Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/hRNoAok-43aWfcF9VhFac4tWuRo.roa
File: hRNoAok-43aWfcF9VhFac4tWuRo.roa (raw, json)
Hash identifier: mBinpWIujOMmghogOXKz+ZjE22ywJwOmPEDpWMhWr1A=
Subject key identifier: 85:13:68:02:89:3E:E3:76:96:7D:C1:7D:56:11:5A:73:8B:56:B9:1A
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 01855CBD840E545301D50CB56863CC23E7F8
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/hRNoAok-43aWfcF9VhFac4tWuRo.roa
Signing time: Thu 29 Dec 2022 07:16:41 +0000
ROA not before: Thu 29 Dec 2022 07:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 152.89.250.0/24 maxlen: 24
45.154.104.0/23 maxlen: 23
194.5.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5c:bd:84:0e:54:53:01:d5:0c:b5:68:63:cc:23:e7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Dec 29 07:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85136802893ee376967dc17d56115a738b56b91a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:31:8c:e8:e5:15:42:25:1f:34:63:31:10:6c:
ad:b7:36:2d:68:92:99:5f:45:25:be:1e:cd:b1:ee:
f4:83:54:ad:76:5c:a6:2e:c5:fb:32:bb:73:57:e5:
7d:d3:0c:aa:54:6d:fa:f1:23:95:19:88:5e:0b:80:
fd:74:b8:58:5f:1e:e5:4e:af:69:49:ca:82:11:0c:
4d:64:97:d0:7c:a1:34:70:18:46:18:7a:bb:3b:58:
04:55:7c:7b:75:aa:86:42:eb:d4:9f:9b:82:29:50:
1a:a6:4e:30:5e:22:01:d5:2a:84:e1:72:d3:a5:6d:
3a:86:f9:78:36:dc:1f:08:d4:6e:dd:dc:e0:6f:d9:
13:39:1d:a8:c7:b3:44:49:ed:28:af:a5:ce:03:1b:
ea:ea:07:3b:60:45:0e:a7:0a:1b:2c:a5:0d:94:69:
ee:f4:2a:94:a0:8d:40:8a:08:bb:9d:24:87:b5:f5:
e9:de:17:d3:e3:a6:3f:ed:dd:b0:0e:ac:5f:ef:1e:
93:25:1e:20:f6:75:bd:c3:db:e2:1d:7a:d3:bf:9b:
96:2e:7f:5a:ae:05:ca:62:27:62:ba:c5:15:db:25:
0f:42:39:ad:63:37:8f:84:f2:bc:8f:98:00:03:e1:
13:b8:8a:9e:66:6b:42:db:9f:7e:4e:34:02:fe:93:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:13:68:02:89:3E:E3:76:96:7D:C1:7D:56:11:5A:73:8B:56:B9:1A
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/hRNoAok-43aWfcF9VhFac4tWuRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.104.0/23
152.89.250.0/24
194.5.146.0/24
Signature Algorithm: sha256WithRSAEncryption
68:52:11:da:75:66:39:a1:2c:6e:ac:df:01:7d:df:69:ee:36:
c1:7e:e3:c1:b9:16:88:a7:c4:ae:4a:1a:92:14:73:a0:91:68:
a0:94:d1:72:d4:8f:44:e3:ef:73:bb:f7:e7:e5:d1:de:92:f6:
00:94:0e:d6:18:33:64:79:8a:6e:c3:ee:6b:e6:92:d3:07:3f:
bc:33:9a:78:a1:09:90:e4:09:5e:fa:f9:1e:4a:b7:c3:8c:81:
b9:f5:18:27:9d:81:77:99:82:39:4b:d5:04:f6:35:b2:e3:aa:
3f:6a:4b:c4:5a:b3:2f:55:c9:8a:2b:79:7c:1d:a1:9a:36:dd:
57:b5:e8:18:26:27:ab:ff:3e:d7:14:73:51:6b:d1:87:e0:a1:
9e:5b:54:ff:17:c3:de:93:b5:73:4c:42:c5:31:9d:3b:86:fb:
36:0e:a0:61:86:6a:56:4d:44:21:fb:97:e5:66:c5:4d:02:f4:
b9:08:a3:6e:c7:c2:6e:80:bf:55:1b:83:c9:fc:53:81:4e:8f:
aa:51:77:64:f5:09:0e:2a:c7:f8:b6:76:69:8d:ac:d7:18:c5:
1c:63:a7:7f:c6:08:d7:88:a0:6e:f1:4d:ce:4f:7c:0a:18:e3:
c2:c7:1b:33:51:34:17:98:97:e2:47:9c:e9:cd:cb:7e:22:cd:
ba:cb:c8:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVcvYQOVFMB1Qy1aGPMI+f4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMjI5MDcxNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEzNjgwMjg5M2VlMzc2OTY3ZGMxN2Q1NjExNWE3MzhiNTZiOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTGM6OUVQiUfNGMxEGyttzYtaJKZ
X0Ulvh7Nse70g1StdlymLsX7MrtzV+V90wyqVG368SOVGYheC4D9dLhYXx7lTq9p
ScqCEQxNZJfQfKE0cBhGGHq7O1gEVXx7daqGQuvUn5uCKVAapk4wXiIB1SqE4XLT
pW06hvl4NtwfCNRu3dzgb9kTOR2ox7NESe0or6XOAxvq6gc7YEUOpwobLKUNlGnu
9CqUoI1Aigi7nSSHtfXp3hfT46Y/7d2wDqxf7x6TJR4g9nW9w9viHXrTv5uWLn9a
rgXKYidiusUV2yUPQjmtYzePhPK8j5gAA+ETuIqeZmtC259+TjQC/pNdxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIUTaAKJPuN2ln3BfVYRWnOLVrkaMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvaFJOb0Fvay00M2FXZmNGOVZoRmFjNHRXdVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZpoAwQA
mFn6AwQAwgWSMA0GCSqGSIb3DQEBCwUAA4IBAQBoUhHadWY5oSxurN8Bfd9p7jbB
fuPBuRaIp8SuShqSFHOgkWiglNFy1I9E4+9zu/fn5dHekvYAlA7WGDNkeYpuw+5r
5pLTBz+8M5p4oQmQ5Ale+vkeSrfDjIG59RgnnYF3mYI5S9UE9jWy46o/akvEWrMv
VcmKK3l8HaGaNt1XtegYJier/z7XFHNRa9GH4KGeW1T/F8Pek7VzTELFMZ07hvs2
DqBhhmpWTUQh+5flZsVNAvS5CKNux8JugL9VG4PJ/FOBTo+qUXdk9QkOKsf4tnZp
jazXGMUcY6d/xgjXiKBu8U3OT3wKGOPCxxszUTQXmJfiR5zpzct+Is26y8i6
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:44 2023 by rpki-client on console-ams.rpki-client.org