Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/9c6xmypTH1h4E3aOdp8pznFNZlo.roa
File: 9c6xmypTH1h4E3aOdp8pznFNZlo.roa (raw, json)
Hash identifier: ioiDHYXUIN43Y+GbHE9ydjRhOBu5jIZGyYe4G1+XYUw=
Subject key identifier: F5:CE:B1:9B:2A:53:1F:58:78:13:76:8E:76:9F:29:CE:71:4D:66:5A
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018FC003C21E865E318542A7698C52E4DB02
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/9c6xmypTH1h4E3aOdp8pznFNZlo.roa
Signing time: Tue 28 May 2024 16:23:42 +0000
ROA not before: Tue 28 May 2024 16:23:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.137.16.0/24 maxlen: 24
45.137.17.0/24 maxlen: 24
45.137.19.0/24 maxlen: 24
81.28.252.0/24 maxlen: 24
81.28.253.0/24 maxlen: 24
81.28.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:03:c2:1e:86:5e:31:85:42:a7:69:8c:52:e4:db:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: May 28 16:23:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5ceb19b2a531f587813768e769f29ce714d665a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:3a:86:b9:1e:48:fc:6a:9a:44:77:65:0d:
87:d9:06:46:3c:8b:1b:3f:60:c9:2c:39:fc:4b:23:
12:cd:71:78:d3:b9:1c:67:8c:19:78:49:d3:05:ea:
ad:5f:c1:74:e5:7d:5b:5a:f1:9d:5e:ca:44:ee:a0:
89:c0:a0:04:dd:7c:a9:67:3e:a3:e0:77:2e:a0:7f:
3b:d4:f5:bf:94:f9:39:8f:38:f6:13:cd:a6:13:6e:
eb:fe:8e:b6:26:f4:a6:f3:9f:1b:f3:2f:0e:52:a6:
6a:3c:10:ec:7e:6c:5c:20:11:a7:29:70:85:3c:c5:
9d:36:75:4f:e9:56:a1:30:af:1a:24:23:47:49:53:
62:f1:4a:2f:8a:ab:bc:c5:68:02:76:67:0d:2c:2a:
79:40:67:54:80:15:7c:08:97:2a:e0:7e:c0:08:5d:
43:00:53:fd:37:d5:13:73:74:47:28:4e:c5:12:82:
a2:7f:ab:c5:89:ab:32:d4:0d:e6:d8:6d:69:d3:0b:
e9:ea:2a:2b:26:50:73:38:7c:73:51:63:dd:7e:4f:
36:25:92:66:3d:bb:c4:bd:14:3b:94:2c:a1:3e:0b:
65:17:42:96:31:91:41:b6:6f:3b:61:06:aa:23:25:
fb:00:04:a3:15:d3:ba:ae:02:bb:51:14:07:cc:06:
90:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CE:B1:9B:2A:53:1F:58:78:13:76:8E:76:9F:29:CE:71:4D:66:5A
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/9c6xmypTH1h4E3aOdp8pznFNZlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.16.0/23
45.137.19.0/24
81.28.252.0-81.28.254.255
Signature Algorithm: sha256WithRSAEncryption
b7:e9:16:68:78:37:7c:ec:b5:08:f1:c7:ad:ca:71:a0:52:71:
c8:12:39:10:24:73:4a:7f:e6:18:ee:bd:6b:43:c0:f4:2e:0c:
45:df:df:41:09:38:5b:18:7a:d5:99:14:d2:80:09:7b:81:1d:
84:7f:79:34:1b:2b:b1:4c:f2:70:67:85:2e:e0:60:75:27:63:
81:43:b6:a4:3c:c7:72:3c:b0:d3:28:c2:48:27:28:25:e7:f2:
a9:c5:82:49:7c:29:94:85:59:00:53:eb:40:ee:6a:a0:81:11:
6b:f0:76:b7:00:57:59:87:e7:06:3a:aa:d9:13:29:83:14:bf:
83:9a:87:28:29:f4:e2:22:ad:d0:69:f7:ef:b7:7d:40:bb:6c:
7a:36:59:cf:81:ba:30:f7:cd:ea:65:19:5c:dc:01:a9:a2:d9:
b2:98:dc:2b:aa:09:cf:a1:74:33:39:e8:64:36:e3:68:b2:44:
6d:13:fd:e0:98:54:99:b9:50:d1:20:e2:7e:e4:c8:de:15:f1:
4c:6b:8f:6c:df:20:76:0c:1f:7a:d9:fb:88:b9:a7:4e:35:1d:
db:e2:b9:6f:5f:55:bc:b2:f5:78:3f:ef:75:af:6a:25:6c:99:
35:11:da:78:72:56:13:14:ed:5d:cc:34:c8:50:bc:77:5f:91:
3c:77:53:f6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY/AA8Iehl4xhUKnaYxS5NsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwNTI4MTYyMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNlYjE5YjJhNTMxZjU4NzgxMzc2OGU3NjlmMjljZTcxNGQ2NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn46hrkeSPxqmkR3ZQ2H2QZGPIsb
P2DJLDn8SyMSzXF407kcZ4wZeEnTBeqtX8F05X1bWvGdXspE7qCJwKAE3XypZz6j
4HcuoH871PW/lPk5jzj2E82mE27r/o62JvSm858b8y8OUqZqPBDsfmxcIBGnKXCF
PMWdNnVP6VahMK8aJCNHSVNi8Uoviqu8xWgCdmcNLCp5QGdUgBV8CJcq4H7ACF1D
AFP9N9UTc3RHKE7FEoKif6vFiasy1A3m2G1p0wvp6iorJlBzOHxzUWPdfk82JZJm
PbvEvRQ7lCyhPgtlF0KWMZFBtm87YQaqIyX7AASjFdO6rgK7URQHzAaQUwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPXOsZsqUx9YeBN2jnafKc5xTWZaMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvOWM2eG15cFRIMWg0RTNhT2RwOHB6bkZOWmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLYkQAwQA
LYkTMAwDBAJRHPwDBABRHP4wDQYJKoZIhvcNAQELBQADggEBALfpFmh4N3zstQjx
x63KcaBSccgSORAkc0p/5hjuvWtDwPQuDEXf30EJOFsYetWZFNKACXuBHYR/eTQb
K7FM8nBnhS7gYHUnY4FDtqQ8x3I8sNMowkgnKCXn8qnFgkl8KZSFWQBT60DuaqCB
EWvwdrcAV1mH5wY6qtkTKYMUv4Oahygp9OIirdBp9++3fUC7bHo2Wc+BujD3zepl
GVzcAami2bKY3CuqCc+hdDM56GQ242iyRG0T/eCYVJm5UNEg4n7kyN4V8Uxrj2zf
IHYMH3rZ+4i5p041HdviuW9fVbyy9Xg/73WvaiVsmTUR2nhyVhMU7V3MNMhQvHdf
kTx3U/Y=
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:12:58 2025 by rpki-client