Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/K8RH_BlhaY0-3rOAozAFw6EHNdM.roa
File: K8RH_BlhaY0-3rOAozAFw6EHNdM.roa (raw, json)
Hash identifier: eDRiLKxlkhddDnfOmKOiR9v3lV78nc1qh4tfow9jKF0=
Subject key identifier: 2B:C4:47:FC:19:61:69:8D:3E:DE:B3:80:A3:30:05:C3:A1:07:35:D3
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 0184A11BFA611D42B0393157EA60C946A43C
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/K8RH_BlhaY0-3rOAozAFw6EHNdM.roa
Signing time: Tue 22 Nov 2022 20:51:16 +0000
ROA not before: Tue 22 Nov 2022 20:51:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49729
IP address blocks: 45.132.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a1:1b:fa:61:1d:42:b0:39:31:57:ea:60:c9:46:a4:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Nov 22 20:51:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bc447fc1961698d3edeb380a33005c3a10735d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:76:b0:2b:a2:8d:d3:79:55:e5:d8:d2:15:2f:
24:8a:0e:27:45:88:7e:41:a5:a4:d7:9f:b9:8a:71:
31:48:c4:81:a4:fb:85:8f:1b:ab:d6:70:7c:7b:59:
02:c6:c8:09:8c:46:c2:53:90:8c:8f:d8:38:0b:c1:
4d:bb:62:1f:89:26:21:cb:95:74:7c:7c:f4:44:6b:
11:1b:f1:a4:11:c4:78:e2:0e:d2:ce:d8:40:87:40:
10:f5:54:8c:50:b6:d2:65:d4:e7:26:18:f2:b9:a0:
46:3e:70:68:eb:c8:43:22:25:56:56:a1:46:34:2d:
ea:b8:e8:9e:c7:ac:9b:21:1a:5f:eb:8f:fe:44:7c:
84:7c:c2:4c:08:e0:a5:64:85:2d:7f:07:fe:59:1d:
a2:a5:80:03:fb:e1:8a:52:4d:76:f6:59:87:63:cd:
7f:5f:13:11:c3:ae:75:96:1a:0e:17:94:38:c9:16:
c2:c2:6f:8c:95:54:25:2f:f9:63:be:db:31:a5:cb:
46:2b:b5:63:ad:d8:a3:ab:bc:97:75:4f:33:f4:81:
e0:58:e2:a9:61:84:cc:1a:fb:e9:92:0a:35:2b:6f:
7e:83:5f:ea:29:0b:4f:d2:c5:80:f2:1f:6b:8b:4b:
c4:bb:63:9f:d3:26:f1:f0:6f:66:20:cf:dc:b7:da:
bb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C4:47:FC:19:61:69:8D:3E:DE:B3:80:A3:30:05:C3:A1:07:35:D3
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/K8RH_BlhaY0-3rOAozAFw6EHNdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.205.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:81:9f:6a:c3:40:6f:10:90:c6:65:46:1e:ec:a7:e2:f3:9e:
1f:eb:5c:a9:c6:35:32:22:b9:bc:6f:2f:7f:79:e8:e5:e3:45:
c2:da:2c:04:15:5f:77:6c:d7:fb:b3:41:ee:70:65:3c:d3:45:
12:9b:80:43:41:cd:c7:c0:61:47:b9:5a:ab:69:32:9a:68:b4:
2e:7b:f2:3a:04:37:ac:2b:60:2b:da:a3:6e:e6:7e:4e:d5:5e:
f3:c5:8a:9d:7d:4c:5e:de:1c:c7:ae:50:bf:db:4d:1e:87:62:
2f:a6:c1:58:fd:86:60:21:4c:7e:ef:dc:85:a6:c1:ba:a7:f0:
56:1a:14:d6:00:3b:9b:9d:2e:9d:97:34:75:8a:ad:6b:69:7e:
94:fa:5b:78:a5:29:c4:86:bf:d2:0f:e4:08:5e:3c:e9:16:a4:
87:47:b9:b0:74:74:50:51:d8:6d:26:b5:86:88:f4:98:64:40:
42:fc:9b:10:5f:cc:a0:91:05:97:6f:81:94:54:13:7b:59:72:
a3:ce:20:ba:8a:c1:8e:08:d5:fe:fe:77:ce:5d:60:dd:5a:45:
5f:5d:96:93:f0:c4:b3:5e:62:31:bf:f0:b5:fd:0a:d8:f4:a7:
3b:f9:59:eb:83:a4:31:75:3d:54:96:22:f4:17:21:12:96:8b:
ea:dd:c6:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYShG/phHUKwOTFX6mDJRqQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjIxMTIyMjA1MTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM0NDdmYzE5NjE2OThkM2VkZWIzODBhMzMwMDVjM2ExMDczNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3awK6KN03lV5djSFS8kig4nRYh+
QaWk15+5inExSMSBpPuFjxur1nB8e1kCxsgJjEbCU5CMj9g4C8FNu2IfiSYhy5V0
fHz0RGsRG/GkEcR44g7SzthAh0AQ9VSMULbSZdTnJhjyuaBGPnBo68hDIiVWVqFG
NC3quOiex6ybIRpf64/+RHyEfMJMCOClZIUtfwf+WR2ipYAD++GKUk129lmHY81/
XxMRw651lhoOF5Q4yRbCwm+MlVQlL/ljvtsxpctGK7Vjrdijq7yXdU8z9IHgWOKp
YYTMGvvpkgo1K29+g1/qKQtP0sWA8h9ri0vEu2Of0ybx8G9mIM/ct9q7+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvER/wZYWmNPt6zgKMwBcOhBzXTMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvSzhSSF9CbGhhWTAtM3JPQW96QUZ3NkVITmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYTNMA0G
CSqGSIb3DQEBCwUAA4IBAQDJgZ9qw0BvEJDGZUYe7Kfi854f61ypxjUyIrm8by9/
eejl40XC2iwEFV93bNf7s0HucGU800USm4BDQc3HwGFHuVqraTKaaLQue/I6BDes
K2Ar2qNu5n5O1V7zxYqdfUxe3hzHrlC/200eh2IvpsFY/YZgIUx+79yFpsG6p/BW
GhTWADubnS6dlzR1iq1raX6U+lt4pSnEhr/SD+QIXjzpFqSHR7mwdHRQUdhtJrWG
iPSYZEBC/JsQX8ygkQWXb4GUVBN7WXKjziC6isGOCNX+/nfOXWDdWkVfXZaT8MSz
XmIxv/C1/QrY9Kc7+Vnrg6QxdT1UliL0FyESlovq3cZd
-----END CERTIFICATE-----
Generated at Sat May 10 10:43:58 2025 by rpki-client