Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/MHioyIcVOULNgHPj1mG4rwScl44.roa
File: MHioyIcVOULNgHPj1mG4rwScl44.roa (raw, json)
Hash identifier: 3Bs6jQlWi9ZjNaNHhCb7017oqIEWw4NVRLOjYx+BjZg=
Subject key identifier: 30:78:A8:C8:87:15:39:42:CD:80:73:E3:D6:61:B8:AF:04:9C:97:8E
Certificate issuer: /CN=d24f497d157847005336b777361b1d20905c5213
Certificate serial: 01856DE63D786EE724A5EA195EFB9B5DE02F
Authority key identifier: D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/MHioyIcVOULNgHPj1mG4rwScl44.roa
Signing time: Sun 01 Jan 2023 15:14:43 +0000
ROA not before: Sun 01 Jan 2023 15:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213342
IP address blocks: 45.136.223.0/24 maxlen: 24
2a0e:9b42::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:3d:78:6e:e7:24:a5:ea:19:5e:fb:9b:5d:e0:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24f497d157847005336b777361b1d20905c5213
Validity
Not Before: Jan 1 15:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3078a8c887153942cd8073e3d661b8af049c978e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3b:80:6c:ef:49:4e:44:7d:0f:69:55:91:1b:
e8:21:e7:ff:d9:0b:9e:da:8e:22:a8:2c:85:96:fe:
56:e8:81:4a:8c:35:d2:bf:23:78:3e:fe:08:b2:17:
e3:6b:8e:dc:d9:51:2b:19:37:2a:cc:47:b1:ce:3b:
45:0f:58:df:71:8e:f3:17:0e:c8:0e:7a:38:53:5f:
1c:04:89:b7:9a:f8:28:90:9d:72:dd:28:8d:7f:17:
1b:bb:6e:d3:67:06:97:05:b5:95:f9:23:a0:73:91:
2d:24:52:e9:58:f8:a9:eb:d1:c8:d9:f1:79:0c:8f:
31:80:8c:64:e6:22:15:07:0c:60:47:c3:42:a9:d9:
1c:7a:dc:eb:6a:41:74:bc:ea:76:05:d0:c4:2f:97:
8e:8d:aa:a0:37:af:fe:d7:70:f2:4a:92:52:46:29:
f9:28:ec:ec:82:1d:9a:11:c2:2a:11:a0:71:81:1a:
7d:2f:eb:73:a1:1b:4a:97:75:32:74:61:82:18:f0:
dd:d0:25:e3:98:2b:1d:bf:78:5e:f6:08:69:ad:aa:
dd:7f:60:11:1d:a7:5a:e6:f9:6b:82:29:e1:19:b5:
be:82:0e:69:23:b5:c0:dd:96:62:4b:be:f2:e5:58:
e0:1b:86:b5:26:91:9a:31:75:0f:22:bf:5b:24:f2:
69:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:78:A8:C8:87:15:39:42:CD:80:73:E3:D6:61:B8:AF:04:9C:97:8E
X509v3 Authority Key Identifier:
keyid:D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/MHioyIcVOULNgHPj1mG4rwScl44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/0k9JfRV4RwBTNrd3NhsdIJBcUhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.223.0/24
IPv6:
2a0e:9b42::/32
Signature Algorithm: sha256WithRSAEncryption
6c:34:86:5e:29:a1:73:ff:26:6e:9f:5f:ad:ba:2e:1a:40:c0:
ce:5a:a8:b2:9e:61:c2:59:c0:4e:49:39:f1:fb:29:dc:9c:51:
9a:33:e6:ab:a2:3a:05:43:ed:e4:8b:c1:09:c7:44:74:6b:d3:
42:eb:56:f2:70:14:29:04:32:fe:bf:76:69:27:4a:03:a2:b4:
7f:2f:42:2f:c5:c7:f8:1e:a9:26:64:99:ab:d3:dd:ba:3c:56:
5f:fe:1d:6d:7a:a8:6d:1f:b5:75:12:31:47:1f:68:a1:3f:5c:
e3:b6:4a:86:36:5f:45:7d:d7:f1:55:b0:bc:2e:dd:71:73:39:
1e:75:67:c5:b1:0b:d3:05:c0:e5:42:91:f5:55:88:3f:28:1c:
00:3c:e8:43:b2:37:da:23:ee:72:06:95:af:03:16:25:71:97:
ce:64:e1:28:64:2b:43:e7:d2:a9:17:6c:d6:f1:e8:38:95:96:
cb:88:a0:ea:f7:0b:a4:d5:e0:b8:de:0d:25:7d:3d:ac:fd:08:
6a:da:80:48:c0:25:52:70:f5:9a:10:72:e3:71:74:bc:29:5c:
a1:2d:2b:53:9a:ce:2f:45:66:be:75:8f:5a:d8:80:1d:fd:15:
76:4f:99:9a:e8:f8:55:8f:99:a6:52:11:89:d3:3a:b2:0d:32:
c9:aa:73:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt5j14buckpeoZXvubXeAvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGY0OTdkMTU3ODQ3MDA1MzM2Yjc3NzM2MWIxZDIwOTA1
YzUyMTMwHhcNMjMwMTAxMTUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDc4YThjODg3MTUzOTQyY2Q4MDczZTNkNjYxYjhhZjA0OWM5NzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TuAbO9JTkR9D2lVkRvoIef/2Que
2o4iqCyFlv5W6IFKjDXSvyN4Pv4Ishfja47c2VErGTcqzEexzjtFD1jfcY7zFw7I
Dno4U18cBIm3mvgokJ1y3SiNfxcbu27TZwaXBbWV+SOgc5EtJFLpWPip69HI2fF5
DI8xgIxk5iIVBwxgR8NCqdkcetzrakF0vOp2BdDEL5eOjaqgN6/+13DySpJSRin5
KOzsgh2aEcIqEaBxgRp9L+tzoRtKl3UydGGCGPDd0CXjmCsdv3he9ghprardf2AR
Hada5vlrginhGbW+gg5pI7XA3ZZiS77y5VjgG4a1JpGaMXUPIr9bJPJpJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDB4qMiHFTlCzYBz49ZhuK8EnJeOMB8GA1UdIwQY
MBaAFNJPSX0VeEcAUza3dzYbHSCQXFITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGs5SmZSVjRSd0JUTnJkM05oc2RJSkJjVWhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jZjNjYTMtMWNkNy00MzEyLWJhNzMt
ODNjODU5NjIyOWZhLzEvTUhpb3lJY1ZPVUxOZ0hQajFtRzRyd1NjbDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jZjNjYTMtMWNkNy00MzEyLWJhNzMtODNjODU5NjIyOWZh
LzEvMGs5SmZSVjRSd0JUTnJkM05oc2RJSkJjVWhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYjfMA0E
AgACMAcDBQAqDptCMA0GCSqGSIb3DQEBCwUAA4IBAQBsNIZeKaFz/yZun1+tui4a
QMDOWqiynmHCWcBOSTnx+yncnFGaM+arojoFQ+3ki8EJx0R0a9NC61bycBQpBDL+
v3ZpJ0oDorR/L0Ivxcf4HqkmZJmr0926PFZf/h1teqhtH7V1EjFHH2ihP1zjtkqG
Nl9FfdfxVbC8Lt1xczkedWfFsQvTBcDlQpH1VYg/KBwAPOhDsjfaI+5yBpWvAxYl
cZfOZOEoZCtD59KpF2zW8eg4lZbLiKDq9wuk1eC43g0lfT2s/Qhq2oBIwCVScPWa
EHLjcXS8KVyhLStTms4vRWa+dY9a2IAd/RV2T5ma6PhVj5mmUhGJ0zqyDTLJqnNe
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:15 2025 by rpki-client