Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/o6aU-GN5DZU7nABZUykT40OqZBI.roa
File: o6aU-GN5DZU7nABZUykT40OqZBI.roa (raw, json)
Hash identifier: 9HpmSNDcQDKjKBJ/U2pNF1jLznuTYkDfyGetFlSbd9Y=
Subject key identifier: A3:A6:94:F8:63:79:0D:95:3B:9C:00:59:53:29:13:E3:43:AA:64:12
Certificate issuer: /CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
Certificate serial: 018CC801F33DF6134C5782B1D40F3F8450DE
Authority key identifier: D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/o6aU-GN5DZU7nABZUykT40OqZBI.roa
Signing time: Tue 02 Jan 2024 02:30:20 +0000
ROA not before: Tue 02 Jan 2024 02:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 45.145.176.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f3:3d:f6:13:4c:57:82:b1:d4:0f:3f:84:50:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
Validity
Not Before: Jan 2 02:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3a694f863790d953b9c0059532913e343aa6412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:29:d3:2b:9e:ab:78:66:41:c6:c7:17:c5:c3:
68:46:f0:ad:96:49:e0:16:72:c0:7c:ac:58:aa:70:
8c:20:58:dd:fb:ad:c2:fa:8f:bc:44:1a:5f:6b:ce:
56:76:53:81:0d:4c:2b:7e:de:20:67:22:7a:74:b8:
2f:8b:2f:0e:12:ff:79:c5:e0:45:91:68:78:16:b2:
83:00:10:ec:7a:cc:cd:72:4f:c8:b5:9c:df:95:ef:
0f:2b:d2:87:05:a3:f7:a5:41:aa:49:91:c2:b1:ac:
14:53:9a:6e:a9:eb:d6:a2:86:e6:08:8a:7c:45:07:
70:b3:fe:82:a6:54:d4:3d:21:20:05:65:2a:9c:73:
66:f2:21:09:46:5b:c4:3c:29:d3:95:04:b5:64:86:
39:60:b8:fa:27:27:02:8f:ee:26:7b:6a:da:16:36:
93:8c:3a:fe:c4:fa:13:d0:8d:7b:87:0e:05:7d:7e:
be:77:e1:f2:09:65:d8:ac:f4:8d:54:81:e6:fb:c6:
18:1f:5b:d1:49:6c:3a:0c:c4:d3:2b:53:4d:43:3c:
6b:84:ae:be:f7:b4:02:e1:00:80:15:07:68:f4:b6:
3b:04:40:bf:9d:2f:21:95:6c:68:16:d1:ce:91:68:
cb:15:57:39:01:6f:f4:95:8b:40:b9:02:c0:cf:06:
41:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A6:94:F8:63:79:0D:95:3B:9C:00:59:53:29:13:E3:43:AA:64:12
X509v3 Authority Key Identifier:
keyid:D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/o6aU-GN5DZU7nABZUykT40OqZBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/0romGKtLYELuJcRnngd15DBtccY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.176.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:aa:4d:e0:28:af:41:21:c5:d6:96:d6:62:53:a1:d9:67:5e:
1f:e0:59:e0:48:9c:dc:46:bf:65:fc:58:5f:a5:17:9d:41:eb:
a8:54:1a:5c:bb:2f:b5:e4:0d:2f:73:c5:5a:5e:3c:78:81:60:
77:43:ac:b3:2f:d9:c1:ff:10:cd:a3:e2:a4:59:42:2d:8e:9f:
04:4b:e8:90:cd:db:2a:1b:34:d0:2c:38:0e:32:33:2e:d1:c5:
1b:d7:01:ea:c0:cb:d1:b2:a0:c8:6e:66:82:66:d6:fc:9c:98:
6b:f7:69:3c:76:fe:56:cd:e7:c9:55:90:07:46:b5:9d:3a:5d:
ff:50:64:13:07:cf:50:e7:88:58:f6:90:3b:16:ea:d8:ad:21:
a8:0d:af:04:31:38:98:c6:1b:69:0c:98:5b:52:29:39:8b:1a:
68:68:75:4b:7a:2d:80:c7:93:e4:a1:4f:b5:e6:3d:44:70:87:
26:98:98:c2:ba:1e:33:ed:53:01:40:9a:50:b6:b3:b5:b1:10:
d5:cb:de:85:99:90:b2:c6:b0:f7:64:66:6c:57:28:47:b0:8f:
99:43:16:53:54:6c:26:b6:79:0e:b7:84:e3:40:06:67:cc:3b:
63:b9:6a:82:c9:4c:11:30:ab:90:a1:07:7c:cf:4e:05:5e:72:
e4:12:d0:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAfM99hNMV4Kx1A8/hFDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYmEyNjE4YWI0YjYwNDJlZTI1YzQ2NzllMDc3NWU0MzA2
ZDcxYzYwHhcNMjQwMTAyMDIzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E2OTRmODYzNzkwZDk1M2I5YzAwNTk1MzI5MTNlMzQzYWE2NDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArynTK56reGZBxscXxcNoRvCtlkng
FnLAfKxYqnCMIFjd+63C+o+8RBpfa85WdlOBDUwrft4gZyJ6dLgviy8OEv95xeBF
kWh4FrKDABDseszNck/ItZzfle8PK9KHBaP3pUGqSZHCsawUU5puqevWoobmCIp8
RQdws/6CplTUPSEgBWUqnHNm8iEJRlvEPCnTlQS1ZIY5YLj6JycCj+4me2raFjaT
jDr+xPoT0I17hw4FfX6+d+HyCWXYrPSNVIHm+8YYH1vRSWw6DMTTK1NNQzxrhK6+
97QC4QCAFQdo9LY7BEC/nS8hlWxoFtHOkWjLFVc5AW/0lYtAuQLAzwZBMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOmlPhjeQ2VO5wAWVMpE+NDqmQSMB8GA1UdIwQY
MBaAFNK6JhirS2BC7iXEZ54HdeQwbXHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJvbUdLdExZRUx1SmNSbm5nZDE1REJ0Y2NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNjc5OTYtNTRmMS00ZjFlLWE3NjAt
OGUwZDUyOTNhYWM4LzEvbzZhVS1HTjVEWlU3bkFCWlV5a1Q0ME9xWkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hNjc5OTYtNTRmMS00ZjFlLWE3NjAtOGUwZDUyOTNhYWM4
LzEvMHJvbUdLdExZRUx1SmNSbm5nZDE1REJ0Y2NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZGwMA0G
CSqGSIb3DQEBCwUAA4IBAQB+qk3gKK9BIcXWltZiU6HZZ14f4FngSJzcRr9l/Fhf
pRedQeuoVBpcuy+15A0vc8VaXjx4gWB3Q6yzL9nB/xDNo+KkWUItjp8ES+iQzdsq
GzTQLDgOMjMu0cUb1wHqwMvRsqDIbmaCZtb8nJhr92k8dv5WzefJVZAHRrWdOl3/
UGQTB89Q54hY9pA7FurYrSGoDa8EMTiYxhtpDJhbUik5ixpoaHVLei2Ax5PkoU+1
5j1EcIcmmJjCuh4z7VMBQJpQtrO1sRDVy96FmZCyxrD3ZGZsVyhHsI+ZQxZTVGwm
tnkOt4TjQAZnzDtjuWqCyUwRMKuQoQd8z04FXnLkEtB9
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:56 2024 by rpki-client on console-fra.rpki-client.org