Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/a9s3MvV_1POi7uZsaL1VReBCcIs.roa
File: a9s3MvV_1POi7uZsaL1VReBCcIs.roa (raw, json)
Hash identifier: 0c7A39mPX6MyNSDD5veITgrGtpN7oIsNBJFNRfN/t5o=
Subject key identifier: 6B:DB:37:32:F5:7F:D4:F3:A2:EE:E6:6C:68:BD:55:45:E0:42:70:8B
Certificate issuer: /CN=fd40e476f72534d865b2e2676691efc72b36c587
Certificate serial: 0185724C675065275B249C72036AA35D9253
Authority key identifier: FD:40:E4:76:F7:25:34:D8:65:B2:E2:67:66:91:EF:C7:2B:36:C5:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_UDkdvclNNhlsuJnZpHvxys2xYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/a9s3MvV_1POi7uZsaL1VReBCcIs.roa
Signing time: Mon 02 Jan 2023 11:44:47 +0000
ROA not before: Mon 02 Jan 2023 11:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 45.141.216.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:67:50:65:27:5b:24:9c:72:03:6a:a3:5d:92:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd40e476f72534d865b2e2676691efc72b36c587
Validity
Not Before: Jan 2 11:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bdb3732f57fd4f3a2eee66c68bd5545e042708b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:80:2b:bc:52:a8:e6:19:29:5a:d5:b2:2c:e2:
58:05:dd:09:a2:54:0c:68:1d:46:03:b2:1f:83:ed:
b3:54:52:36:2d:e4:8d:3b:10:68:60:6d:92:ca:9f:
cd:d0:28:f1:91:84:5c:ec:9c:47:ce:af:1a:72:6b:
57:6e:3d:10:2f:9d:68:67:dc:b6:94:f5:fc:39:b7:
50:80:9e:56:3a:b7:f9:f5:25:4a:e9:77:31:e8:ce:
e8:06:2d:b4:3a:3a:80:3d:2d:0e:d5:4d:a7:61:6e:
48:d3:7a:95:af:2e:c6:64:b2:1e:62:b3:9b:a9:66:
db:31:f7:c1:8e:4d:f2:40:b8:fe:a9:a6:9c:4e:2f:
5b:83:a7:37:72:6b:9e:fe:b8:32:ae:f8:2a:6e:aa:
45:51:e8:8a:4e:92:7a:38:3e:70:a4:c1:8d:3d:08:
c3:11:4d:57:3d:4b:b3:62:3c:09:52:d0:b7:c7:88:
d8:eb:1e:e4:28:68:d1:39:85:b9:4a:b2:18:63:9e:
67:58:aa:3f:a6:bb:f8:7b:90:2a:22:a9:82:cc:42:
1e:ac:f7:ea:e5:33:4f:9d:50:51:b4:54:6b:09:29:
f0:62:85:2f:01:d4:1a:81:d9:88:76:fe:80:10:83:
2d:6a:41:7a:7a:26:a8:54:22:45:e0:99:26:f2:be:
a3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:DB:37:32:F5:7F:D4:F3:A2:EE:E6:6C:68:BD:55:45:E0:42:70:8B
X509v3 Authority Key Identifier:
keyid:FD:40:E4:76:F7:25:34:D8:65:B2:E2:67:66:91:EF:C7:2B:36:C5:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_UDkdvclNNhlsuJnZpHvxys2xYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/a9s3MvV_1POi7uZsaL1VReBCcIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5aa39-f513-4c88-b477-a19f143ebb89/1/_UDkdvclNNhlsuJnZpHvxys2xYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.216.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:5d:76:37:43:b2:e5:76:ba:4a:32:46:08:41:3b:72:54:2b:
6a:86:3f:ff:b6:c5:a7:e1:75:07:a1:27:d5:85:37:aa:09:07:
e5:a4:e7:9e:44:ab:cb:fd:e9:3f:13:f8:0a:c9:d6:1f:c5:28:
76:a9:cf:48:75:50:cb:09:d9:3a:db:2b:82:c1:e6:98:20:53:
b5:74:0a:71:4e:fa:4d:b6:7c:ab:56:69:da:24:81:bd:3b:6e:
38:69:7a:e5:3a:d4:b3:1a:53:68:d9:97:15:6b:91:96:06:95:
d6:2f:59:a8:a5:7a:b1:57:8d:49:50:40:54:40:14:08:49:bf:
fb:d2:68:f7:81:07:dd:90:e9:27:a7:c0:23:58:57:94:f3:70:
3d:ca:47:4e:9c:31:4d:ee:de:07:61:d0:b7:0c:44:3f:27:89:
3b:f3:49:d9:ff:2e:ef:df:90:f0:16:9b:1f:c5:50:92:70:d9:
72:eb:41:34:ae:b9:b4:c9:3a:ed:69:39:88:3c:44:bf:35:dc:
12:36:17:76:19:9e:cd:50:e5:94:78:4a:e1:9f:7a:e8:a3:c7:
31:c9:78:77:20:06:cf:1b:0c:20:36:76:5e:12:4f:bc:1f:16:
e6:2e:c1:ff:de:7f:92:c9:54:a4:46:9a:78:4e:15:fd:92:a0:
cb:0b:34:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTGdQZSdbJJxyA2qjXZJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNDBlNDc2ZjcyNTM0ZDg2NWIyZTI2NzY2OTFlZmM3MmIz
NmM1ODcwHhcNMjMwMTAyMTE0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmRiMzczMmY1N2ZkNGYzYTJlZWU2NmM2OGJkNTU0NWUwNDI3MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYArvFKo5hkpWtWyLOJYBd0JolQM
aB1GA7Ifg+2zVFI2LeSNOxBoYG2Syp/N0CjxkYRc7JxHzq8acmtXbj0QL51oZ9y2
lPX8ObdQgJ5WOrf59SVK6Xcx6M7oBi20OjqAPS0O1U2nYW5I03qVry7GZLIeYrOb
qWbbMffBjk3yQLj+qaacTi9bg6c3cmue/rgyrvgqbqpFUeiKTpJ6OD5wpMGNPQjD
EU1XPUuzYjwJUtC3x4jY6x7kKGjROYW5SrIYY55nWKo/prv4e5AqIqmCzEIerPfq
5TNPnVBRtFRrCSnwYoUvAdQagdmIdv6AEIMtakF6eiaoVCJF4Jkm8r6jdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvbNzL1f9Tzou7mbGi9VUXgQnCLMB8GA1UdIwQY
MBaAFP1A5Hb3JTTYZbLiZ2aR78crNsWHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1VEa2R2Y2xOTmhsc3VKblpwSHZ4eXMyeFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNWFhMzktZjUxMy00Yzg4LWI0Nzct
YTE5ZjE0M2ViYjg5LzEvYTlzM012Vl8xUE9pN3Vac2FMMVZSZUJDY0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNWFhMzktZjUxMy00Yzg4LWI0NzctYTE5ZjE0M2ViYjg5
LzEvX1VEa2R2Y2xOTmhsc3VKblpwSHZ4eXMyeFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY3YMA0G
CSqGSIb3DQEBCwUAA4IBAQC2XXY3Q7LldrpKMkYIQTtyVCtqhj//tsWn4XUHoSfV
hTeqCQflpOeeRKvL/ek/E/gKydYfxSh2qc9IdVDLCdk62yuCweaYIFO1dApxTvpN
tnyrVmnaJIG9O244aXrlOtSzGlNo2ZcVa5GWBpXWL1mopXqxV41JUEBUQBQISb/7
0mj3gQfdkOknp8AjWFeU83A9ykdOnDFN7t4HYdC3DEQ/J4k780nZ/y7v35DwFpsf
xVCScNly60E0rrm0yTrtaTmIPES/NdwSNhd2GZ7NUOWUeErhn3roo8cxyXh3IAbP
GwwgNnZeEk+8HxbmLsH/3n+SyVSkRpp4ThX9kqDLCzRU
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:57 2025 by rpki-client