Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/71QwEPOb0DXClCo3N_EfZcqkeYA.roa
File: 71QwEPOb0DXClCo3N_EfZcqkeYA.roa (raw, json)
Hash identifier: Y1kWwHYa05xLerqadwqx7mMReEQWETf0vaGy2Rq8hjw=
Subject key identifier: EF:54:30:10:F3:9B:D0:35:C2:94:2A:37:37:F1:1F:65:CA:A4:79:80
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 2F34CA
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/71QwEPOb0DXClCo3N_EfZcqkeYA.roa
Signing time: Sat 01 Jan 2022 01:54:36 +0000
ROA not before: Sat 01 Jan 2022 01:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 45.141.212.0/23 maxlen: 24
79.143.136.0/24 maxlen: 24
79.143.138.0/24 maxlen: 24
45.135.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3093706 (0x2f34ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 01:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef543010f39bd035c2942a3737f11f65caa47980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5b:51:c5:7e:a1:bd:59:a8:1c:ad:d8:32:d1:
22:27:cd:0d:6e:fb:e1:37:c2:a9:0b:6c:36:05:4a:
c5:a7:b9:91:8c:a7:cb:5a:4f:2a:74:7e:5f:0c:dd:
11:51:aa:43:6a:8b:67:d5:36:58:95:7d:e5:71:01:
c7:4e:43:0f:cb:40:f5:e9:80:05:7f:8c:a7:ca:af:
be:75:58:7f:00:f7:88:06:e2:81:a0:48:b0:0a:3d:
eb:57:f4:aa:88:a9:33:86:07:d5:9a:47:7f:13:57:
79:6f:77:99:a1:1d:b7:79:56:a2:40:aa:c8:08:03:
75:1e:80:ae:cd:6a:e9:0c:5f:47:cd:30:1d:32:4c:
6f:4f:89:29:8c:5c:1a:58:b6:2b:5e:88:bb:56:25:
91:a0:0e:40:d6:00:d0:65:11:f5:9b:67:94:96:a4:
21:76:5d:9d:63:63:67:01:53:1c:04:7f:c3:88:da:
dc:32:98:58:14:2d:fa:5a:ca:bd:43:73:44:e4:63:
38:5a:5e:d3:4b:76:2a:d5:67:53:56:92:26:3f:7b:
f7:e4:52:bf:48:5f:bc:99:ab:7f:d4:24:15:13:22:
10:37:b1:4c:59:e4:b1:3e:d8:b3:b6:c1:27:20:08:
31:1e:b6:63:93:8e:10:e2:5e:3e:44:3a:0c:62:66:
a8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:54:30:10:F3:9B:D0:35:C2:94:2A:37:37:F1:1F:65:CA:A4:79:80
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/71QwEPOb0DXClCo3N_EfZcqkeYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.168.0/22
45.141.212.0/23
79.143.136.0/24
79.143.138.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:93:67:9b:05:d3:5f:65:25:7a:b0:49:f6:56:9e:fa:a0:e5:
3e:11:44:9e:49:82:ab:16:60:cd:db:62:c4:84:b2:aa:2f:6c:
3d:a1:2c:a7:36:55:aa:e2:20:42:22:6c:db:5d:1e:15:90:ad:
f0:fb:72:f0:f2:20:07:60:31:4c:1a:11:48:7f:53:75:86:a8:
71:ee:c8:99:9b:14:34:13:ad:54:ff:fa:5c:16:a9:15:29:76:
f5:13:36:b4:25:ea:12:c8:93:b0:84:ca:d0:a3:07:2e:13:38:
38:0e:ae:d4:45:a4:74:0a:b1:2a:a5:ec:58:cd:a3:00:46:b2:
48:ae:8c:86:4b:75:81:18:a0:b1:3d:5e:ed:6f:fd:4a:3f:e6:
2d:15:0e:a1:3e:31:6a:ca:83:66:fd:fa:d0:6c:4e:2f:4a:b7:
4e:d2:41:77:4c:04:95:a6:32:0b:54:cd:3e:3c:c5:ab:a5:38:
fc:96:2a:5a:3e:50:7f:e4:b8:3e:24:bd:9a:33:bb:6f:49:fd:
f1:f5:01:92:47:b4:88:83:ab:93:9a:62:a5:6d:db:92:21:9b:
71:c2:f7:25:e9:70:9f:b0:7f:c7:61:43:45:bd:80:27:b4:48:
21:33:28:1c:db:1d:00:4f:61:0d:0a:19:04:23:2e:ea:f7:d5:
66:86:9d:64
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDLzTKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGJh
YWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFmOWYwN2UwHhcNMjIwMTAx
MDE1NDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlZjU0MzAxMGYzOWJk
MDM1YzI5NDJhMzczN2YxMWY2NWNhYTQ3OTgwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy1tRxX6hvVmoHK3YMtEiJ80NbvvhN8KpC2w2BUrFp7mRjKfL
Wk8qdH5fDN0RUapDaotn1TZYlX3lcQHHTkMPy0D16YAFf4ynyq++dVh/APeIBuKB
oEiwCj3rV/SqiKkzhgfVmkd/E1d5b3eZoR23eVaiQKrICAN1HoCuzWrpDF9HzTAd
MkxvT4kpjFwaWLYrXoi7ViWRoA5A1gDQZRH1m2eUlqQhdl2dY2NnAVMcBH/DiNrc
MphYFC36Wsq9Q3NE5GM4Wl7TS3Yq1WdTVpImP3v35FK/SF+8mat/1CQVEyIQN7FM
WeSxPtiztsEnIAgxHrZjk44Q4l4+RDoMYmaoMwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFO9UMBDzm9A1wpQqNzfxH2XKpHmAMB8GA1UdIwQYMBaAFLqqe0wB6SnDiSOY
GrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQyLzEv
NzFRd0VQT2IwRFhDbENvM05fRWZaY3FrZVlBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9h
YjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQyLzEvdXFwN1RBSHBLY09K
STVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYeoAwQBLY3UAwQAT4+IAwQAT4+K
MA0GCSqGSIb3DQEBCwUAA4IBAQCOk2ebBdNfZSV6sEn2Vp76oOU+EUSeSYKrFmDN
22LEhLKqL2w9oSynNlWq4iBCImzbXR4VkK3w+3Lw8iAHYDFMGhFIf1N1hqhx7siZ
mxQ0E61U//pcFqkVKXb1Eza0JeoSyJOwhMrQowcuEzg4Dq7URaR0CrEqpexYzaMA
RrJIroyGS3WBGKCxPV7tb/1KP+YtFQ6hPjFqyoNm/frQbE4vSrdO0kF3TASVpjIL
VM0+PMWrpTj8lipaPlB/5Lg+JL2aM7tvSf3x9QGSR7SIg6uTmmKlbduSIZtxwvcl
6XCfsH/HYUNFvYAntEghMygc2x0AT2ENChkEIy7q99Vmhp1k
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:50 2025 by rpki-client