 2024 10:33:33 +0000
ROA not before: Tue 02 Jan 2024 10:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210240
IP address blocks: 45.151.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:5b:f0:43:a6:99:1b:90:e4:dd:02:bd:b8:ee:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Jan 2 10:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f95cd54ee2eda14fbeddc9c8b7eef7284dba79cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ee:44:72:7e:73:95:38:38:ce:58:d9:56:a7:
6f:50:66:35:42:59:7f:b2:d0:ba:c7:42:62:85:31:
68:a2:76:e0:9d:5c:4b:e7:76:c7:be:d2:0e:46:c8:
62:3f:54:fc:a8:7c:d1:10:18:42:03:07:4a:a9:b3:
f4:cb:a4:b8:e1:33:64:6f:a5:87:26:54:67:ce:ef:
a9:57:7c:c1:08:19:d0:93:b4:86:d1:e8:64:74:d9:
16:8c:a6:a8:b7:58:96:64:d3:b1:59:a3:08:b4:8b:
a8:3b:af:f6:fc:d7:89:ab:1e:5c:1a:9c:64:1c:0b:
59:b4:85:5e:e1:f0:2b:6c:ff:ce:8c:8b:5b:65:58:
26:9b:e5:54:93:5b:6c:7c:dc:a3:c1:56:63:9a:a8:
c2:ad:85:a5:b2:1c:16:3f:b3:30:db:93:75:a5:5e:
33:17:92:45:63:e1:86:62:fa:5a:1b:d8:73:f5:0c:
8f:45:be:33:66:8f:84:06:6e:a5:dd:8c:4d:38:ab:
ec:ae:44:9f:fa:9f:ec:ef:56:bd:eb:6f:7b:56:a1:
af:62:ab:a2:96:1a:1f:f0:97:6e:07:76:6d:f3:9c:
71:8a:f0:6b:88:16:9c:3d:a3:a6:4e:f2:ed:e7:4c:
b3:a7:b6:bb:0d:4f:fd:3a:2c:18:54:70:3d:0a:79:
88:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5C:D5:4E:E2:ED:A1:4F:BE:DD:C9:C8:B7:EE:F7:28:4D:BA:79:CD
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/1-VzVTuLtoU--3cnIt-73KE26ec0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.60.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f0:05:3d:c3:a9:d9:be:f7:87:d8:46:b5:97:11:96:7f:5c:
24:4d:66:a7:2b:07:80:05:50:ea:8b:10:51:75:f2:d8:9c:ed:
70:98:52:35:ab:bb:40:77:ad:ca:df:83:cc:9f:d3:02:e8:4d:
12:49:10:34:12:40:21:96:0f:37:d4:36:f1:86:2d:e4:e1:6c:
72:44:3f:26:22:5b:b7:6b:73:1b:05:1b:aa:00:97:e3:5f:e9:
49:1b:ee:50:ed:ec:4b:30:13:26:35:0b:b8:be:8f:8b:0e:a2:
85:d5:fb:8f:07:b3:b0:06:0e:df:8e:a6:18:d7:76:52:ba:1c:
bb:f7:cc:04:04:b6:44:29:4a:ba:57:d6:a1:13:94:f2:ff:6e:
07:fa:1c:71:f4:7f:6e:bb:63:e5:37:cb:13:84:eb:37:ff:42:
d3:ed:3a:e5:51:f1:a4:12:f2:36:89:ed:3f:d2:40:fc:61:bc:
41:9d:ef:de:3a:fa:ed:55:22:84:2d:3e:29:b5:a3:d4:9b:76:
d7:dd:2b:6f:63:81:f3:75:88:ba:7c:b1:a8:29:aa:fe:45:37:
d8:b1:e1:57:4e:d2:a8:5e:8e:49:09:65:58:ee:ae:18:6e:5e:
c0:dc:f4:62:14:9f:c4:e4:df:d0:eb:ab:4a:c6:5d:95:64:df:
fa:ed:9f:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJvFvwQ6aZG5Dk3QK9uO5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQwMTAyMTAzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVjZDU0ZWUyZWRhMTRmYmVkZGM5YzhiN2VlZjcyODRkYmE3OWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju5Ecn5zlTg4zljZVqdvUGY1Qll/
stC6x0JihTFoonbgnVxL53bHvtIORshiP1T8qHzREBhCAwdKqbP0y6S44TNkb6WH
JlRnzu+pV3zBCBnQk7SG0ehkdNkWjKaot1iWZNOxWaMItIuoO6/2/NeJqx5cGpxk
HAtZtIVe4fArbP/OjItbZVgmm+VUk1tsfNyjwVZjmqjCrYWlshwWP7Mw25N1pV4z
F5JFY+GGYvpaG9hz9QyPRb4zZo+EBm6l3YxNOKvsrkSf+p/s71a96297VqGvYqui
lhof8JduB3Zt85xxivBriBacPaOmTvLt50yzp7a7DU/9OiwYVHA9CnmIaQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlc1U7i7aFPvt3JyLfu9yhNunnNMB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvMS1WelZUdUx0b1UtLTNjbkl0LTczS0UyNmVjMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWYvZmEzNTQ0LTEwMjUtNGU4Zi1hOGZlLTdhMjhhZjI5Y2Rj
Mi8xL0xISEpZQVhoT29Tajh4N3gyWkYzZjB0dU1hYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2XPDAN
BgkqhkiG9w0BAQsFAAOCAQEAM/AFPcOp2b73h9hGtZcRln9cJE1mpysHgAVQ6osQ
UXXy2JztcJhSNau7QHetyt+DzJ/TAuhNEkkQNBJAIZYPN9Q28YYt5OFsckQ/JiJb
t2tzGwUbqgCX41/pSRvuUO3sSzATJjULuL6Piw6ihdX7jwezsAYO346mGNd2Uroc
u/fMBAS2RClKulfWoROU8v9uB/occfR/brtj5TfLE4TrN/9C0+065VHxpBLyNont
P9JA/GG8QZ3v3jr67VUihC0+KbWj1Jt2190rb2OB83WIunyxqCmq/kU32LHhV07S
qF6OSQllWO6uGG5ewNz0YhSfxOTf0OurSsZdlWTf+u2f3w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:53:36 2025 by rpki-client