Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/Kd5qn2YPnGahk8SIMlComH99PE4.roa
File: Kd5qn2YPnGahk8SIMlComH99PE4.roa (raw, json)
Hash identifier: h0k0L/AwZBKXf4GR+fPvcjtlkDpZvGem7hE43wu4IKU=
Subject key identifier: 29:DE:6A:9F:66:0F:9C:66:A1:93:C4:88:32:50:A8:98:7F:7D:3C:4E
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 01856C5C9E7FF711E21E72050D48640DF7F1
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/Kd5qn2YPnGahk8SIMlComH99PE4.roa
Signing time: Sun 01 Jan 2023 08:04:47 +0000
ROA not before: Sun 01 Jan 2023 08:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 45.80.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:9e:7f:f7:11:e2:1e:72:05:0d:48:64:0d:f7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Jan 1 08:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29de6a9f660f9c66a193c4883250a8987f7d3c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c9:f0:22:dc:57:94:70:96:88:ea:f6:5e:b0:
63:c3:0d:96:0c:29:6c:6d:c0:24:bf:af:13:3b:83:
ad:cf:41:e0:84:57:e5:50:a4:82:27:33:7f:7e:06:
59:82:b1:f3:eb:33:a6:65:82:c7:26:ba:57:33:a3:
78:f7:e2:32:18:78:37:6d:b9:9d:7c:95:f8:e1:ec:
fa:60:ca:cf:92:67:dc:fd:d2:bd:64:7c:4f:d1:e2:
02:96:b7:41:be:70:40:01:17:54:19:96:89:40:d5:
28:b8:0a:ac:ad:8c:67:bb:4e:ce:34:9b:9d:6c:26:
af:e0:f5:94:5e:91:90:e8:1b:64:ec:6a:98:e9:96:
61:fe:47:65:56:ac:f7:e5:29:d2:0a:ff:d6:5b:7f:
50:00:52:08:13:09:77:ff:06:9c:dc:5e:cf:be:47:
f4:f7:8e:97:5b:12:27:65:e6:99:94:eb:6f:9c:ca:
09:1d:23:6c:8c:26:55:d7:a6:96:59:07:da:fd:10:
49:f2:78:ca:0a:e2:11:02:d0:da:80:82:fb:a0:4b:
45:0f:a7:61:fa:85:b7:9f:b4:46:eb:f2:fc:37:fc:
0c:5b:35:64:f1:82:ed:79:04:d2:59:df:bc:a4:2b:
df:b9:29:94:c3:b2:56:8d:a3:c3:01:1f:e3:f8:37:
92:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DE:6A:9F:66:0F:9C:66:A1:93:C4:88:32:50:A8:98:7F:7D:3C:4E
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/Kd5qn2YPnGahk8SIMlComH99PE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.28.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:21:f6:af:e0:ea:3c:75:ad:2c:19:55:8d:03:ee:80:12:c4:
d1:96:7d:86:71:fe:cc:46:70:63:be:26:64:73:a0:3e:b4:d2:
d1:22:eb:1c:eb:10:37:fc:6a:e6:12:19:f1:63:26:15:78:de:
f3:e3:45:59:86:c8:32:53:7c:1e:f7:85:2b:a9:32:8f:84:f2:
51:c3:34:f8:07:17:33:e2:e8:09:2f:13:06:39:9b:9c:85:1c:
bd:cb:59:e1:0d:f6:a2:70:13:3d:e3:5e:ff:d7:af:dc:1d:fa:
87:15:e2:ad:1e:7d:34:9c:fb:16:2a:55:58:3f:73:13:77:8c:
52:be:1a:a3:ec:91:1e:08:80:23:97:7f:ba:46:46:2c:ec:ab:
85:27:30:a7:0e:55:cf:cd:87:ed:b1:bd:3d:a7:6b:fe:2e:96:
db:39:0e:ca:79:ac:f1:35:c1:ff:73:e7:ef:d4:83:0e:2d:4a:
ee:fc:1a:9c:f5:e9:25:77:62:ae:32:ac:64:b5:9d:62:1f:ea:
a4:72:d5:ea:c5:e3:85:60:61:65:af:13:bc:79:5e:11:55:2a:
91:02:67:ea:55:32:0d:b8:36:78:cc:a6:23:26:8d:be:82:c1:
7e:4f:92:32:d5:26:7b:22:4e:26:54:2f:d0:9e:5b:62:ef:72:
44:78:97:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsXJ5/9xHiHnIFDUhkDffxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwMTAxMDgwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRlNmE5ZjY2MGY5YzY2YTE5M2M0ODgzMjUwYTg5ODdmN2QzYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8nwItxXlHCWiOr2XrBjww2WDCls
bcAkv68TO4Otz0HghFflUKSCJzN/fgZZgrHz6zOmZYLHJrpXM6N49+IyGHg3bbmd
fJX44ez6YMrPkmfc/dK9ZHxP0eIClrdBvnBAARdUGZaJQNUouAqsrYxnu07ONJud
bCav4PWUXpGQ6Btk7GqY6ZZh/kdlVqz35SnSCv/WW39QAFIIEwl3/wac3F7Pvkf0
946XWxInZeaZlOtvnMoJHSNsjCZV16aWWQfa/RBJ8njKCuIRAtDagIL7oEtFD6dh
+oW3n7RG6/L8N/wMWzVk8YLteQTSWd+8pCvfuSmUw7JWjaPDAR/j+DeS+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCneap9mD5xmoZPEiDJQqJh/fTxOMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvS2Q1cW4yWVBuR2FoazhTSU1sQ29tSDk5UEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVAcMA0G
CSqGSIb3DQEBCwUAA4IBAQCoIfav4Oo8da0sGVWNA+6AEsTRln2Gcf7MRnBjviZk
c6A+tNLRIusc6xA3/GrmEhnxYyYVeN7z40VZhsgyU3we94UrqTKPhPJRwzT4Bxcz
4ugJLxMGOZuchRy9y1nhDfaicBM9417/16/cHfqHFeKtHn00nPsWKlVYP3MTd4xS
vhqj7JEeCIAjl3+6RkYs7KuFJzCnDlXPzYftsb09p2v+LpbbOQ7KeazxNcH/c+fv
1IMOLUru/Bqc9ekld2KuMqxktZ1iH+qkctXqxeOFYGFlrxO8eV4RVSqRAmfqVTIN
uDZ4zKYjJo2+gsF+T5Iy1SZ7Ik4mVC/Qnlti73JEeJdL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:58 2025 by rpki-client