Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/894efc-405a-4640-bc5b-a42f405fad52/1/CXezqqy8LIwsGVHVZQe6X8WcJUM.roa
File: CXezqqy8LIwsGVHVZQe6X8WcJUM.roa (raw, json)
Hash identifier: hwjsTVLgtKy4U5i5XL72CGoyg9zfvO1gXOQ33LsRMAc=
Subject key identifier: 09:77:B3:AA:AC:BC:2C:8C:2C:19:51:D5:65:07:BA:5F:C5:9C:25:43
Certificate issuer: /CN=4e3bf3bba58b3d2b636202b5f50e841a6777bca5
Certificate serial: 018708EA0372ED761BC48C6BC26C3CBC10A0
Authority key identifier: 4E:3B:F3:BB:A5:8B:3D:2B:63:62:02:B5:F5:0E:84:1A:67:77:BC:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tjvzu6WLPStjYgK19Q6EGmd3vKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/894efc-405a-4640-bc5b-a42f405fad52/1/CXezqqy8LIwsGVHVZQe6X8WcJUM.roa
Signing time: Wed 22 Mar 2023 10:42:46 +0000
ROA not before: Wed 22 Mar 2023 10:42:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 45.146.100.0/22 maxlen: 22
2a0f:2000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:ea:03:72:ed:76:1b:c4:8c:6b:c2:6c:3c:bc:10:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e3bf3bba58b3d2b636202b5f50e841a6777bca5
Validity
Not Before: Mar 22 10:42:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0977b3aaacbc2c8c2c1951d56507ba5fc59c2543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:25:c0:fc:c5:38:a9:7e:d2:21:66:fb:f7:6a:
c8:80:fe:0e:46:14:59:c7:51:4d:65:a7:2a:33:dc:
37:11:72:ff:02:c2:13:9c:7f:dd:fd:0e:1a:97:25:
7f:64:00:e2:65:2b:b3:a1:b9:0b:b8:bb:30:fb:72:
a6:3e:c9:66:61:54:54:d1:4c:22:cb:3f:d2:0c:91:
42:ce:78:5f:7e:7c:17:a8:bf:3a:17:53:63:74:09:
d8:9f:32:ae:e3:be:65:ee:68:30:bb:e3:52:4e:10:
3c:f1:88:a7:70:5f:92:b1:91:1f:3e:33:91:b7:ae:
da:47:35:43:e8:c6:9d:7e:a9:e7:d3:80:24:4b:f4:
6e:99:2d:b4:a5:8b:0b:96:e4:b0:23:03:7f:18:63:
d2:95:27:93:23:aa:89:1a:21:b8:fa:f1:22:6b:5f:
78:89:b1:af:8b:c6:d5:0d:df:e1:50:ec:62:7f:f9:
95:a2:18:17:b9:b2:5e:3b:96:26:e8:87:5a:58:cc:
3d:57:d7:00:6c:85:04:28:4f:90:a6:51:e7:1e:16:
04:ad:c4:e5:a7:20:9d:58:42:db:d2:cb:3e:fd:ea:
7f:22:ca:0e:5c:db:b4:1f:f1:eb:78:62:c5:f4:c7:
7e:67:13:bb:34:53:35:bb:76:7f:9c:4b:4d:c0:9c:
94:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:77:B3:AA:AC:BC:2C:8C:2C:19:51:D5:65:07:BA:5F:C5:9C:25:43
X509v3 Authority Key Identifier:
keyid:4E:3B:F3:BB:A5:8B:3D:2B:63:62:02:B5:F5:0E:84:1A:67:77:BC:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tjvzu6WLPStjYgK19Q6EGmd3vKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/894efc-405a-4640-bc5b-a42f405fad52/1/CXezqqy8LIwsGVHVZQe6X8WcJUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/894efc-405a-4640-bc5b-a42f405fad52/1/Tjvzu6WLPStjYgK19Q6EGmd3vKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.100.0/22
IPv6:
2a0f:2000::/29
Signature Algorithm: sha256WithRSAEncryption
50:fd:b2:fb:25:85:5a:f4:ea:23:0a:77:2c:95:22:8d:b3:9a:
6b:73:f3:8d:a5:db:7d:20:59:21:5a:70:84:4b:a4:d1:8e:0e:
1f:76:b9:2d:d2:49:99:d0:c2:d5:3e:d2:f9:06:b5:34:6b:8d:
f1:c9:e7:78:8a:cf:1a:90:d1:f4:20:b2:4f:2d:d5:0a:7b:3c:
61:42:65:cd:ec:b0:8d:de:80:93:bc:9f:17:d8:04:a8:b4:ae:
31:6b:37:71:d1:3c:bd:4f:2a:4a:2a:20:31:f4:dd:37:57:3e:
b9:4e:ed:98:43:7f:a5:31:65:e0:79:57:94:4b:d6:cb:67:a9:
a0:ec:aa:8e:3d:34:15:55:08:5a:fc:fe:4c:b1:97:3e:a2:ac:
e8:01:92:ea:78:4a:fa:04:e3:27:06:ea:62:d5:7c:40:b1:b7:
48:34:35:03:4b:a9:53:66:38:e8:87:2a:f1:0d:6e:60:8d:a9:
bb:7f:59:c2:ac:63:cd:45:b6:18:10:00:ab:fa:ed:61:03:1b:
2a:f5:59:d2:db:8b:05:95:bd:25:8c:31:44:e1:40:c3:86:cf:
0f:81:fd:1e:2a:39:25:e2:72:8b:e9:91:02:4c:5a:9d:13:e1:
98:85:04:d7:c2:71:77:d1:82:94:fa:b1:9a:c4:0f:d2:95:3c:
f9:bb:62:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcI6gNy7XYbxIxrwmw8vBCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlM2JmM2JiYTU4YjNkMmI2MzYyMDJiNWY1MGU4NDFhNjc3
N2JjYTUwHhcNMjMwMzIyMTA0MjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc3YjNhYWFjYmMyYzhjMmMxOTUxZDU2NTA3YmE1ZmM1OWMyNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyXA/MU4qX7SIWb792rIgP4ORhRZ
x1FNZacqM9w3EXL/AsITnH/d/Q4alyV/ZADiZSuzobkLuLsw+3KmPslmYVRU0Uwi
yz/SDJFCznhffnwXqL86F1NjdAnYnzKu475l7mgwu+NSThA88YincF+SsZEfPjOR
t67aRzVD6Madfqnn04AkS/RumS20pYsLluSwIwN/GGPSlSeTI6qJGiG4+vEia194
ibGvi8bVDd/hUOxif/mVohgXubJeO5Ym6IdaWMw9V9cAbIUEKE+QplHnHhYErcTl
pyCdWELb0ss+/ep/IsoOXNu0H/HreGLF9Md+ZxO7NFM1u3Z/nEtNwJyUaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAl3s6qsvCyMLBlR1WUHul/FnCVDMB8GA1UdIwQY
MBaAFE4787uliz0rY2ICtfUOhBpnd7ylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGp2enU2V0xQU3RqWWdLMTlRNkVHbWQzdktVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84OTRlZmMtNDA1YS00NjQwLWJjNWIt
YTQyZjQwNWZhZDUyLzEvQ1hlenFxeThMSXdzR1ZIVlpRZTZYOFdjSlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84OTRlZmMtNDA1YS00NjQwLWJjNWItYTQyZjQwNWZhZDUy
LzEvVGp2enU2V0xQU3RqWWdLMTlRNkVHbWQzdktVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZJkMA0E
AgACMAcDBQMqDyAAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ/bL7JYVa9OojCncslSKN
s5prc/ONpdt9IFkhWnCES6TRjg4fdrkt0kmZ0MLVPtL5BrU0a43xyed4is8akNH0
ILJPLdUKezxhQmXN7LCN3oCTvJ8X2ASotK4xazdx0Ty9TypKKiAx9N03Vz65Tu2Y
Q3+lMWXgeVeUS9bLZ6mg7KqOPTQVVQha/P5MsZc+oqzoAZLqeEr6BOMnBupi1XxA
sbdINDUDS6lTZjjohyrxDW5gjam7f1nCrGPNRbYYEACr+u1hAxsq9VnS24sFlb0l
jDFE4UDDhs8Pgf0eKjkl4nKL6ZECTFqdE+GYhQTXwnF30YKU+rGaxA/SlTz5u2IQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:24 2025 by rpki-client