Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/1--owM87cpTMcyptj-iJhqdoip8s.roa
File: 1--owM87cpTMcyptj-iJhqdoip8s.roa (raw, json)
Hash identifier: qjMxqTBFBLaPs8z+a/ILzpVFjW3qFqDy/zDWfIT2yWA=
Subject key identifier: FB:EA:30:33:CE:DC:A5:33:1C:CA:9B:63:FA:22:61:A9:DA:22:A7:CB
Certificate issuer: /CN=be3e6903917c532a605ffb25e65f91158be6c0e6
Certificate serial: 01856F548634DEE7F42F0795A3C2EDD09B99
Authority key identifier: BE:3E:69:03:91:7C:53:2A:60:5F:FB:25:E6:5F:91:15:8B:E6:C0:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vj5pA5F8UypgX_sl5l-RFYvmwOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/1--owM87cpTMcyptj-iJhqdoip8s.roa
Signing time: Sun 01 Jan 2023 21:54:48 +0000
ROA not before: Sun 01 Jan 2023 21:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8896
IP address blocks: 45.138.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:86:34:de:e7:f4:2f:07:95:a3:c2:ed:d0:9b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be3e6903917c532a605ffb25e65f91158be6c0e6
Validity
Not Before: Jan 1 21:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbea3033cedca5331cca9b63fa2261a9da22a7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fd:0d:90:c8:92:d9:76:ac:94:97:0b:58:80:
8a:c6:63:15:b5:36:fa:70:47:0f:e4:fb:cf:ab:af:
1f:17:8b:9f:96:44:58:79:69:60:62:56:11:48:94:
2f:0e:f4:30:4b:86:97:b9:3f:a8:7b:13:f9:04:14:
8e:b5:f0:cd:06:67:df:62:54:ca:a3:0d:bf:37:97:
84:7c:31:75:37:2c:df:8e:86:b4:19:99:9f:cd:48:
6e:8a:33:9f:94:3f:90:32:7f:6b:b0:1b:ac:8b:6a:
51:30:13:3e:c8:5c:4d:fd:db:bf:0b:fd:05:7b:2f:
80:42:66:24:0d:d5:ed:dc:57:c4:e6:b0:37:03:51:
9f:b6:5e:9d:d3:fa:37:de:9a:0e:3e:c5:2f:7d:ab:
4b:fd:58:c8:42:9a:25:0c:5e:d7:df:dc:58:4f:16:
af:c6:e1:5e:e6:6b:5f:08:b8:ab:4a:f5:7a:1a:7e:
c8:4f:de:96:24:3d:d2:4f:60:79:d5:98:61:08:7e:
2d:e8:32:7a:0d:29:8f:04:fc:ff:cd:c8:a5:4a:8d:
66:97:78:7a:e7:36:12:3c:41:df:d4:86:e4:19:ce:
74:e3:ca:2a:fe:be:97:49:6a:4d:c9:01:da:cd:fe:
97:81:99:d2:85:50:5b:0d:fb:e6:74:9e:1e:c5:20:
63:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EA:30:33:CE:DC:A5:33:1C:CA:9B:63:FA:22:61:A9:DA:22:A7:CB
X509v3 Authority Key Identifier:
keyid:BE:3E:69:03:91:7C:53:2A:60:5F:FB:25:E6:5F:91:15:8B:E6:C0:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vj5pA5F8UypgX_sl5l-RFYvmwOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/1--owM87cpTMcyptj-iJhqdoip8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/vj5pA5F8UypgX_sl5l-RFYvmwOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.236.0/22
Signature Algorithm: sha256WithRSAEncryption
02:4a:a8:7b:1c:c7:0f:f8:48:dc:d3:6a:1d:ec:0d:9f:6b:d8:
f8:7c:0a:2f:f1:58:3c:87:d3:1b:74:7a:0d:3e:58:6b:25:34:
d8:72:a5:26:98:f7:bd:82:cb:fe:c0:58:f6:b2:a4:93:87:36:
e5:eb:bb:c1:27:0e:c7:78:98:2b:7b:43:83:8b:bf:a7:92:b5:
e5:f8:a5:25:eb:f8:a0:99:1a:66:ab:87:e3:2b:e8:f8:c8:07:
36:94:0c:90:4b:1c:43:45:27:f9:69:dd:de:14:77:58:43:29:
df:54:6e:0e:15:b5:5c:99:57:c6:83:e1:90:95:88:bf:45:db:
d2:f3:01:7f:c3:a2:eb:4a:92:15:29:3f:25:f2:e0:f1:59:f7:
41:88:eb:f1:21:1e:1a:35:4d:68:6f:ab:37:b6:8a:9e:c4:06:
8a:41:6d:93:34:ce:82:83:e1:e5:d4:ba:3a:52:64:f9:ba:bb:
76:64:ff:50:3d:26:4c:97:2c:86:73:6a:b6:ca:cb:6c:f6:79:
8c:63:f3:0e:f0:49:07:5e:5f:54:20:fb:76:83:96:87:37:1e:
9d:85:2d:de:ed:e3:52:e3:87:55:f1:95:54:76:d1:d4:ad:5f:
de:b2:29:cd:af:c0:a2:e1:7e:39:a8:1e:08:2d:c6:32:f3:45:
f2:66:3c:20
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvVIY03uf0LweVo8Lt0JuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlM2U2OTAzOTE3YzUzMmE2MDVmZmIyNWU2NWY5MTE1OGJl
NmMwZTYwHhcNMjMwMTAxMjE1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVhMzAzM2NlZGNhNTMzMWNjYTliNjNmYTIyNjFhOWRhMjJhN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP0NkMiS2XaslJcLWICKxmMVtTb6
cEcP5PvPq68fF4uflkRYeWlgYlYRSJQvDvQwS4aXuT+oexP5BBSOtfDNBmffYlTK
ow2/N5eEfDF1Nyzfjoa0GZmfzUhuijOflD+QMn9rsBusi2pRMBM+yFxN/du/C/0F
ey+AQmYkDdXt3FfE5rA3A1Gftl6d0/o33poOPsUvfatL/VjIQpolDF7X39xYTxav
xuFe5mtfCLirSvV6Gn7IT96WJD3ST2B51ZhhCH4t6DJ6DSmPBPz/zcilSo1ml3h6
5zYSPEHf1IbkGc5048oq/r6XSWpNyQHazf6XgZnShVBbDfvmdJ4exSBjLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvqMDPO3KUzHMqbY/oiYanaIqfLMB8GA1UdIwQY
MBaAFL4+aQORfFMqYF/7JeZfkRWL5sDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmo1cEE1RjhVeXBnWF9zbDVsLVJGWXZtd09ZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85MTFkZjEtMWFjYS00MGRlLWEyNDgt
OGQ1MWU3NjVkYWVjLzEvMS0tb3dNODdjcFRNY3lwdGotaUpocWRvaXA4cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzYvOTExZGYxLTFhY2EtNDBkZS1hMjQ4LThkNTFlNzY1ZGFl
Yy8xL3ZqNXBBNUY4VXlwZ1hfc2w1bC1SRll2bXdPWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2K7DAN
BgkqhkiG9w0BAQsFAAOCAQEAAkqoexzHD/hI3NNqHewNn2vY+HwKL/FYPIfTG3R6
DT5YayU02HKlJpj3vYLL/sBY9rKkk4c25eu7wScOx3iYK3tDg4u/p5K15filJev4
oJkaZquH4yvo+MgHNpQMkEscQ0Un+Wnd3hR3WEMp31RuDhW1XJlXxoPhkJWIv0Xb
0vMBf8Oi60qSFSk/JfLg8Vn3QYjr8SEeGjVNaG+rN7aKnsQGikFtkzTOgoPh5dS6
OlJk+bq7dmT/UD0mTJcshnNqtsrLbPZ5jGPzDvBJB15fVCD7doOWhzcenYUt3u3j
UuOHVfGVVHbR1K1f3rIpza/AouF+OageCC3GMvNF8mY8IA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:56 2025 by rpki-client