Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/13d7ec-cb9d-4751-9aab-66e84864b171/1/40dwGCb7AtYPLD9hdG-kERrjnA0.roa
File: 40dwGCb7AtYPLD9hdG-kERrjnA0.roa (raw, json)
Hash identifier: zvMjWmKID2g52d9K8b/Z6ERN2xjoMMSdSVJA81i9kug=
Subject key identifier: E3:47:70:18:26:FB:02:D6:0F:2C:3F:61:74:6F:A4:11:1A:E3:9C:0D
Certificate issuer: /CN=9b96e5ed7cef7b59546f02404c457dee04bf00f8
Certificate serial: 07552A64
Authority key identifier: 9B:96:E5:ED:7C:EF:7B:59:54:6F:02:40:4C:45:7D:EE:04:BF:00:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5bl7Xzve1lUbwJATEV97gS_APg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/13d7ec-cb9d-4751-9aab-66e84864b171/1/40dwGCb7AtYPLD9hdG-kERrjnA0.roa
Signing time: Sat 01 Jan 2022 09:02:09 +0000
ROA not before: Sat 01 Jan 2022 09:02:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41230
IP address blocks: 45.154.248.0/22 maxlen: 22
2a0f:dd00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123021924 (0x7552a64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b96e5ed7cef7b59546f02404c457dee04bf00f8
Validity
Not Before: Jan 1 09:02:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e347701826fb02d60f2c3f61746fa4111ae39c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d0:85:38:93:9d:e0:4e:db:2d:71:75:41:c3:
fb:71:4c:3c:f8:27:1b:2f:87:5e:2e:7d:21:e5:37:
3b:42:15:9b:a8:3a:50:25:36:e8:fe:c0:61:f6:05:
fc:a4:a7:29:43:3b:5a:f4:48:c5:3b:f5:91:dd:44:
2d:42:f2:a6:dd:83:41:9a:c7:cd:87:92:74:12:c4:
27:6e:a2:3d:8b:fc:43:94:f2:7f:b9:66:bf:67:e7:
59:07:1a:f9:97:f3:ef:17:aa:21:14:a0:4a:9a:bc:
1e:a5:0c:7b:9a:e9:6f:bb:ff:9a:6f:e5:fa:f4:c7:
25:2f:11:78:33:ec:92:5c:56:2e:62:c9:34:aa:3d:
ea:cd:19:b9:8d:53:88:f6:7c:5f:a0:0c:74:13:c8:
38:66:c6:99:7a:42:e3:d5:cc:64:10:76:c6:a3:93:
9d:50:ec:b6:90:13:9c:e1:e5:2e:37:04:83:c9:59:
78:ac:bd:26:5e:ec:a6:03:00:62:83:cf:f1:74:94:
db:af:a7:4a:c5:76:03:6d:45:ba:f4:aa:e1:46:57:
73:58:bb:84:f8:bf:7e:b6:d2:70:fd:cd:78:cf:ad:
00:37:98:f3:07:fb:82:eb:62:2f:95:9c:da:d8:4b:
b2:0e:4e:84:22:77:98:bc:e8:06:e2:3a:8c:77:d9:
fe:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:47:70:18:26:FB:02:D6:0F:2C:3F:61:74:6F:A4:11:1A:E3:9C:0D
X509v3 Authority Key Identifier:
keyid:9B:96:E5:ED:7C:EF:7B:59:54:6F:02:40:4C:45:7D:EE:04:BF:00:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5bl7Xzve1lUbwJATEV97gS_APg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/13d7ec-cb9d-4751-9aab-66e84864b171/1/40dwGCb7AtYPLD9hdG-kERrjnA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/13d7ec-cb9d-4751-9aab-66e84864b171/1/m5bl7Xzve1lUbwJATEV97gS_APg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.248.0/22
IPv6:
2a0f:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
39:d9:af:f4:c6:6f:30:97:97:3c:a3:e5:4a:f1:29:d4:d8:7d:
e1:e4:08:e5:00:e5:ae:94:14:05:4f:a5:8b:89:d3:3e:af:e4:
0b:c7:d6:1a:39:56:0c:56:35:c2:d5:cd:be:8d:c5:2c:f1:dc:
38:15:a5:6a:e4:fb:20:cb:2b:f4:17:27:be:fb:e9:24:49:97:
2a:6d:4d:22:f3:4e:1b:94:c8:19:71:38:71:6c:e4:b4:08:1f:
a1:49:e0:b3:59:37:db:db:5d:7a:6d:c4:dc:f4:bd:55:3c:75:
90:3e:69:91:85:2c:38:e8:34:68:d9:cb:e7:24:12:9c:d4:a6:
4d:3b:97:51:72:0e:06:40:28:8e:57:bd:ed:73:b1:4d:4a:fa:
9c:3a:2d:e7:c7:b3:be:bb:94:4e:b5:fc:df:59:08:bf:2a:5a:
0f:ce:0d:af:45:03:0b:40:c4:12:4e:c6:be:33:75:c4:35:ad:
fc:77:eb:12:c5:59:c7:9b:67:6d:57:34:9f:e7:84:ed:a1:56:
90:c2:d0:ee:cb:4c:22:d3:f3:a3:ca:32:e4:43:2f:57:45:4c:
a6:80:0f:df:b2:fd:ad:af:a3:dc:9b:43:ea:51:1a:eb:28:2f:
23:29:55:30:ba:dd:11:c4:e8:4d:7b:f0:e7:cf:4d:9c:0c:0b:
ad:ab:be:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB1UqZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Yjk2ZTVlZDdjZWY3YjU5NTQ2ZjAyNDA0YzQ1N2RlZTA0YmYwMGY4MB4XDTIyMDEw
MTA5MDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM0NzcwMTgyNmZi
MDJkNjBmMmMzZjYxNzQ2ZmE0MTExYWUzOWMwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHQhTiTneBO2y1xdUHD+3FMPPgnGy+HXi59IeU3O0IVm6g6
UCU26P7AYfYF/KSnKUM7WvRIxTv1kd1ELULypt2DQZrHzYeSdBLEJ26iPYv8Q5Ty
f7lmv2fnWQca+Zfz7xeqIRSgSpq8HqUMe5rpb7v/mm/l+vTHJS8ReDPsklxWLmLJ
NKo96s0ZuY1TiPZ8X6AMdBPIOGbGmXpC49XMZBB2xqOTnVDstpATnOHlLjcEg8lZ
eKy9Jl7spgMAYoPP8XSU26+nSsV2A21FuvSq4UZXc1i7hPi/frbScP3NeM+tADeY
8wf7gutiL5Wc2thLsg5OhCJ3mLzoBuI6jHfZ/j8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTjR3AYJvsC1g8sP2F0b6QRGuOcDTAfBgNVHSMEGDAWgBSbluXtfO97WVRv
AkBMRX3uBL8A+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L201Ymw3WHp2ZTFsVWJ3SkFURVY5N2dTX0FQZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvMTNkN2VjLWNiOWQtNDc1MS05YWFiLTY2ZTg0ODY0YjE3MS8x
LzQwZHdHQ2I3QXRZUExEOWhkRy1rRVJyam5BMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
MTNkN2VjLWNiOWQtNDc1MS05YWFiLTY2ZTg0ODY0YjE3MS8xL201Ymw3WHp2ZTFs
VWJ3SkFURVY5N2dTX0FQZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2a+DANBAIAAjAHAwUDKg/dADAN
BgkqhkiG9w0BAQsFAAOCAQEAOdmv9MZvMJeXPKPlSvEp1Nh94eQI5QDlrpQUBU+l
i4nTPq/kC8fWGjlWDFY1wtXNvo3FLPHcOBWlauT7IMsr9BcnvvvpJEmXKm1NIvNO
G5TIGXE4cWzktAgfoUngs1k329tdem3E3PS9VTx1kD5pkYUsOOg0aNnL5yQSnNSm
TTuXUXIOBkAojle97XOxTUr6nDot58ezvruUTrX831kIvypaD84Nr0UDC0DEEk7G
vjN1xDWt/HfrEsVZx5tnbVc0n+eE7aFWkMLQ7stMItPzo8oy5EMvV0VMpoAP37L9
ra+j3JtD6lEa6ygvIylVMLrdEcToTXvw589NnAwLrau+Dg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:04 2025 by rpki-client