Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/KrhDyEr_6p3RR8b2qgb7XnKdyg8.roa
File: KrhDyEr_6p3RR8b2qgb7XnKdyg8.roa (raw, json)
Hash identifier: TxhNwMzfqWnWxPetRLPi9gzWQBuw5QOBgs/iSzPr5fA=
Subject key identifier: 2A:B8:43:C8:4A:FF:EA:9D:D1:47:C6:F6:AA:06:FB:5E:72:9D:CA:0F
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0184A441A664CEF710F89D54E0F537759486
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/KrhDyEr_6p3RR8b2qgb7XnKdyg8.roa
Signing time: Wed 23 Nov 2022 11:31:16 +0000
ROA not before: Wed 23 Nov 2022 11:31:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210636
IP address blocks: 45.88.184.0/24 maxlen: 24
45.88.185.0/24 maxlen: 24
45.88.186.0/24 maxlen: 24
45.91.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:41:a6:64:ce:f7:10:f8:9d:54:e0:f5:37:75:94:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Nov 23 11:31:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ab843c84affea9dd147c6f6aa06fb5e729dca0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b6:a5:3a:bf:69:00:21:09:d0:4b:c9:e6:dc:
2f:ef:f9:f6:1f:35:51:18:29:a3:84:76:de:47:61:
37:82:4a:90:87:a2:f8:b8:24:b5:6a:ad:70:c4:14:
dc:6f:0a:9a:d9:90:7e:fa:79:f2:91:1b:07:c7:c8:
5e:8d:ff:07:3c:0b:89:a1:30:52:93:12:7b:93:08:
dc:c9:8a:fe:bb:4f:5e:0b:ec:d9:ee:0c:f7:0e:aa:
28:2c:ce:f6:de:2b:44:d0:26:ac:3d:c3:91:95:8f:
ac:45:35:13:e7:9a:b4:d7:e7:9f:25:39:28:4b:f9:
33:fd:fd:b2:cd:5a:cd:b5:03:0b:a7:de:ee:f4:80:
c1:4d:52:6d:8c:8d:96:ae:08:49:e8:e4:ca:cc:03:
89:20:65:d4:40:f5:4c:3e:22:09:92:cd:26:2b:f0:
9d:57:37:2d:d9:6a:a0:85:2b:83:ee:1d:ec:36:57:
e4:ab:2a:01:36:93:84:13:1a:5e:31:36:7d:3e:e2:
77:d5:0e:85:5d:89:41:95:f5:f6:27:61:4e:62:a6:
29:22:33:d4:f6:6b:6e:69:3c:5a:c2:eb:dd:f7:ea:
12:39:f1:35:e1:b8:2d:4c:2d:70:6c:62:30:52:b4:
31:bf:58:7b:8f:c7:ec:8a:3d:8a:f2:39:32:aa:a2:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B8:43:C8:4A:FF:EA:9D:D1:47:C6:F6:AA:06:FB:5E:72:9D:CA:0F
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/KrhDyEr_6p3RR8b2qgb7XnKdyg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.184.0-45.88.186.255
45.91.117.0/24
Signature Algorithm: sha256WithRSAEncryption
51:b2:e4:54:ea:a0:d0:76:64:35:ff:e3:ef:a2:f0:fc:b8:a9:
5f:28:d5:c8:a6:64:78:99:2b:d0:e3:09:d8:6a:26:e2:2c:cf:
70:11:eb:fb:ec:81:91:c0:3d:29:d8:f8:d0:ba:f2:6b:2b:fb:
a4:2e:ef:6f:f4:0d:11:0e:d0:6e:f2:7f:03:f3:f6:51:50:cb:
b3:ca:0e:4b:b6:8b:89:d8:a6:d3:e5:31:a8:62:d6:f8:25:81:
53:2b:5a:38:6e:21:1b:fc:b9:e7:2c:29:d7:87:db:4a:8e:c5:
f8:b6:90:3d:e6:e2:41:e1:55:43:7c:2d:e4:c3:f9:db:61:6a:
4f:5a:e8:94:f1:ec:71:bc:10:5b:f7:5f:b7:06:19:db:dd:fb:
f3:e7:60:42:66:94:8c:39:d5:43:3c:6a:17:2b:49:62:8b:69:
33:74:ba:02:9d:c8:00:82:af:d2:4a:da:37:6c:35:22:b0:d9:
b1:7d:f3:c8:29:2f:b7:43:45:e0:93:f6:cc:4e:f9:ec:e0:66:
24:98:e0:2c:42:77:04:39:f9:8f:01:bd:e1:3c:4b:f3:06:52:
db:67:3f:e8:ac:b2:e7:2b:1e:9c:8d:8f:86:ec:d0:08:a2:a6:
2a:61:89:21:c4:d0:ec:c7:1d:8f:e1:a8:1b:3b:83:0f:74:f8:
c8:4a:9d:4a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYSkQaZkzvcQ+J1U4PU3dZSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIxMTIzMTEzMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI4NDNjODRhZmZlYTlkZDE0N2M2ZjZhYTA2ZmI1ZTcyOWRjYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqralOr9pACEJ0EvJ5twv7/n2HzVR
GCmjhHbeR2E3gkqQh6L4uCS1aq1wxBTcbwqa2ZB++nnykRsHx8hejf8HPAuJoTBS
kxJ7kwjcyYr+u09eC+zZ7gz3DqooLM723itE0CasPcORlY+sRTUT55q01+efJTko
S/kz/f2yzVrNtQMLp97u9IDBTVJtjI2WrghJ6OTKzAOJIGXUQPVMPiIJks0mK/Cd
Vzct2WqghSuD7h3sNlfkqyoBNpOEExpeMTZ9PuJ31Q6FXYlBlfX2J2FOYqYpIjPU
9mtuaTxawuvd9+oSOfE14bgtTC1wbGIwUrQxv1h7j8fsij2K8jkyqqIt3QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCq4Q8hK/+qd0UfG9qoG+15yncoPMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvS3JoRHlFcl82cDNSUjhiMnFnYjdYbktkeWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAMtWLgD
BAAtWLoDBAAtW3UwDQYJKoZIhvcNAQELBQADggEBAFGy5FTqoNB2ZDX/4++i8Py4
qV8o1cimZHiZK9DjCdhqJuIsz3AR6/vsgZHAPSnY+NC68msr+6Qu72/0DREO0G7y
fwPz9lFQy7PKDku2i4nYptPlMahi1vglgVMrWjhuIRv8uecsKdeH20qOxfi2kD3m
4kHhVUN8LeTD+dthak9a6JTx7HG8EFv3X7cGGdvd+/PnYEJmlIw51UM8ahcrSWKL
aTN0ugKdyACCr9JK2jdsNSKw2bF988gpL7dDReCT9sxO+ezgZiSY4CxCdwQ5+Y8B
veE8S/MGUttnP+issucrHpyNj4bs0AiipiphiSHE0OzHHY/hqBs7gw90+MhKnUo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:34 2025 by rpki-client