Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/c54e32-705a-4e7a-9513-b978bfc752ab/1/cLjFzl0kKfjU8JC6Suxb0r-YtGQ.roa
File: cLjFzl0kKfjU8JC6Suxb0r-YtGQ.roa (raw, json)
Hash identifier: MJIvEP8a78+x8U40G3zP1JeiMTHXhanq1jUJZqLUacg=
Subject key identifier: 70:B8:C5:CE:5D:24:29:F8:D4:F0:90:BA:4A:EC:5B:D2:BF:98:B4:64
Certificate issuer: /CN=843d8aa1269d1a3f3321335860c67c7e08677dc5
Certificate serial: 018CC4935350D257EE554528D27C46459185
Authority key identifier: 84:3D:8A:A1:26:9D:1A:3F:33:21:33:58:60:C6:7C:7E:08:67:7D:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD2KoSadGj8zITNYYMZ8fghnfcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/c54e32-705a-4e7a-9513-b978bfc752ab/1/cLjFzl0kKfjU8JC6Suxb0r-YtGQ.roa
Signing time: Mon 01 Jan 2024 10:30:38 +0000
ROA not before: Mon 01 Jan 2024 10:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207058
IP address blocks: 185.173.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:53:50:d2:57:ee:55:45:28:d2:7c:46:45:91:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843d8aa1269d1a3f3321335860c67c7e08677dc5
Validity
Not Before: Jan 1 10:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70b8c5ce5d2429f8d4f090ba4aec5bd2bf98b464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:67:11:16:2b:28:a4:e5:59:89:2f:b0:f2:d0:
78:f0:83:15:0e:c5:ad:6b:75:dd:e7:e0:27:00:2b:
fb:a7:0c:6f:3a:81:6c:8f:23:12:e0:13:49:10:be:
c0:66:0c:aa:4e:e7:51:62:37:dc:ac:ad:4e:fa:a1:
18:b8:34:c8:14:be:e7:6e:2a:d8:7f:8f:e0:5c:c5:
dc:64:6e:58:83:71:4e:94:33:99:62:6e:36:a0:98:
42:d3:bc:6a:60:00:10:77:7d:4c:e3:85:33:6b:2e:
f2:f4:78:a6:92:ab:34:c5:6d:82:fa:a3:1e:0d:43:
7d:f5:9f:19:08:4a:38:c9:d5:ae:68:e0:c1:3c:d1:
e0:5e:e4:1b:39:f0:0f:71:85:1a:e2:4b:a3:8d:93:
43:fa:d8:f2:ed:44:03:2e:84:71:f5:69:38:e4:4a:
4b:91:65:cc:62:9b:97:4f:5e:14:59:16:a5:a7:ea:
5b:30:88:1c:bc:42:f6:dd:b4:b7:e4:74:a0:d5:34:
88:80:a0:e1:de:03:c0:53:10:8e:0a:4c:5d:b7:38:
f6:57:ea:3c:da:31:7b:dc:6f:ce:0e:20:d0:e9:88:
03:55:07:df:d1:93:3b:f3:8a:f4:21:1b:d1:29:57:
cd:c0:05:17:07:fe:71:b5:2d:01:9e:48:08:39:45:
96:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B8:C5:CE:5D:24:29:F8:D4:F0:90:BA:4A:EC:5B:D2:BF:98:B4:64
X509v3 Authority Key Identifier:
keyid:84:3D:8A:A1:26:9D:1A:3F:33:21:33:58:60:C6:7C:7E:08:67:7D:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD2KoSadGj8zITNYYMZ8fghnfcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c54e32-705a-4e7a-9513-b978bfc752ab/1/cLjFzl0kKfjU8JC6Suxb0r-YtGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c54e32-705a-4e7a-9513-b978bfc752ab/1/hD2KoSadGj8zITNYYMZ8fghnfcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.45.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:c5:23:89:2b:d3:6a:c5:0c:1d:f5:94:ff:0f:18:e2:bc:a2:
26:94:23:98:b7:20:1f:18:e6:97:da:15:48:d5:cb:56:ea:c4:
09:10:92:3a:40:41:0c:36:24:56:7a:69:38:2c:f2:30:3b:1b:
75:6d:3b:bb:85:d2:62:ce:aa:5f:da:e6:f2:84:a8:00:fa:b4:
b8:c6:e1:cd:00:41:25:1c:6c:cb:ee:1f:da:9c:5f:28:81:84:
f9:94:1b:e1:f3:c0:b8:9a:2b:59:4a:08:eb:54:bf:3f:71:87:
be:f6:b7:10:67:c0:bb:c4:1f:cc:8a:9a:46:05:e3:a8:6c:3e:
23:2d:4a:86:cd:10:7d:02:12:50:7f:69:57:94:a5:19:60:7f:
32:f7:ea:88:21:42:d2:4d:70:2d:1f:1b:fa:09:8d:85:37:8d:
4a:3c:d0:70:58:22:b4:17:3f:36:29:a1:d1:02:da:39:cc:cb:
27:21:cb:d8:32:53:6f:11:15:16:fb:f8:3d:3c:d9:ce:40:3a:
ad:ed:05:ba:b5:1e:08:a8:06:9e:ee:0b:8b:c1:fb:e5:97:90:
0d:5c:23:c5:55:08:8d:f4:2f:67:ff:cb:fd:0e:e6:46:22:5b:
af:a1:b7:7d:6c:28:00:b9:52:bc:24:3a:4c:d3:6c:77:85:6b:
75:06:ec:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk1NQ0lfuVUUo0nxGRZGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2Q4YWExMjY5ZDFhM2YzMzIxMzM1ODYwYzY3YzdlMDg2
NzdkYzUwHhcNMjQwMTAxMTAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGI4YzVjZTVkMjQyOWY4ZDRmMDkwYmE0YWVjNWJkMmJmOThiNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWcRFisopOVZiS+w8tB48IMVDsWt
a3Xd5+AnACv7pwxvOoFsjyMS4BNJEL7AZgyqTudRYjfcrK1O+qEYuDTIFL7nbirY
f4/gXMXcZG5Yg3FOlDOZYm42oJhC07xqYAAQd31M44Uzay7y9Himkqs0xW2C+qMe
DUN99Z8ZCEo4ydWuaODBPNHgXuQbOfAPcYUa4kujjZND+tjy7UQDLoRx9Wk45EpL
kWXMYpuXT14UWRalp+pbMIgcvEL23bS35HSg1TSIgKDh3gPAUxCOCkxdtzj2V+o8
2jF73G/ODiDQ6YgDVQff0ZM784r0IRvRKVfNwAUXB/5xtS0BnkgIOUWW/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHC4xc5dJCn41PCQukrsW9K/mLRkMB8GA1UdIwQY
MBaAFIQ9iqEmnRo/MyEzWGDGfH4IZ33FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQyS29TYWRHajh6SVROWVlNWjhmZ2huZmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jNTRlMzItNzA1YS00ZTdhLTk1MTMt
Yjk3OGJmYzc1MmFiLzEvY0xqRnpsMGtLZmpVOEpDNlN1eGIwci1ZdEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9jNTRlMzItNzA1YS00ZTdhLTk1MTMtYjk3OGJmYzc1MmFi
LzEvaEQyS29TYWRHajh6SVROWVlNWjhmZ2huZmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua0tMA0G
CSqGSIb3DQEBCwUAA4IBAQDLxSOJK9NqxQwd9ZT/DxjivKImlCOYtyAfGOaX2hVI
1ctW6sQJEJI6QEEMNiRWemk4LPIwOxt1bTu7hdJizqpf2ubyhKgA+rS4xuHNAEEl
HGzL7h/anF8ogYT5lBvh88C4mitZSgjrVL8/cYe+9rcQZ8C7xB/MippGBeOobD4j
LUqGzRB9AhJQf2lXlKUZYH8y9+qIIULSTXAtHxv6CY2FN41KPNBwWCK0Fz82KaHR
Ato5zMsnIcvYMlNvERUW+/g9PNnOQDqt7QW6tR4IqAae7guLwfvll5ANXCPFVQiN
9C9n/8v9DuZGIluvobd9bCgAuVK8JDpM02x3hWt1BuzL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:20 2025 by rpki-client