Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/oKB2M8gqK-ydTcOI2E-WpbEDBXA.roa
File: oKB2M8gqK-ydTcOI2E-WpbEDBXA.roa (raw, json)
Hash identifier: DYHp1uvG3zbc3pqTcHRqDmjFWwkbNqz+hpvtEWaPpIE=
Subject key identifier: A0:A0:76:33:C8:2A:2B:EC:9D:4D:C3:88:D8:4F:96:A5:B1:03:05:70
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 01856D9D108698AEBA84FB76C5E64FE5CF1B
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/oKB2M8gqK-ydTcOI2E-WpbEDBXA.roa
Signing time: Sun 01 Jan 2023 13:54:47 +0000
ROA not before: Sun 01 Jan 2023 13:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46573
IP address blocks: 45.146.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:10:86:98:ae:ba:84:fb:76:c5:e6:4f:e5:cf:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Jan 1 13:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0a07633c82a2bec9d4dc388d84f96a5b1030570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0c:97:36:f5:3b:91:e7:b6:b6:2a:14:7e:f8:
67:56:2a:3a:c0:4e:2a:7d:ff:37:0a:77:2d:c7:11:
4a:0f:60:a8:6c:5c:6c:bf:2a:11:56:9e:11:11:73:
6e:6d:8a:bf:56:02:cd:2b:02:27:e4:f2:fe:0d:08:
e4:03:c5:c0:27:e2:d1:b8:a6:a1:ed:e0:96:fa:cc:
7f:d5:a5:5b:30:c1:ca:62:15:b8:d0:bc:fc:7b:7f:
81:be:9c:21:27:f0:85:9e:3c:6f:f4:51:31:e6:a6:
8f:5e:6e:c4:24:5d:c2:d5:5f:0c:45:2f:6a:9d:a8:
52:91:65:9d:d9:67:3c:66:74:67:2c:c0:32:71:39:
e2:eb:41:32:4b:0a:1d:21:70:78:0c:7d:33:51:ac:
78:1f:a8:53:19:80:f9:ea:0b:25:7b:bf:26:aa:17:
eb:4c:cf:4f:f4:85:a9:c4:3f:d3:80:c4:13:5d:16:
d4:2e:a6:1b:8c:73:e6:4f:8a:9d:0e:f4:34:2b:4f:
46:ac:ec:30:ba:f9:61:b6:be:a3:a7:dc:64:bf:30:
d0:d2:0b:cf:29:ef:ed:81:ba:6e:3c:2f:01:21:ba:
b8:16:25:ac:a1:5e:37:fd:32:42:21:2c:c0:74:1f:
ec:dc:91:4d:9a:63:ce:3c:72:db:43:11:ab:71:c2:
7c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A0:76:33:C8:2A:2B:EC:9D:4D:C3:88:D8:4F:96:A5:B1:03:05:70
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/oKB2M8gqK-ydTcOI2E-WpbEDBXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.107.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:89:77:6c:92:5f:58:c2:48:54:46:9b:a7:cb:3c:28:0f:6f:
61:26:5f:89:bb:73:f4:1c:d3:8d:ba:9d:47:9a:57:42:5c:22:
dc:6d:ec:39:af:8d:60:48:a9:6d:3d:ff:85:28:cd:61:7d:41:
83:cb:9c:fe:bd:9b:ba:66:69:47:38:3d:f9:3e:91:a5:36:b0:
23:9c:b2:08:bf:c1:f3:30:78:33:85:a8:4f:dc:f1:c8:34:61:
09:56:d1:20:ff:76:46:5d:80:43:5a:10:72:78:8e:a6:7f:e3:
86:64:bc:cc:72:f3:25:2b:d0:fa:bb:5e:a9:02:ec:58:d3:4b:
52:f4:49:ee:a0:b7:70:21:bc:f8:b1:50:d9:78:5c:6d:24:47:
33:47:93:bd:33:02:73:1c:79:57:56:31:32:51:35:e9:31:db:
e4:b8:cc:40:f4:ad:9e:1d:e8:3e:bf:90:06:ed:69:62:ae:22:
e2:98:94:c1:65:e1:c8:f5:fd:a1:96:b6:4d:66:ed:cb:41:3f:
2c:2a:12:e3:38:32:a6:ac:26:4c:3d:cd:eb:14:cf:f8:a2:c1:
39:c4:31:47:3e:5c:29:61:a4:34:58:b6:71:33:0d:6e:0c:37:
5b:16:dc:58:4e:58:c3:c0:10:9b:42:14:d6:b9:82:83:f2:e1:
1a:5b:50:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnRCGmK66hPt2xeZP5c8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjMwMTAxMTM1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGEwNzYzM2M4MmEyYmVjOWQ0ZGMzODhkODRmOTZhNWIxMDMwNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAyXNvU7kee2tioUfvhnVio6wE4q
ff83CnctxxFKD2CobFxsvyoRVp4REXNubYq/VgLNKwIn5PL+DQjkA8XAJ+LRuKah
7eCW+sx/1aVbMMHKYhW40Lz8e3+BvpwhJ/CFnjxv9FEx5qaPXm7EJF3C1V8MRS9q
nahSkWWd2Wc8ZnRnLMAycTni60EySwodIXB4DH0zUax4H6hTGYD56gsle78mqhfr
TM9P9IWpxD/TgMQTXRbULqYbjHPmT4qdDvQ0K09GrOwwuvlhtr6jp9xkvzDQ0gvP
Ke/tgbpuPC8BIbq4FiWsoV43/TJCISzAdB/s3JFNmmPOPHLbQxGrccJ8wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCgdjPIKivsnU3DiNhPlqWxAwVwMB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvb0tCMk04Z3FLLXlkVGNPSTJFLVdwYkVEQlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZJrMA0G
CSqGSIb3DQEBCwUAA4IBAQCkiXdskl9YwkhURpunyzwoD29hJl+Ju3P0HNONup1H
mldCXCLcbew5r41gSKltPf+FKM1hfUGDy5z+vZu6ZmlHOD35PpGlNrAjnLIIv8Hz
MHgzhahP3PHINGEJVtEg/3ZGXYBDWhByeI6mf+OGZLzMcvMlK9D6u16pAuxY00tS
9EnuoLdwIbz4sVDZeFxtJEczR5O9MwJzHHlXVjEyUTXpMdvkuMxA9K2eHeg+v5AG
7WliriLimJTBZeHI9f2hlrZNZu3LQT8sKhLjODKmrCZMPc3rFM/4osE5xDFHPlwp
YaQ0WLZxMw1uDDdbFtxYTljDwBCbQhTWuYKD8uEaW1AJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:50 2024 by rpki-client on console-fra.rpki-client.org