Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/67d1d4-cbd8-45f9-8c48-ec66f239fe0c/1/nZGYj-R0_aw4nxBXSwYcM2AioNk.roa
File: nZGYj-R0_aw4nxBXSwYcM2AioNk.roa (raw, json)
Hash identifier: Ze6mXfpWVDp3OeExKq4DsRe1evRIzTvj8HoBhEdkCxg=
Subject key identifier: 9D:91:98:8F:E4:74:FD:AC:38:9F:10:57:4B:06:1C:33:60:22:A0:D9
Certificate issuer: /CN=424e8bd525b199edc1b7392da20225f74896da9d
Certificate serial: AF537F
Authority key identifier: 42:4E:8B:D5:25:B1:99:ED:C1:B7:39:2D:A2:02:25:F7:48:96:DA:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk6L1SWxme3BtzktogIl90iW2p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/67d1d4-cbd8-45f9-8c48-ec66f239fe0c/1/nZGYj-R0_aw4nxBXSwYcM2AioNk.roa
Signing time: Sat 01 Jan 2022 00:58:50 +0000
ROA not before: Sat 01 Jan 2022 00:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 45.9.156.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11490175 (0xaf537f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424e8bd525b199edc1b7392da20225f74896da9d
Validity
Not Before: Jan 1 00:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d91988fe474fdac389f10574b061c336022a0d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5c:a0:58:2e:e4:cd:82:37:63:66:75:8b:59:
82:26:61:15:5f:af:a2:61:17:2f:40:2e:fa:28:91:
9b:6c:bb:2a:33:d6:a1:ee:1b:be:e9:fc:ab:fc:b3:
38:32:af:6b:d0:dd:11:f8:34:31:79:06:3a:e9:ca:
2a:a3:46:41:9e:f4:8c:e8:ce:e5:41:9d:74:9b:eb:
39:bb:41:87:9c:64:4b:73:e9:4d:ce:60:1c:a6:48:
93:9c:92:8a:74:2e:53:ad:1f:d5:34:69:0e:8f:17:
3b:af:4e:26:55:98:30:ef:1f:51:6d:d2:62:a8:8c:
46:42:82:c4:12:1c:df:e2:d5:bd:08:b6:c3:9a:0d:
55:c3:79:40:d3:fc:1c:cd:52:a2:3f:f8:a4:64:3e:
6b:d4:34:95:cb:49:eb:64:86:36:66:0a:05:3e:09:
84:7b:31:00:be:8d:2c:f0:31:b2:47:2c:90:0b:a4:
d1:cb:9b:14:2e:84:35:76:58:76:d3:e9:2c:f2:62:
5a:4a:a8:85:46:90:25:82:44:21:b9:8f:ae:0a:27:
44:41:b7:6e:ea:d6:8f:78:bc:fc:ad:fa:39:2c:05:
4d:33:c1:18:88:e7:c8:8c:a0:5c:83:6d:f2:16:56:
39:b8:23:38:ab:62:bb:64:75:86:b8:b5:7e:a4:f5:
97:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:91:98:8F:E4:74:FD:AC:38:9F:10:57:4B:06:1C:33:60:22:A0:D9
X509v3 Authority Key Identifier:
keyid:42:4E:8B:D5:25:B1:99:ED:C1:B7:39:2D:A2:02:25:F7:48:96:DA:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk6L1SWxme3BtzktogIl90iW2p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/67d1d4-cbd8-45f9-8c48-ec66f239fe0c/1/nZGYj-R0_aw4nxBXSwYcM2AioNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/67d1d4-cbd8-45f9-8c48-ec66f239fe0c/1/Qk6L1SWxme3BtzktogIl90iW2p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:e7:a7:3f:1c:6e:a1:46:48:4d:91:c1:4a:f5:e1:92:43:92:
d6:06:6e:b1:ed:ac:2c:13:56:e6:d5:fb:c2:00:ed:bf:44:5a:
41:fc:a2:b4:c9:71:f2:32:99:9b:09:e4:29:9d:ab:97:24:34:
21:b4:fd:b9:8d:d6:6a:c9:60:61:89:3f:2f:d8:16:7b:f1:58:
60:87:8c:cd:9c:2d:9c:2c:eb:d7:e7:0b:f1:ad:37:d9:75:89:
1a:59:87:21:aa:0a:66:e5:fe:05:13:2b:62:5f:61:82:c3:01:
56:6a:02:ff:3b:1b:25:e2:8d:33:e7:a4:be:4e:25:0b:72:38:
6e:98:9e:f0:bb:6e:78:e8:15:0d:e5:0a:95:11:f4:ba:8a:8f:
67:bc:15:0e:d7:7c:9d:2b:71:5b:7b:71:cb:02:98:32:b0:2d:
bb:d3:16:14:1f:fb:ee:ad:d8:82:96:4f:59:41:bb:17:01:3c:
75:48:2c:20:0d:69:01:52:2f:c8:83:4b:1f:3c:b8:e8:c8:e3:
03:52:61:7a:f5:b9:80:0a:55:67:95:18:45:c7:2c:5c:84:ae:
8d:d5:14:ae:47:bd:8d:45:c6:db:a5:ce:86:76:61:67:7a:e4:
2a:29:73:0a:33:eb:b5:f0:a3:0f:6b:bf:15:b2:b7:54:30:32:
fd:87:79:d3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAK9TfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjRlOGJkNTI1YjE5OWVkYzFiNzM5MmRhMjAyMjVmNzQ4OTZkYTlkMB4XDTIyMDEw
MTAwNTg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ5MTk4OGZlNDc0
ZmRhYzM4OWYxMDU3NGIwNjFjMzM2MDIyYTBkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9coFgu5M2CN2NmdYtZgiZhFV+vomEXL0Au+iiRm2y7KjPW
oe4bvun8q/yzODKva9DdEfg0MXkGOunKKqNGQZ70jOjO5UGddJvrObtBh5xkS3Pp
Tc5gHKZIk5ySinQuU60f1TRpDo8XO69OJlWYMO8fUW3SYqiMRkKCxBIc3+LVvQi2
w5oNVcN5QNP8HM1Soj/4pGQ+a9Q0lctJ62SGNmYKBT4JhHsxAL6NLPAxskcskAuk
0cubFC6ENXZYdtPpLPJiWkqohUaQJYJEIbmPrgonREG3burWj3i8/K36OSwFTTPB
GIjnyIygXINt8hZWObgjOKtiu2R1hri1fqT1l28CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSdkZiP5HT9rDifEFdLBhwzYCKg2TAfBgNVHSMEGDAWgBRCTovVJbGZ7cG3
OS2iAiX3SJbanTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FrNkwxU1d4bWUzQnR6a3RvZ0lsOTBpVzJwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvNjdkMWQ0LWNiZDgtNDVmOS04YzQ4LWVjNjZmMjM5ZmUwYy8x
L25aR1lqLVIwX2F3NG54QlhTd1ljTTJBaW9Oay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
NjdkMWQ0LWNiZDgtNDVmOS04YzQ4LWVjNjZmMjM5ZmUwYy8xL1FrNkwxU1d4bWUz
QnR6a3RvZ0lsOTBpVzJwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0JnDANBgkqhkiG9w0BAQsFAAOC
AQEAHeenPxxuoUZITZHBSvXhkkOS1gZuse2sLBNW5tX7wgDtv0RaQfyitMlx8jKZ
mwnkKZ2rlyQ0IbT9uY3WaslgYYk/L9gWe/FYYIeMzZwtnCzr1+cL8a032XWJGlmH
IaoKZuX+BRMrYl9hgsMBVmoC/zsbJeKNM+ekvk4lC3I4bpie8LtueOgVDeUKlRH0
uoqPZ7wVDtd8nStxW3txywKYMrAtu9MWFB/77q3YgpZPWUG7FwE8dUgsIA1pAVIv
yINLHzy46MjjA1JhevW5gApVZ5UYRccsXISujdUUrke9jUXG26XOhnZhZ3rkKilz
CjPrtfCjD2u/FbK3VDAy/Yd50w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:31 2024 by rpki-client on console-fra.rpki-client.org