Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/tMfTjZP8nLQCbWv8dmXe8DBeGd8.roa
File: tMfTjZP8nLQCbWv8dmXe8DBeGd8.roa (raw, json)
Hash identifier: RIxZJ/ivhyvbAr/8c7+n+p5X9j4e+zDfx0ZmuMmHkf4=
Subject key identifier: B4:C7:D3:8D:93:FC:9C:B4:02:6D:6B:FC:76:65:DE:F0:30:5E:19:DF
Certificate issuer: /CN=43e6eca34dc70c1f1bf1c4dd1b0a82093b354b72
Certificate serial: 018CCA2A493A4D2482E0278E985392942399
Authority key identifier: 43:E6:EC:A3:4D:C7:0C:1F:1B:F1:C4:DD:1B:0A:82:09:3B:35:4B:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-bso03HDB8b8cTdGwqCCTs1S3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/tMfTjZP8nLQCbWv8dmXe8DBeGd8.roa
Signing time: Tue 02 Jan 2024 12:33:38 +0000
ROA not before: Tue 02 Jan 2024 12:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.132.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:49:3a:4d:24:82:e0:27:8e:98:53:92:94:23:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e6eca34dc70c1f1bf1c4dd1b0a82093b354b72
Validity
Not Before: Jan 2 12:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4c7d38d93fc9cb4026d6bfc7665def0305e19df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2c:47:4e:ac:34:6f:4f:f9:23:fc:63:ab:75:
73:fd:e5:ea:a3:7f:f6:25:5b:b3:5b:be:d7:de:04:
e8:14:16:34:89:a8:63:98:9b:30:38:d2:d2:d0:b3:
dd:50:87:e7:a0:e0:78:a7:f7:fe:a6:66:b2:b2:bd:
ec:65:96:b1:26:ff:03:85:54:fa:97:d9:b5:af:8e:
d5:be:67:f7:25:1a:a5:f0:1e:f7:f7:ab:00:34:ba:
1c:c6:33:de:44:8b:b0:28:14:8f:ee:1e:73:3a:92:
be:67:81:51:13:25:86:b4:59:6e:18:ab:6b:30:17:
e2:be:fc:f9:d7:ce:99:23:ba:de:df:08:fe:23:0f:
4a:b6:5f:d3:81:ed:e2:50:cb:a9:af:78:74:33:50:
bd:36:05:b7:5a:13:86:d6:36:33:f7:2b:19:a2:41:
fb:e2:b8:69:54:8d:a2:02:e7:91:c6:2e:9f:01:31:
bb:5e:a7:dc:fc:e3:0f:ab:85:7d:91:19:5d:7e:19:
2a:99:08:31:c5:81:52:11:7f:5c:52:53:4c:b0:d0:
18:e3:8e:01:f0:01:e7:ec:9e:10:9f:a7:a0:16:31:
51:9d:a7:a5:5f:f6:7c:a6:a2:d3:6c:a4:a0:15:80:
4a:c7:5a:28:0b:d6:95:d1:54:31:f2:63:7f:3b:df:
6f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C7:D3:8D:93:FC:9C:B4:02:6D:6B:FC:76:65:DE:F0:30:5E:19:DF
X509v3 Authority Key Identifier:
keyid:43:E6:EC:A3:4D:C7:0C:1F:1B:F1:C4:DD:1B:0A:82:09:3B:35:4B:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-bso03HDB8b8cTdGwqCCTs1S3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/tMfTjZP8nLQCbWv8dmXe8DBeGd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/Q-bso03HDB8b8cTdGwqCCTs1S3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:7b:c3:50:48:b5:c7:8b:6c:c2:fa:ce:ee:fc:34:cd:de:d1:
8e:7e:e0:57:f4:b7:5c:2a:fe:4d:c1:a4:ea:8c:3c:9a:51:9d:
ff:f2:d6:a8:1d:22:6d:ea:96:88:7d:a5:cd:60:6e:b7:7e:45:
5a:48:a2:54:ab:90:67:ae:3e:c0:7c:38:03:f0:df:4b:bc:27:
97:99:33:73:11:76:c9:ee:43:8a:98:b6:15:de:f7:0d:95:72:
75:dd:21:84:c2:15:84:28:cc:b1:6d:30:57:36:d8:b1:42:4d:
d7:77:15:32:70:92:00:3a:4f:03:89:d6:0b:df:a7:dd:17:d9:
15:17:55:f3:8c:70:45:19:e2:7d:d7:0d:f7:95:be:25:cf:6c:
9d:d6:89:01:c8:82:b6:74:a0:e6:2a:86:18:c7:7d:18:38:77:
4c:32:bd:d8:68:ca:08:b1:92:38:61:7e:74:f2:28:7a:f1:d9:
c8:bf:14:81:31:64:7d:03:44:3c:45:4a:6c:e8:b8:e6:b3:f0:
a8:ff:67:d2:89:71:aa:1b:8f:be:c8:74:94:94:47:f3:56:0e:
2e:eb:a9:ff:24:79:32:1d:d5:f7:55:5c:9f:1d:e8:e1:3d:bd:
58:59:38:20:9f:25:99:d2:57:b1:c2:06:d8:d5:3e:20:13:ea:
7e:17:64:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKkk6TSSC4CeOmFOSlCOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTZlY2EzNGRjNzBjMWYxYmYxYzRkZDFiMGE4MjA5M2Iz
NTRiNzIwHhcNMjQwMTAyMTIzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM3ZDM4ZDkzZmM5Y2I0MDI2ZDZiZmM3NjY1ZGVmMDMwNWUxOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCxHTqw0b0/5I/xjq3Vz/eXqo3/2
JVuzW77X3gToFBY0iahjmJswONLS0LPdUIfnoOB4p/f+pmaysr3sZZaxJv8DhVT6
l9m1r47Vvmf3JRql8B7396sANLocxjPeRIuwKBSP7h5zOpK+Z4FREyWGtFluGKtr
MBfivvz5186ZI7re3wj+Iw9Ktl/Tge3iUMupr3h0M1C9NgW3WhOG1jYz9ysZokH7
4rhpVI2iAueRxi6fATG7Xqfc/OMPq4V9kRldfhkqmQgxxYFSEX9cUlNMsNAY444B
8AHn7J4Qn6egFjFRnaelX/Z8pqLTbKSgFYBKx1ooC9aV0VQx8mN/O99vcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTH042T/Jy0Am1r/HZl3vAwXhnfMB8GA1UdIwQY
MBaAFEPm7KNNxwwfG/HE3RsKggk7NUtyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1ic28wM0hEQjhiOGNUZEd3cUNDVHMxUzNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kYjAyZjQtMzkwOC00Njc0LWEwYzQt
MDM2NGNiZTliYWI4LzEvdE1mVGpaUDhuTFFDYld2OGRtWGU4REJlR2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kYjAyZjQtMzkwOC00Njc0LWEwYzQtMDM2NGNiZTliYWI4
LzEvUS1ic28wM0hEQjhiOGNUZEd3cUNDVHMxUzNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYQDMA0G
CSqGSIb3DQEBCwUAA4IBAQB6e8NQSLXHi2zC+s7u/DTN3tGOfuBX9LdcKv5NwaTq
jDyaUZ3/8taoHSJt6paIfaXNYG63fkVaSKJUq5Bnrj7AfDgD8N9LvCeXmTNzEXbJ
7kOKmLYV3vcNlXJ13SGEwhWEKMyxbTBXNtixQk3XdxUycJIAOk8DidYL36fdF9kV
F1XzjHBFGeJ91w33lb4lz2yd1okByIK2dKDmKoYYx30YOHdMMr3YaMoIsZI4YX50
8ih68dnIvxSBMWR9A0Q8RUps6Ljms/Co/2fSiXGqG4++yHSUlEfzVg4u66n/JHky
HdX3VVyfHejhPb1YWTggnyWZ0lexwgbY1T4gE+p+F2S+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org