Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/3-xEC-0MibMVigbXcbI1gWAUly4.roa
File: 3-xEC-0MibMVigbXcbI1gWAUly4.roa (raw, json)
Hash identifier: WXUjcMHE+UNYhxHX09cspDFGn5SKJT/8c8IxWa8FaIY=
Subject key identifier: DF:EC:44:0B:ED:0C:89:B3:15:8A:06:D7:71:B2:35:81:60:14:97:2E
Certificate issuer: /CN=1f53c06ca7976d737b23bc72768a228c397faf2f
Certificate serial: 019460781B3127DA29EC23027B787F88C83A
Authority key identifier: 1F:53:C0:6C:A7:97:6D:73:7B:23:BC:72:76:8A:22:8C:39:7F:AF:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1PAbKeXbXN7I7xydooijDl_ry8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/3-xEC-0MibMVigbXcbI1gWAUly4.roa
Signing time: Mon 13 Jan 2025 16:21:11 +0000
ROA not before: Mon 13 Jan 2025 16:21:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29657
IP address blocks: 45.132.100.0/22 maxlen: 22
45.132.100.0/24 maxlen: 24
45.132.101.0/24 maxlen: 24
2a14:4d80::/32 maxlen: 32
2a14:4d87::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:78:1b:31:27:da:29:ec:23:02:7b:78:7f:88:c8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f53c06ca7976d737b23bc72768a228c397faf2f
Validity
Not Before: Jan 13 16:21:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfec440bed0c89b3158a06d771b235816014972e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:eb:eb:66:61:c5:7c:ef:1a:42:95:4d:99:4a:
5f:02:a6:12:80:63:28:69:4a:06:67:1f:66:46:6e:
7c:73:d1:0d:c3:5e:03:be:87:46:86:64:ae:9a:35:
bc:48:5a:b2:c0:fa:18:0d:d6:34:82:13:06:fb:17:
bd:1c:07:8f:f1:1f:b1:61:38:ba:76:5a:75:41:1d:
97:36:9c:45:91:c0:ed:42:85:41:40:86:bd:a2:89:
ec:49:ad:4b:03:f8:09:1c:9d:e3:07:31:2d:1e:7e:
9e:b1:c1:ef:4c:1d:67:24:3e:0f:81:6b:5a:a7:9f:
ad:f3:f5:9c:ef:08:fe:66:7c:29:51:a8:c0:6c:c2:
f3:5f:d7:b3:8d:c0:1d:4b:7a:58:a2:9a:9f:30:0c:
aa:d6:a5:20:a9:a4:3c:6b:6a:2b:a0:ce:20:5f:e2:
75:0b:eb:cf:4f:87:b0:36:44:80:05:1d:3e:ef:3c:
1b:92:96:ff:52:12:ab:2b:fb:88:4b:b1:cd:64:9a:
dc:25:92:5c:6b:41:86:bc:58:e3:af:71:80:b9:ca:
ed:d6:a2:51:61:77:38:34:11:9e:6c:8d:c4:d0:d3:
ef:b9:76:f1:0b:50:d4:b5:c2:ed:bf:a1:33:51:d9:
4d:9f:eb:31:46:9a:3a:56:26:c0:ae:80:2b:40:4f:
37:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EC:44:0B:ED:0C:89:B3:15:8A:06:D7:71:B2:35:81:60:14:97:2E
X509v3 Authority Key Identifier:
keyid:1F:53:C0:6C:A7:97:6D:73:7B:23:BC:72:76:8A:22:8C:39:7F:AF:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1PAbKeXbXN7I7xydooijDl_ry8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/3-xEC-0MibMVigbXcbI1gWAUly4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/H1PAbKeXbXN7I7xydooijDl_ry8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.100.0/22
IPv6:
2a14:4d80::/32
2a14:4d87::/32
Signature Algorithm: sha256WithRSAEncryption
45:45:52:12:c8:d0:5a:11:dd:14:d2:4d:af:f5:0b:a5:84:64:
b7:78:aa:1b:a3:ea:3e:80:f9:70:9e:ac:2b:61:dc:7e:c5:89:
8f:8b:2c:08:10:e9:d1:c1:c9:33:84:02:4a:c4:b5:6c:3c:25:
92:06:db:56:11:cc:3f:26:31:34:16:68:b9:a9:7f:99:e4:e6:
16:db:24:3d:32:b9:70:2e:58:62:8d:0b:5b:9e:82:92:47:fb:
d5:19:e8:56:31:b6:9f:ab:63:92:d3:a1:78:fe:84:21:83:9c:
be:e8:6f:7c:da:b7:11:2f:19:3c:1b:25:bd:80:2d:40:ab:b8:
63:65:d8:6c:a6:b3:ed:6b:76:74:79:ab:30:53:68:ec:d4:73:
ed:8b:0c:5c:eb:6e:39:5f:e5:ba:d4:99:1d:ea:48:58:c2:a5:
ad:37:85:af:f1:17:51:84:fd:e6:a9:a7:c4:35:cd:d2:19:7c:
fb:a9:10:17:bb:d3:fd:65:1b:20:21:73:fe:76:7f:93:5f:6d:
3f:cb:20:39:fb:cc:7f:85:c6:42:7a:ba:50:a3:b4:f3:be:af:
cd:60:88:05:9a:c5:36:96:9c:6d:59:6d:93:22:d5:fd:f0:0a:
80:b7:d6:80:91:43:9c:ff:4e:23:e3:51:1a:27:3c:6f:28:93:
02:37:ea:01
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZRgeBsxJ9op7CMCe3h/iMg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTNjMDZjYTc5NzZkNzM3YjIzYmM3Mjc2OGEyMjhjMzk3
ZmFmMmYwHhcNMjUwMTEzMTYyMTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmVjNDQwYmVkMGM4OWIzMTU4YTA2ZDc3MWIyMzU4MTYwMTQ5NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOvrZmHFfO8aQpVNmUpfAqYSgGMo
aUoGZx9mRm58c9ENw14DvodGhmSumjW8SFqywPoYDdY0ghMG+xe9HAeP8R+xYTi6
dlp1QR2XNpxFkcDtQoVBQIa9oonsSa1LA/gJHJ3jBzEtHn6escHvTB1nJD4PgWta
p5+t8/Wc7wj+ZnwpUajAbMLzX9ezjcAdS3pYopqfMAyq1qUgqaQ8a2oroM4gX+J1
C+vPT4ewNkSABR0+7zwbkpb/UhKrK/uIS7HNZJrcJZJca0GGvFjjr3GAucrt1qJR
YXc4NBGebI3E0NPvuXbxC1DUtcLtv6EzUdlNn+sxRpo6VibAroArQE837wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFN/sRAvtDImzFYoG13GyNYFgFJcuMB8GA1UdIwQY
MBaAFB9TwGynl21zeyO8cnaKIow5f68vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFQQWJLZVhiWE43STd4eWRvb2lqRGxfcnk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Y2EzYmMtYTg3NS00NTA3LTkxY2Mt
YmNlZmE0NTY1OGNjLzEvMy14RUMtME1pYk1WaWdiWGNiSTFnV0FVbHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Y2EzYmMtYTg3NS00NTA3LTkxY2MtYmNlZmE0NTY1OGNj
LzEvSDFQQWJLZVhiWE43STd4eWRvb2lqRGxfcnk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYRkMBQE
AgACMA4DBQAqFE2AAwUAKhRNhzANBgkqhkiG9w0BAQsFAAOCAQEARUVSEsjQWhHd
FNJNr/ULpYRkt3iqG6PqPoD5cJ6sK2HcfsWJj4ssCBDp0cHJM4QCSsS1bDwlkgbb
VhHMPyYxNBZoual/meTmFtskPTK5cC5YYo0LW56Ckkf71RnoVjG2n6tjktOheP6E
IYOcvuhvfNq3ES8ZPBslvYAtQKu4Y2XYbKaz7Wt2dHmrMFNo7NRz7YsMXOtuOV/l
utSZHepIWMKlrTeFr/EXUYT95qmnxDXN0hl8+6kQF7vT/WUbICFz/nZ/k19tP8sg
OfvMf4XGQnq6UKO0876vzWCIBZrFNpacbVltkyLV/fAKgLfWgJFDnP9OI+NRGic8
byiTAjfqAQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:00 2025 by rpki-client