Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/4HyklA9RBxrpr5gEfhLDcC7vj0w.roa
File: 4HyklA9RBxrpr5gEfhLDcC7vj0w.roa (raw, json)
Hash identifier: ecFx7MZQQDPXDzge6sD2BazI27ZjiDr7Sv8DAoQz72k=
Subject key identifier: E0:7C:A4:94:0F:51:07:1A:E9:AF:98:04:7E:12:C3:70:2E:EF:8F:4C
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 01848151B6A56935C4C2653596289028EB5B
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/4HyklA9RBxrpr5gEfhLDcC7vj0w.roa
Signing time: Wed 16 Nov 2022 16:42:06 +0000
ROA not before: Wed 16 Nov 2022 16:42:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 171.22.76.0/23 maxlen: 24
185.172.172.0/22 maxlen: 24
45.91.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:81:51:b6:a5:69:35:c4:c2:65:35:96:28:90:28:eb:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Nov 16 16:42:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e07ca4940f51071ae9af98047e12c3702eef8f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fa:28:1a:d3:f3:8f:8e:49:14:7e:a6:5b:b4:
86:a6:f8:32:74:5a:ee:ef:5a:00:84:5b:48:67:53:
fb:90:3f:27:4d:05:da:db:24:56:fb:7b:2a:9f:aa:
67:6c:de:30:1f:fb:40:9d:72:fb:b1:e9:19:bb:b2:
f4:10:65:39:d8:b3:3d:87:a1:ee:f8:c9:be:82:42:
5c:f9:85:04:c0:19:3d:98:23:4a:29:d8:39:80:a2:
77:06:8e:38:02:8e:59:59:f3:d3:69:d7:5e:5e:33:
69:1d:f8:53:91:8d:b0:4c:7d:cb:93:2e:b5:1e:9f:
54:21:06:28:13:60:ef:75:c1:3a:8f:bb:7d:c5:3f:
cc:6a:e2:ff:26:8e:cb:3c:0e:a5:a1:77:5a:f6:34:
de:af:1d:79:98:4b:e5:ab:3c:2c:99:9d:9e:e4:10:
1c:c3:73:c9:7c:a6:a9:09:12:11:5f:8d:9a:4e:72:
8b:8a:6a:2b:fc:6f:c8:6a:ed:85:4f:76:5d:f0:6f:
7b:e0:84:e2:de:99:75:3c:8e:26:2d:25:de:c9:10:
7d:43:3d:aa:1c:82:92:05:82:af:8e:ec:64:96:c9:
2f:04:84:0d:11:5d:bd:69:7b:65:81:69:ce:b9:a7:
26:07:24:dd:d4:25:b7:ed:e1:3f:59:75:3c:d5:65:
8d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7C:A4:94:0F:51:07:1A:E9:AF:98:04:7E:12:C3:70:2E:EF:8F:4C
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/4HyklA9RBxrpr5gEfhLDcC7vj0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.139.0/24
171.22.76.0/23
185.172.172.0/22
Signature Algorithm: sha256WithRSAEncryption
29:f3:da:31:f0:a0:3a:66:a1:43:d2:e9:25:75:57:b4:c7:33:
78:37:6c:e1:f0:db:cb:15:86:b5:02:08:94:ad:70:5c:e6:ac:
68:63:a5:ac:32:46:50:1f:95:47:95:0e:26:3d:a8:e7:40:69:
f6:e0:6d:90:2e:53:fd:3f:03:47:98:5b:50:de:a9:22:2f:e4:
04:18:6b:50:5c:06:f6:3d:99:a9:d5:20:02:91:06:2d:83:be:
1b:88:53:bd:1e:5a:f9:6d:fd:1d:86:6d:c3:45:1b:c2:6c:b8:
e4:f0:bb:83:93:53:b0:0f:8b:8a:66:29:39:7e:bb:3a:ae:bb:
f9:77:2e:c3:53:c5:58:5f:5d:86:7d:85:dd:5f:4b:92:11:a2:
f0:46:22:41:f8:e8:e8:69:7c:d3:a6:91:f6:8d:63:e5:fc:ae:
52:7b:df:d1:18:6b:d2:80:a3:aa:e8:7c:7a:dc:f9:4b:57:d1:
bd:0f:57:18:1a:05:cc:97:42:ab:53:3e:32:83:af:b7:5d:43:
99:c7:d4:5a:69:29:7a:43:7a:60:a2:58:36:bd:48:d6:31:b2:
f5:1f:e1:70:21:90:b7:b1:e5:2c:a7:5b:62:db:47:56:d2:d9:
8d:60:fc:6f:78:dc:8f:a1:56:03:4d:c2:4b:28:68:fb:47:4d:
19:0b:f4:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSBUbalaTXEwmU1liiQKOtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjIxMTE2MTY0MjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdjYTQ5NDBmNTEwNzFhZTlhZjk4MDQ3ZTEyYzM3MDJlZWY4ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfooGtPzj45JFH6mW7SGpvgydFru
71oAhFtIZ1P7kD8nTQXa2yRW+3sqn6pnbN4wH/tAnXL7sekZu7L0EGU52LM9h6Hu
+Mm+gkJc+YUEwBk9mCNKKdg5gKJ3Bo44Ao5ZWfPTaddeXjNpHfhTkY2wTH3Lky61
Hp9UIQYoE2DvdcE6j7t9xT/MauL/Jo7LPA6loXda9jTerx15mEvlqzwsmZ2e5BAc
w3PJfKapCRIRX42aTnKLimor/G/Iau2FT3Zd8G974ITi3pl1PI4mLSXeyRB9Qz2q
HIKSBYKvjuxklskvBIQNEV29aXtlgWnOuacmByTd1CW37eE/WXU81WWNpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOB8pJQPUQca6a+YBH4Sw3Au749MMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvNEh5a2xBOVJCeHJwcjVnRWZoTERjQzd2ajB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVuLAwQB
qxZMAwQCuaysMA0GCSqGSIb3DQEBCwUAA4IBAQAp89ox8KA6ZqFD0ukldVe0xzN4
N2zh8NvLFYa1AgiUrXBc5qxoY6WsMkZQH5VHlQ4mPajnQGn24G2QLlP9PwNHmFtQ
3qkiL+QEGGtQXAb2PZmp1SACkQYtg74biFO9Hlr5bf0dhm3DRRvCbLjk8LuDk1Ow
D4uKZik5frs6rrv5dy7DU8VYX12GfYXdX0uSEaLwRiJB+OjoaXzTppH2jWPl/K5S
e9/RGGvSgKOq6Hx63PlLV9G9D1cYGgXMl0KrUz4yg6+3XUOZx9RaaSl6Q3pgolg2
vUjWMbL1H+FwIZC3seUsp1ti20dW0tmNYPxveNyPoVYDTcJLKGj7R00ZC/Ti
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:31 2023 by rpki-client on console-fra.rpki-client.org