Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/VahGb7l3cTklDFXsAkhj0GK1_sg.roa
File: VahGb7l3cTklDFXsAkhj0GK1_sg.roa (raw, json)
Hash identifier: mcS2f4aGXwzFXtDLorUcXsZqAQHhFwmB41eci3g7tFo=
Subject key identifier: 55:A8:46:6F:B9:77:71:39:25:0C:55:EC:02:48:63:D0:62:B5:FE:C8
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 01845B74B0004F6C127DD5249E1AA3B4FDC3
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/VahGb7l3cTklDFXsAkhj0GK1_sg.roa
Signing time: Wed 09 Nov 2022 08:14:44 +0000
ROA not before: Wed 09 Nov 2022 08:14:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 194.105.21.0/24 maxlen: 24
45.154.107.0/24 maxlen: 24
192.166.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:74:b0:00:4f:6c:12:7d:d5:24:9e:1a:a3:b4:fd:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Nov 9 08:14:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55a8466fb9777139250c55ec024863d062b5fec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:75:60:81:9a:27:db:bd:bf:fc:c0:58:6d:b5:
89:60:8c:b3:4c:79:15:b2:62:73:e2:16:c2:57:49:
5f:32:c9:27:59:92:77:2a:53:74:82:0d:e2:23:03:
be:86:a5:e7:2a:e2:37:c9:eb:60:d9:5a:a1:e9:ee:
da:63:04:e8:8d:ac:c1:da:03:19:65:db:8c:ed:39:
ec:66:8d:cd:5d:f7:85:b7:dc:cc:9b:7a:24:d2:d4:
b8:6a:88:03:e7:ab:b4:f9:ce:73:dc:a1:c1:28:55:
71:48:36:0c:b9:42:a3:6d:e8:ec:61:47:92:3f:68:
e8:86:01:ec:d7:cc:ac:2c:46:5d:81:3c:9e:13:08:
e6:b6:43:6e:39:43:3d:81:73:cf:86:19:7f:d1:ce:
74:eb:c1:79:fd:cd:2d:ce:c5:a3:8e:1e:c3:48:64:
ba:c6:92:1f:81:83:46:00:72:f8:d5:6c:89:80:91:
8e:99:f0:d1:ee:df:eb:3e:84:11:cc:29:c6:ca:0f:
e8:e9:0e:02:de:97:f8:35:13:86:e9:3e:f6:a3:df:
0a:b4:a0:5f:3f:dc:a4:67:a3:a9:81:1f:ee:87:1e:
4f:d6:ac:f0:8f:49:da:0a:4e:be:ec:14:16:0b:db:
09:3a:f1:0a:58:03:fb:38:bb:67:d0:a7:b3:96:74:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A8:46:6F:B9:77:71:39:25:0C:55:EC:02:48:63:D0:62:B5:FE:C8
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/VahGb7l3cTklDFXsAkhj0GK1_sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.107.0/24
192.166.114.0/24
194.105.21.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ef:a5:b5:20:c5:b7:72:43:f4:ee:d4:e0:f0:bd:84:d5:0e:
88:a8:8c:69:26:f4:c4:16:8f:6b:d4:5d:15:51:7c:b9:b7:54:
4d:ce:7a:60:03:62:9b:25:89:15:db:6c:6a:d3:a4:2a:b3:8b:
d5:92:7a:69:4a:85:11:fd:cc:87:92:0b:b5:45:af:ea:93:7f:
4d:f2:18:0c:97:67:60:c1:a0:94:df:6b:88:a2:f0:2b:32:6f:
47:97:84:a9:07:a5:93:19:e3:e9:c6:1b:79:12:d4:59:1d:5e:
c0:db:67:11:a7:e9:d6:c5:2a:3d:56:27:04:f6:c2:a7:ca:dd:
fd:f4:e7:d1:d5:a6:d5:e4:00:14:f6:9e:66:ce:c2:ca:bd:02:
5d:ff:49:24:66:35:72:63:68:0a:24:99:52:7b:cb:e7:aa:7f:
2f:fc:60:ee:72:22:95:31:8d:1a:c7:99:4c:f4:1c:ab:a4:82:
ff:66:64:fe:6a:e7:19:e7:6b:e8:a0:80:64:c0:29:aa:37:13:
f2:5c:96:d2:5d:eb:60:50:6b:83:85:15:82:41:d9:c3:e6:13:
a9:9a:42:2d:13:ec:ce:77:6f:34:83:30:38:3a:cd:fe:1e:12:
d1:ae:6a:3c:8a:ec:c6:69:4d:e0:74:0b:56:03:87:43:b6:5b:
ad:d2:50:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRbdLAAT2wSfdUknhqjtP3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMTA5MDgxNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE4NDY2ZmI5Nzc3MTM5MjUwYzU1ZWMwMjQ4NjNkMDYyYjVmZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHVggZon272//MBYbbWJYIyzTHkV
smJz4hbCV0lfMsknWZJ3KlN0gg3iIwO+hqXnKuI3yetg2Vqh6e7aYwTojazB2gMZ
ZduM7TnsZo3NXfeFt9zMm3ok0tS4aogD56u0+c5z3KHBKFVxSDYMuUKjbejsYUeS
P2johgHs18ysLEZdgTyeEwjmtkNuOUM9gXPPhhl/0c5068F5/c0tzsWjjh7DSGS6
xpIfgYNGAHL41WyJgJGOmfDR7t/rPoQRzCnGyg/o6Q4C3pf4NROG6T72o98KtKBf
P9ykZ6OpgR/uhx5P1qzwj0naCk6+7BQWC9sJOvEKWAP7OLtn0KezlnSuawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFWoRm+5d3E5JQxV7AJIY9Bitf7IMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvVmFoR2I3bDNjVGtsREZYc0FraGowR0sxX3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZprAwQA
wKZyAwQAwmkVMA0GCSqGSIb3DQEBCwUAA4IBAQBy76W1IMW3ckP07tTg8L2E1Q6I
qIxpJvTEFo9r1F0VUXy5t1RNznpgA2KbJYkV22xq06Qqs4vVknppSoUR/cyHkgu1
Ra/qk39N8hgMl2dgwaCU32uIovArMm9Hl4SpB6WTGePpxht5EtRZHV7A22cRp+nW
xSo9VicE9sKnyt399OfR1abV5AAU9p5mzsLKvQJd/0kkZjVyY2gKJJlSe8vnqn8v
/GDuciKVMY0ax5lM9ByrpIL/ZmT+aucZ52vooIBkwCmqNxPyXJbSXetgUGuDhRWC
QdnD5hOpmkItE+zOd280gzA4Os3+HhLRrmo8iuzGaU3gdAtWA4dDtlut0lBM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:19 2025 by rpki-client