Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/SgIFzdX6JcgyEvIi1tU7tEpqzs0.roa
File: SgIFzdX6JcgyEvIi1tU7tEpqzs0.roa (raw, json)
Hash identifier: p6RL3L68zCciLtwZlC4lGEQ9Tf1FF1+MJetEEftOp98=
Subject key identifier: 4A:02:05:CD:D5:FA:25:C8:32:12:F2:22:D6:D5:3B:B4:4A:6A:CE:CD
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 019423D7421CEC35B29FF2F399E944AB6E20
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/SgIFzdX6JcgyEvIi1tU7tEpqzs0.roa
Signing time: Wed 01 Jan 2025 21:48:17 +0000
ROA not before: Wed 01 Jan 2025 21:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52056
IP address blocks: 45.82.16.0/22 maxlen: 22
45.82.16.0/23 maxlen: 23
46.23.160.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:42:1c:ec:35:b2:9f:f2:f3:99:e9:44:ab:6e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Jan 1 21:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a0205cdd5fa25c83212f222d6d53bb44a6acecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:71:52:2f:66:40:9b:7e:6b:d1:69:61:29:c0:
fa:0f:67:c1:01:e9:6b:a0:c3:a8:c6:52:7b:ea:a6:
da:19:ac:a2:82:a1:a2:27:23:fe:82:f9:37:8b:55:
e9:52:98:eb:d3:b1:2c:1f:78:eb:fd:52:19:2a:6e:
35:36:a4:fa:22:88:ac:bf:91:0a:41:79:4b:76:0d:
a7:c2:21:28:59:0a:bc:62:31:e1:1e:97:2d:9d:12:
45:46:85:38:58:67:b9:c2:45:ae:48:8d:ce:a0:c0:
e3:c3:43:67:bb:43:7f:92:da:3f:b3:da:f4:4d:59:
80:d2:36:63:da:36:af:8c:e2:cc:28:d2:1e:00:fd:
f7:0c:c5:d1:af:80:4e:41:65:77:af:34:bf:dd:b8:
20:3a:be:df:ea:f1:02:6d:e0:60:53:30:92:6f:82:
7a:da:54:a3:c0:fe:6a:d4:0a:11:ff:23:c3:df:a8:
7b:b6:81:ef:4a:59:0f:92:a7:76:99:d7:5c:47:c1:
8a:9d:0c:97:47:a5:b0:f7:3a:ca:8b:a3:3e:54:52:
80:59:e9:59:b8:2d:b1:13:2f:99:ad:de:b1:95:ca:
04:5b:7b:2f:3d:29:01:3a:a2:6b:81:1f:24:17:ae:
52:bb:5f:74:67:72:1d:90:90:c6:4d:fb:86:f5:4d:
1d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:02:05:CD:D5:FA:25:C8:32:12:F2:22:D6:D5:3B:B4:4A:6A:CE:CD
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/SgIFzdX6JcgyEvIi1tU7tEpqzs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.16.0/22
46.23.160.0/20
Signature Algorithm: sha256WithRSAEncryption
48:5f:73:96:88:13:98:71:fe:e7:1b:10:eb:0a:2b:67:3c:d1:
15:4a:7d:9a:2e:69:4a:04:c1:3d:08:79:a7:f2:2b:c5:1e:af:
df:a0:e7:8d:ff:68:03:b9:70:c0:fe:67:72:c3:26:ce:8c:14:
42:44:15:17:02:2b:c1:bd:39:9a:6a:67:56:17:fe:a9:ac:17:
7d:a0:f4:33:13:76:13:88:e2:b4:aa:8d:0e:37:db:8b:a2:e6:
6a:d9:df:b7:3c:61:a8:f8:3e:1f:34:71:53:cb:a9:8e:fb:d6:
54:97:a9:f9:54:c0:87:76:7a:92:83:fb:30:4d:26:06:1b:0f:
02:af:92:2f:2a:df:1a:4e:9c:b9:fb:07:26:36:b7:ea:8e:f2:
8a:97:59:96:04:51:ca:5b:17:c0:9e:41:95:4f:87:60:bc:78:
e5:5d:91:05:a7:58:55:3c:a5:a0:e0:91:f5:60:d6:06:8d:88:
d8:29:b0:6f:34:c8:bd:cc:eb:ee:2f:af:91:ba:8b:27:73:79:
22:61:9f:7f:d1:11:0d:09:b3:a9:28:1e:be:b3:92:90:24:6d:
79:6c:d1:3d:72:24:4b:a9:0b:b5:06:52:e4:f7:fa:e4:f0:d0:
7b:9e:09:ef:a8:5a:22:3a:cd:d8:69:5a:02:d9:4c:82:12:01:
8f:99:b6:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj10Ic7DWyn/LzmelEq24gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjUwMTAxMjE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTAyMDVjZGQ1ZmEyNWM4MzIxMmYyMjJkNmQ1M2JiNDRhNmFjZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nFSL2ZAm35r0WlhKcD6D2fBAelr
oMOoxlJ76qbaGayigqGiJyP+gvk3i1XpUpjr07EsH3jr/VIZKm41NqT6Ioisv5EK
QXlLdg2nwiEoWQq8YjHhHpctnRJFRoU4WGe5wkWuSI3OoMDjw0Nnu0N/kto/s9r0
TVmA0jZj2javjOLMKNIeAP33DMXRr4BOQWV3rzS/3bggOr7f6vECbeBgUzCSb4J6
2lSjwP5q1AoR/yPD36h7toHvSlkPkqd2mddcR8GKnQyXR6Ww9zrKi6M+VFKAWelZ
uC2xEy+Zrd6xlcoEW3svPSkBOqJrgR8kF65Su190Z3IdkJDGTfuG9U0dewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEoCBc3V+iXIMhLyItbVO7RKas7NMB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEvU2dJRnpkWDZKY2d5RXZJaTF0VTd0RXBxenMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVIQAwQE
LhegMA0GCSqGSIb3DQEBCwUAA4IBAQBIX3OWiBOYcf7nGxDrCitnPNEVSn2aLmlK
BME9CHmn8ivFHq/foOeN/2gDuXDA/mdywybOjBRCRBUXAivBvTmaamdWF/6prBd9
oPQzE3YTiOK0qo0ON9uLouZq2d+3PGGo+D4fNHFTy6mO+9ZUl6n5VMCHdnqSg/sw
TSYGGw8Cr5IvKt8aTpy5+wcmNrfqjvKKl1mWBFHKWxfAnkGVT4dgvHjlXZEFp1hV
PKWg4JH1YNYGjYjYKbBvNMi9zOvuL6+Ruosnc3kiYZ9/0RENCbOpKB6+s5KQJG15
bNE9ciRLqQu1BlLk9/rk8NB7ngnvqFoiOs3YaVoC2UyCEgGPmbbL
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:44 2025 by rpki-client