Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/aCQTMqzarfM8hs2iwhCYcoYLH6I.roa
File: aCQTMqzarfM8hs2iwhCYcoYLH6I.roa (raw, json)
Hash identifier: X/Ape6DmHRL9DX7gGO2attPHRFdrOV2hc29kbYvUhZU=
Subject key identifier: 68:24:13:32:AC:DA:AD:F3:3C:86:CD:A2:C2:10:98:72:86:0B:1F:A2
Certificate issuer: /CN=d834ed2f9e2cef4701021e75ff454164fedc7c51
Certificate serial: 018E9EA2FB1840DC076750A8C9D6D2EADE5E
Authority key identifier: D8:34:ED:2F:9E:2C:EF:47:01:02:1E:75:FF:45:41:64:FE:DC:7C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DTtL54s70cBAh51_0VBZP7cfFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/aCQTMqzarfM8hs2iwhCYcoYLH6I.roa
Signing time: Tue 02 Apr 2024 11:47:44 +0000
ROA not before: Tue 02 Apr 2024 11:47:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199738
IP address blocks: 45.8.49.0/24 maxlen: 24
45.8.50.0/23 maxlen: 23
45.8.50.0/24 maxlen: 24
45.8.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:a2:fb:18:40:dc:07:67:50:a8:c9:d6:d2:ea:de:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d834ed2f9e2cef4701021e75ff454164fedc7c51
Validity
Not Before: Apr 2 11:47:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68241332acdaadf33c86cda2c2109872860b1fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dc:7b:ac:cc:3d:d9:f6:59:f5:da:7e:26:c5:
92:02:e8:87:e4:1d:34:1b:6b:13:66:57:fc:93:80:
6c:08:04:ca:7c:dc:f3:4a:15:10:be:f7:33:6a:01:
c0:94:92:fb:90:16:18:e0:19:5b:8a:ae:82:ae:f2:
c3:e8:6f:2a:b4:ed:f8:c8:56:50:1f:d4:cf:4f:51:
67:fb:73:39:89:46:43:06:08:0f:a6:8f:3d:7e:a8:
09:44:f8:0c:09:70:c0:c6:f7:1f:31:48:d3:26:04:
56:68:3b:49:ba:cc:e4:93:33:4d:49:18:53:e7:75:
cf:11:0a:55:97:2b:0e:5c:61:c4:3c:4a:8a:f8:9c:
f1:69:2d:34:81:15:f1:a5:41:e4:82:8f:32:de:db:
e0:23:00:61:9c:a2:ae:f7:3b:bb:29:29:f1:03:26:
ce:4c:be:58:4a:4c:53:5e:e4:fd:bf:c4:df:c9:30:
11:ff:92:83:19:0d:de:78:d6:94:b0:4f:29:c6:27:
d3:38:4d:ce:30:06:39:dc:a6:c5:41:9b:51:f0:67:
7a:83:32:75:d7:44:78:70:bf:e8:ea:c1:3a:8e:c6:
48:f8:74:57:76:0d:8e:16:b1:be:c8:8d:59:a8:d6:
8b:b4:6a:9f:0b:92:ed:ef:4b:c3:8b:f4:47:6a:1c:
51:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:24:13:32:AC:DA:AD:F3:3C:86:CD:A2:C2:10:98:72:86:0B:1F:A2
X509v3 Authority Key Identifier:
keyid:D8:34:ED:2F:9E:2C:EF:47:01:02:1E:75:FF:45:41:64:FE:DC:7C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DTtL54s70cBAh51_0VBZP7cfFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/aCQTMqzarfM8hs2iwhCYcoYLH6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/2DTtL54s70cBAh51_0VBZP7cfFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.49.0-45.8.51.255
Signature Algorithm: sha256WithRSAEncryption
09:2f:e5:62:ea:80:b7:c5:ba:5e:e5:19:1d:19:f3:5c:8a:1b:
5a:8e:f0:a0:77:77:e4:7e:fb:19:ba:06:b0:69:cc:71:4f:d8:
ef:f0:57:3d:5e:13:4f:7a:79:cd:b8:a3:13:ca:cb:28:52:9b:
7b:a3:a4:35:7b:e5:7f:80:d7:3f:8f:88:cf:f2:1d:a0:2e:c7:
04:6b:70:66:49:23:64:eb:6c:08:75:01:d2:5d:68:a5:0f:15:
91:8c:cc:20:bb:7a:1d:c3:60:e7:67:c1:0f:e5:06:ab:20:48:
22:e0:67:dc:5e:69:8f:5e:5f:2b:24:3c:7a:d8:94:7e:51:f7:
3a:07:a7:ec:09:fb:2e:63:0e:b2:d3:c6:53:e6:ae:df:d1:9a:
8a:be:72:e7:68:f3:a8:73:c9:8b:cd:bf:75:e6:60:b6:68:6d:
e1:c3:15:e3:04:57:76:b3:e0:c0:94:40:e5:a6:be:c1:9e:8a:
20:b5:45:25:ea:61:c8:12:0a:53:ae:94:f1:26:b4:68:a7:01:
a0:07:60:28:58:f0:57:50:fc:47:90:c9:94:fd:94:4b:d3:3d:
8b:e2:fd:e5:55:a7:88:2c:2f:41:e2:e8:22:32:c6:c3:5e:20:
33:91:10:95:f3:17:b3:7c:71:4d:de:f8:41:64:ed:17:f5:f8:
a5:da:c5:dd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6eovsYQNwHZ1CoydbS6t5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzRlZDJmOWUyY2VmNDcwMTAyMWU3NWZmNDU0MTY0ZmVk
YzdjNTEwHhcNMjQwNDAyMTE0NzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI0MTMzMmFjZGFhZGYzM2M4NmNkYTJjMjEwOTg3Mjg2MGIxZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltx7rMw92fZZ9dp+JsWSAuiH5B00
G2sTZlf8k4BsCATKfNzzShUQvvczagHAlJL7kBYY4Blbiq6CrvLD6G8qtO34yFZQ
H9TPT1Fn+3M5iUZDBggPpo89fqgJRPgMCXDAxvcfMUjTJgRWaDtJuszkkzNNSRhT
53XPEQpVlysOXGHEPEqK+JzxaS00gRXxpUHkgo8y3tvgIwBhnKKu9zu7KSnxAybO
TL5YSkxTXuT9v8TfyTAR/5KDGQ3eeNaUsE8pxifTOE3OMAY53KbFQZtR8Gd6gzJ1
10R4cL/o6sE6jsZI+HRXdg2OFrG+yI1ZqNaLtGqfC5Lt70vDi/RHahxRsQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGgkEzKs2q3zPIbNosIQmHKGCx+iMB8GA1UdIwQY
MBaAFNg07S+eLO9HAQIedf9FQWT+3HxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRUdEw1NHM3MGNCQWg1MV8wVkJaUDdjZkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82YjFlOTUtYmM1My00OGNhLWExZWUt
YjU0M2Y4NTNmZjI1LzEvYUNRVE1xemFyZk04aHMyaXdoQ1ljb1lMSDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82YjFlOTUtYmM1My00OGNhLWExZWUtYjU0M2Y4NTNmZjI1
LzEvMkRUdEw1NHM3MGNCQWg1MV8wVkJaUDdjZkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtCDED
BAItCDAwDQYJKoZIhvcNAQELBQADggEBAAkv5WLqgLfFul7lGR0Z81yKG1qO8KB3
d+R++xm6BrBpzHFP2O/wVz1eE096ec24oxPKyyhSm3ujpDV75X+A1z+PiM/yHaAu
xwRrcGZJI2TrbAh1AdJdaKUPFZGMzCC7eh3DYOdnwQ/lBqsgSCLgZ9xeaY9eXysk
PHrYlH5R9zoHp+wJ+y5jDrLTxlPmrt/Rmoq+cudo86hzyYvNv3XmYLZobeHDFeME
V3az4MCUQOWmvsGeiiC1RSXqYcgSClOulPEmtGinAaAHYChY8FdQ/EeQyZT9lEvT
PYvi/eVVp4gsL0Hi6CIyxsNeIDOREJXzF7N8cU3e+EFk7Rf1+KXaxd0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:25 2025 by rpki-client