Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/I9T5pUcfw6_bwHiWYuoWLMXLmz0.roa
File: I9T5pUcfw6_bwHiWYuoWLMXLmz0.roa (raw, json)
Hash identifier: zKgFa/+hoYJgIY/qGosyw/0uXZNACJolY9rR3+VewiY=
Subject key identifier: 23:D4:F9:A5:47:1F:C3:AF:DB:C0:78:96:62:EA:16:2C:C5:CB:9B:3D
Certificate issuer: /CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Certificate serial: 01824E28FBD332E16CBF382E7D1C8EA28ED1
Authority key identifier: DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/I9T5pUcfw6_bwHiWYuoWLMXLmz0.roa
Signing time: Sat 30 Jul 2022 08:11:24 +0000
ROA not before: Sat 30 Jul 2022 08:11:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29802
IP address blocks: 45.15.17.0/24 maxlen: 24
2a0e:1c80:18::/48 maxlen: 48
2a0e:1c80:16::/48 maxlen: 48
2a0e:1c80:17::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4e:28:fb:d3:32:e1:6c:bf:38:2e:7d:1c:8e:a2:8e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Validity
Not Before: Jul 30 08:11:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23d4f9a5471fc3afdbc0789662ea162cc5cb9b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:df:eb:cd:6d:7e:14:0f:fc:1e:a0:95:ea:76:
d3:38:51:8d:3e:6d:9c:16:14:08:5b:fa:6b:87:29:
3f:d2:51:21:56:73:7b:df:d5:f2:fb:ab:e8:1f:89:
38:87:ed:80:ff:2d:c2:de:e4:a7:af:fa:4d:1d:16:
5a:65:17:8b:a3:86:1f:42:ab:46:53:f0:14:1e:42:
58:2e:14:89:d3:95:0e:bc:d5:4a:64:c7:62:dd:f1:
d2:a4:45:6f:70:2b:ea:3c:93:e2:b2:0d:f4:c7:5c:
08:92:e6:d7:58:76:13:66:c4:77:f6:66:90:a9:29:
31:ab:b3:24:ac:c1:72:be:70:5c:36:d0:83:e3:b5:
77:0c:cf:e2:76:91:2b:4d:f1:01:5a:e0:cc:a8:f3:
20:0f:7c:90:12:10:cf:a1:25:35:53:c9:7c:1e:c0:
6e:1b:f2:27:34:7d:17:c6:9e:9f:78:15:e4:a7:58:
3a:c9:52:d4:86:df:b7:58:3f:85:4b:1b:ad:8c:42:
31:d5:12:f7:4e:82:d8:3f:08:8b:b3:7e:d6:1f:bb:
cd:46:00:7d:a6:c4:c6:77:7e:95:dc:c1:9e:a8:dd:
b2:5b:c9:80:d9:6f:71:e6:22:b9:f7:9d:91:4b:4e:
89:07:eb:80:0a:52:6c:1d:39:5d:45:9c:e5:a6:f7:
f2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D4:F9:A5:47:1F:C3:AF:DB:C0:78:96:62:EA:16:2C:C5:CB:9B:3D
X509v3 Authority Key Identifier:
keyid:DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/I9T5pUcfw6_bwHiWYuoWLMXLmz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/39cDtgrGhzJW5rSCa6J6ne7KLwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.17.0/24
IPv6:
2a0e:1c80:16::-2a0e:1c80:18:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:5a:f8:93:ce:c4:ef:2c:8c:5b:90:ed:f5:0b:0c:ea:d8:11:
e2:3a:08:36:f6:4d:43:d4:59:78:28:f2:25:4d:ee:e6:af:b5:
b2:86:d7:d8:48:54:1a:5b:61:e7:bf:e0:09:75:92:69:82:74:
bb:cd:f4:cb:df:3c:d1:87:79:ba:7b:c3:aa:20:b9:ef:3c:64:
74:e1:5b:09:c9:9e:b3:30:fe:a7:37:ca:3b:91:ce:b2:1c:82:
0c:d6:d0:63:86:99:ec:ff:50:f7:fa:a1:09:f1:ca:31:28:d6:
be:d2:2c:96:b6:7f:0b:38:17:49:0f:bb:89:5f:01:f7:55:0b:
77:ab:c6:1c:94:d0:1a:de:87:1c:eb:97:a8:4b:a6:05:3b:22:
2d:ef:88:06:70:4e:5d:0f:f1:17:a8:9e:d0:d6:52:7d:fd:2e:
32:6f:2c:7f:a0:4a:04:1b:73:dc:6e:47:5f:b4:a3:78:04:b1:
68:89:cb:ad:76:1a:b3:a3:b6:1b:c8:22:fe:6e:d8:58:ac:7d:
d7:23:9e:49:e1:4a:0a:a5:36:0e:f4:fd:f4:f0:b3:6d:d7:ca:
e7:bc:04:81:2f:dc:56:f9:78:06:d2:ab:4a:5a:64:13:40:44:
9a:37:80:e4:da:d8:ec:ba:cf:39:46:ab:14:42:b7:5d:a8:73:
4f:c7:6b:fc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYJOKPvTMuFsvzgufRyOoo7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDcwM2I2MGFjNjg3MzI1NmU2YjQ4MjZiYTI3YTlkZWVj
YTJmMGEwHhcNMjIwNzMwMDgxMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Q0ZjlhNTQ3MWZjM2FmZGJjMDc4OTY2MmVhMTYyY2M1Y2I5YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt/rzW1+FA/8HqCV6nbTOFGNPm2c
FhQIW/prhyk/0lEhVnN739Xy+6voH4k4h+2A/y3C3uSnr/pNHRZaZReLo4YfQqtG
U/AUHkJYLhSJ05UOvNVKZMdi3fHSpEVvcCvqPJPisg30x1wIkubXWHYTZsR39maQ
qSkxq7MkrMFyvnBcNtCD47V3DM/idpErTfEBWuDMqPMgD3yQEhDPoSU1U8l8HsBu
G/InNH0Xxp6feBXkp1g6yVLUht+3WD+FSxutjEIx1RL3ToLYPwiLs37WH7vNRgB9
psTGd36V3MGeqN2yW8mA2W9x5iK5952RS06JB+uAClJsHTldRZzlpvfyuwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCPU+aVHH8Ov28B4lmLqFizFy5s9MB8GA1UdIwQY
MBaAFN/XA7YKxocyVua0gmuiep3uyi8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDct
NTNmMDc4OGUxYTFiLzEvSTlUNXBVY2Z3Nl9id0hpV1l1b1dMTVhMbXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDctNTNmMDc4OGUxYTFi
LzEvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQALQ8RMBoE
AgACMBQwEgMHASoOHIAAFgMHACoOHIAAGDANBgkqhkiG9w0BAQsFAAOCAQEAR1r4
k87E7yyMW5Dt9QsM6tgR4joINvZNQ9RZeCjyJU3u5q+1sobX2EhUGlth57/gCXWS
aYJ0u830y9880Yd5unvDqiC57zxkdOFbCcmeszD+pzfKO5HOshyCDNbQY4aZ7P9Q
9/qhCfHKMSjWvtIslrZ/CzgXSQ+7iV8B91ULd6vGHJTQGt6HHOuXqEumBTsiLe+I
BnBOXQ/xF6ie0NZSff0uMm8sf6BKBBtz3G5HX7SjeASxaInLrXYas6O2G8gi/m7Y
WKx91yOeSeFKCqU2DvT99PCzbdfK57wEgS/cVvl4BtKrSlpkE0BEmjeA5NrY7LrP
OUarFEK3XahzT8dr/A==
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:42:13 2025 by rpki-client