Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/cCkVtOmLcuIkUWh-yr5sPEJafC4.roa
File: cCkVtOmLcuIkUWh-yr5sPEJafC4.roa (raw, json)
Hash identifier: Hwh56OHRCRrKh6Rj9u1bGhXW1C9i3xo3IIdALsq/Oj4=
Subject key identifier: 70:29:15:B4:E9:8B:72:E2:24:51:68:7E:CA:BE:6C:3C:42:5A:7C:2E
Certificate issuer: /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial: 018A793633D282D772F739CB9902E968841C
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/cCkVtOmLcuIkUWh-yr5sPEJafC4.roa
Signing time: Sat 09 Sep 2023 09:11:49 +0000
ROA not before: Sat 09 Sep 2023 09:11:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 194.99.58.0/23 maxlen: 23
45.11.68.0/22 maxlen: 22
2.58.144.0/22 maxlen: 22
45.150.96.0/22 maxlen: 22
45.137.4.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:79:36:33:d2:82:d7:72:f7:39:cb:99:02:e9:68:84:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Validity
Not Before: Sep 9 09:11:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=702915b4e98b72e22451687ecabe6c3c425a7c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:18:b0:4c:fa:87:9e:f4:2d:33:1f:08:18:
33:8d:65:3b:2f:1d:49:85:9f:2e:51:75:58:f7:54:
ea:0e:51:7f:e4:4b:6d:68:99:dd:e4:ad:0b:1d:49:
ea:51:1b:e0:b9:7b:eb:b8:dc:38:15:ff:47:98:0d:
7f:b3:b6:ee:11:d0:11:c9:33:dc:f1:43:c7:5b:b3:
0a:77:ec:9a:b7:85:e7:93:f4:af:f6:ff:9e:d3:e6:
36:5a:8c:33:78:15:27:d4:5f:b0:96:f2:4d:4e:37:
f9:e0:3a:5e:4e:55:90:5a:71:70:8a:68:cb:39:90:
57:3a:b1:86:61:e8:58:76:6a:ac:73:48:30:72:dc:
c4:98:e9:49:ad:0c:72:96:32:b1:30:cf:f0:12:1f:
e2:5b:03:30:48:33:cf:0a:5b:34:8a:a7:2e:ae:8d:
c8:3b:1b:43:a3:ac:e7:68:e1:e7:37:bd:c1:95:fd:
96:95:48:96:6e:37:0e:45:20:64:03:ec:a1:a0:71:
24:b5:94:7b:8e:e5:72:5a:16:ed:ac:65:1c:4d:eb:
98:20:bb:ac:5e:71:f0:18:b4:04:b3:df:64:35:15:
2e:11:48:86:b4:a5:b2:24:01:ec:2a:df:b2:38:bd:
ce:7a:25:7b:7a:db:21:c9:4d:87:d5:f7:c0:e9:ad:
cc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:29:15:B4:E9:8B:72:E2:24:51:68:7E:CA:BE:6C:3C:42:5A:7C:2E
X509v3 Authority Key Identifier:
keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/cCkVtOmLcuIkUWh-yr5sPEJafC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.144.0/22
45.11.68.0/22
45.137.4.0/22
45.150.96.0/22
194.99.58.0/23
Signature Algorithm: sha256WithRSAEncryption
56:38:28:75:98:e3:68:d7:fd:fc:8f:36:a1:b0:c1:8e:a2:dd:
92:e3:82:48:6c:6d:dd:15:e2:70:da:56:37:7b:77:cb:a6:00:
08:3b:32:8d:60:bf:8e:86:0b:5f:64:83:2c:cd:e5:ef:20:f2:
fd:5d:8c:fb:20:b1:a8:5d:12:3c:ea:8b:fd:c1:52:e4:00:ab:
1f:d4:a7:65:24:07:41:a2:c4:4c:04:ae:4f:7a:d8:c6:29:92:
c3:e2:9c:0f:7a:4f:ec:83:9e:30:a2:e0:65:79:15:c1:ef:e1:
e4:7c:6f:aa:2c:f0:ec:75:0e:72:f0:f2:41:64:3a:25:21:d8:
a6:a8:c9:64:1c:d9:63:7c:f2:7b:7f:60:35:2c:40:24:76:46:
f8:86:64:d6:d1:1f:44:77:6b:1c:b5:47:c6:b3:8f:36:60:b4:
a8:63:92:ab:42:b6:9f:fa:85:9f:a6:86:da:7e:8a:4f:e8:53:
df:2b:ef:0f:e6:4b:bd:f6:2a:6b:71:e0:60:6d:ab:9f:1e:46:
0c:4d:ab:c2:9a:06:5a:b3:cb:0b:33:44:9f:f8:b1:41:09:26:
d3:9c:43:02:a1:01:0a:c5:3b:e1:df:ab:78:24:b8:ea:e1:e9:
91:83:9b:92:cc:b4:0a:b7:e4:d0:62:e2:bd:11:2d:13:a8:25:
a0:54:89:b7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYp5NjPSgtdy9znLmQLpaIQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjRiYjM0ZmI1ZDE2Y2E5ZDFmYTNmOTc5NGNiNDhkNGJl
ZDg0NzMwHhcNMjMwOTA5MDkxMTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDI5MTViNGU5OGI3MmUyMjQ1MTY4N2VjYWJlNmMzYzQyNWE3YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqQYsEz6h570LTMfCBgzjWU7Lx1J
hZ8uUXVY91TqDlF/5EttaJnd5K0LHUnqURvguXvruNw4Ff9HmA1/s7buEdARyTPc
8UPHW7MKd+yat4Xnk/Sv9v+e0+Y2WowzeBUn1F+wlvJNTjf54DpeTlWQWnFwimjL
OZBXOrGGYehYdmqsc0gwctzEmOlJrQxyljKxMM/wEh/iWwMwSDPPCls0iqcuro3I
OxtDo6znaOHnN73Blf2WlUiWbjcORSBkA+yhoHEktZR7juVyWhbtrGUcTeuYILus
XnHwGLQEs99kNRUuEUiGtKWyJAHsKt+yOL3OeiV7etshyU2H1ffA6a3MYQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHApFbTpi3LiJFFofsq+bDxCWnwuMB8GA1UdIwQY
MBaAFChkuzT7XRbKnR+j+XlMtI1L7YRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEt
NTkwMGE1OTQ3YjhkLzEvY0NrVnRPbUxjdUlrVVdoLXlyNXNQRUphZkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEtNTkwMGE1OTQ3Yjhk
LzEvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjqQAwQC
LQtEAwQCLYkEAwQCLZZgAwQBwmM6MA0GCSqGSIb3DQEBCwUAA4IBAQBWOCh1mONo
1/38jzahsMGOot2S44JIbG3dFeJw2lY3e3fLpgAIOzKNYL+OhgtfZIMszeXvIPL9
XYz7ILGoXRI86ov9wVLkAKsf1KdlJAdBosRMBK5PetjGKZLD4pwPek/sg54wouBl
eRXB7+HkfG+qLPDsdQ5y8PJBZDolIdimqMlkHNljfPJ7f2A1LEAkdkb4hmTW0R9E
d2sctUfGs482YLSoY5KrQraf+oWfpobafopP6FPfK+8P5ku99iprceBgbaufHkYM
TavCmgZas8sLM0Sf+LFBCSbTnEMCoQEKxTvh36t4JLjq4emRg5uSzLQKt+TQYuK9
ES0TqCWgVIm3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:15 2025 by rpki-client