Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/G5jaXkdhg37_sk2pe8tom82RZug.roa
File: G5jaXkdhg37_sk2pe8tom82RZug.roa (raw, json)
Hash identifier: QSIxF6TTLYoUjLAhiq9u0XD9JuJeji6N6lbkSroKmr8=
Subject key identifier: 1B:98:DA:5E:47:61:83:7E:FF:B2:4D:A9:7B:CB:68:9B:CD:91:66:E8
Certificate issuer: /CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Certificate serial: 0182E8CDED388C293E654B217CA78206BD0C
Authority key identifier: DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/G5jaXkdhg37_sk2pe8tom82RZug.roa
Signing time: Mon 29 Aug 2022 08:53:05 +0000
ROA not before: Mon 29 Aug 2022 08:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42675
IP address blocks: 45.15.16.0/24 maxlen: 24
62.204.40.0/24 maxlen: 24
2a0e:1c80:8::/48 maxlen: 48
2a0e:1c80:6::/48 maxlen: 48
2a0e:1c80:1::/48 maxlen: 48
2a0e:1c80:f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:cd:ed:38:8c:29:3e:65:4b:21:7c:a7:82:06:bd:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Validity
Not Before: Aug 29 08:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b98da5e4761837effb24da97bcb689bcd9166e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ef:cc:a2:c0:85:c4:21:27:98:cc:43:bf:13:
e5:fa:f5:9a:b9:5c:fb:6b:08:1c:05:e8:4e:e3:43:
c8:2a:cd:81:5b:91:1c:fb:ce:30:24:5d:f0:8f:14:
79:a2:b7:3d:25:7e:6e:a0:db:6b:34:76:a0:f8:30:
3f:7c:db:cb:55:a1:f9:ec:ed:eb:b2:55:16:fb:5f:
20:98:7e:19:03:9e:29:8d:1e:3b:a7:c4:80:1b:1f:
0c:d0:5f:b3:33:ee:d5:af:56:6a:a7:f8:d4:5d:91:
01:2a:3b:7b:44:1b:c9:a6:ef:21:f1:7f:2e:a1:af:
ac:45:a1:42:a9:23:ba:3c:e0:fe:fa:44:84:97:a1:
df:93:21:91:99:17:b3:ce:22:4f:50:36:6d:2f:fb:
d1:35:f0:2f:31:08:b1:61:1b:32:30:67:80:0a:e8:
cd:7a:73:c0:a5:a5:4b:95:3f:8c:b3:20:32:82:d8:
5c:4f:3d:99:6b:20:f0:ce:d8:c8:d9:55:5b:66:22:
68:e0:44:a3:be:c5:c4:0c:1f:f7:b9:8a:f0:51:df:
08:fe:5e:eb:97:bd:91:0f:c6:a9:30:5c:73:8b:30:
cd:1b:1d:df:66:6d:f0:7a:9f:03:0e:75:3d:f4:ad:
25:24:e5:ee:79:33:65:d7:a2:32:eb:f6:c3:82:83:
e4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:98:DA:5E:47:61:83:7E:FF:B2:4D:A9:7B:CB:68:9B:CD:91:66:E8
X509v3 Authority Key Identifier:
keyid:DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/G5jaXkdhg37_sk2pe8tom82RZug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/39cDtgrGhzJW5rSCa6J6ne7KLwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.16.0/24
62.204.40.0/24
IPv6:
2a0e:1c80:1::/48
2a0e:1c80:6::/48
2a0e:1c80:8::/48
2a0e:1c80:f::/48
Signature Algorithm: sha256WithRSAEncryption
4b:d5:e7:41:4f:d9:c9:2d:15:35:5b:90:e4:88:ac:ff:9f:73:
ec:56:66:bb:1e:79:48:19:5a:01:3b:88:04:ab:18:65:11:1c:
41:f9:dc:d1:40:eb:87:46:94:0a:6a:c1:bd:ed:78:3d:ac:1f:
61:f1:14:0b:be:d7:75:fe:25:df:ec:40:d0:11:30:d5:d0:7a:
c9:2f:15:ee:45:a4:cc:57:35:23:49:7d:5f:8c:e1:48:6a:45:
30:bf:ae:61:eb:58:a9:b2:57:72:b9:d4:1b:10:2f:58:68:e6:
ee:94:2e:b2:98:1d:52:2f:39:0b:76:86:06:9b:bf:df:bf:a0:
f1:10:06:81:c9:86:f6:27:cb:3e:ef:0b:3a:3b:65:de:4c:11:
df:aa:db:66:76:cd:fa:7b:fe:64:10:5c:f2:8c:36:4f:19:7c:
7d:34:93:eb:55:7c:c8:50:72:83:a2:02:a9:ab:ae:a3:56:c4:
83:80:39:ca:2a:94:58:62:fe:cf:e8:8e:25:5e:dc:c8:25:df:
cc:c8:21:42:a5:2c:f3:7e:db:d6:cf:2e:72:2d:cf:b4:02:43:
50:d3:8c:52:11:f5:e8:ad:61:59:a0:43:17:70:87:01:3b:d4:
8d:ec:9f:3d:e1:12:5c:16:1e:53:39:aa:32:95:de:93:ad:d3:
a7:40:50:4c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYLoze04jCk+ZUshfKeCBr0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDcwM2I2MGFjNjg3MzI1NmU2YjQ4MjZiYTI3YTlkZWVj
YTJmMGEwHhcNMjIwODI5MDg1MzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjk4ZGE1ZTQ3NjE4MzdlZmZiMjRkYTk3YmNiNjg5YmNkOTE2NmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu/MosCFxCEnmMxDvxPl+vWauVz7
awgcBehO40PIKs2BW5Ec+84wJF3wjxR5orc9JX5uoNtrNHag+DA/fNvLVaH57O3r
slUW+18gmH4ZA54pjR47p8SAGx8M0F+zM+7Vr1Zqp/jUXZEBKjt7RBvJpu8h8X8u
oa+sRaFCqSO6POD++kSEl6HfkyGRmRezziJPUDZtL/vRNfAvMQixYRsyMGeACujN
enPApaVLlT+MsyAygthcTz2ZayDwztjI2VVbZiJo4ESjvsXEDB/3uYrwUd8I/l7r
l72RD8apMFxzizDNGx3fZm3wep8DDnU99K0lJOXueTNl16Iy6/bDgoPklQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBuY2l5HYYN+/7JNqXvLaJvNkWboMB8GA1UdIwQY
MBaAFN/XA7YKxocyVua0gmuiep3uyi8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDct
NTNmMDc4OGUxYTFiLzEvRzVqYVhrZGhnMzdfc2sycGU4dG9tODJSWnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDctNTNmMDc4OGUxYTFi
LzEvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQALQ8QAwQA
PswoMCoEAgACMCQDBwAqDhyAAAEDBwAqDhyAAAYDBwAqDhyAAAgDBwAqDhyAAA8w
DQYJKoZIhvcNAQELBQADggEBAEvV50FP2cktFTVbkOSIrP+fc+xWZrseeUgZWgE7
iASrGGURHEH53NFA64dGlApqwb3teD2sH2HxFAu+13X+Jd/sQNARMNXQeskvFe5F
pMxXNSNJfV+M4UhqRTC/rmHrWKmyV3K51BsQL1ho5u6ULrKYHVIvOQt2hgabv9+/
oPEQBoHJhvYnyz7vCzo7Zd5MEd+q22Z2zfp7/mQQXPKMNk8ZfH00k+tVfMhQcoOi
AqmrrqNWxIOAOcoqlFhi/s/ojiVe3Mgl38zIIUKlLPN+29bPLnItz7QCQ1DTjFIR
9eitYVmgQxdwhwE71I3snz3hElwWHlM5qjKV3pOt06dAUEw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 23:40:56 2025 by rpki-client