Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/mlM_HUiasM7UCrhT2WIiN_xTqGg.roa
File: mlM_HUiasM7UCrhT2WIiN_xTqGg.roa (raw, json)
Hash identifier: g76ZiZY+9Iclwoyza0V1bu7LMovwD3crqm8Op2IWYuo=
Subject key identifier: 9A:53:3F:1D:48:9A:B0:CE:D4:0A:B8:53:D9:62:22:37:FC:53:A8:68
Certificate issuer: /CN=d834ed2f9e2cef4701021e75ff454164fedc7c51
Certificate serial: 01856DC1B3DEA94F6FE0376DF2D3462639CF
Authority key identifier: D8:34:ED:2F:9E:2C:EF:47:01:02:1E:75:FF:45:41:64:FE:DC:7C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DTtL54s70cBAh51_0VBZP7cfFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/mlM_HUiasM7UCrhT2WIiN_xTqGg.roa
Signing time: Sun 01 Jan 2023 14:34:49 +0000
ROA not before: Sun 01 Jan 2023 14:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 45.8.49.0/24 maxlen: 24
45.8.48.0/23 maxlen: 23
45.8.48.0/24 maxlen: 24
45.8.50.0/23 maxlen: 23
45.8.51.0/24 maxlen: 24
45.8.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:b3:de:a9:4f:6f:e0:37:6d:f2:d3:46:26:39:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d834ed2f9e2cef4701021e75ff454164fedc7c51
Validity
Not Before: Jan 1 14:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a533f1d489ab0ced40ab853d9622237fc53a868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:03:53:b7:b0:70:85:bd:52:57:3e:bd:c5:f1:
a7:b5:ac:3c:91:2e:e2:02:24:5a:29:12:d3:1c:8b:
fc:4e:0c:69:6e:45:e7:c5:a8:f5:ea:86:70:2b:d5:
7f:db:d3:89:1f:30:f5:f4:09:04:6e:15:05:b7:de:
f9:50:24:2c:cc:9c:4b:cb:6b:19:3f:e7:6f:df:0a:
d6:6d:9b:d1:15:35:dd:4d:bd:2b:fc:62:36:b6:a6:
1d:4b:b7:0e:34:48:7b:4b:b3:be:1a:cf:f6:a6:78:
6b:fc:fc:28:2c:ef:41:8e:56:a7:6e:f2:47:09:f3:
b5:46:b1:cd:26:9f:57:f7:2f:a0:9b:30:76:39:81:
fe:01:ef:03:4c:fe:e8:51:fe:51:fd:91:be:2c:a6:
c7:f4:f2:30:4c:0e:bc:65:e2:b5:62:8d:24:b4:b9:
f6:27:30:5d:c6:79:df:8b:56:ea:bb:e1:a0:0e:ac:
ce:95:b4:59:3b:77:05:f6:37:bc:e3:a1:c2:a9:af:
ee:2b:70:a9:dc:2c:b9:e0:a2:62:5d:3b:2b:97:58:
ef:ed:5f:b2:d9:c5:c3:08:e2:cc:da:8f:1b:c4:a3:
7a:cb:2d:fa:31:63:92:f1:6d:0e:d0:c2:1c:42:4f:
d8:d0:1b:7e:b9:43:a1:3b:aa:57:c7:72:dd:3f:2e:
38:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:53:3F:1D:48:9A:B0:CE:D4:0A:B8:53:D9:62:22:37:FC:53:A8:68
X509v3 Authority Key Identifier:
keyid:D8:34:ED:2F:9E:2C:EF:47:01:02:1E:75:FF:45:41:64:FE:DC:7C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DTtL54s70cBAh51_0VBZP7cfFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/mlM_HUiasM7UCrhT2WIiN_xTqGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b1e95-bc53-48ca-a1ee-b543f853ff25/1/2DTtL54s70cBAh51_0VBZP7cfFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.48.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:6f:6a:d6:52:b3:7a:cd:96:27:40:11:4d:b2:a2:07:50:a2:
16:6b:e7:62:38:e8:f6:75:b7:27:3c:5e:57:e9:bf:f4:80:f0:
13:b8:2d:fc:0f:54:24:94:2d:7d:24:2c:67:a0:95:68:e4:bd:
5e:6a:84:65:44:51:86:55:46:06:a6:bb:77:33:8b:f8:c4:8b:
2b:52:48:a2:44:30:6d:14:90:0a:24:d7:6f:14:0a:9f:76:3e:
82:50:8e:73:ca:47:e7:63:44:8f:3a:7b:1e:40:7c:02:a6:eb:
67:07:eb:3e:e9:9c:63:e7:8c:07:7f:cf:d7:8a:4c:a4:87:39:
18:9a:8e:b0:f5:ae:dd:89:7c:58:4d:0a:d3:65:a5:3d:e0:32:
2a:16:a6:43:cc:e6:77:9a:2b:6d:9e:05:3f:0b:9b:5f:2f:a1:
7c:88:3a:d0:fe:d4:09:92:c2:68:ee:b9:b0:ab:aa:d4:f5:9e:
ee:24:48:c5:41:0e:b6:6d:a7:9f:6f:ee:76:b0:3e:57:e3:a0:
70:dc:a2:1e:b8:f7:b6:d0:97:99:5c:fa:81:fd:92:31:3d:3f:
26:47:6b:92:8f:c3:41:62:82:5e:f3:f4:1b:32:cc:a5:44:8a:
c2:9b:d1:9e:76:f3:27:10:55:05:a4:77:06:3e:bc:7b:1f:9d:
39:80:4c:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwbPeqU9v4Ddt8tNGJjnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzRlZDJmOWUyY2VmNDcwMTAyMWU3NWZmNDU0MTY0ZmVk
YzdjNTEwHhcNMjMwMTAxMTQzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTUzM2YxZDQ4OWFiMGNlZDQwYWI4NTNkOTYyMjIzN2ZjNTNhODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogNTt7Bwhb1SVz69xfGntaw8kS7i
AiRaKRLTHIv8TgxpbkXnxaj16oZwK9V/29OJHzD19AkEbhUFt975UCQszJxLy2sZ
P+dv3wrWbZvRFTXdTb0r/GI2tqYdS7cONEh7S7O+Gs/2pnhr/PwoLO9BjlanbvJH
CfO1RrHNJp9X9y+gmzB2OYH+Ae8DTP7oUf5R/ZG+LKbH9PIwTA68ZeK1Yo0ktLn2
JzBdxnnfi1bqu+GgDqzOlbRZO3cF9je846HCqa/uK3Cp3Cy54KJiXTsrl1jv7V+y
2cXDCOLM2o8bxKN6yy36MWOS8W0O0MIcQk/Y0Bt+uUOhO6pXx3LdPy44yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpTPx1ImrDO1Aq4U9liIjf8U6hoMB8GA1UdIwQY
MBaAFNg07S+eLO9HAQIedf9FQWT+3HxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRUdEw1NHM3MGNCQWg1MV8wVkJaUDdjZkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82YjFlOTUtYmM1My00OGNhLWExZWUt
YjU0M2Y4NTNmZjI1LzEvbWxNX0hVaWFzTTdVQ3JoVDJXSWlOX3hUcUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82YjFlOTUtYmM1My00OGNhLWExZWUtYjU0M2Y4NTNmZjI1
LzEvMkRUdEw1NHM3MGNCQWg1MV8wVkJaUDdjZkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQgwMA0G
CSqGSIb3DQEBCwUAA4IBAQA+b2rWUrN6zZYnQBFNsqIHUKIWa+diOOj2dbcnPF5X
6b/0gPATuC38D1QklC19JCxnoJVo5L1eaoRlRFGGVUYGprt3M4v4xIsrUkiiRDBt
FJAKJNdvFAqfdj6CUI5zykfnY0SPOnseQHwCputnB+s+6Zxj54wHf8/XikykhzkY
mo6w9a7diXxYTQrTZaU94DIqFqZDzOZ3mittngU/C5tfL6F8iDrQ/tQJksJo7rmw
q6rU9Z7uJEjFQQ62baefb+52sD5X46Bw3KIeuPe20JeZXPqB/ZIxPT8mR2uSj8NB
YoJe8/QbMsylRIrCm9GedvMnEFUFpHcGPrx7H505gEwe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:25 2025 by rpki-client