Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/OTGdjNZtPz-byVCkiC4NTyYd8Gk.roa
File: OTGdjNZtPz-byVCkiC4NTyYd8Gk.roa (raw, json)
Hash identifier: RvfNcaypQKC9cXTliBxxANsJoWfwtZZR0snehCS2aLk=
Subject key identifier: 39:31:9D:8C:D6:6D:3F:3F:9B:C9:50:A4:88:2E:0D:4F:26:1D:F0:69
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018DC0E9C43EB2B4397576764D8AF2C4B71C
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/OTGdjNZtPz-byVCkiC4NTyYd8Gk.roa
Signing time: Mon 19 Feb 2024 10:29:22 +0000
ROA not before: Mon 19 Feb 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 45.11.155.0/24 maxlen: 24
45.138.28.0/22 maxlen: 22
212.60.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:e9:c4:3e:b2:b4:39:75:76:76:4d:8a:f2:c4:b7:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 19 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39319d8cd66d3f3f9bc950a4882e0d4f261df069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:41:2e:9e:fc:34:78:8f:10:c9:84:c8:1d:9d:
af:ce:8a:c4:fb:57:4e:dd:b3:6c:72:70:85:9e:9a:
db:70:06:0d:59:95:67:5f:07:42:f8:ee:17:e9:ca:
29:74:74:94:e3:6f:72:06:3c:74:84:ff:91:90:9e:
d1:24:38:5a:0f:2e:55:a2:9b:ad:19:c8:d6:3e:e5:
aa:39:fc:93:a4:28:5f:fd:f9:80:67:96:1b:c9:ce:
56:6e:bd:b0:72:8c:c6:27:4a:a0:9b:6e:8a:83:58:
09:84:0c:bb:b8:08:18:4d:45:57:06:9f:04:27:28:
79:55:af:d5:82:54:86:59:5d:a5:65:de:47:2e:89:
f5:0a:7b:20:3f:87:b0:ba:13:64:3a:8c:5d:3e:3b:
26:dd:0f:53:87:ea:71:1b:50:ac:09:ac:1c:b2:8c:
4d:2a:75:bc:c7:ca:a7:68:d4:52:41:ee:ac:ba:5f:
52:d8:27:52:ba:69:37:f3:b0:c0:09:9e:b8:68:8f:
9b:44:6e:b4:b1:23:67:3a:6c:9d:fd:16:83:7e:cd:
79:69:b0:d4:c3:8c:aa:86:e9:27:25:75:ad:21:9d:
9f:6a:ca:06:66:a4:80:fc:82:2c:8f:d2:76:f1:9e:
02:2f:5c:5f:37:3b:14:15:c2:f3:98:1c:db:4c:39:
5f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:31:9D:8C:D6:6D:3F:3F:9B:C9:50:A4:88:2E:0D:4F:26:1D:F0:69
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/OTGdjNZtPz-byVCkiC4NTyYd8Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.155.0/24
45.138.28.0/22
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
38:02:5b:66:6b:82:0e:b8:11:19:65:87:1b:74:41:a9:ac:23:
5a:7b:58:3b:27:0e:9a:bb:74:04:01:1f:6d:a4:1e:31:20:1f:
99:b1:4d:7d:6a:e2:ce:34:5e:00:b6:cd:e8:03:47:44:ba:53:
d0:e7:02:45:99:ff:93:94:ec:e3:a9:38:d0:94:8d:0b:9e:b6:
d4:28:d0:b6:d2:a1:35:d7:a9:f5:4b:02:c5:b7:f0:7a:ef:05:
c0:8d:21:79:8f:58:e4:ed:c2:d4:e9:b2:b1:4e:c6:0d:a5:7c:
19:ba:20:e4:3b:85:a7:3d:c8:0b:ad:85:fb:e0:6b:cb:1d:03:
ae:13:58:2e:d9:7d:9f:5b:e7:ae:6d:79:74:f6:88:d3:c9:29:
05:de:af:33:f5:32:97:db:01:66:eb:08:78:e3:ef:4b:06:95:
e9:86:47:b7:05:84:b4:f8:36:cf:c1:e3:d7:91:77:8e:03:3f:
bc:9b:fe:f2:96:d4:b6:3a:9d:7d:00:1d:0c:71:1c:c4:90:80:
5a:64:5f:5b:b9:e4:8c:26:49:ec:9d:7c:9f:76:05:e5:51:fc:
6e:19:52:8c:d5:c6:cb:38:da:6d:ce:ac:6d:06:70:40:1b:c2:
73:84:e9:a3:b4:cc:0b:36:04:a2:c7:fe:80:e4:02:db:52:7f:
fe:a6:2a:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3A6cQ+srQ5dXZ2TYryxLccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMjE5MTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTMxOWQ4Y2Q2NmQzZjNmOWJjOTUwYTQ4ODJlMGQ0ZjI2MWRmMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEEunvw0eI8QyYTIHZ2vzorE+1dO
3bNscnCFnprbcAYNWZVnXwdC+O4X6copdHSU429yBjx0hP+RkJ7RJDhaDy5Voput
GcjWPuWqOfyTpChf/fmAZ5Ybyc5Wbr2wcozGJ0qgm26Kg1gJhAy7uAgYTUVXBp8E
Jyh5Va/VglSGWV2lZd5HLon1CnsgP4ewuhNkOoxdPjsm3Q9Th+pxG1CsCawcsoxN
KnW8x8qnaNRSQe6sul9S2CdSumk387DACZ64aI+bRG60sSNnOmyd/RaDfs15abDU
w4yqhuknJXWtIZ2fasoGZqSA/IIsj9J28Z4CL1xfNzsUFcLzmBzbTDlfswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDkxnYzWbT8/m8lQpIguDU8mHfBpMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvT1RHZGpOWnRQei1ieVZDa2lDNE5UeVlkOEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQubAwQC
LYocAwQC1DwAMA0GCSqGSIb3DQEBCwUAA4IBAQA4Altma4IOuBEZZYcbdEGprCNa
e1g7Jw6au3QEAR9tpB4xIB+ZsU19auLONF4Ats3oA0dEulPQ5wJFmf+TlOzjqTjQ
lI0LnrbUKNC20qE116n1SwLFt/B67wXAjSF5j1jk7cLU6bKxTsYNpXwZuiDkO4Wn
PcgLrYX74GvLHQOuE1gu2X2fW+eubXl09ojTySkF3q8z9TKX2wFm6wh44+9LBpXp
hke3BYS0+DbPwePXkXeOAz+8m/7yltS2Op19AB0McRzEkIBaZF9bueSMJknsnXyf
dgXlUfxuGVKM1cbLONptzqxtBnBAG8JzhOmjtMwLNgSix/6A5ALbUn/+pir0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:44 2025 by rpki-client