Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/rjO50r1Csox_w7pK9XK7tB7EqyM.roa
File: rjO50r1Csox_w7pK9XK7tB7EqyM.roa (raw, json)
Hash identifier: zHD2y9uOJnLf8w7zTh8Y9g5t7nEQZo/6vfJBDwey0q0=
Subject key identifier: AE:33:B9:D2:BD:42:B2:8C:7F:C3:BA:4A:F5:72:BB:B4:1E:C4:AB:23
Certificate issuer: /CN=53e32c5f895fb12e6d674e0b16f6eee5e512645d
Certificate serial: 01901571BF57B9190C0ED31CC26215D3FDA6
Authority key identifier: 53:E3:2C:5F:89:5F:B1:2E:6D:67:4E:0B:16:F6:EE:E5:E5:12:64:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-MsX4lfsS5tZ04LFvbu5eUSZF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/rjO50r1Csox_w7pK9XK7tB7EqyM.roa
Signing time: Fri 14 Jun 2024 06:31:34 +0000
ROA not before: Fri 14 Jun 2024 06:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41737
IP address blocks: 45.84.148.0/22 maxlen: 24
2a0e:9b80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:15:71:bf:57:b9:19:0c:0e:d3:1c:c2:62:15:d3:fd:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53e32c5f895fb12e6d674e0b16f6eee5e512645d
Validity
Not Before: Jun 14 06:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae33b9d2bd42b28c7fc3ba4af572bbb41ec4ab23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c1:bf:24:99:2f:ed:8a:3c:c3:84:49:48:08:
3d:cf:9a:cf:5b:7c:1b:93:b9:73:2b:78:ff:c3:36:
be:b3:90:34:37:86:b0:fa:83:f4:dc:5d:76:3b:59:
fc:22:2c:29:86:e6:79:59:61:78:57:eb:73:fd:0f:
f5:75:10:5c:8f:c4:7b:48:f8:e0:82:24:ec:46:b5:
b8:cc:61:bf:62:45:67:a8:ce:50:8e:29:39:43:a1:
f5:5c:61:84:41:82:1c:e2:54:a0:94:e6:4b:74:31:
8d:c1:a0:44:d7:b9:8f:7c:95:59:ec:65:b9:11:58:
4e:6b:65:bc:ee:99:41:55:0c:a4:9f:18:c5:c3:91:
06:fa:bb:62:ac:d5:2c:e5:e9:f7:20:fe:7a:f2:e9:
c7:ac:c2:e4:78:ee:e5:54:a2:9f:d7:46:71:e6:c6:
4e:e5:af:46:ab:d2:0c:74:04:62:81:79:eb:c0:ba:
54:f3:58:dd:98:53:e4:4c:91:7f:60:94:a8:dd:96:
a5:20:6f:af:c3:6e:d4:3b:39:8d:9d:22:79:1e:45:
db:eb:09:3f:cb:a3:61:f3:2a:11:10:39:fd:d8:1f:
fa:e7:9d:d6:e2:60:57:8e:91:7a:97:cd:a7:30:45:
f5:61:c3:a6:e2:bc:0a:51:7b:81:e6:d4:2e:88:df:
bc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:33:B9:D2:BD:42:B2:8C:7F:C3:BA:4A:F5:72:BB:B4:1E:C4:AB:23
X509v3 Authority Key Identifier:
keyid:53:E3:2C:5F:89:5F:B1:2E:6D:67:4E:0B:16:F6:EE:E5:E5:12:64:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-MsX4lfsS5tZ04LFvbu5eUSZF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/rjO50r1Csox_w7pK9XK7tB7EqyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/865f08-4633-4edc-bc8d-3084f767c2b6/1/U-MsX4lfsS5tZ04LFvbu5eUSZF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.148.0/22
IPv6:
2a0e:9b80::/29
Signature Algorithm: sha256WithRSAEncryption
1d:b9:8f:38:96:62:43:d6:85:02:f1:2f:fe:96:f8:8d:9f:40:
af:94:4f:5d:f6:6c:2d:92:97:26:2f:07:42:55:17:55:4e:1a:
7e:0c:b1:ec:a1:81:aa:9a:9b:99:cb:cc:63:16:19:c8:36:bd:
68:45:81:f3:90:53:e8:f3:7c:7c:d6:3e:cc:2c:3b:b3:f4:4d:
ff:79:17:87:6e:21:66:1c:01:51:a2:3e:63:90:ff:13:2a:07:
60:f3:54:b9:6c:25:8e:12:97:96:29:34:73:cd:c0:17:8f:5b:
e9:e7:14:33:c8:22:5b:6e:da:b8:bf:9f:9a:83:97:89:cc:1c:
fc:9e:91:49:21:f5:97:06:f9:59:f0:04:13:a6:3d:19:7e:64:
f0:38:c4:4a:75:5f:9c:52:88:15:36:c0:4e:92:4a:49:27:6b:
bb:26:ec:a3:17:bb:65:80:5b:26:84:79:e4:d5:7c:bb:c7:44:
b1:71:a0:9d:1a:4e:cd:c7:7e:72:60:11:bd:43:89:03:9b:54:
c4:79:03:0f:8d:a9:78:bc:8a:f0:3c:b9:e3:96:a4:dc:ab:d6:
b6:f9:67:2d:8a:c0:d4:b5:fe:83:73:80:6f:cb:cf:3c:1c:3d:
f4:5a:22:78:5a:5a:64:c3:7d:9c:38:0a:5a:88:22:01:9e:b6:
e1:91:a1:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAVcb9XuRkMDtMcwmIV0/2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZTMyYzVmODk1ZmIxMmU2ZDY3NGUwYjE2ZjZlZWU1ZTUx
MjY0NWQwHhcNMjQwNjE0MDYzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTMzYjlkMmJkNDJiMjhjN2ZjM2JhNGFmNTcyYmJiNDFlYzRhYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8G/JJkv7Yo8w4RJSAg9z5rPW3wb
k7lzK3j/wza+s5A0N4aw+oP03F12O1n8IiwphuZ5WWF4V+tz/Q/1dRBcj8R7SPjg
giTsRrW4zGG/YkVnqM5Qjik5Q6H1XGGEQYIc4lSglOZLdDGNwaBE17mPfJVZ7GW5
EVhOa2W87plBVQyknxjFw5EG+rtirNUs5en3IP568unHrMLkeO7lVKKf10Zx5sZO
5a9Gq9IMdARigXnrwLpU81jdmFPkTJF/YJSo3ZalIG+vw27UOzmNnSJ5HkXb6wk/
y6Nh8yoREDn92B/6553W4mBXjpF6l82nMEX1YcOm4rwKUXuB5tQuiN+8ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK4zudK9QrKMf8O6SvVyu7QexKsjMB8GA1UdIwQY
MBaAFFPjLF+JX7EubWdOCxb27uXlEmRdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1Nc1g0bGZzUzV0WjA0TEZ2YnU1ZVVTWkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84NjVmMDgtNDYzMy00ZWRjLWJjOGQt
MzA4NGY3NjdjMmI2LzEvcmpPNTByMUNzb3hfdzdwSzlYSzd0QjdFcXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84NjVmMDgtNDYzMy00ZWRjLWJjOGQtMzA4NGY3NjdjMmI2
LzEvVS1Nc1g0bGZzUzV0WjA0TEZ2YnU1ZVVTWkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVSUMA0E
AgACMAcDBQMqDpuAMA0GCSqGSIb3DQEBCwUAA4IBAQAduY84lmJD1oUC8S/+lviN
n0CvlE9d9mwtkpcmLwdCVRdVThp+DLHsoYGqmpuZy8xjFhnINr1oRYHzkFPo83x8
1j7MLDuz9E3/eReHbiFmHAFRoj5jkP8TKgdg81S5bCWOEpeWKTRzzcAXj1vp5xQz
yCJbbtq4v5+ag5eJzBz8npFJIfWXBvlZ8AQTpj0ZfmTwOMRKdV+cUogVNsBOkkpJ
J2u7JuyjF7tlgFsmhHnk1Xy7x0SxcaCdGk7Nx35yYBG9Q4kDm1TEeQMPjal4vIrw
PLnjlqTcq9a2+WctisDUtf6Dc4Bvy888HD30WiJ4Wlpkw32cOApaiCIBnrbhkaHy
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:38:57 2025 by rpki-client