Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/361f9a-c94b-4411-9b65-6af6072754a3/1/cDF7nmtXTeT9FhOJ802vM5x5_Ko.roa
File: cDF7nmtXTeT9FhOJ802vM5x5_Ko.roa (raw, json)
Hash identifier: bAH5yixrTMUdqdk+VeZp+kdmNZ0CyQxpjFZOsFA7gbw=
Subject key identifier: 70:31:7B:9E:6B:57:4D:E4:FD:16:13:89:F3:4D:AF:33:9C:79:FC:AA
Certificate issuer: /CN=af650bedd16b4e3c98116ee32b12174f97485c8a
Certificate serial: 018571DEA5BAC61F7AE8FD4D0725D46ECBF1
Authority key identifier: AF:65:0B:ED:D1:6B:4E:3C:98:11:6E:E3:2B:12:17:4F:97:48:5C:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2UL7dFrTjyYEW7jKxIXT5dIXIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/361f9a-c94b-4411-9b65-6af6072754a3/1/cDF7nmtXTeT9FhOJ802vM5x5_Ko.roa
Signing time: Mon 02 Jan 2023 09:44:54 +0000
ROA not before: Mon 02 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 45.15.40.0/24 maxlen: 24
2a07:5c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:a5:ba:c6:1f:7a:e8:fd:4d:07:25:d4:6e:cb:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af650bedd16b4e3c98116ee32b12174f97485c8a
Validity
Not Before: Jan 2 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70317b9e6b574de4fd161389f34daf339c79fcaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d5:af:34:cf:e9:fb:46:10:54:99:ec:04:54:
14:f8:86:ae:0e:99:ac:7b:28:23:59:28:38:31:20:
e1:8b:4e:78:a0:a5:23:58:62:98:c0:63:19:cf:80:
ff:c2:e0:15:10:d8:e1:2f:dd:14:fe:c5:e6:7f:83:
97:bd:9e:39:94:d6:22:48:ed:9c:e3:21:9e:d2:5f:
ea:b3:f8:de:20:e9:7c:ba:36:c4:9a:4b:d7:e0:82:
05:a6:e0:61:02:42:5a:61:a4:4b:64:a0:f1:ab:37:
0b:f4:a8:2a:f7:40:3d:21:4c:13:24:1b:b5:b4:f0:
a2:b8:c1:49:da:49:b1:02:34:a1:83:f6:d9:a9:70:
c5:9b:75:40:9c:1a:37:fb:31:08:c8:85:04:a4:69:
03:36:2f:47:1c:9c:af:f7:c1:f1:03:df:e8:09:c7:
b8:24:b4:28:7a:20:73:02:73:6f:98:86:f1:09:67:
40:ec:1d:a5:2e:dc:cf:5a:10:d5:78:86:e0:3b:f7:
4a:4b:fe:a8:f0:5f:af:2b:d4:73:2d:2d:73:54:0d:
a7:33:cf:a9:1c:aa:90:f2:89:97:82:d1:e1:dc:27:
eb:09:99:30:20:95:4a:82:9b:76:8d:42:90:e6:db:
be:4c:5e:bf:3c:33:b0:ff:97:de:2d:d3:56:2e:13:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:31:7B:9E:6B:57:4D:E4:FD:16:13:89:F3:4D:AF:33:9C:79:FC:AA
X509v3 Authority Key Identifier:
keyid:AF:65:0B:ED:D1:6B:4E:3C:98:11:6E:E3:2B:12:17:4F:97:48:5C:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2UL7dFrTjyYEW7jKxIXT5dIXIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/361f9a-c94b-4411-9b65-6af6072754a3/1/cDF7nmtXTeT9FhOJ802vM5x5_Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/361f9a-c94b-4411-9b65-6af6072754a3/1/r2UL7dFrTjyYEW7jKxIXT5dIXIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.40.0/24
IPv6:
2a07:5c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:87:37:51:33:92:0b:72:72:ca:42:57:e5:49:e4:27:8a:0d:
b5:e1:d8:53:9d:37:23:0b:01:35:04:24:da:32:6f:e9:c3:01:
91:72:b0:ff:7c:43:1a:82:05:f6:f7:a9:ed:ac:3f:ce:8f:fe:
90:ac:b0:77:68:9f:f5:71:fc:3a:d3:96:1b:d8:bf:29:61:59:
6f:73:a5:85:2e:06:26:ce:c9:cd:97:a7:b6:5a:00:31:46:b1:
33:06:dc:1a:14:a5:47:45:e2:d8:2f:14:a4:de:36:52:89:3f:
2d:db:8b:bf:5a:6f:bf:39:67:b1:a4:55:e6:5b:b7:2a:b8:d0:
16:67:4b:38:74:1d:b7:85:59:87:cf:49:91:a6:5b:7c:ce:7c:
b8:f7:92:ae:58:4b:ff:1d:99:09:01:b7:57:d8:3f:7d:4f:e9:
0d:96:98:95:c8:96:24:4c:c6:b0:aa:27:dc:be:50:d7:d8:e1:
42:8d:7a:ab:af:24:78:92:9a:16:51:f2:4e:ac:20:96:7d:97:
2b:7f:35:d2:ff:de:49:1d:d8:32:bc:9b:e9:e9:2e:a1:d6:b6:
45:11:f8:e4:b6:37:20:fe:31:1d:78:8c:65:fa:27:e0:84:f0:
40:4e:7e:f7:4e:ac:b8:ba:ee:01:f8:d2:1a:7e:7a:a9:43:38:
43:08:e4:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx3qW6xh966P1NByXUbsvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjUwYmVkZDE2YjRlM2M5ODExNmVlMzJiMTIxNzRmOTc0
ODVjOGEwHhcNMjMwMTAyMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDMxN2I5ZTZiNTc0ZGU0ZmQxNjEzODlmMzRkYWYzMzljNzlmY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldWvNM/p+0YQVJnsBFQU+IauDpms
eygjWSg4MSDhi054oKUjWGKYwGMZz4D/wuAVENjhL90U/sXmf4OXvZ45lNYiSO2c
4yGe0l/qs/jeIOl8ujbEmkvX4IIFpuBhAkJaYaRLZKDxqzcL9Kgq90A9IUwTJBu1
tPCiuMFJ2kmxAjShg/bZqXDFm3VAnBo3+zEIyIUEpGkDNi9HHJyv98HxA9/oCce4
JLQoeiBzAnNvmIbxCWdA7B2lLtzPWhDVeIbgO/dKS/6o8F+vK9RzLS1zVA2nM8+p
HKqQ8omXgtHh3CfrCZkwIJVKgpt2jUKQ5tu+TF6/PDOw/5feLdNWLhMFgwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHAxe55rV03k/RYTifNNrzOcefyqMB8GA1UdIwQY
MBaAFK9lC+3Ra048mBFu4ysSF0+XSFyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJVTDdkRnJUanlZRVc3akt4SVhUNWRJWElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8zNjFmOWEtYzk0Yi00NDExLTliNjUt
NmFmNjA3Mjc1NGEzLzEvY0RGN25tdFhUZVQ5RmhPSjgwMnZNNXg1X0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8zNjFmOWEtYzk0Yi00NDExLTliNjUtNmFmNjA3Mjc1NGEz
LzEvcjJVTDdkRnJUanlZRVc3akt4SVhUNWRJWElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQ8oMA0E
AgACMAcDBQMqBwXAMA0GCSqGSIb3DQEBCwUAA4IBAQBphzdRM5ILcnLKQlflSeQn
ig214dhTnTcjCwE1BCTaMm/pwwGRcrD/fEMaggX296ntrD/Oj/6QrLB3aJ/1cfw6
05Yb2L8pYVlvc6WFLgYmzsnNl6e2WgAxRrEzBtwaFKVHReLYLxSk3jZSiT8t24u/
Wm+/OWexpFXmW7cquNAWZ0s4dB23hVmHz0mRplt8zny495KuWEv/HZkJAbdX2D99
T+kNlpiVyJYkTMawqifcvlDX2OFCjXqrryR4kpoWUfJOrCCWfZcrfzXS/95JHdgy
vJvp6S6h1rZFEfjktjcg/jEdeIxl+ifghPBATn73Tqy4uu4B+NIafnqpQzhDCOTi
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:09 2025 by rpki-client