Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/2aKCw4pibs1KcFpYKXtryYfFEqQ.roa
File: 2aKCw4pibs1KcFpYKXtryYfFEqQ.roa (raw, json)
Hash identifier: hhFcEdOWtCD1Q2OTd89FSXYxP7WXMy3xz86KSsPJaL4=
Subject key identifier: D9:A2:82:C3:8A:62:6E:CD:4A:70:5A:58:29:7B:6B:C9:87:C5:12:A4
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 0184868B41A95133E66816289241A6DBEB3A
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/2aKCw4pibs1KcFpYKXtryYfFEqQ.roa
Signing time: Thu 17 Nov 2022 17:03:04 +0000
ROA not before: Thu 17 Nov 2022 17:03:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 171.22.76.0/23 maxlen: 24
185.172.172.0/22 maxlen: 24
185.172.174.0/23 maxlen: 24
45.91.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:8b:41:a9:51:33:e6:68:16:28:92:41:a6:db:eb:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Nov 17 17:03:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9a282c38a626ecd4a705a58297b6bc987c512a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:e0:d6:e1:13:46:6e:00:b8:80:e8:31:57:
e1:57:f0:38:ab:50:76:ce:9c:fa:59:48:06:ee:0b:
bd:49:b6:0b:2b:2d:16:b2:24:90:2f:f6:ae:b1:75:
8e:88:d8:5d:90:cc:f9:ea:4a:f8:0f:e8:d1:21:3d:
d8:46:a1:4f:eb:98:82:be:b4:eb:6e:86:64:3e:03:
4b:bb:84:68:d9:1a:b8:12:79:dd:31:35:ee:5c:6b:
3b:00:5b:e7:b2:c2:b5:28:7e:49:9a:0f:e4:4e:fe:
76:2c:30:d3:ef:74:4c:a8:52:68:a1:f8:d4:6f:0f:
dd:45:4c:4e:d7:a9:36:ae:77:9b:aa:79:51:de:77:
18:3e:49:3f:16:fb:05:da:6a:80:e0:78:25:d6:d5:
7d:ac:89:3f:81:f4:4a:89:d9:c9:b9:f8:99:5f:90:
10:60:33:25:ec:96:bb:a7:4c:01:57:01:f5:3a:18:
16:61:33:5d:51:07:81:84:5c:a5:2e:80:21:c1:d9:
50:a4:de:01:b5:30:25:70:54:d0:62:b7:3e:07:12:
6d:67:72:4f:95:27:1b:61:96:5a:79:51:18:6b:6b:
c1:ed:19:4f:fe:df:c1:ac:57:71:44:60:6b:fd:96:
ff:39:10:9a:11:3a:2c:7e:97:0d:02:cd:a7:58:07:
ef:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A2:82:C3:8A:62:6E:CD:4A:70:5A:58:29:7B:6B:C9:87:C5:12:A4
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/2aKCw4pibs1KcFpYKXtryYfFEqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.139.0/24
171.22.76.0/23
185.172.172.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:03:2d:ec:03:24:2d:a7:ff:96:17:07:37:c3:51:67:f7:40:
b1:5a:54:87:9e:ba:10:68:44:45:a8:c5:03:01:12:15:f0:10:
04:8e:ef:25:14:12:5a:61:3a:6c:4c:e8:58:f0:f9:47:7e:50:
81:c1:f5:5a:c8:b2:e2:9b:2f:67:d5:2d:bc:6c:45:63:d9:ec:
97:d0:16:03:eb:b1:58:ea:8d:c1:4e:40:01:eb:4e:0c:c8:44:
67:55:91:1b:cc:fa:32:c8:b8:23:e6:b7:7c:55:98:c6:13:5d:
22:2d:c6:fd:a2:b5:ac:b5:63:33:d8:b9:1f:9a:a8:28:f7:7d:
8e:86:9b:20:ba:44:b3:83:a6:ea:59:a3:30:4a:f9:a7:bb:6f:
50:ef:92:ca:0d:ec:b7:33:c4:e7:a1:f3:61:13:64:c9:81:17:
fb:f6:79:30:04:04:a2:98:a7:68:f9:13:ea:ca:cf:0d:81:3e:
ea:61:6d:56:53:3e:ff:8c:ad:3d:60:35:52:7e:b9:8b:f0:8c:
72:95:45:04:b6:1e:01:f6:de:a9:9a:44:90:35:0b:2d:69:f3:
b6:cc:64:0c:81:e8:20:dd:61:1c:76:8d:19:48:31:17:71:fa:
6e:e9:d3:e6:49:c7:68:7e:1b:b1:8e:ad:fe:4b:a4:22:b1:73:
00:fa:03:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSGi0GpUTPmaBYokkGm2+s6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjIxMTE3MTcwMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWEyODJjMzhhNjI2ZWNkNGE3MDVhNTgyOTdiNmJjOTg3YzUxMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjHg1uETRm4AuIDoMVfhV/A4q1B2
zpz6WUgG7gu9SbYLKy0WsiSQL/ausXWOiNhdkMz56kr4D+jRIT3YRqFP65iCvrTr
boZkPgNLu4Ro2Rq4EnndMTXuXGs7AFvnssK1KH5Jmg/kTv52LDDT73RMqFJoofjU
bw/dRUxO16k2rnebqnlR3ncYPkk/FvsF2mqA4Hgl1tV9rIk/gfRKidnJufiZX5AQ
YDMl7Ja7p0wBVwH1OhgWYTNdUQeBhFylLoAhwdlQpN4BtTAlcFTQYrc+BxJtZ3JP
lScbYZZaeVEYa2vB7RlP/t/BrFdxRGBr/Zb/ORCaETosfpcNAs2nWAfv5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNmigsOKYm7NSnBaWCl7a8mHxRKkMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvMmFLQ3c0cGliczFLY0ZwWUtYdHJ5WWZGRXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVuLAwQB
qxZMAwQCuaysMA0GCSqGSIb3DQEBCwUAA4IBAQC9Ay3sAyQtp/+WFwc3w1Fn90Cx
WlSHnroQaERFqMUDARIV8BAEju8lFBJaYTpsTOhY8PlHflCBwfVayLLimy9n1S28
bEVj2eyX0BYD67FY6o3BTkAB604MyERnVZEbzPoyyLgj5rd8VZjGE10iLcb9orWs
tWMz2Lkfmqgo932OhpsgukSzg6bqWaMwSvmnu29Q75LKDey3M8TnofNhE2TJgRf7
9nkwBASimKdo+RPqys8NgT7qYW1WUz7/jK09YDVSfrmL8IxylUUEth4B9t6pmkSQ
NQstafO2zGQMgegg3WEcdo0ZSDEXcfpu6dPmScdofhuxjq3+S6QisXMA+gNS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:14 2023 by rpki-client on console-ams.rpki-client.org