Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d3ca04-a1b6-4878-bb86-6966f1eafde5/1/kRo5jseCKxh-BZW3FD_EYNHuT5A.roa
File: kRo5jseCKxh-BZW3FD_EYNHuT5A.roa (raw, json)
Hash identifier: icFAuXCjjH96SJusJTy+N4diHwmXF6TMkD2bUiBTqHA=
Subject key identifier: 91:1A:39:8E:C7:82:2B:18:7E:05:95:B7:14:3F:C4:60:D1:EE:4F:90
Certificate issuer: /CN=96a4cfd3d6c5ccba86329b03f6f280137307a1a5
Certificate serial: 018CC2DAE2B76F5ED71AB218CCD3C7EB0992
Authority key identifier: 96:A4:CF:D3:D6:C5:CC:BA:86:32:9B:03:F6:F2:80:13:73:07:A1:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lqTP09bFzLqGMpsD9vKAE3MHoaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d3ca04-a1b6-4878-bb86-6966f1eafde5/1/kRo5jseCKxh-BZW3FD_EYNHuT5A.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43872
IP address blocks: 45.136.108.0/24 maxlen: 24
2a0d:1e80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e2:b7:6f:5e:d7:1a:b2:18:cc:d3:c7:eb:09:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96a4cfd3d6c5ccba86329b03f6f280137307a1a5
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=911a398ec7822b187e0595b7143fc460d1ee4f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:00:d9:ae:73:c0:7e:40:d8:79:7e:cd:44:
6b:68:89:6b:c9:d1:c3:78:8e:ff:3c:fd:c0:2c:72:
b5:ac:bf:17:e2:99:21:3d:4a:44:b9:45:ff:93:a6:
28:96:d6:73:a5:35:e2:db:72:f5:44:34:0f:af:92:
97:99:71:61:e3:7b:af:d8:d1:60:6a:2e:98:33:00:
dc:71:94:e9:31:99:60:c6:06:ca:4a:08:90:87:88:
a3:13:af:31:0e:93:64:0f:0a:93:d1:33:99:df:03:
52:23:55:15:22:15:f0:eb:1a:3d:00:f2:dd:e0:4d:
66:5a:c5:48:c6:d0:9d:b5:b0:0e:3b:3c:3b:81:9c:
87:6a:d7:8d:75:e7:60:c6:ac:1e:59:08:11:1f:1d:
e0:6d:11:27:9b:ae:8c:1b:73:e6:7f:09:f2:b6:ab:
2d:91:35:95:6d:6b:a7:78:52:1c:3f:0f:30:34:f9:
7c:d3:fd:1f:d7:22:9a:03:40:9e:15:4e:fd:97:79:
0f:2f:8d:20:55:8f:1b:e1:1a:ff:4a:7c:87:44:48:
44:4e:73:c8:65:f6:cb:9a:9a:09:71:a1:8c:b6:bd:
23:7d:a4:99:5e:2d:27:80:c1:65:1f:cc:a8:47:c7:
e9:47:2e:cf:a8:7f:3d:55:dc:8d:d9:d2:ed:01:4b:
c2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1A:39:8E:C7:82:2B:18:7E:05:95:B7:14:3F:C4:60:D1:EE:4F:90
X509v3 Authority Key Identifier:
keyid:96:A4:CF:D3:D6:C5:CC:BA:86:32:9B:03:F6:F2:80:13:73:07:A1:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lqTP09bFzLqGMpsD9vKAE3MHoaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d3ca04-a1b6-4878-bb86-6966f1eafde5/1/kRo5jseCKxh-BZW3FD_EYNHuT5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d3ca04-a1b6-4878-bb86-6966f1eafde5/1/lqTP09bFzLqGMpsD9vKAE3MHoaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.108.0/24
IPv6:
2a0d:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
38:13:66:9b:87:aa:c0:f4:fb:56:b9:07:5c:5a:b8:de:f6:68:
cf:7c:d7:68:4e:32:e5:f6:49:06:dc:3f:31:d3:bd:5e:49:3b:
a2:24:a6:c8:11:07:cf:62:93:ef:e5:1d:85:f2:4e:77:0c:e9:
6a:2e:5b:24:d4:5d:42:e4:c2:81:42:09:be:8c:3d:eb:38:ce:
41:a7:ad:7f:6a:6a:60:45:2b:da:a6:00:c9:ab:6f:93:87:7c:
f0:38:8d:bb:8c:aa:0f:76:f9:f4:b0:c0:a5:c0:31:0c:5d:39:
26:57:f2:b9:ba:1c:b9:b3:0d:42:a4:c1:0e:1b:ca:23:f7:59:
00:70:fc:9b:bc:d9:b2:65:3b:bd:bb:9a:1d:0a:f4:df:ab:e6:
59:54:9a:2e:73:99:78:14:53:2c:32:1f:36:96:56:e0:0a:a8:
92:4f:c6:d9:ce:dd:83:d9:21:81:ad:eb:af:0b:4b:78:b5:a6:
5a:b3:20:90:6e:1a:4c:d5:ef:d9:6f:a3:60:d7:fb:f6:c5:a1:
18:f9:86:8c:d3:24:c0:fd:bc:67:72:04:b4:0b:7d:1a:2e:71:
be:72:d1:d7:26:d1:0a:02:ec:96:b7:7c:2d:be:02:23:56:01:
c1:0a:dc:e3:ed:dc:ca:35:5c:d6:8e:b3:c3:54:c8:2d:c4:3b:
d0:0a:4e:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2uK3b17XGrIYzNPH6wmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YTRjZmQzZDZjNWNjYmE4NjMyOWIwM2Y2ZjI4MDEzNzMw
N2ExYTUwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFhMzk4ZWM3ODIyYjE4N2UwNTk1YjcxNDNmYzQ2MGQxZWU0ZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdgA2a5zwH5A2Hl+zURraIlrydHD
eI7/PP3ALHK1rL8X4pkhPUpEuUX/k6YoltZzpTXi23L1RDQPr5KXmXFh43uv2NFg
ai6YMwDccZTpMZlgxgbKSgiQh4ijE68xDpNkDwqT0TOZ3wNSI1UVIhXw6xo9APLd
4E1mWsVIxtCdtbAOOzw7gZyHateNdedgxqweWQgRHx3gbREnm66MG3Pmfwnytqst
kTWVbWuneFIcPw8wNPl80/0f1yKaA0CeFU79l3kPL40gVY8b4Rr/SnyHREhETnPI
ZfbLmpoJcaGMtr0jfaSZXi0ngMFlH8yoR8fpRy7PqH89VdyN2dLtAUvClwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJEaOY7HgisYfgWVtxQ/xGDR7k+QMB8GA1UdIwQY
MBaAFJakz9PWxcy6hjKbA/bygBNzB6GlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHFUUDA5YkZ6THFHTXBzRDl2S0FFM01Ib2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kM2NhMDQtYTFiNi00ODc4LWJiODYt
Njk2NmYxZWFmZGU1LzEva1JvNWpzZUNLeGgtQlpXM0ZEX0VZTkh1VDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kM2NhMDQtYTFiNi00ODc4LWJiODYtNjk2NmYxZWFmZGU1
LzEvbHFUUDA5YkZ6THFHTXBzRDl2S0FFM01Ib2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYhsMA0E
AgACMAcDBQMqDR6AMA0GCSqGSIb3DQEBCwUAA4IBAQA4E2abh6rA9PtWuQdcWrje
9mjPfNdoTjLl9kkG3D8x071eSTuiJKbIEQfPYpPv5R2F8k53DOlqLlsk1F1C5MKB
Qgm+jD3rOM5Bp61/ampgRSvapgDJq2+Th3zwOI27jKoPdvn0sMClwDEMXTkmV/K5
uhy5sw1CpMEOG8oj91kAcPybvNmyZTu9u5odCvTfq+ZZVJouc5l4FFMsMh82llbg
CqiST8bZzt2D2SGBreuvC0t4taZasyCQbhpM1e/Zb6Ng1/v2xaEY+YaM0yTA/bxn
cgS0C30aLnG+ctHXJtEKAuyWt3wtvgIjVgHBCtzj7dzKNVzWjrPDVMgtxDvQCk62
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org