Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/tH54a5u8InlwFx3uoH0av8rprKs.roa
File: tH54a5u8InlwFx3uoH0av8rprKs.roa (raw, json)
Hash identifier: W+A0CAQJXLGWRwH0wHfGcN3s8kCCYsoo0Iy+7Ii/InA=
Subject key identifier: B4:7E:78:6B:9B:BC:22:79:70:17:1D:EE:A0:7D:1A:BF:CA:E9:AC:AB
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018CC87071C9FEC2B491E81BE2B74FD33C98
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/tH54a5u8InlwFx3uoH0av8rprKs.roa
Signing time: Tue 02 Jan 2024 04:31:01 +0000
ROA not before: Tue 02 Jan 2024 04:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20860
IP address blocks: 193.37.72.0/22 maxlen: 22
45.88.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:71:c9:fe:c2:b4:91:e8:1b:e2:b7:4f:d3:3c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jan 2 04:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b47e786b9bbc227970171deea07d1abfcae9acab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:76:32:ea:ff:06:78:5a:ba:3c:47:f6:3c:be:
29:c9:fa:4b:5e:a0:82:05:fb:92:cd:62:bf:a8:1c:
a4:f2:7f:3a:89:41:13:7c:79:d3:d0:5e:b9:e9:ce:
aa:b0:a7:49:87:35:d3:92:4c:53:76:6e:01:ba:23:
d5:83:ab:f2:ab:8b:b3:af:7d:55:d7:1c:ed:93:72:
d9:02:35:22:f0:4f:98:5b:ea:5d:e4:c2:8e:a2:6e:
ac:6e:54:0d:14:7c:d8:eb:62:fd:00:c4:78:17:73:
63:84:e5:be:2e:be:22:ca:c1:6e:80:e8:58:38:5b:
3c:1c:41:05:22:d6:57:fd:03:5d:2e:d7:60:c5:26:
c4:df:d5:4b:5a:3e:1f:16:d7:85:d2:6a:97:10:a2:
72:f8:e2:a6:0a:13:fc:27:15:03:de:c4:eb:dd:f7:
21:30:a3:3e:75:34:3f:c2:4d:0b:d4:07:6a:cb:c3:
32:56:62:fc:9a:f8:eb:bd:a4:2c:3e:9b:66:0f:f7:
71:8f:8b:48:cc:53:38:9d:3d:f8:9e:2c:64:e8:d7:
f2:24:4b:65:18:9c:a1:cf:9c:37:2e:f5:91:59:d2:
c8:dd:73:bb:8a:fc:cf:19:ee:aa:d4:bd:57:25:79:
25:78:00:8e:bb:48:3c:af:bf:e0:f3:95:0e:20:21:
65:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7E:78:6B:9B:BC:22:79:70:17:1D:EE:A0:7D:1A:BF:CA:E9:AC:AB
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/tH54a5u8InlwFx3uoH0av8rprKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.144.0/22
193.37.72.0/22
Signature Algorithm: sha256WithRSAEncryption
87:a0:9a:a5:71:3a:1f:dd:ad:ab:68:68:67:35:57:24:01:08:
e8:02:2e:6c:86:99:68:d7:0b:58:40:73:4f:f0:7a:6b:b3:a4:
a3:5a:a6:e9:cb:37:56:fa:c8:54:e4:d4:e0:79:4c:50:f3:c0:
b3:0e:a3:6d:cd:49:76:ca:ea:9f:67:60:8e:eb:6e:83:cd:7f:
3f:c5:70:61:d5:e3:08:55:03:82:6e:c8:13:4a:87:70:a4:4d:
a0:88:7d:0d:d2:49:bd:ad:db:92:fd:f7:48:ac:60:57:39:89:
49:68:c3:6b:d3:7c:6c:64:f6:88:ec:39:75:5f:79:33:39:5d:
43:83:04:12:25:bb:6e:57:2d:63:8e:87:92:37:1c:92:70:8f:
26:ee:5a:9b:ee:e5:1c:ec:31:42:f0:bb:12:0c:90:a8:72:23:
19:73:2e:ed:bb:e6:48:a8:e7:a4:79:71:ca:13:b9:4e:80:d5:
f9:a4:62:f9:67:fc:ca:43:74:74:92:3d:6b:39:8c:79:5c:34:
72:18:f4:59:df:82:a3:2d:a3:93:6e:72:83:41:8e:a2:30:05:
28:ab:5a:08:aa:8f:93:05:7e:77:b5:e9:a5:86:9f:b7:6a:69:
f9:d9:f9:da:31:16:15:3c:1a:b7:cb:ed:87:66:10:7d:e2:09:
b5:5e:2c:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcHHJ/sK0kegb4rdP0zyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjQwMTAyMDQzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDdlNzg2YjliYmMyMjc5NzAxNzFkZWVhMDdkMWFiZmNhZTlhY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnYy6v8GeFq6PEf2PL4pyfpLXqCC
BfuSzWK/qByk8n86iUETfHnT0F656c6qsKdJhzXTkkxTdm4BuiPVg6vyq4uzr31V
1xztk3LZAjUi8E+YW+pd5MKOom6sblQNFHzY62L9AMR4F3NjhOW+Lr4iysFugOhY
OFs8HEEFItZX/QNdLtdgxSbE39VLWj4fFteF0mqXEKJy+OKmChP8JxUD3sTr3fch
MKM+dTQ/wk0L1Adqy8MyVmL8mvjrvaQsPptmD/dxj4tIzFM4nT34nixk6NfyJEtl
GJyhz5w3LvWRWdLI3XO7ivzPGe6q1L1XJXkleACOu0g8r7/g85UOICFl4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLR+eGubvCJ5cBcd7qB9Gr/K6ayrMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvdEg1NGE1dThJbmx3RngzdW9IMGF2OHJwcktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLViQAwQC
wSVIMA0GCSqGSIb3DQEBCwUAA4IBAQCHoJqlcTof3a2raGhnNVckAQjoAi5shplo
1wtYQHNP8Hprs6SjWqbpyzdW+shU5NTgeUxQ88CzDqNtzUl2yuqfZ2CO626DzX8/
xXBh1eMIVQOCbsgTSodwpE2giH0N0km9rduS/fdIrGBXOYlJaMNr03xsZPaI7Dl1
X3kzOV1DgwQSJbtuVy1jjoeSNxyScI8m7lqb7uUc7DFC8LsSDJCociMZcy7tu+ZI
qOekeXHKE7lOgNX5pGL5Z/zKQ3R0kj1rOYx5XDRyGPRZ34KjLaOTbnKDQY6iMAUo
q1oIqo+TBX53temlhp+3amn52fnaMRYVPBq3y+2HZhB94gm1Xizb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:48 2024 by rpki-client on console-ams.rpki-client.org