Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Kh3COgt_ql4n5qg38pnfsw32fTw.roa
File: Kh3COgt_ql4n5qg38pnfsw32fTw.roa (raw, json)
Hash identifier: SUcn0yTbEpYU10AQah+vCgJQiwx0/+JSi3IIkAzV40k=
Subject key identifier: 2A:1D:C2:3A:0B:7F:AA:5E:27:E6:A8:37:F2:99:DF:B3:0D:F6:7D:3C
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 019170046820DA5ADCC47B71F470363B58FE
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Kh3COgt_ql4n5qg38pnfsw32fTw.roa
Signing time: Tue 20 Aug 2024 13:40:22 +0000
ROA not before: Tue 20 Aug 2024 13:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.85.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:04:68:20:da:5a:dc:c4:7b:71:f4:70:36:3b:58:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Aug 20 13:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a1dc23a0b7faa5e27e6a837f299dfb30df67d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9e:25:1e:56:0a:d8:60:8e:e7:42:be:9b:e5:
38:c4:d8:6c:c7:38:c7:d5:97:71:e5:7a:8e:c1:e1:
b1:58:36:b7:18:9f:4d:43:5d:dc:f5:dd:74:ea:04:
9e:1e:4e:e4:ad:ea:a0:df:38:09:18:f3:a6:9e:6b:
36:80:8e:69:b6:b8:17:54:2a:2c:9d:7b:8a:06:11:
a9:4b:86:7a:9c:8c:e1:1c:fc:1a:a7:95:b7:94:38:
f7:26:06:bc:1c:fe:e4:ca:fc:a9:83:1a:83:74:d5:
a9:a0:b7:e2:b0:b3:28:1d:ff:f9:6b:2b:c5:56:d4:
91:38:bc:21:f8:e2:11:06:8d:18:c0:7e:1d:29:5b:
32:f0:0c:87:9b:c2:5e:31:6f:52:03:a3:1f:b0:c2:
88:01:ee:bc:fb:f6:aa:9c:88:fd:d9:a8:be:34:6f:
af:22:54:47:ab:1f:32:c4:09:29:4e:ca:4c:24:e0:
6f:28:a7:ca:5c:c3:83:ab:c0:ef:c1:c2:5a:d0:8e:
14:d3:d3:32:c6:ef:92:95:72:0f:19:56:59:4d:93:
a1:28:ec:c7:9c:19:2b:f8:99:0e:59:ec:8b:cf:d8:
8b:c3:03:16:eb:a8:86:d6:26:f3:20:91:8a:81:66:
de:66:d5:d8:fd:55:c6:55:d1:7b:60:72:c1:e3:2e:
10:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1D:C2:3A:0B:7F:AA:5E:27:E6:A8:37:F2:99:DF:B3:0D:F6:7D:3C
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Kh3COgt_ql4n5qg38pnfsw32fTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.190.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:25:a8:e6:fb:a7:99:5e:b9:02:73:f1:f8:ed:80:80:6a:ad:
53:96:1a:31:41:f8:49:07:91:c2:07:1c:8f:3b:2b:a4:b3:d1:
6f:49:70:a5:12:e3:45:94:6f:2b:82:4d:c1:f0:91:d2:ea:4e:
bf:46:a5:e3:cb:4b:f0:a9:ee:22:57:1b:ac:ea:0a:c2:e7:ad:
a8:83:b2:6d:e0:dc:4f:33:32:c1:7a:bb:e9:fc:0a:7b:f7:60:
a9:5f:37:d1:2c:24:25:f1:cb:7b:67:a1:29:46:ce:8f:ec:64:
6b:b6:df:7d:ab:6d:16:b8:80:cf:36:ec:35:33:4c:fc:8a:f1:
34:df:21:56:7c:1c:53:60:84:c1:a1:a1:00:3a:b0:d1:8c:24:
93:30:21:81:9b:9c:66:34:04:48:56:d9:0d:80:7d:93:d0:0a:
3c:54:fd:b5:94:9d:98:b2:ef:ec:80:0e:9e:7b:36:5a:2f:5f:
8c:dd:5d:9f:c6:bd:47:5b:ad:ce:87:21:58:d0:5b:7a:42:1e:
62:3f:bf:db:05:d1:0e:46:12:45:21:18:7d:00:56:fb:50:35:
54:1f:89:cd:ec:66:4a:32:f5:be:a3:fe:e0:b4:ae:76:ff:4b:
87:ee:6f:b5:1b:80:53:32:65:61:24:77:34:cf:5b:7f:0a:f0:
1f:18:5d:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFwBGgg2lrcxHtx9HA2O1j+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwODIwMTM0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTFkYzIzYTBiN2ZhYTVlMjdlNmE4MzdmMjk5ZGZiMzBkZjY3ZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z4lHlYK2GCO50K+m+U4xNhsxzjH
1Zdx5XqOweGxWDa3GJ9NQ13c9d106gSeHk7kreqg3zgJGPOmnms2gI5ptrgXVCos
nXuKBhGpS4Z6nIzhHPwap5W3lDj3Jga8HP7kyvypgxqDdNWpoLfisLMoHf/5ayvF
VtSROLwh+OIRBo0YwH4dKVsy8AyHm8JeMW9SA6MfsMKIAe68+/aqnIj92ai+NG+v
IlRHqx8yxAkpTspMJOBvKKfKXMODq8DvwcJa0I4U09Myxu+SlXIPGVZZTZOhKOzH
nBkr+JkOWeyLz9iLwwMW66iG1ibzIJGKgWbeZtXY/VXGVdF7YHLB4y4Q4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCodwjoLf6peJ+aoN/KZ37MN9n08MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvS2gzQ09ndF9xbDRuNXFnMzhwbmZzdzMyZlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVW+MA0G
CSqGSIb3DQEBCwUAA4IBAQB6Jajm+6eZXrkCc/H47YCAaq1TlhoxQfhJB5HCBxyP
Oyuks9FvSXClEuNFlG8rgk3B8JHS6k6/RqXjy0vwqe4iVxus6grC562og7Jt4NxP
MzLBervp/Ap792CpXzfRLCQl8ct7Z6EpRs6P7GRrtt99q20WuIDPNuw1M0z8ivE0
3yFWfBxTYITBoaEAOrDRjCSTMCGBm5xmNARIVtkNgH2T0Ao8VP21lJ2Ysu/sgA6e
ezZaL1+M3V2fxr1HW63OhyFY0Ft6Qh5iP7/bBdEORhJFIRh9AFb7UDVUH4nN7GZK
MvW+o/7gtK52/0uH7m+1G4BTMmVhJHc0z1t/CvAfGF1r
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:39 2025 by rpki-client