Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/rskxL9iKgfAu_t9dQnh1-1eZheI.roa
File: rskxL9iKgfAu_t9dQnh1-1eZheI.roa (raw, json)
Hash identifier: O2FA82FYC+HF/1HjjWp+gr8Q7qQJjdhNrn9CyWCaFzE=
Subject key identifier: AE:C9:31:2F:D8:8A:81:F0:2E:FE:DF:5D:42:78:75:FB:57:99:85:E2
Certificate issuer: /CN=33918ec7f02cacafe26546be1e1980f9c3a3e890
Certificate serial: 01856DCAE34FDFB916DF9B7995F0CCAD5156
Authority key identifier: 33:91:8E:C7:F0:2C:AC:AF:E2:65:46:BE:1E:19:80:F9:C3:A3:E8:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5GOx_AsrK_iZUa-HhmA-cOj6JA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/rskxL9iKgfAu_t9dQnh1-1eZheI.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 45.15.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e3:4f:df:b9:16:df:9b:79:95:f0:cc:ad:51:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33918ec7f02cacafe26546be1e1980f9c3a3e890
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aec9312fd88a81f02efedf5d427875fb579985e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:40:14:04:09:ed:6e:c4:5a:fb:26:7f:1c:43:
15:c8:47:9c:83:c6:ee:6d:14:59:19:75:82:9d:8e:
d1:b2:58:93:db:42:aa:81:28:d3:60:da:1e:28:fe:
a4:29:bc:95:23:b3:36:d7:d5:92:55:58:05:56:08:
f3:09:23:6e:25:bc:1d:ca:f7:91:7a:7e:bf:91:4c:
79:03:e4:1d:ce:9f:bd:65:38:29:b3:aa:cc:cb:9d:
51:19:f0:00:65:76:b2:d4:61:f3:9e:c8:50:b4:97:
8b:6b:25:3b:66:24:bb:ff:83:8d:6c:f7:e8:a2:51:
df:90:90:d0:c7:1d:7c:07:c4:ea:3a:ec:23:b7:bb:
34:cd:35:66:c0:f5:d3:6c:28:bb:70:19:e6:23:09:
78:8c:08:2f:bf:9b:62:51:12:84:37:c9:ea:d3:cd:
a7:ca:76:4f:dd:f0:c2:41:5f:42:31:f1:ee:f0:ce:
6f:8a:c9:52:79:6c:4e:98:ca:79:86:12:08:8d:f0:
4d:c8:24:c5:5e:37:ab:06:93:79:ec:86:82:5e:b5:
5b:fc:85:38:d3:5c:b5:d5:30:04:a2:49:95:3e:60:
ba:d8:0e:d1:3a:87:70:d9:b2:00:9e:f7:6d:50:2c:
5c:c1:64:9d:8b:9f:db:6b:7a:af:47:33:bc:0a:8c:
24:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C9:31:2F:D8:8A:81:F0:2E:FE:DF:5D:42:78:75:FB:57:99:85:E2
X509v3 Authority Key Identifier:
keyid:33:91:8E:C7:F0:2C:AC:AF:E2:65:46:BE:1E:19:80:F9:C3:A3:E8:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5GOx_AsrK_iZUa-HhmA-cOj6JA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/rskxL9iKgfAu_t9dQnh1-1eZheI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d31e85-2786-4d91-a69a-3f5355092aec/1/M5GOx_AsrK_iZUa-HhmA-cOj6JA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.42.0/24
Signature Algorithm: sha256WithRSAEncryption
af:b7:f8:b2:f9:cf:ff:95:5f:e8:e4:0b:d8:d7:51:da:e3:df:
ce:ec:ef:51:83:14:cd:18:e5:ab:d7:9d:3d:af:a7:e2:fc:be:
43:e4:2d:d1:70:7f:24:91:8f:d6:9a:8a:27:41:9d:e5:6a:34:
62:11:29:ff:c9:fb:e0:48:f8:d8:54:e6:41:7a:cb:a1:6e:ca:
8f:81:69:4c:ed:81:b9:61:de:ea:23:88:e1:1a:fd:bd:42:8c:
1e:a0:86:af:42:d3:f7:df:c0:6a:dd:23:65:dd:90:84:df:fd:
f3:45:96:3a:ac:c9:b8:1c:1b:bc:10:6a:5c:bf:9f:93:ae:f3:
8d:49:54:33:af:b7:3e:99:51:e1:13:0d:cb:f3:43:e4:8c:f2:
3c:87:fe:33:d8:c2:f0:b5:69:72:c4:18:fd:d0:1a:0d:7b:f9:
44:96:2c:eb:00:e5:ef:ea:58:a3:0f:d6:c6:40:2b:ad:e8:63:
0e:16:18:3c:b9:13:e2:e0:b6:33:cc:4c:ca:04:2f:56:95:a9:
e6:58:97:64:73:e5:1c:db:e5:a4:cd:3e:45:ff:b9:6e:e5:cb:
0f:09:5b:4f:e3:8e:e3:ec:f9:96:04:64:d4:cc:3d:19:94:2b:
cb:ac:f0:24:94:78:03:88:28:52:fa:09:a1:86:e7:a6:70:cd:
5c:a2:22:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyuNP37kW35t5lfDMrVFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOTE4ZWM3ZjAyY2FjYWZlMjY1NDZiZTFlMTk4MGY5YzNh
M2U4OTAwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM5MzEyZmQ4OGE4MWYwMmVmZWRmNWQ0Mjc4NzVmYjU3OTk4NWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0AUBAntbsRa+yZ/HEMVyEecg8bu
bRRZGXWCnY7RsliT20KqgSjTYNoeKP6kKbyVI7M219WSVVgFVgjzCSNuJbwdyveR
en6/kUx5A+Qdzp+9ZTgps6rMy51RGfAAZXay1GHznshQtJeLayU7ZiS7/4ONbPfo
olHfkJDQxx18B8TqOuwjt7s0zTVmwPXTbCi7cBnmIwl4jAgvv5tiURKEN8nq082n
ynZP3fDCQV9CMfHu8M5vislSeWxOmMp5hhIIjfBNyCTFXjerBpN57IaCXrVb/IU4
01y11TAEokmVPmC62A7ROodw2bIAnvdtUCxcwWSdi5/ba3qvRzO8Cowk2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7JMS/YioHwLv7fXUJ4dftXmYXiMB8GA1UdIwQY
MBaAFDORjsfwLKyv4mVGvh4ZgPnDo+iQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTVHT3hfQXNyS19pWlVhLUhobUEtY09qNkpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9kMzFlODUtMjc4Ni00ZDkxLWE2OWEt
M2Y1MzU1MDkyYWVjLzEvcnNreEw5aUtnZkF1X3Q5ZFFuaDEtMWVaaGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9kMzFlODUtMjc4Ni00ZDkxLWE2OWEtM2Y1MzU1MDkyYWVj
LzEvTTVHT3hfQXNyS19pWlVhLUhobUEtY09qNkpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ8qMA0G
CSqGSIb3DQEBCwUAA4IBAQCvt/iy+c//lV/o5AvY11Ha49/O7O9RgxTNGOWr1509
r6fi/L5D5C3RcH8kkY/WmoonQZ3lajRiESn/yfvgSPjYVOZBesuhbsqPgWlM7YG5
Yd7qI4jhGv29QoweoIavQtP338Bq3SNl3ZCE3/3zRZY6rMm4HBu8EGpcv5+TrvON
SVQzr7c+mVHhEw3L80PkjPI8h/4z2MLwtWlyxBj90BoNe/lElizrAOXv6lijD9bG
QCut6GMOFhg8uRPi4LYzzEzKBC9WlanmWJdkc+Uc2+WkzT5F/7lu5csPCVtP447j
7PmWBGTUzD0ZlCvLrPAklHgDiChS+gmhhuemcM1coiJ9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:15 2024 by rpki-client on console-fra.rpki-client.org