Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/MqhPRxtk_ru9X53AcQG7rm82Jx8.roa
File: MqhPRxtk_ru9X53AcQG7rm82Jx8.roa (raw, json)
Hash identifier: TkEO/hBvP6JB/BWzm1CrExVGxN5q/TS+TmXnyA9vbrQ=
Subject key identifier: 32:A8:4F:47:1B:64:FE:BB:BD:5F:9D:C0:71:01:BB:AE:6F:36:27:1F
Certificate issuer: /CN=be3e6903917c532a605ffb25e65f91158be6c0e6
Certificate serial: 018CC3B73DA705A93084CCDEBE5D92E6BC45
Authority key identifier: BE:3E:69:03:91:7C:53:2A:60:5F:FB:25:E6:5F:91:15:8B:E6:C0:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vj5pA5F8UypgX_sl5l-RFYvmwOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/MqhPRxtk_ru9X53AcQG7rm82Jx8.roa
Signing time: Mon 01 Jan 2024 06:30:15 +0000
ROA not before: Mon 01 Jan 2024 06:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8896
IP address blocks: 45.138.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3d:a7:05:a9:30:84:cc:de:be:5d:92:e6:bc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be3e6903917c532a605ffb25e65f91158be6c0e6
Validity
Not Before: Jan 1 06:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32a84f471b64febbbd5f9dc07101bbae6f36271f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6d:8c:52:9b:24:59:fc:82:31:e8:84:ee:24:
ef:df:a8:34:93:74:69:e1:19:05:bf:26:f8:fe:f8:
92:47:62:bd:34:c8:47:0b:ff:d5:81:85:b1:98:36:
4f:c7:86:bf:aa:6d:92:bb:3e:52:4c:1f:46:17:44:
2f:96:43:09:6d:d0:d4:8d:71:18:4e:6f:32:f2:20:
56:d7:82:40:b0:d3:9e:01:63:ee:eb:a3:a7:50:d1:
6e:63:af:d7:07:f2:51:f6:60:1d:0e:ef:ea:49:50:
7d:61:d6:f0:c8:19:e7:79:ca:a4:38:d4:6e:d5:a6:
fa:62:59:1f:99:18:ae:47:e8:81:dd:74:e9:34:e3:
4f:c3:33:a7:98:0e:81:71:ee:d5:95:15:c2:15:ea:
5e:a0:54:16:9c:6f:35:ff:b7:8a:21:41:fb:d2:e4:
5a:2b:15:4a:eb:ee:aa:96:eb:1a:7e:46:25:50:96:
25:71:d2:06:ed:1d:7a:6b:45:56:bc:f7:62:ad:0e:
da:73:e3:95:c6:9e:e2:7d:60:7f:b0:01:62:82:a4:
6f:6f:8e:10:06:56:ee:88:16:cc:6d:b5:fd:aa:03:
73:97:4f:75:f2:ca:e7:43:21:56:3d:b4:90:1d:6a:
ec:f8:b3:1b:8d:8a:47:47:a6:66:d7:49:c9:e3:67:
3f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A8:4F:47:1B:64:FE:BB:BD:5F:9D:C0:71:01:BB:AE:6F:36:27:1F
X509v3 Authority Key Identifier:
keyid:BE:3E:69:03:91:7C:53:2A:60:5F:FB:25:E6:5F:91:15:8B:E6:C0:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vj5pA5F8UypgX_sl5l-RFYvmwOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/MqhPRxtk_ru9X53AcQG7rm82Jx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/911df1-1aca-40de-a248-8d51e765daec/1/vj5pA5F8UypgX_sl5l-RFYvmwOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:17:13:24:2e:b6:b9:30:c6:9f:70:eb:ed:b6:c1:b2:3d:7c:
30:d8:09:60:07:cd:d2:60:f1:48:6c:38:e4:39:67:6a:55:a1:
40:bf:0f:04:99:94:d7:e5:d7:1e:87:ff:b0:b9:aa:4b:3b:02:
36:d3:1d:f4:30:87:b0:e7:d9:39:40:f4:00:0d:15:28:1a:e4:
4a:8e:2b:52:d5:72:7d:0c:dd:3d:9f:11:f0:e8:c9:46:c9:a2:
7f:d5:d3:a4:bb:34:72:57:b0:53:ad:7e:74:2b:1d:f6:99:a6:
e7:b2:5d:d5:53:9c:2e:6e:58:d7:17:ff:7c:aa:e8:10:38:c6:
bc:d0:b0:e2:82:35:38:a7:58:c3:3a:eb:a6:e5:b3:71:83:52:
56:8f:4e:9d:bd:28:42:a3:7b:6e:71:46:eb:52:e3:f5:75:75:
05:b7:94:60:23:86:89:b0:1f:6d:d1:56:da:a3:b0:99:05:4f:
9e:3d:f4:14:0c:97:89:49:bc:9f:30:42:11:f9:2e:a1:3c:e0:
1a:67:2c:21:da:84:fd:75:52:2e:10:c1:5e:48:f3:92:4f:56:
dd:4e:a2:5e:b0:34:64:33:63:ac:3d:48:92:5f:48:83:ae:7e:
27:da:e2:3d:07:e7:1e:7a:41:01:81:49:69:bd:6e:32:ed:26:
9a:fd:b1:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtz2nBakwhMzevl2S5rxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlM2U2OTAzOTE3YzUzMmE2MDVmZmIyNWU2NWY5MTE1OGJl
NmMwZTYwHhcNMjQwMTAxMDYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmE4NGY0NzFiNjRmZWJiYmQ1ZjlkYzA3MTAxYmJhZTZmMzYyNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG2MUpskWfyCMeiE7iTv36g0k3Rp
4RkFvyb4/viSR2K9NMhHC//VgYWxmDZPx4a/qm2Suz5STB9GF0QvlkMJbdDUjXEY
Tm8y8iBW14JAsNOeAWPu66OnUNFuY6/XB/JR9mAdDu/qSVB9YdbwyBnnecqkONRu
1ab6YlkfmRiuR+iB3XTpNONPwzOnmA6Bce7VlRXCFepeoFQWnG81/7eKIUH70uRa
KxVK6+6qlusafkYlUJYlcdIG7R16a0VWvPdirQ7ac+OVxp7ifWB/sAFigqRvb44Q
BlbuiBbMbbX9qgNzl0918srnQyFWPbSQHWrs+LMbjYpHR6Zm10nJ42c/mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKoT0cbZP67vV+dwHEBu65vNicfMB8GA1UdIwQY
MBaAFL4+aQORfFMqYF/7JeZfkRWL5sDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmo1cEE1RjhVeXBnWF9zbDVsLVJGWXZtd09ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85MTFkZjEtMWFjYS00MGRlLWEyNDgt
OGQ1MWU3NjVkYWVjLzEvTXFoUFJ4dGtfcnU5WDUzQWNRRzdybTgySng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85MTFkZjEtMWFjYS00MGRlLWEyNDgtOGQ1MWU3NjVkYWVj
LzEvdmo1cEE1RjhVeXBnWF9zbDVsLVJGWXZtd09ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYrsMA0G
CSqGSIb3DQEBCwUAA4IBAQChFxMkLra5MMafcOvttsGyPXww2AlgB83SYPFIbDjk
OWdqVaFAvw8EmZTX5dceh/+wuapLOwI20x30MIew59k5QPQADRUoGuRKjitS1XJ9
DN09nxHw6MlGyaJ/1dOkuzRyV7BTrX50Kx32mabnsl3VU5wubljXF/98qugQOMa8
0LDigjU4p1jDOuum5bNxg1JWj06dvShCo3tucUbrUuP1dXUFt5RgI4aJsB9t0Vba
o7CZBU+ePfQUDJeJSbyfMEIR+S6hPOAaZywh2oT9dVIuEMFeSPOST1bdTqJesDRk
M2OsPUiSX0iDrn4n2uI9B+ceekEBgUlpvW4y7Saa/bHQ
-----END CERTIFICATE-----
Generated at Wed Jan 3 13:09:57 2024 by rpki-client on console-fra.rpki-client.org