Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/pu3w7UCd4Jix5FHNDyD1wbsxi8M.roa
File: pu3w7UCd4Jix5FHNDyD1wbsxi8M.roa (raw, json)
Hash identifier: J6M/UUbbX9rFSK6+ULPDexwZqprBkdzi2+HoEA2BwBc=
Subject key identifier: A6:ED:F0:ED:40:9D:E0:98:B1:E4:51:CD:0F:20:F5:C1:BB:31:8B:C3
Certificate issuer: /CN=977775ce8804695996ce77c7d3681b9c241b362f
Certificate serial: 019420D65C777AB36104625AB02F52D5642D
Authority key identifier: 97:77:75:CE:88:04:69:59:96:CE:77:C7:D3:68:1B:9C:24:1B:36:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3d1zogEaVmWznfH02gbnCQbNi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/pu3w7UCd4Jix5FHNDyD1wbsxi8M.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15943
IP address blocks: 185.45.16.0/22 maxlen: 22
2a01:7960::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5c:77:7a:b3:61:04:62:5a:b0:2f:52:d5:64:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=977775ce8804695996ce77c7d3681b9c241b362f
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6edf0ed409de098b1e451cd0f20f5c1bb318bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ca:20:3a:22:0b:27:27:38:24:75:23:a1:ba:
0e:ce:41:2e:21:57:26:ef:fb:16:1f:d2:0e:fb:cd:
58:8f:5c:13:eb:11:72:a0:2e:b5:68:cc:28:67:95:
41:b6:63:71:da:08:bd:2a:01:25:ec:7c:96:60:52:
77:7f:d7:22:6b:1f:16:e4:e3:96:86:bc:f5:94:07:
72:b4:e6:db:d4:b7:7e:dd:90:fe:1a:11:90:75:81:
b1:66:6a:97:ac:7e:05:d1:2d:db:56:53:be:ec:d8:
bb:98:43:cc:5d:94:e1:14:91:74:42:9e:a3:e3:79:
c2:16:48:57:f2:af:6b:f2:b1:17:de:4b:36:9d:84:
48:cc:31:3c:43:25:d1:10:8e:55:b5:98:5e:da:90:
d8:68:66:63:93:81:62:ac:34:24:1f:1e:f5:d9:90:
89:05:82:00:b5:2c:c7:87:2d:fb:4d:ef:22:2d:cf:
aa:ce:84:19:6a:77:94:2b:c5:43:8a:83:3c:d1:17:
10:98:66:60:ef:bc:64:85:c2:cc:11:85:91:93:d1:
a8:80:00:ec:7f:4a:2d:ec:12:14:9b:ef:d6:e5:78:
9c:54:52:b2:f5:3b:3e:e6:dd:fc:53:72:68:38:74:
13:32:b2:e6:70:6e:be:da:87:83:83:94:f5:1d:47:
3b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:ED:F0:ED:40:9D:E0:98:B1:E4:51:CD:0F:20:F5:C1:BB:31:8B:C3
X509v3 Authority Key Identifier:
keyid:97:77:75:CE:88:04:69:59:96:CE:77:C7:D3:68:1B:9C:24:1B:36:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3d1zogEaVmWznfH02gbnCQbNi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/pu3w7UCd4Jix5FHNDyD1wbsxi8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/bc8e10-461e-4ce4-8be9-6239733c6184/1/l3d1zogEaVmWznfH02gbnCQbNi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.16.0/22
IPv6:
2a01:7960::/32
Signature Algorithm: sha256WithRSAEncryption
19:87:85:3e:ea:0a:0e:1b:e5:24:b9:d5:bf:27:d1:47:a5:f7:
ed:b4:bc:e9:15:bf:33:9d:6d:43:88:29:8e:c0:ac:66:8f:0d:
d5:db:8d:c5:69:0c:75:cc:99:04:65:7d:5a:b0:25:c8:0e:59:
a1:ff:26:aa:7d:30:fc:9b:13:65:5b:59:a1:74:bd:44:17:21:
cb:d4:21:9d:70:41:9e:5c:a8:ec:0f:01:4f:37:35:2d:84:ec:
1e:07:77:1d:1d:5c:3f:4a:23:84:67:47:70:24:93:d6:3a:ff:
41:33:a8:71:33:dc:5f:ed:86:64:89:fc:40:d2:55:10:f7:6a:
f9:ed:52:50:ea:78:11:4e:2e:fa:22:74:a2:a4:6d:62:9a:4c:
2f:b1:fd:c0:39:ac:a2:ce:ac:00:27:23:51:f3:cd:dc:04:db:
0b:4d:de:94:49:e3:0a:e9:f1:38:dd:96:e7:c3:ca:fd:8c:1f:
22:9b:2d:f1:16:23:77:90:5a:09:7e:f0:86:f3:30:27:f0:d8:
35:1a:df:db:40:c6:e9:54:76:ce:8c:ee:cd:8e:66:3a:14:ab:
38:c2:ee:a5:7c:7d:25:e6:77:05:f6:7a:75:65:fb:9b:a3:73:
48:86:18:64:16:82:63:9b:45:59:a4:6e:e2:78:f4:d5:37:36:
16:bc:e8:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1lx3erNhBGJasC9S1WQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Nzc3NWNlODgwNDY5NTk5NmNlNzdjN2QzNjgxYjljMjQx
YjM2MmYwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVkZjBlZDQwOWRlMDk4YjFlNDUxY2QwZjIwZjVjMWJiMzE4YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcogOiILJyc4JHUjoboOzkEuIVcm
7/sWH9IO+81Yj1wT6xFyoC61aMwoZ5VBtmNx2gi9KgEl7HyWYFJ3f9ciax8W5OOW
hrz1lAdytObb1Ld+3ZD+GhGQdYGxZmqXrH4F0S3bVlO+7Ni7mEPMXZThFJF0Qp6j
43nCFkhX8q9r8rEX3ks2nYRIzDE8QyXREI5VtZhe2pDYaGZjk4FirDQkHx712ZCJ
BYIAtSzHhy37Te8iLc+qzoQZaneUK8VDioM80RcQmGZg77xkhcLMEYWRk9GogADs
f0ot7BIUm+/W5XicVFKy9Ts+5t38U3JoOHQTMrLmcG6+2oeDg5T1HUc7fwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKbt8O1AneCYseRRzQ8g9cG7MYvDMB8GA1UdIwQY
MBaAFJd3dc6IBGlZls53x9NoG5wkGzYvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNkMXpvZ0VhVm1Xem5mSDAyZ2JuQ1FiTmk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iYzhlMTAtNDYxZS00Y2U0LThiZTkt
NjIzOTczM2M2MTg0LzEvcHUzdzdVQ2Q0Sml4NUZITkR5RDF3YnN4aThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iYzhlMTAtNDYxZS00Y2U0LThiZTktNjIzOTczM2M2MTg0
LzEvbDNkMXpvZ0VhVm1Xem5mSDAyZ2JuQ1FiTmk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS0QMA0E
AgACMAcDBQAqAXlgMA0GCSqGSIb3DQEBCwUAA4IBAQAZh4U+6goOG+UkudW/J9FH
pffttLzpFb8znW1DiCmOwKxmjw3V243FaQx1zJkEZX1asCXIDlmh/yaqfTD8mxNl
W1mhdL1EFyHL1CGdcEGeXKjsDwFPNzUthOweB3cdHVw/SiOEZ0dwJJPWOv9BM6hx
M9xf7YZkifxA0lUQ92r57VJQ6ngRTi76InSipG1imkwvsf3AOayizqwAJyNR883c
BNsLTd6USeMK6fE43Zbnw8r9jB8imy3xFiN3kFoJfvCG8zAn8Ng1Gt/bQMbpVHbO
jO7NjmY6FKs4wu6lfH0l5ncF9np1Zfubo3NIhhhkFoJjm0VZpG7iePTVNzYWvOja
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:59 2025 by rpki-client