Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/TB1Sm0D8Y22Iz6agldRrPEaWLms.roa
File: TB1Sm0D8Y22Iz6agldRrPEaWLms.roa (raw, json)
Hash identifier: kPGSIBjFwKcohl1DemEdAQJpeuwSIgCbwJywfPKdD7M=
Subject key identifier: 4C:1D:52:9B:40:FC:63:6D:88:CF:A6:A0:95:D4:6B:3C:46:96:2E:6B
Certificate issuer: /CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Certificate serial: 01852A1F340307BDBC5E1AB775EB4356C451
Authority key identifier: DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/TB1Sm0D8Y22Iz6agldRrPEaWLms.roa
Signing time: Mon 19 Dec 2022 11:22:45 +0000
ROA not before: Mon 19 Dec 2022 11:22:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41281
IP address blocks: 45.15.17.0/24 maxlen: 24
2a0e:1c80:9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:1f:34:03:07:bd:bc:5e:1a:b7:75:eb:43:56:c4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Validity
Not Before: Dec 19 11:22:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c1d529b40fc636d88cfa6a095d46b3c46962e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:89:f0:d2:ef:cc:56:c9:49:9b:2f:31:a6:96:
34:11:1c:89:d9:d9:9d:2c:c7:68:61:c1:33:71:6d:
07:84:17:21:6c:b5:f7:84:f1:ee:8e:e8:29:34:34:
dc:23:fb:1c:ff:7d:bb:e1:3b:33:06:fe:a9:32:bf:
35:56:0b:c9:76:2a:73:f4:4d:53:ef:59:c4:09:a7:
15:ee:2d:aa:ab:6d:a4:e3:91:cf:09:97:92:06:46:
a9:d5:45:b8:08:dc:67:4d:55:05:94:cb:01:3a:9d:
e8:c3:6e:50:58:e8:c5:09:f7:22:35:1a:1a:9e:24:
5c:3a:08:ba:f3:18:ff:bc:8e:56:ae:22:5f:6f:e9:
46:e4:97:8d:77:f5:08:16:93:7c:e4:7b:8d:0d:4f:
eb:0f:ce:4d:be:d3:55:aa:72:bd:ab:22:6b:ad:cf:
dd:bb:8b:77:79:29:3f:11:0e:ed:e0:1e:97:1d:2f:
80:c9:00:35:09:72:1d:14:7c:f9:b9:b6:45:b7:68:
95:5f:b9:08:7a:e7:25:69:8c:09:74:ff:cd:67:04:
0a:95:e8:84:e6:7c:5d:66:24:c0:51:a0:51:2c:81:
7f:17:b3:7d:11:e1:06:fe:b3:25:33:c0:2e:b6:ac:
dc:e1:36:44:e1:61:ce:82:f4:a5:63:5c:5e:e5:2d:
ee:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1D:52:9B:40:FC:63:6D:88:CF:A6:A0:95:D4:6B:3C:46:96:2E:6B
X509v3 Authority Key Identifier:
keyid:DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/TB1Sm0D8Y22Iz6agldRrPEaWLms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/39cDtgrGhzJW5rSCa6J6ne7KLwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.17.0/24
IPv6:
2a0e:1c80:9::/48
Signature Algorithm: sha256WithRSAEncryption
30:0c:c3:c1:ed:a8:0e:63:04:b9:a9:b5:6b:33:cb:57:70:bb:
1d:f8:67:25:21:28:8c:7b:ce:ec:38:47:56:31:f3:8d:70:61:
fe:53:0f:09:57:50:63:4a:46:0a:ed:6c:56:6b:22:e4:0a:4f:
3f:af:bf:4f:7d:85:73:ce:bd:d7:b3:77:de:c9:8e:26:0d:87:
a4:b6:c5:1f:aa:54:d3:c1:a0:0e:5e:b5:c4:dc:49:55:fd:b4:
22:13:3a:d8:ba:25:a4:e1:83:39:51:90:4b:88:36:e6:68:f3:
26:b0:92:a9:89:12:63:56:11:f6:7c:77:5a:c6:1a:72:35:80:
77:7d:a2:ca:2b:6c:ec:7b:6c:2f:16:fe:c1:85:58:aa:74:48:
8a:09:d2:2e:a2:61:57:fa:6c:36:72:51:2b:3c:85:8c:2f:10:
7f:9c:bb:7b:7c:7c:16:e3:e9:0e:fb:f9:13:5b:1e:0e:d3:df:
ae:bb:9f:b2:7c:22:11:8c:a0:59:c8:76:f5:ec:20:ab:fd:71:
0b:a4:5d:5b:35:05:0b:e5:5d:90:58:0c:bc:82:cb:69:79:6b:
c3:9d:06:15:41:6b:20:09:12:ec:d4:54:6f:90:24:fe:cb:a4:
ba:58:d3:c7:cd:f6:3a:ca:04:af:61:c2:84:0f:90:9a:5b:af:
fd:97:63:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUqHzQDB728Xhq3detDVsRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDcwM2I2MGFjNjg3MzI1NmU2YjQ4MjZiYTI3YTlkZWVj
YTJmMGEwHhcNMjIxMjE5MTEyMjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzFkNTI5YjQwZmM2MzZkODhjZmE2YTA5NWQ0NmIzYzQ2OTYyZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4nw0u/MVslJmy8xppY0ERyJ2dmd
LMdoYcEzcW0HhBchbLX3hPHujugpNDTcI/sc/3274TszBv6pMr81VgvJdipz9E1T
71nECacV7i2qq22k45HPCZeSBkap1UW4CNxnTVUFlMsBOp3ow25QWOjFCfciNRoa
niRcOgi68xj/vI5WriJfb+lG5JeNd/UIFpN85HuNDU/rD85NvtNVqnK9qyJrrc/d
u4t3eSk/EQ7t4B6XHS+AyQA1CXIdFHz5ubZFt2iVX7kIeuclaYwJdP/NZwQKleiE
5nxdZiTAUaBRLIF/F7N9EeEG/rMlM8Autqzc4TZE4WHOgvSlY1xe5S3uLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwdUptA/GNtiM+moJXUazxGli5rMB8GA1UdIwQY
MBaAFN/XA7YKxocyVua0gmuiep3uyi8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDct
NTNmMDc4OGUxYTFiLzEvVEIxU20wRDhZMjJJejZhZ2xkUnJQRWFXTG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDctNTNmMDc4OGUxYTFi
LzEvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQ8RMA8E
AgACMAkDBwAqDhyAAAkwDQYJKoZIhvcNAQELBQADggEBADAMw8HtqA5jBLmptWsz
y1dwux34ZyUhKIx7zuw4R1Yx841wYf5TDwlXUGNKRgrtbFZrIuQKTz+vv099hXPO
vdezd97JjiYNh6S2xR+qVNPBoA5etcTcSVX9tCITOti6JaThgzlRkEuINuZo8yaw
kqmJEmNWEfZ8d1rGGnI1gHd9osorbOx7bC8W/sGFWKp0SIoJ0i6iYVf6bDZyUSs8
hYwvEH+cu3t8fBbj6Q77+RNbHg7T3667n7J8IhGMoFnIdvXsIKv9cQukXVs1BQvl
XZBYDLyCy2l5a8OdBhVBayAJEuzUVG+QJP7LpLpY08fN9jrKBK9hwoQPkJpbr/2X
Y/Q=
-----END CERTIFICATE-----
Generated at Tue Jun 17 22:59:20 2025 by rpki-client