Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/xt7kSbt0j9xqNzwI87o8qawkY7E.roa
File: xt7kSbt0j9xqNzwI87o8qawkY7E.roa (raw, json)
Hash identifier: uamt/U+Y/gNA+h5enGSX2ea5Cc5KVfueLvNV0ix5Mvk=
Subject key identifier: C6:DE:E4:49:BB:74:8F:DC:6A:37:3C:08:F3:BA:3C:A9:AC:24:63:B1
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 018410341BD10481CFC1704827D7EA0B5029
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/xt7kSbt0j9xqNzwI87o8qawkY7E.roa
Signing time: Tue 25 Oct 2022 17:32:40 +0000
ROA not before: Tue 25 Oct 2022 17:32:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 45.149.187.0/24 maxlen: 24
152.89.248.0/24 maxlen: 24
195.206.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:34:1b:d1:04:81:cf:c1:70:48:27:d7:ea:0b:50:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Oct 25 17:32:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6dee449bb748fdc6a373c08f3ba3ca9ac2463b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:b2:db:4f:94:8a:e1:e0:a1:fc:97:6a:a7:
69:7c:7c:95:74:fd:18:66:14:07:e7:0b:ca:75:ab:
4a:c6:a5:5b:f8:0d:fa:19:ca:9b:d9:0c:51:cb:a5:
21:e3:fb:28:91:4e:e4:57:07:b7:bb:18:67:4f:69:
bb:b4:c3:44:22:c4:19:ca:81:d5:15:35:ff:d1:7d:
77:73:3e:22:fd:df:e4:dc:75:f9:85:38:8e:98:eb:
1a:dc:ab:5b:b1:b8:28:1a:68:ce:9d:0f:2b:4c:f1:
11:75:3a:3b:77:b5:82:df:1e:b2:ff:a5:e3:df:8e:
ab:6e:43:21:80:6c:1f:f9:7c:fe:cf:cd:c9:00:f3:
46:4f:dd:85:d7:f7:59:d7:41:d1:a4:3f:6f:d5:9c:
24:a6:5c:52:b0:c3:f9:8f:e9:65:22:e2:67:7d:75:
df:6d:b5:b2:b8:23:a2:5a:43:43:52:5f:dc:30:37:
9a:cd:ac:11:22:41:27:15:0c:ec:4d:bf:b2:4c:5e:
4c:62:d5:84:19:70:f0:a6:2f:60:f4:5c:bc:aa:d9:
bf:a3:06:81:92:b0:93:11:b7:c7:c4:20:52:81:51:
79:06:00:38:e8:15:56:cd:ec:a4:f0:a0:8f:8b:37:
54:73:0a:67:e0:30:70:0a:b3:18:ad:3f:0b:35:2f:
ea:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DE:E4:49:BB:74:8F:DC:6A:37:3C:08:F3:BA:3C:A9:AC:24:63:B1
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/xt7kSbt0j9xqNzwI87o8qawkY7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.187.0/24
152.89.248.0/24
195.206.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:6d:04:ff:18:a3:1a:bd:f6:c9:05:7a:9c:21:5b:7c:2c:35:
01:0f:30:73:12:b5:d7:6a:7b:92:9b:03:27:cc:13:f5:66:7b:
bd:1a:46:4b:ff:cc:5f:3a:5c:7e:38:e4:95:bd:36:02:6a:fd:
08:83:07:9d:79:61:0e:41:84:7d:8b:2b:5e:66:a2:de:e4:d2:
1a:de:69:14:d1:9f:3f:16:0b:83:25:a4:df:13:7d:70:93:c2:
83:7b:91:58:e1:e0:06:04:ff:36:a4:c5:34:54:be:c2:13:af:
ab:cc:3a:50:4c:ec:81:c0:64:a7:cb:53:a5:7f:40:50:03:35:
e5:af:4f:a4:4f:fe:21:ae:f7:a5:24:48:85:6f:57:fb:26:da:
92:e7:26:9b:1d:87:fd:a5:54:7e:cc:5b:7e:ec:30:8c:d5:7a:
96:82:f3:cc:62:71:7e:a3:04:dd:a1:dc:8e:4d:21:b2:72:71:
9a:25:87:c0:fb:6a:0c:31:ca:05:26:e2:94:6d:c9:b5:64:30:
8a:52:c2:65:9e:86:c2:3d:7a:39:da:d1:b7:5a:81:76:08:17:
b5:f2:62:5f:54:89:0a:b8:d0:a0:01:6d:ed:b6:25:f4:7c:57:
ff:46:60:50:db:9b:cc:c8:d1:e5:fe:a7:5e:a0:79:06:c0:e3:
ae:25:ba:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQQNBvRBIHPwXBIJ9fqC1ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMDI1MTczMjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRlZTQ0OWJiNzQ4ZmRjNmEzNzNjMDhmM2JhM2NhOWFjMjQ2M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCOy20+UiuHgofyXaqdpfHyVdP0Y
ZhQH5wvKdatKxqVb+A36Gcqb2QxRy6Uh4/sokU7kVwe3uxhnT2m7tMNEIsQZyoHV
FTX/0X13cz4i/d/k3HX5hTiOmOsa3KtbsbgoGmjOnQ8rTPERdTo7d7WC3x6y/6Xj
346rbkMhgGwf+Xz+z83JAPNGT92F1/dZ10HRpD9v1ZwkplxSsMP5j+llIuJnfXXf
bbWyuCOiWkNDUl/cMDeazawRIkEnFQzsTb+yTF5MYtWEGXDwpi9g9Fy8qtm/owaB
krCTEbfHxCBSgVF5BgA46BVWzeyk8KCPizdUcwpn4DBwCrMYrT8LNS/qaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMbe5Em7dI/cajc8CPO6PKmsJGOxMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEveHQ3a1NidDBqOXhxTnp3STg3bzhxYXdrWTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZW7AwQA
mFn4AwQAw87rMA0GCSqGSIb3DQEBCwUAA4IBAQCibQT/GKMavfbJBXqcIVt8LDUB
DzBzErXXanuSmwMnzBP1Znu9GkZL/8xfOlx+OOSVvTYCav0IgwedeWEOQYR9iyte
ZqLe5NIa3mkU0Z8/FguDJaTfE31wk8KDe5FY4eAGBP82pMU0VL7CE6+rzDpQTOyB
wGSny1Olf0BQAzXlr0+kT/4hrvelJEiFb1f7JtqS5yabHYf9pVR+zFt+7DCM1XqW
gvPMYnF+owTdodyOTSGycnGaJYfA+2oMMcoFJuKUbcm1ZDCKUsJlnobCPXo52tG3
WoF2CBe18mJfVIkKuNCgAW3ttiX0fFf/RmBQ25vMyNHl/qdeoHkGwOOuJboN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-fra.rpki-client.org