Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/h709D3jpKw_ExK583wOzbijlmyw.roa
File: h709D3jpKw_ExK583wOzbijlmyw.roa (raw, json)
Hash identifier: BNAjFrRIAbwFokpRamNsmBgf5gtg9mrgQGK6A/C6EKs=
Subject key identifier: 87:BD:3D:0F:78:E9:2B:0F:C4:C4:AE:7C:DF:03:B3:6E:28:E5:9B:2C
Certificate issuer: /CN=d834ed2f9e2cef4701021e75ff454164fedc7c51
Certificate serial: 018CC56E3AF5728B72DC9A019190ECC9588B
Authority key identifier: D8:34:ED:2F:9E:2C:EF:47:01:02:1E:75:FF:45:41:64:FE:DC:7C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DTtL54s70cBAh51_0VBZP7cfFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/h709D3jpKw_ExK583wOzbijlmyw.roa
Signing time: Mon 01 Jan 2024 14:29:44 +0000
ROA not before: Mon 01 Jan 2024 14:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199738
IP address blocks: 45.8.48.0/24 maxlen: 24
45.8.48.0/23 maxlen: 23
45.8.49.0/24 maxlen: 24
45.8.50.0/23 maxlen: 23
45.8.50.0/24 maxlen: 24
45.8.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3a:f5:72:8b:72:dc:9a:01:91:90:ec:c9:58:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d834ed2f9e2cef4701021e75ff454164fedc7c51
Validity
Not Before: Jan 1 14:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87bd3d0f78e92b0fc4c4ae7cdf03b36e28e59b2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:cf:1e:0b:3e:51:b6:62:a5:a6:42:99:4d:20:
d6:09:94:16:1b:ab:3a:f6:9a:32:c9:5b:19:0c:02:
06:37:f7:6c:e9:b7:7c:71:2b:00:d3:31:0b:0e:1c:
49:03:75:bc:49:45:f0:58:cb:a2:91:6c:73:d1:9a:
69:af:b3:c5:69:c7:e5:28:9e:fc:e1:d2:57:be:9f:
47:a5:62:11:4d:7b:04:fe:d1:63:cd:dd:4b:15:3f:
ef:d3:f2:45:c3:61:b8:74:19:86:20:e9:b6:72:20:
51:71:9f:58:59:38:cb:83:67:81:fb:c1:2a:77:ae:
bd:6f:28:4f:c4:08:b5:11:54:a7:9d:63:f2:0e:0c:
08:88:a9:80:5a:62:ff:ed:8b:f8:9f:95:93:b8:13:
0a:0b:1b:52:00:b0:9c:bb:5e:00:34:c5:e7:45:25:
9d:92:04:00:31:bc:0e:80:20:0a:d8:cb:f9:eb:f2:
f7:ca:ee:da:3f:0a:63:3f:6d:84:ea:c1:f2:2c:99:
6e:a3:9b:57:26:68:e6:b9:aa:10:f6:7f:19:41:65:
40:88:15:d4:5a:7f:f7:75:d0:cc:ef:91:30:d6:69:
94:4a:80:16:be:2a:e6:ab:2c:8e:c6:50:4a:2f:d8:
1a:ac:09:6a:ac:e2:0d:ed:05:41:78:e6:37:91:8c:
5e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BD:3D:0F:78:E9:2B:0F:C4:C4:AE:7C:DF:03:B3:6E:28:E5:9B:2C
X509v3 Authority Key Identifier:
keyid:D8:34:ED:2F:9E:2C:EF:47:01:02:1E:75:FF:45:41:64:FE:DC:7C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DTtL54s70cBAh51_0VBZP7cfFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/h709D3jpKw_ExK583wOzbijlmyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/2DTtL54s70cBAh51_0VBZP7cfFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.48.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:43:0f:89:28:9f:9b:dd:c3:f4:4a:83:ca:af:cf:23:05:57:
1f:76:e5:90:4f:5e:e7:36:88:aa:01:14:8f:a1:8f:15:ec:4b:
96:48:3a:a8:07:19:fc:72:81:51:d7:6c:e0:5e:41:d6:d9:c4:
80:fe:17:5c:1c:19:bc:e9:c9:c7:39:f8:d8:e0:95:bf:df:9b:
87:17:4e:1f:e3:f2:2f:7d:25:18:a0:33:35:87:ad:1d:22:63:
a3:5e:1d:0b:d8:3c:52:c7:16:a3:ba:b0:30:39:86:fa:61:4c:
11:da:32:e6:b1:7f:6b:9a:76:fa:9b:f6:af:12:50:33:2d:0c:
ee:94:4e:ef:60:c0:ab:f6:a1:53:6e:c1:d0:c7:ed:c7:56:b9:
3b:3e:8e:da:13:cd:e7:86:5d:af:1a:8f:03:38:44:eb:93:de:
6f:f5:01:41:bf:bb:8a:7f:e1:b8:92:88:52:07:f0:70:75:73:
e0:5f:84:69:c2:84:49:6a:8f:81:34:64:41:ea:7f:61:4f:80:
75:f8:e3:fb:a7:15:8b:3f:45:c6:e3:43:0b:11:fa:c5:52:3a:
45:c4:b7:50:72:18:5d:4f:4f:b6:0e:e9:3a:0c:23:9e:3a:af:
dd:11:93:6c:63:f7:15:5f:b2:a6:de:74:b4:82:4c:38:51:de:
86:ec:3c:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbjr1coty3JoBkZDsyViLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzRlZDJmOWUyY2VmNDcwMTAyMWU3NWZmNDU0MTY0ZmVk
YzdjNTEwHhcNMjQwMTAxMTQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2JkM2QwZjc4ZTkyYjBmYzRjNGFlN2NkZjAzYjM2ZTI4ZTU5YjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4M8eCz5RtmKlpkKZTSDWCZQWG6s6
9poyyVsZDAIGN/ds6bd8cSsA0zELDhxJA3W8SUXwWMuikWxz0Zppr7PFacflKJ78
4dJXvp9HpWIRTXsE/tFjzd1LFT/v0/JFw2G4dBmGIOm2ciBRcZ9YWTjLg2eB+8Eq
d669byhPxAi1EVSnnWPyDgwIiKmAWmL/7Yv4n5WTuBMKCxtSALCcu14ANMXnRSWd
kgQAMbwOgCAK2Mv56/L3yu7aPwpjP22E6sHyLJluo5tXJmjmuaoQ9n8ZQWVAiBXU
Wn/3ddDM75Ew1mmUSoAWvirmqyyOxlBKL9garAlqrOIN7QVBeOY3kYxekwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIe9PQ946SsPxMSufN8Ds24o5ZssMB8GA1UdIwQY
MBaAFNg07S+eLO9HAQIedf9FQWT+3HxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRUdEw1NHM3MGNCQWg1MV8wVkJaUDdjZkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82YjFlOTUtYmM1My00OGNhLWExZWUt
YjU0M2Y4NTNmZjI1LzEvaDcwOUQzanBLd19FeEs1ODN3T3piaWpsbXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82YjFlOTUtYmM1My00OGNhLWExZWUtYjU0M2Y4NTNmZjI1
LzEvMkRUdEw1NHM3MGNCQWg1MV8wVkJaUDdjZkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQgwMA0G
CSqGSIb3DQEBCwUAA4IBAQBOQw+JKJ+b3cP0SoPKr88jBVcfduWQT17nNoiqARSP
oY8V7EuWSDqoBxn8coFR12zgXkHW2cSA/hdcHBm86cnHOfjY4JW/35uHF04f4/Iv
fSUYoDM1h60dImOjXh0L2DxSxxajurAwOYb6YUwR2jLmsX9rmnb6m/avElAzLQzu
lE7vYMCr9qFTbsHQx+3HVrk7Po7aE83nhl2vGo8DOETrk95v9QFBv7uKf+G4kohS
B/BwdXPgX4RpwoRJao+BNGRB6n9hT4B1+OP7pxWLP0XG40MLEfrFUjpFxLdQchhd
T0+2Duk6DCOeOq/dEZNsY/cVX7Km3nS0gkw4Ud6G7DyT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:04 2024 by rpki-client on console-ams.rpki-client.org