Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/uZq55f5XuQqQ7rrf5WAbTtH3Eg0.roa
File: uZq55f5XuQqQ7rrf5WAbTtH3Eg0.roa (raw, json)
Hash identifier: mqFOL5ArU7MflWJib0dCvCKgrFOQckiZASgofur+1AE=
Subject key identifier: B9:9A:B9:E5:FE:57:B9:0A:90:EE:BA:DF:E5:60:1B:4E:D1:F7:12:0D
Certificate issuer: /CN=220ab0d7ae01c7ba7da69d71a91472b390cd7091
Certificate serial: 0194258F982E9188A64EAC8075010672A86F
Authority key identifier: 22:0A:B0:D7:AE:01:C7:BA:7D:A6:9D:71:A9:14:72:B3:90:CD:70:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Igqw164Bx7p9pp1xqRRys5DNcJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/uZq55f5XuQqQ7rrf5WAbTtH3Eg0.roa
Signing time: Thu 02 Jan 2025 05:49:15 +0000
ROA not before: Thu 02 Jan 2025 05:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13135
IP address blocks: 45.66.88.0/22 maxlen: 22
2a09:6640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:98:2e:91:88:a6:4e:ac:80:75:01:06:72:a8:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220ab0d7ae01c7ba7da69d71a91472b390cd7091
Validity
Not Before: Jan 2 05:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b99ab9e5fe57b90a90eebadfe5601b4ed1f7120d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2c:80:e5:57:9c:05:d9:d0:8a:05:a0:90:89:
98:6d:fd:ae:2b:a5:b0:fa:6c:2e:db:d3:21:02:81:
66:f5:3f:ab:0d:1c:f3:23:08:df:d6:10:56:13:f2:
5a:a9:29:20:db:83:a4:11:a1:fb:a8:10:e4:28:0c:
71:ba:d5:ae:47:bb:ba:8d:81:0d:12:97:f9:15:cb:
9c:f4:08:2e:2d:c2:51:4a:7f:29:90:26:fb:32:28:
1f:2b:a2:3a:f5:2b:48:8f:18:e5:0e:ba:d5:00:ef:
4a:d5:b8:b5:ef:84:f1:3b:ab:da:d3:6b:fd:29:86:
31:bf:c3:3f:38:bc:d6:66:bd:f8:05:a1:e8:ab:33:
76:68:30:1b:21:0c:14:83:56:84:d8:9a:ed:6f:34:
8c:bf:c2:1d:1f:3a:7f:d1:a4:46:06:b3:a3:41:8c:
42:59:8b:77:4b:88:e5:59:aa:f1:c4:61:79:98:17:
34:49:5e:33:e0:f5:b1:a2:ce:6e:f3:f6:4b:a6:d1:
1f:5b:d2:58:b1:88:cd:0b:89:25:67:88:77:76:0c:
71:89:fe:d4:41:fe:b0:b0:e2:b6:87:22:c7:c7:ed:
16:e5:d5:f0:c0:42:15:9d:b6:e9:82:a9:ed:48:ca:
da:82:7b:8e:07:9a:0c:fa:f8:e2:df:1c:88:e0:2a:
92:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9A:B9:E5:FE:57:B9:0A:90:EE:BA:DF:E5:60:1B:4E:D1:F7:12:0D
X509v3 Authority Key Identifier:
keyid:22:0A:B0:D7:AE:01:C7:BA:7D:A6:9D:71:A9:14:72:B3:90:CD:70:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igqw164Bx7p9pp1xqRRys5DNcJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/uZq55f5XuQqQ7rrf5WAbTtH3Eg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/Igqw164Bx7p9pp1xqRRys5DNcJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.88.0/22
IPv6:
2a09:6640::/29
Signature Algorithm: sha256WithRSAEncryption
03:49:60:98:24:ef:95:c4:1c:70:ad:c2:ab:36:a6:5a:c2:41:
24:94:29:c5:48:40:fa:2e:9b:6a:b4:9b:cb:a8:7c:73:35:db:
e1:e7:8c:56:5f:3f:48:88:6b:63:f9:9b:4b:8a:39:16:6e:d3:
69:ba:b8:f3:5a:7e:d7:c2:1f:47:9c:5f:c5:9e:0e:04:a5:86:
52:7a:36:72:18:69:90:ba:02:57:c3:42:99:dd:1f:04:0e:32:
fc:fd:c3:2b:2c:f7:a2:f0:ca:78:50:c6:67:75:74:5a:65:67:
cd:8a:42:3d:4f:24:48:a9:85:94:ea:62:63:a9:b9:7d:55:64:
5f:53:7e:e7:95:18:11:04:f5:10:9a:36:85:ac:59:06:bc:21:
60:6b:3e:55:cd:a1:88:fa:b4:4e:cd:e2:ee:28:d5:b6:31:f9:
58:14:27:16:11:f5:54:ce:c2:9d:02:22:87:ca:30:3c:47:6a:
8b:9e:9f:e2:10:ec:95:4f:f1:7f:c7:24:a7:ab:e0:ca:e5:21:
75:dc:50:64:79:f6:00:82:30:1d:c4:5b:77:4b:3a:ef:71:af:
26:7f:58:e1:2e:9e:a6:fa:56:c8:3d:0a:2f:82:45:f4:4d:35:
17:a3:38:47:fc:11:00:47:b9:b7:64:13:fd:43:c2:bf:08:2d:
2e:8f:58:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj5gukYimTqyAdQEGcqhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGFiMGQ3YWUwMWM3YmE3ZGE2OWQ3MWE5MTQ3MmIzOTBj
ZDcwOTEwHhcNMjUwMTAyMDU0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlhYjllNWZlNTdiOTBhOTBlZWJhZGZlNTYwMWI0ZWQxZjcxMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SyA5VecBdnQigWgkImYbf2uK6Ww
+mwu29MhAoFm9T+rDRzzIwjf1hBWE/JaqSkg24OkEaH7qBDkKAxxutWuR7u6jYEN
Epf5Fcuc9AguLcJRSn8pkCb7MigfK6I69StIjxjlDrrVAO9K1bi174TxO6va02v9
KYYxv8M/OLzWZr34BaHoqzN2aDAbIQwUg1aE2JrtbzSMv8IdHzp/0aRGBrOjQYxC
WYt3S4jlWarxxGF5mBc0SV4z4PWxos5u8/ZLptEfW9JYsYjNC4klZ4h3dgxxif7U
Qf6wsOK2hyLHx+0W5dXwwEIVnbbpgqntSMragnuOB5oM+vji3xyI4CqSfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLmaueX+V7kKkO663+VgG07R9xINMB8GA1UdIwQY
MBaAFCIKsNeuAce6faadcakUcrOQzXCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdxdzE2NEJ4N3A5cHAxeHFSUnlzNUROY0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mMDQ2NTgtZmFkNy00MjNjLWJiNDIt
ODJmYTNkMjYwODY5LzEvdVpxNTVmNVh1UXFRN3JyZjVXQWJUdEgzRWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mMDQ2NTgtZmFkNy00MjNjLWJiNDItODJmYTNkMjYwODY5
LzEvSWdxdzE2NEJ4N3A5cHAxeHFSUnlzNUROY0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUJYMA0E
AgACMAcDBQMqCWZAMA0GCSqGSIb3DQEBCwUAA4IBAQADSWCYJO+VxBxwrcKrNqZa
wkEklCnFSED6LptqtJvLqHxzNdvh54xWXz9IiGtj+ZtLijkWbtNpurjzWn7Xwh9H
nF/Fng4EpYZSejZyGGmQugJXw0KZ3R8EDjL8/cMrLPei8Mp4UMZndXRaZWfNikI9
TyRIqYWU6mJjqbl9VWRfU37nlRgRBPUQmjaFrFkGvCFgaz5VzaGI+rROzeLuKNW2
MflYFCcWEfVUzsKdAiKHyjA8R2qLnp/iEOyVT/F/xySnq+DK5SF13FBkefYAgjAd
xFt3Szrvca8mf1jhLp6m+lbIPQovgkX0TTUXozhH/BEAR7m3ZBP9Q8K/CC0uj1hO
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:35 2025 by rpki-client