Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/CE672zL66qWBZN8ptgpNLWzkGVs.roa
File: CE672zL66qWBZN8ptgpNLWzkGVs.roa (raw, json)
Hash identifier: 5wM4HQtubRFNS0uN/S7BIMJ2z2F1xqKnOENxLw+UjbM=
Subject key identifier: 08:4E:BB:DB:32:FA:EA:A5:81:64:DF:29:B6:0A:4D:2D:6C:E4:19:5B
Certificate issuer: /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial: 0187FABF3CD43E7A495BD31962E9AA687A99
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/CE672zL66qWBZN8ptgpNLWzkGVs.roa
Signing time: Mon 08 May 2023 09:44:09 +0000
ROA not before: Mon 08 May 2023 09:44:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47527
IP address blocks: 45.95.208.0/24 maxlen: 24
213.142.140.0/23 maxlen: 23
2a00:b920:200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:bf:3c:d4:3e:7a:49:5b:d3:19:62:e9:aa:68:7a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Validity
Not Before: May 8 09:44:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=084ebbdb32faeaa58164df29b60a4d2d6ce4195b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:72:d4:b1:21:78:1a:05:ec:35:b4:b9:f9:fb:
70:da:41:91:c3:da:73:c5:d4:04:e5:98:a0:bf:90:
1b:de:a7:6d:db:c3:0c:4f:5d:a9:42:54:50:15:50:
5b:31:02:97:a9:ba:96:42:16:ca:c7:43:9e:a1:2b:
cc:44:55:b3:7f:d9:b4:3f:93:aa:7e:18:b2:73:e2:
c8:dd:a4:19:e5:bc:0d:25:f5:f3:5c:8e:d7:7c:58:
be:ee:fd:03:3f:53:d0:aa:f3:88:65:66:5e:4b:56:
e3:01:32:89:bb:93:a9:bc:15:5b:24:63:e7:d7:5b:
63:fa:c9:36:db:b6:03:1c:dd:41:94:f8:6e:a4:8e:
f7:6b:e7:c2:4a:38:35:36:0d:aa:bb:03:1c:d0:26:
aa:99:c1:62:89:08:47:4a:13:db:d9:82:c2:65:6e:
a9:9a:88:50:b9:61:94:f8:c4:6a:74:c3:e0:14:57:
09:d6:15:86:46:36:5c:a1:d9:57:ad:19:84:55:8f:
db:bb:a6:43:8e:b5:c3:be:18:2b:58:50:cc:31:e2:
3e:1b:7a:00:de:03:57:11:20:4a:aa:7b:78:f7:de:
f8:e2:d9:ee:59:a6:6a:24:d0:d8:f4:9b:6c:82:ca:
99:eb:69:00:45:1b:d8:95:af:bf:9c:0f:2a:16:fa:
51:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4E:BB:DB:32:FA:EA:A5:81:64:DF:29:B6:0A:4D:2D:6C:E4:19:5B
X509v3 Authority Key Identifier:
keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/CE672zL66qWBZN8ptgpNLWzkGVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.208.0/24
213.142.140.0/23
IPv6:
2a00:b920:200::/40
Signature Algorithm: sha256WithRSAEncryption
65:10:aa:24:9c:fc:36:e9:f3:b7:82:4c:1a:7a:04:b1:18:ce:
e5:8c:84:28:37:ae:c5:84:e6:0e:1c:21:5b:3b:97:58:30:3f:
40:52:aa:85:c8:bd:6f:05:14:8b:97:55:f4:30:29:0b:5b:59:
1e:ef:21:9f:66:4a:81:31:a3:8d:3f:db:49:1e:ad:98:69:65:
b3:51:4f:99:6d:58:24:19:76:8d:82:cd:00:34:67:32:24:bb:
61:c6:b9:5c:dc:01:39:06:f1:e6:2b:66:61:31:6c:b0:b1:35:
6b:5d:fd:94:61:3b:f6:3f:d5:ed:dd:53:a5:d5:6e:0a:06:a1:
4c:d5:8d:c1:b6:ad:3b:bc:09:a7:af:72:38:23:ea:85:40:5e:
ed:48:6c:45:56:ea:0e:8c:ec:3b:7d:de:81:13:7e:ce:43:d2:
ff:15:9e:e3:3d:91:e9:ba:ed:0e:13:ba:cd:8e:7a:cf:5c:07:
4b:42:a4:59:c7:30:e4:40:fa:8b:ce:68:e7:83:f2:ee:ee:4a:
94:f4:3d:c2:c0:3b:c9:e7:f5:2a:56:e3:6a:d6:b9:f3:e5:d3:
e2:29:b1:6f:6c:b6:d0:3c:19:86:78:e4:b7:b7:b3:b0:70:3e:
e6:78:ec:3d:54:33:d9:7d:f1:3c:1d:6e:1b:62:9c:09:4d:57:
ba:3f:d3:4d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYf6vzzUPnpJW9MZYumqaHqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdmZjJhNzMzZTMzYmVhZjUzNDk0YTkwZWVjMTUyYmJj
NzU4YmMwHhcNMjMwNTA4MDk0NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRlYmJkYjMyZmFlYWE1ODE2NGRmMjliNjBhNGQyZDZjZTQxOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23LUsSF4GgXsNbS5+ftw2kGRw9pz
xdQE5Zigv5Ab3qdt28MMT12pQlRQFVBbMQKXqbqWQhbKx0OeoSvMRFWzf9m0P5Oq
fhiyc+LI3aQZ5bwNJfXzXI7XfFi+7v0DP1PQqvOIZWZeS1bjATKJu5OpvBVbJGPn
11tj+sk227YDHN1BlPhupI73a+fCSjg1Ng2quwMc0CaqmcFiiQhHShPb2YLCZW6p
mohQuWGU+MRqdMPgFFcJ1hWGRjZcodlXrRmEVY/bu6ZDjrXDvhgrWFDMMeI+G3oA
3gNXESBKqnt499744tnuWaZqJNDY9JtsgsqZ62kARRvYla+/nA8qFvpR6wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAhOu9sy+uqlgWTfKbYKTS1s5BlbMB8GA1UdIwQY
MBaAFLKH/ypzPjO+r1NJSpDuwVK7x1i8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYt
NGY1ZWMwYTdlMDA2LzEvQ0U2NzJ6TDY2cVdCWk44cHRncE5MV3prR1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYtNGY1ZWMwYTdlMDA2
LzEvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALV/QAwQB
1Y6MMA4EAgACMAgDBgAqALkgAjANBgkqhkiG9w0BAQsFAAOCAQEAZRCqJJz8Nunz
t4JMGnoEsRjO5YyEKDeuxYTmDhwhWzuXWDA/QFKqhci9bwUUi5dV9DApC1tZHu8h
n2ZKgTGjjT/bSR6tmGlls1FPmW1YJBl2jYLNADRnMiS7Yca5XNwBOQbx5itmYTFs
sLE1a139lGE79j/V7d1TpdVuCgahTNWNwbatO7wJp69yOCPqhUBe7UhsRVbqDozs
O33egRN+zkPS/xWe4z2R6brtDhO6zY56z1wHS0KkWccw5ED6i85o54Py7u5KlPQ9
wsA7yef1Klbjata58+XT4imxb2y20DwZhnjkt7ezsHA+5njsPVQz2X3xPB1uG2Kc
CU1Xuj/TTQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:12 2025 by rpki-client