Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/cX2sG3amJnU87_2gVZj-5fa7NAo.roa
File: cX2sG3amJnU87_2gVZj-5fa7NAo.roa (raw, json)
Hash identifier: I9NKWGZ7lkc3e4bAOh4lwbe4/Qrd54Thx14AMuaj9mM=
Subject key identifier: 71:7D:AC:1B:76:A6:26:75:3C:EF:FD:A0:55:98:FE:E5:F6:BB:34:0A
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 01860DCFDF3079348B63FA93864ECB4C7125
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/cX2sG3amJnU87_2gVZj-5fa7NAo.roa
Signing time: Wed 01 Feb 2023 16:29:32 +0000
ROA not before: Wed 01 Feb 2023 16:29:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.181.178.0/24 maxlen: 24
45.137.98.0/24 maxlen: 24
2.56.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:cf:df:30:79:34:8b:63:fa:93:86:4e:cb:4c:71:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Feb 1 16:29:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=717dac1b76a626753ceffda05598fee5f6bb340a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2d:b9:cd:3b:4c:23:82:95:fc:12:de:fa:c6:
7b:cf:c4:37:62:13:ba:97:1a:c7:0d:5e:d7:9f:66:
76:52:56:6e:90:70:e0:b7:ca:32:6f:85:a0:68:00:
40:41:79:cf:0c:01:ce:de:c6:8c:e0:6d:99:17:6b:
af:78:e3:c4:59:1b:43:aa:25:b1:e9:ec:41:a9:4a:
d0:34:21:af:48:cc:d9:66:c9:bf:df:76:c1:05:97:
3f:16:9f:0b:e1:9c:9d:55:be:80:e9:64:8e:c2:93:
f3:30:bd:25:bc:c9:0c:11:45:97:30:0c:d9:17:90:
cb:c1:48:3b:76:e0:55:53:b2:6b:f3:3a:7e:f3:b8:
ac:1b:7c:17:b3:ba:c3:68:c4:e3:53:9a:c2:0a:2d:
35:97:20:08:a0:3d:ec:a2:ed:ca:1f:c5:eb:34:4d:
03:92:26:3d:ea:79:c8:07:8a:35:d2:0c:77:b8:9a:
71:eb:8d:99:88:4a:a4:05:68:d1:cb:a9:84:0a:d8:
9a:a9:3a:2b:66:c2:77:7a:41:b3:78:a3:07:28:d4:
47:49:02:b8:1f:bd:c6:78:c2:e2:55:e2:d4:bf:b9:
ca:95:3d:9a:88:bd:46:07:78:3a:fa:9b:af:84:0e:
20:b0:31:c5:7c:5c:30:db:0a:d8:0b:06:e2:e3:4b:
b7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7D:AC:1B:76:A6:26:75:3C:EF:FD:A0:55:98:FE:E5:F6:BB:34:0A
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/cX2sG3amJnU87_2gVZj-5fa7NAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/22
5.181.178.0/24
45.137.98.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:55:65:cc:3b:c5:28:97:c7:e2:f0:dd:e9:3b:0d:0c:82:d3:
5b:9d:51:b6:17:71:cc:ef:89:01:58:65:2a:2c:63:22:26:f9:
00:3e:fc:1c:d2:98:36:59:b2:c6:6c:83:df:8a:ca:f7:6f:a5:
81:2a:03:ce:5b:c9:f6:53:3d:95:f6:86:ac:ea:a6:43:ac:0b:
d2:18:08:aa:f7:d1:c9:51:d4:4c:d4:40:27:eb:5e:47:99:7a:
a9:af:d1:67:26:b0:d3:22:90:fc:c5:95:e9:05:47:39:49:9b:
76:ec:be:55:47:4e:5f:e1:dd:7b:24:f6:a7:30:29:21:61:34:
ce:9f:0d:4e:f4:c6:3f:d0:80:9f:6f:e7:1d:53:ef:09:af:ee:
ed:f7:f7:77:2b:8e:18:8f:e2:8b:b8:05:2a:87:7f:11:96:e3:
bf:30:c9:a1:ee:ce:9a:02:ed:f2:35:c9:77:58:dd:91:1b:c3:
47:e3:31:c9:5d:46:7d:08:5c:2c:d8:ca:b4:64:3c:2b:7a:57:
6c:0a:d6:bb:6a:ff:23:32:ea:c7:4a:a9:e3:07:76:ed:b2:4a:
66:d1:0c:84:5e:d2:52:4c:ec:c3:76:7a:cc:8b:9f:ba:e2:44:
f3:99:22:07:73:19:72:2e:5e:4a:f0:4a:4d:d1:b2:45:05:78:
cd:f8:55:be
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYNz98weTSLY/qThk7LTHElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjMwMjAxMTYyOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTdkYWMxYjc2YTYyNjc1M2NlZmZkYTA1NTk4ZmVlNWY2YmIzNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC25zTtMI4KV/BLe+sZ7z8Q3YhO6
lxrHDV7Xn2Z2UlZukHDgt8oyb4WgaABAQXnPDAHO3saM4G2ZF2uveOPEWRtDqiWx
6exBqUrQNCGvSMzZZsm/33bBBZc/Fp8L4ZydVb6A6WSOwpPzML0lvMkMEUWXMAzZ
F5DLwUg7duBVU7Jr8zp+87isG3wXs7rDaMTjU5rCCi01lyAIoD3sou3KH8XrNE0D
kiY96nnIB4o10gx3uJpx642ZiEqkBWjRy6mECtiaqTorZsJ3ekGzeKMHKNRHSQK4
H73GeMLiVeLUv7nKlT2aiL1GB3g6+puvhA4gsDHFfFww2wrYCwbi40u3/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHF9rBt2piZ1PO/9oFWY/uX2uzQKMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvY1gyc0czYW1KblU4N18yZ1Zaai01ZmE3TkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjj4AwQA
BbWyAwQALYliMA0GCSqGSIb3DQEBCwUAA4IBAQA7VWXMO8Uol8fi8N3pOw0MgtNb
nVG2F3HM74kBWGUqLGMiJvkAPvwc0pg2WbLGbIPfisr3b6WBKgPOW8n2Uz2V9oas
6qZDrAvSGAiq99HJUdRM1EAn615HmXqpr9FnJrDTIpD8xZXpBUc5SZt27L5VR05f
4d17JPanMCkhYTTOnw1O9MY/0ICfb+cdU+8Jr+7t9/d3K44Yj+KLuAUqh38RluO/
MMmh7s6aAu3yNcl3WN2RG8NH4zHJXUZ9CFws2Mq0ZDwreldsCta7av8jMurHSqnj
B3btskpm0QyEXtJSTOzDdnrMi5+64kTzmSIHcxlyLl5K8EpN0bJFBXjN+FW+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:14 2023 by rpki-client on console-ams.rpki-client.org