Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/pg989wQ9qkj2qLicmD8CJnwBMOA.roa
File: pg989wQ9qkj2qLicmD8CJnwBMOA.roa (raw, json)
Hash identifier: wrVoA5j8PfS8+GFvOZq8Z/C0I6w+XHIy56op7A0qQgg=
Subject key identifier: A6:0F:7C:F7:04:3D:AA:48:F6:A8:B8:9C:98:3F:02:26:7C:01:30:E0
Certificate issuer: /CN=8331a361bdc51d7aacadce302f1257d5c3f35ae1
Certificate serial: 018964895C9358EFCC8669B2F49D97C3E762
Authority key identifier: 83:31:A3:61:BD:C5:1D:7A:AC:AD:CE:30:2F:12:57:D5:C3:F3:5A:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzGjYb3FHXqsrc4wLxJX1cPzWuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/pg989wQ9qkj2qLicmD8CJnwBMOA.roa
Signing time: Mon 17 Jul 2023 15:47:51 +0000
ROA not before: Mon 17 Jul 2023 15:47:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202656
IP address blocks: 45.132.39.0/24 maxlen: 24
45.135.35.0/24 maxlen: 24
45.140.65.0/24 maxlen: 24
193.0.245.0/24 maxlen: 24
193.0.246.0/24 maxlen: 24
193.58.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:89:5c:93:58:ef:cc:86:69:b2:f4:9d:97:c3:e7:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8331a361bdc51d7aacadce302f1257d5c3f35ae1
Validity
Not Before: Jul 17 15:47:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a60f7cf7043daa48f6a8b89c983f02267c0130e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ed:b7:64:67:d6:6b:fb:20:e6:83:5e:c9:c0:
49:c9:af:67:a0:91:5a:fa:fc:53:06:00:8f:5f:3f:
41:4e:33:69:96:3a:f6:1a:30:13:d2:7c:be:71:87:
83:b7:a7:5a:80:41:c4:60:43:50:a8:7d:6e:ab:97:
86:73:fa:cb:cc:da:ba:6f:3a:12:d6:8d:93:fe:65:
b8:07:c0:4e:20:b3:59:59:07:69:fc:cf:96:98:e5:
b3:82:90:97:94:65:06:b7:22:78:be:36:30:77:b1:
14:2a:1d:97:55:e7:af:8a:0b:11:5b:6b:b1:6b:35:
d6:b5:c7:b4:be:6a:60:77:27:51:5b:2d:0e:18:09:
bc:e1:3e:b8:87:3f:b3:7f:e6:53:e2:3c:2a:84:73:
0f:d8:4d:59:2f:c6:45:85:2b:e7:21:dd:e2:d2:1e:
47:38:55:58:86:4f:41:fa:69:7b:62:2a:90:be:84:
c4:21:f4:47:22:70:3f:f0:39:78:15:d9:60:61:91:
d4:7d:95:63:93:6c:d6:52:9e:45:76:ad:e5:fc:6b:
74:43:d0:64:5e:fc:2c:46:1a:a2:b9:7f:17:da:fd:
36:9c:88:f7:74:fe:29:04:2a:06:84:14:d8:fd:0a:
b9:df:d5:6b:93:6f:31:c2:4b:a8:55:3c:6b:23:8b:
c7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0F:7C:F7:04:3D:AA:48:F6:A8:B8:9C:98:3F:02:26:7C:01:30:E0
X509v3 Authority Key Identifier:
keyid:83:31:A3:61:BD:C5:1D:7A:AC:AD:CE:30:2F:12:57:D5:C3:F3:5A:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzGjYb3FHXqsrc4wLxJX1cPzWuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/pg989wQ9qkj2qLicmD8CJnwBMOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/gzGjYb3FHXqsrc4wLxJX1cPzWuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.39.0/24
45.135.35.0/24
45.140.65.0/24
193.0.245.0-193.0.246.255
193.58.171.0/24
Signature Algorithm: sha256WithRSAEncryption
55:72:15:41:43:bc:df:57:d6:9c:43:7d:0e:41:f1:e1:18:82:
55:1a:83:85:24:1c:de:a0:13:8c:bd:f1:74:96:e3:e0:a8:30:
2d:aa:2e:fa:cc:9e:3f:16:66:79:25:5f:e2:68:d7:26:51:b9:
04:e6:79:5a:eb:b8:b3:92:b5:13:f8:73:38:bb:23:1f:85:bd:
96:7b:00:43:51:be:6b:96:b9:7a:93:6b:74:ab:43:93:37:b7:
88:e4:b3:8b:fc:d8:93:47:fb:6c:0d:94:08:66:66:4e:7f:f1:
88:e0:fb:f2:fa:79:e0:1d:c9:1b:d7:85:2a:d2:1c:46:cf:18:
99:4d:10:aa:4a:2d:cc:1c:56:89:d9:67:98:a0:27:81:08:4f:
ac:f2:1c:fb:e6:e8:e3:be:a5:98:76:57:97:d6:18:10:11:ca:
7c:61:2f:2e:79:8b:eb:40:70:20:71:84:29:fc:c6:fb:2d:c2:
ca:f0:31:76:a7:6a:88:35:30:1c:e4:0d:0f:f1:6d:8b:05:b6:
95:e5:2c:c0:81:4f:6e:03:95:66:89:5e:be:c5:57:9a:eb:83:
4b:6e:52:8a:a0:87:b0:a5:7d:7a:f8:7b:d1:bd:6f:62:00:8f:
b5:b3:68:d6:35:cb:bd:6f:36:7e:a0:85:7e:d6:f8:5a:5c:27:
e5:5c:31:2e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYlkiVyTWO/Mhmmy9J2Xw+diMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzFhMzYxYmRjNTFkN2FhY2FkY2UzMDJmMTI1N2Q1YzNm
MzVhZTEwHhcNMjMwNzE3MTU0NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBmN2NmNzA0M2RhYTQ4ZjZhOGI4OWM5ODNmMDIyNjdjMDEzMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO23ZGfWa/sg5oNeycBJya9noJFa
+vxTBgCPXz9BTjNpljr2GjAT0ny+cYeDt6dagEHEYENQqH1uq5eGc/rLzNq6bzoS
1o2T/mW4B8BOILNZWQdp/M+WmOWzgpCXlGUGtyJ4vjYwd7EUKh2XVeevigsRW2ux
azXWtce0vmpgdydRWy0OGAm84T64hz+zf+ZT4jwqhHMP2E1ZL8ZFhSvnId3i0h5H
OFVYhk9B+ml7YiqQvoTEIfRHInA/8Dl4FdlgYZHUfZVjk2zWUp5Fdq3l/Gt0Q9Bk
XvwsRhqiuX8X2v02nIj3dP4pBCoGhBTY/Qq539Vrk28xwkuoVTxrI4vH3wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKYPfPcEPapI9qi4nJg/AiZ8ATDgMB8GA1UdIwQY
MBaAFIMxo2G9xR16rK3OMC8SV9XD81rhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pHalliM0ZIWHFzcmM0d0x4SlgxY1B6V3VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMGI3NTEtOGUyNi00MDY2LThkZmUt
MjQ1Y2M4MTYzMTc0LzEvcGc5ODl3UTlxa2oycUxpY21EOENKbndCTU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMGI3NTEtOGUyNi00MDY2LThkZmUtMjQ1Y2M4MTYzMTc0
LzEvZ3pHalliM0ZIWHFzcmM0d0x4SlgxY1B6V3VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALYQnAwQA
LYcjAwQALYxBMAwDBADBAPUDBADBAPYDBADBOqswDQYJKoZIhvcNAQELBQADggEB
AFVyFUFDvN9X1pxDfQ5B8eEYglUag4UkHN6gE4y98XSW4+CoMC2qLvrMnj8WZnkl
X+Jo1yZRuQTmeVrruLOStRP4czi7Ix+FvZZ7AENRvmuWuXqTa3SrQ5M3t4jks4v8
2JNH+2wNlAhmZk5/8Yjg+/L6eeAdyRvXhSrSHEbPGJlNEKpKLcwcVonZZ5igJ4EI
T6zyHPvm6OO+pZh2V5fWGBARynxhLy55i+tAcCBxhCn8xvstwsrwMXanaog1MBzk
DQ/xbYsFtpXlLMCBT24DlWaJXr7FV5rrg0tuUoqgh7ClfXr4e9G9b2IAj7WzaNY1
y71vNn6ghX7W+FpcJ+VcMS4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:12 2025 by rpki-client