Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1229e4-940b-4628-b41f-80f14c671d6e/1/fgYisXnZgUxLDGLAS2NscmVHPTU.roa
File: fgYisXnZgUxLDGLAS2NscmVHPTU.roa (raw, json)
Hash identifier: TTE92dH5lkSlyJSmdsEvrW06+e/3l1RelyDmo7gmkXA=
Subject key identifier: 7E:06:22:B1:79:D9:81:4C:4B:0C:62:C0:4B:63:6C:72:65:47:3D:35
Certificate issuer: /CN=525c79479aeb01d1a60257dc07904b9f5b9a6791
Certificate serial: 0188C0BF
Authority key identifier: 52:5C:79:47:9A:EB:01:D1:A6:02:57:DC:07:90:4B:9F:5B:9A:67:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ulx5R5rrAdGmAlfcB5BLn1uaZ5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/1229e4-940b-4628-b41f-80f14c671d6e/1/fgYisXnZgUxLDGLAS2NscmVHPTU.roa
Signing time: Wed 13 Apr 2022 10:55:21 +0000
ROA not before: Wed 13 Apr 2022 10:55:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208414
IP address blocks: 45.138.104.0/24 maxlen: 29
45.138.105.0/24 maxlen: 24
45.138.104.0/22 maxlen: 22
45.138.107.0/24 maxlen: 24
45.138.106.0/24 maxlen: 24
2a0e:acc0:ac08::/48 maxlen: 48
2a0e:acc0:ac03::/48 maxlen: 48
2a0e:acc0:ac01::/48 maxlen: 48
2a0e:acc0:ac07::/48 maxlen: 48
2a0e:acc0:ac02::/48 maxlen: 48
2a0e:acc0:ac05::/48 maxlen: 48
2a0e:acc0::/48 maxlen: 48
2a0e:acc0:ac06::/48 maxlen: 48
2a0e:acc0:ac04::/48 maxlen: 48
2a0e:acc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25739455 (0x188c0bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=525c79479aeb01d1a60257dc07904b9f5b9a6791
Validity
Not Before: Apr 13 10:55:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e0622b179d9814c4b0c62c04b636c7265473d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a3:b0:cc:a6:b4:ba:33:7d:6f:f2:de:3e:24:
e5:46:b2:2c:12:20:5e:6f:9d:0f:83:c3:42:77:c5:
f1:9f:56:af:16:99:1c:76:ba:c6:23:a6:1e:5a:82:
26:25:29:57:ba:02:66:47:73:28:9f:4e:ff:d0:d2:
06:53:34:52:95:32:9a:86:22:06:f8:00:a2:83:a2:
c6:0e:43:c4:55:2c:b9:ea:b0:e4:46:18:a0:3d:eb:
c6:48:21:34:78:cd:ef:1b:23:cc:47:df:6f:b0:9e:
f4:66:aa:e1:e8:46:85:73:14:0c:bf:13:b6:10:bf:
2f:9c:ec:1c:47:9f:a0:5c:4f:cc:42:07:7b:f5:92:
1a:95:fe:c4:5b:61:f1:12:10:ea:4f:6e:1d:78:5f:
0d:08:b3:32:17:98:21:1d:f0:60:2d:2d:bb:db:15:
53:9f:1c:d9:a0:78:72:43:e3:fc:a5:c1:5e:46:fe:
55:b0:01:78:20:e7:fa:9d:d2:a0:ea:3c:d9:65:a8:
d6:a2:19:46:8d:eb:90:18:8c:2b:cf:62:0d:4a:48:
e2:01:67:46:f3:19:80:17:aa:12:a5:52:12:25:bd:
69:f3:6e:56:1e:7d:0c:fd:4f:16:55:28:a6:9d:f2:
3a:15:35:46:fe:32:9e:e8:50:f2:ac:0d:8a:f8:5b:
ed:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:06:22:B1:79:D9:81:4C:4B:0C:62:C0:4B:63:6C:72:65:47:3D:35
X509v3 Authority Key Identifier:
keyid:52:5C:79:47:9A:EB:01:D1:A6:02:57:DC:07:90:4B:9F:5B:9A:67:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ulx5R5rrAdGmAlfcB5BLn1uaZ5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1229e4-940b-4628-b41f-80f14c671d6e/1/fgYisXnZgUxLDGLAS2NscmVHPTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1229e4-940b-4628-b41f-80f14c671d6e/1/Ulx5R5rrAdGmAlfcB5BLn1uaZ5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.104.0/22
IPv6:
2a0e:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:cc:91:a9:0a:90:f0:76:30:92:e4:43:9c:79:1a:16:6a:c1:
c8:ed:5c:2b:9d:b0:2f:7f:88:7f:d8:a0:71:7a:0f:07:d5:b6:
3b:11:80:d6:6a:b4:0c:20:54:f6:bc:20:d9:fa:89:11:79:28:
7b:e8:19:ee:37:f6:f8:ca:2e:5e:e1:ee:35:c5:65:23:89:39:
d3:50:a0:b8:46:52:af:4e:e8:bb:36:13:bd:4c:e3:ab:f4:32:
9c:2c:75:a2:59:ec:01:57:82:96:4a:2b:e0:0b:be:44:e9:cd:
75:1f:f5:e8:53:c1:3e:28:9b:8b:85:bf:9a:38:5d:11:54:d0:
c2:7a:b5:00:cd:31:54:80:65:ca:f7:bf:4a:5d:1f:aa:11:0a:
28:a5:5a:41:7f:80:bc:23:74:06:d0:3d:54:34:99:8f:e3:35:
47:00:4f:84:74:39:82:58:7d:ac:af:64:b4:e9:f4:1d:87:46:
8b:88:b2:d1:06:7a:27:1f:af:1b:14:f2:0e:70:c7:2d:a1:f2:
e4:a2:60:d1:cf:56:e8:1d:ed:93:c2:e0:59:cc:ad:2d:d0:39:
68:e9:b0:ca:bc:83:5e:db:ed:3a:b7:3c:d1:a6:55:9d:10:92:
ea:ab:55:0c:8c:82:37:f8:01:ef:8c:cd:00:fc:7e:0d:44:2d:
f3:bd:b1:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAYjAvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjVjNzk0NzlhZWIwMWQxYTYwMjU3ZGMwNzkwNGI5ZjViOWE2NzkxMB4XDTIyMDQx
MzEwNTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UwNjIyYjE3OWQ5
ODE0YzRiMGM2MmMwNGI2MzZjNzI2NTQ3M2QzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWjsMymtLozfW/y3j4k5UayLBIgXm+dD4PDQnfF8Z9WrxaZ
HHa6xiOmHlqCJiUpV7oCZkdzKJ9O/9DSBlM0UpUymoYiBvgAooOixg5DxFUsueqw
5EYYoD3rxkghNHjN7xsjzEffb7Ce9Gaq4ehGhXMUDL8TthC/L5zsHEefoFxPzEIH
e/WSGpX+xFth8RIQ6k9uHXhfDQizMheYIR3wYC0tu9sVU58c2aB4ckPj/KXBXkb+
VbABeCDn+p3SoOo82WWo1qIZRo3rkBiMK89iDUpI4gFnRvMZgBeqEqVSEiW9afNu
Vh59DP1PFlUopp3yOhU1Rv4ynuhQ8qwNivhb7QUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR+BiKxedmBTEsMYsBLY2xyZUc9NTAfBgNVHSMEGDAWgBRSXHlHmusB0aYC
V9wHkEufW5pnkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VseDVSNXJyQWRHbUFsZmNCNUJMbjF1YVo1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvMTIyOWU0LTk0MGItNDYyOC1iNDFmLTgwZjE0YzY3MWQ2ZS8x
L2ZnWWlzWG5aZ1V4TERHTEFTMk5zY21WSFBUVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
MTIyOWU0LTk0MGItNDYyOC1iNDFmLTgwZjE0YzY3MWQ2ZS8xL1VseDVSNXJyQWRH
bUFsZmNCNUJMbjF1YVo1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2KaDANBAIAAjAHAwUDKg6swDAN
BgkqhkiG9w0BAQsFAAOCAQEAbMyRqQqQ8HYwkuRDnHkaFmrByO1cK52wL3+If9ig
cXoPB9W2OxGA1mq0DCBU9rwg2fqJEXkoe+gZ7jf2+MouXuHuNcVlI4k501CguEZS
r07ouzYTvUzjq/QynCx1olnsAVeClkor4Au+ROnNdR/16FPBPiibi4W/mjhdEVTQ
wnq1AM0xVIBlyve/Sl0fqhEKKKVaQX+AvCN0BtA9VDSZj+M1RwBPhHQ5glh9rK9k
tOn0HYdGi4iy0QZ6Jx+vGxTyDnDHLaHy5KJg0c9W6B3tk8LgWcytLdA5aOmwyryD
XtvtOrc80aZVnRCS6qtVDIyCN/gB74zNAPx+DUQt872xAg==
-----END CERTIFICATE-----