Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/gWeGZTi3gBS6JPgt6fGctZmtLI0.roa
File: gWeGZTi3gBS6JPgt6fGctZmtLI0.roa (raw, json)
Hash identifier: xrDD+I2LesUtVONi0J7h35nN1qn3SW4Sz4+cfdG90qw=
Subject key identifier: 81:67:86:65:38:B7:80:14:BA:24:F8:2D:E9:F1:9C:B5:99:AD:2C:8D
Certificate issuer: /CN=67ee66689664a72e0fb11a444b01cc23f7ee5c63
Certificate serial: 074C8ECB
Authority key identifier: 67:EE:66:68:96:64:A7:2E:0F:B1:1A:44:4B:01:CC:23:F7:EE:5C:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-5maJZkpy4PsRpESwHMI_fuXGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/gWeGZTi3gBS6JPgt6fGctZmtLI0.roa
Signing time: Sat 01 Jan 2022 04:01:07 +0000
ROA not before: Sat 01 Jan 2022 04:01:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20810
IP address blocks: 45.158.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122457803 (0x74c8ecb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67ee66689664a72e0fb11a444b01cc23f7ee5c63
Validity
Not Before: Jan 1 04:01:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8167866538b78014ba24f82de9f19cb599ad2c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:06:a5:00:63:2c:02:b6:82:62:d4:51:db:3a:
3f:bb:f7:11:70:92:c5:dc:f7:b2:54:29:35:88:2d:
b1:6c:19:ec:0c:5c:da:f4:25:4c:d2:a3:16:9b:a3:
af:0e:57:67:eb:c8:80:d6:61:59:2a:bc:91:be:9a:
c5:9a:a7:92:9f:46:31:5e:bd:41:a2:e8:86:97:3d:
34:e0:4d:7f:c2:92:8e:83:96:db:1a:4b:c5:ff:68:
b1:61:c3:07:d0:59:ee:6c:7c:f3:6e:4b:d8:8b:b6:
7a:6f:31:aa:6a:bd:e9:57:9d:7c:a3:43:1a:d4:c6:
e7:d0:55:d1:1e:ae:12:13:ce:7b:1f:b5:5b:f0:e2:
a4:53:cc:ad:e9:83:ea:f3:8e:3a:6c:34:f6:12:2b:
be:fe:25:e3:f3:e4:74:8c:1f:79:e5:40:b4:31:41:
4d:58:91:a9:fb:e6:64:bd:5d:35:fb:1a:1d:90:3b:
7e:ab:b3:28:a3:4e:18:09:18:95:68:fe:69:5a:e7:
71:3c:3f:22:63:e3:dc:0f:c3:12:38:ca:30:5b:96:
25:e6:2d:91:15:17:31:8c:a1:f5:63:3f:95:2d:cf:
39:38:1d:ec:51:cf:9a:3d:b3:51:14:99:3c:ad:49:
a6:63:ce:c8:24:1d:85:4b:24:d3:86:a3:9d:cb:bd:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:67:86:65:38:B7:80:14:BA:24:F8:2D:E9:F1:9C:B5:99:AD:2C:8D
X509v3 Authority Key Identifier:
keyid:67:EE:66:68:96:64:A7:2E:0F:B1:1A:44:4B:01:CC:23:F7:EE:5C:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-5maJZkpy4PsRpESwHMI_fuXGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/gWeGZTi3gBS6JPgt6fGctZmtLI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a52205-e5ce-407b-97dc-a7e1c997edff/1/Z-5maJZkpy4PsRpESwHMI_fuXGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:b5:a1:ed:ad:22:25:5d:b5:08:67:ba:61:07:da:4f:3f:b4:
d9:bc:06:34:d8:2b:74:e7:7d:db:c1:c7:ef:30:ec:8a:4c:9a:
ed:ba:9b:fb:10:38:61:b3:63:d2:0f:39:47:0c:30:3a:7d:21:
ab:a8:bd:84:33:9e:7d:52:56:f5:23:6d:36:d1:ba:34:ea:d7:
b3:80:de:24:c3:48:f7:cf:5d:09:ba:86:9e:81:b1:f5:e4:80:
dc:fc:d0:cf:89:97:a2:b7:fd:c3:2e:9e:c6:86:0e:ad:3a:ac:
6e:28:51:00:1c:84:e7:34:30:20:46:9e:fa:0e:60:56:b1:a9:
eb:ec:7e:87:d3:c4:5d:32:96:fb:26:1d:b8:c7:30:81:2c:2e:
42:33:36:9b:9b:a6:e5:35:76:e4:b3:d1:c1:f2:d6:12:db:bd:
53:0d:39:9b:75:5b:49:df:af:ee:ca:50:bb:cf:8f:3b:79:41:
b8:ab:88:8a:2d:b0:2d:25:45:a2:f2:b3:17:82:11:87:79:15:
bf:99:ea:78:3a:54:3f:bf:23:ec:72:2e:b5:e4:ca:ed:2c:de:
6f:4c:8e:5a:3a:30:fd:d1:82:24:a1:2f:f8:d5:4e:3b:6a:4f:
2c:20:62:a8:12:21:5f:4a:83:d9:34:0b:ce:6e:1c:b1:6e:5b:
a9:00:2d:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB0yOyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
N2VlNjY2ODk2NjRhNzJlMGZiMTFhNDQ0YjAxY2MyM2Y3ZWU1YzYzMB4XDTIyMDEw
MTA0MDEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE2Nzg2NjUzOGI3
ODAxNGJhMjRmODJkZTlmMTljYjU5OWFkMmM4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkGpQBjLAK2gmLUUds6P7v3EXCSxdz3slQpNYgtsWwZ7Axc
2vQlTNKjFpujrw5XZ+vIgNZhWSq8kb6axZqnkp9GMV69QaLohpc9NOBNf8KSjoOW
2xpLxf9osWHDB9BZ7mx8825L2Iu2em8xqmq96VedfKNDGtTG59BV0R6uEhPOex+1
W/DipFPMremD6vOOOmw09hIrvv4l4/PkdIwfeeVAtDFBTViRqfvmZL1dNfsaHZA7
fquzKKNOGAkYlWj+aVrncTw/ImPj3A/DEjjKMFuWJeYtkRUXMYyh9WM/lS3POTgd
7FHPmj2zURSZPK1JpmPOyCQdhUsk04ajncu9iykCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSBZ4ZlOLeAFLok+C3p8Zy1ma0sjTAfBgNVHSMEGDAWgBRn7mZolmSnLg+x
GkRLAcwj9+5cYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1otNW1hSlprcHk0UHNScEVTd0hNSV9mdVhHTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvYTUyMjA1LWU1Y2UtNDA3Yi05N2RjLWE3ZTFjOTk3ZWRmZi8x
L2dXZUdaVGkzZ0JTNkpQZ3Q2ZkdjdFptdExJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
YTUyMjA1LWU1Y2UtNDA3Yi05N2RjLWE3ZTFjOTk3ZWRmZi8xL1otNW1hSlprcHk0
UHNScEVTd0hNSV9mdVhHTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2erDANBgkqhkiG9w0BAQsFAAOC
AQEAf7Wh7a0iJV21CGe6YQfaTz+02bwGNNgrdOd928HH7zDsikya7bqb+xA4YbNj
0g85RwwwOn0hq6i9hDOefVJW9SNtNtG6NOrXs4DeJMNI989dCbqGnoGx9eSA3PzQ
z4mXorf9wy6exoYOrTqsbihRAByE5zQwIEae+g5gVrGp6+x+h9PEXTKW+yYduMcw
gSwuQjM2m5um5TV25LPRwfLWEtu9Uw05m3VbSd+v7spQu8+PO3lBuKuIii2wLSVF
ovKzF4IRh3kVv5nqeDpUP78j7HIuteTK7Szeb0yOWjow/dGCJKEv+NVOO2pPLCBi
qBIhX0qD2TQLzm4csW5bqQAtPA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:13 2025 by rpki-client