Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/40yNe5drs03KBqTPteFk6f_6lOI.roa
File: 40yNe5drs03KBqTPteFk6f_6lOI.roa (raw, json)
Hash identifier: +9sbecufhXxr3UfhY0K/1Ke1i8FJRZHe8knUxyECWgU=
Subject key identifier: E3:4C:8D:7B:97:6B:B3:4D:CA:06:A4:CF:B5:E1:64:E9:FF:FA:94:E2
Certificate issuer: /CN=962aa32ebec9cea1c93c4bd55f85ef7e0a5d4f92
Certificate serial: 0194258EF4766EFA19F4F5F5DA790960CA28
Authority key identifier: 96:2A:A3:2E:BE:C9:CE:A1:C9:3C:4B:D5:5F:85:EF:7E:0A:5D:4F:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/liqjLr7JzqHJPEvVX4XvfgpdT5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/40yNe5drs03KBqTPteFk6f_6lOI.roa
Signing time: Thu 02 Jan 2025 05:48:33 +0000
ROA not before: Thu 02 Jan 2025 05:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49544
IP address blocks: 45.147.87.0/24 maxlen: 24
2a13:3ec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f4:76:6e:fa:19:f4:f5:f5:da:79:09:60:ca:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962aa32ebec9cea1c93c4bd55f85ef7e0a5d4f92
Validity
Not Before: Jan 2 05:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e34c8d7b976bb34dca06a4cfb5e164e9fffa94e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c0:91:f0:6b:d0:bc:dd:43:b6:a0:43:a5:fa:
cf:6d:20:2b:5d:f9:b8:2d:70:ff:e0:91:11:f0:77:
3c:56:55:cc:34:ae:11:c3:bb:8f:db:98:cd:a2:d1:
73:89:e0:d0:ad:22:27:a2:2e:90:9e:72:67:49:b6:
8e:d1:ba:d4:56:fa:d3:77:c7:be:0f:37:c3:84:77:
82:c2:e1:1c:9b:47:7a:3c:98:d5:b8:bb:da:3f:87:
e1:0a:f1:b5:5c:97:69:a8:62:48:c8:52:0c:44:fc:
a1:27:56:29:2e:5d:4d:ab:9a:09:95:75:30:01:82:
87:49:68:c6:73:14:26:3c:09:f0:4d:0f:ac:da:ab:
3a:03:c6:8e:63:64:4e:dd:4f:e2:88:d5:d8:ee:be:
95:be:eb:62:de:b5:8a:37:f3:b8:ce:c7:f8:e4:10:
57:ef:93:39:a1:68:ad:f4:68:70:cb:27:69:9f:1d:
44:01:68:33:68:f0:3e:cd:0a:b1:08:36:5d:89:09:
d8:9a:f7:d3:ba:b1:f3:62:e4:09:88:09:05:71:08:
2f:39:05:c2:d3:95:aa:b1:ce:62:6b:0a:c8:b6:ba:
1e:21:db:0c:c1:cf:dd:29:d8:32:6d:61:4f:63:e5:
1f:44:2a:49:9c:3e:84:71:e1:27:7d:ea:67:fb:ce:
dd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4C:8D:7B:97:6B:B3:4D:CA:06:A4:CF:B5:E1:64:E9:FF:FA:94:E2
X509v3 Authority Key Identifier:
keyid:96:2A:A3:2E:BE:C9:CE:A1:C9:3C:4B:D5:5F:85:EF:7E:0A:5D:4F:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/liqjLr7JzqHJPEvVX4XvfgpdT5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/40yNe5drs03KBqTPteFk6f_6lOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/2e38ea-c9fa-4013-9fd3-858c6f8829eb/1/liqjLr7JzqHJPEvVX4XvfgpdT5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.87.0/24
IPv6:
2a13:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
18:82:43:36:dd:c4:03:39:51:c5:96:ec:8f:aa:5b:a3:9a:d0:
f4:c0:ba:fe:41:69:c6:82:33:2b:87:94:32:ba:df:73:7a:1f:
f0:8a:96:2c:6f:ad:21:6d:33:01:18:b5:c7:37:cc:ed:2a:d5:
6f:d2:a4:0d:ba:1f:78:23:dc:af:39:a2:8d:50:f4:b1:73:1a:
fb:ea:f5:ca:f3:d5:3f:94:91:b5:77:bb:db:3c:37:dd:7c:40:
e0:f8:65:e7:b3:2f:32:14:a9:aa:87:fa:57:9d:ec:8d:c7:40:
7e:c8:8e:9a:23:8f:5f:2f:f8:66:0e:10:f5:95:67:39:eb:7f:
2b:76:2f:34:0d:aa:c7:b0:fa:87:93:ec:ee:0c:f2:4a:91:7c:
20:f7:c9:58:9d:41:63:3c:38:73:01:1a:2a:3d:e4:c6:8c:8c:
b6:85:9a:96:60:c3:e3:a9:d8:28:3c:0a:aa:d0:a2:82:dc:82:
8a:40:b5:e3:8d:ad:9f:c9:d7:e6:c3:1e:0b:a7:bb:8f:17:2c:
ce:ed:d9:c8:4c:60:b8:c5:f1:4c:10:3a:9b:ea:2e:12:f5:ae:
bd:13:81:0d:e5:cd:9f:5a:49:7c:e1:28:9a:ae:44:15:ce:77:
10:7f:29:d5:11:c5:78:7a:a6:d2:a9:0e:44:43:da:14:c1:21:
0c:c5:73:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljvR2bvoZ9PX12nkJYMooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmFhMzJlYmVjOWNlYTFjOTNjNGJkNTVmODVlZjdlMGE1
ZDRmOTIwHhcNMjUwMTAyMDU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRjOGQ3Yjk3NmJiMzRkY2EwNmE0Y2ZiNWUxNjRlOWZmZmE5NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMCR8GvQvN1DtqBDpfrPbSArXfm4
LXD/4JER8Hc8VlXMNK4Rw7uP25jNotFzieDQrSInoi6QnnJnSbaO0brUVvrTd8e+
DzfDhHeCwuEcm0d6PJjVuLvaP4fhCvG1XJdpqGJIyFIMRPyhJ1YpLl1Nq5oJlXUw
AYKHSWjGcxQmPAnwTQ+s2qs6A8aOY2RO3U/iiNXY7r6Vvuti3rWKN/O4zsf45BBX
75M5oWit9Ghwyydpnx1EAWgzaPA+zQqxCDZdiQnYmvfTurHzYuQJiAkFcQgvOQXC
05Wqsc5iawrItroeIdsMwc/dKdgybWFPY+UfRCpJnD6EceEnfepn+87dqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFONMjXuXa7NNygakz7XhZOn/+pTiMB8GA1UdIwQY
MBaAFJYqoy6+yc6hyTxL1V+F734KXU+SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGlxakxyN0p6cUhKUEV2Vlg0WHZmZ3BkVDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8yZTM4ZWEtYzlmYS00MDEzLTlmZDMt
ODU4YzZmODgyOWViLzEvNDB5TmU1ZHJzMDNLQnFUUHRlRms2Zl82bE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8yZTM4ZWEtYzlmYS00MDEzLTlmZDMtODU4YzZmODgyOWVi
LzEvbGlxakxyN0p6cUhKUEV2Vlg0WHZmZ3BkVDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZNXMA0E
AgACMAcDBQMqEz7AMA0GCSqGSIb3DQEBCwUAA4IBAQAYgkM23cQDOVHFluyPqluj
mtD0wLr+QWnGgjMrh5Qyut9zeh/wipYsb60hbTMBGLXHN8ztKtVv0qQNuh94I9yv
OaKNUPSxcxr76vXK89U/lJG1d7vbPDfdfEDg+GXnsy8yFKmqh/pXneyNx0B+yI6a
I49fL/hmDhD1lWc5638rdi80DarHsPqHk+zuDPJKkXwg98lYnUFjPDhzARoqPeTG
jIy2hZqWYMPjqdgoPAqq0KKC3IKKQLXjja2fydfmwx4Lp7uPFyzO7dnITGC4xfFM
EDqb6i4S9a69E4EN5c2fWkl84SiarkQVzncQfynVEcV4eqbSqQ5EQ9oUwSEMxXOU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:07 2025 by rpki-client