Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/vicPWQKCc6OjU-6gTjDK2x0W-5A.roa
File: vicPWQKCc6OjU-6gTjDK2x0W-5A.roa (raw, json)
Hash identifier: Vo43J3mhVqgOKqpLZD9i6eowJGHI65vwc9cj3yhWsds=
Subject key identifier: BE:27:0F:59:02:82:73:A3:A3:53:EE:A0:4E:30:CA:DB:1D:16:FB:90
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018CC64B5E13839867F99A6A911F1CB9B56E
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/vicPWQKCc6OjU-6gTjDK2x0W-5A.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 45.138.28.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5e:13:83:98:67:f9:9a:6a:91:1f:1c:b9:b5:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be270f59028273a3a353eea04e30cadb1d16fb90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:5f:8a:50:b0:e5:f8:6e:1f:87:9a:ec:69:
19:89:48:91:c2:af:b8:0d:1e:41:d1:23:61:54:ae:
1d:81:3e:01:7d:0e:b4:8e:f4:48:30:af:8c:ab:53:
63:3e:46:b2:71:73:fc:03:46:5e:8f:2e:f4:17:81:
f2:2e:cb:60:b1:d4:ca:5f:dc:48:2f:16:13:43:65:
68:04:39:e0:17:f6:fa:68:3a:2f:0e:b1:cd:aa:11:
ce:33:d1:b8:aa:48:d5:a2:91:d2:e0:58:be:ec:6f:
f2:73:71:6d:51:43:72:61:a5:5a:12:12:09:ab:bf:
02:20:65:99:65:a2:9e:3e:28:b4:97:69:c6:c3:2a:
41:42:c0:2b:8c:7e:75:79:07:12:ae:86:cf:aa:56:
27:61:0d:59:31:17:02:62:07:b3:2f:9e:e6:90:47:
63:9b:08:e0:19:83:b0:4c:76:5d:f2:a9:1b:53:42:
78:08:54:ed:80:c9:c1:04:90:44:3b:69:f4:ff:bb:
24:d6:a7:50:46:79:76:77:64:64:84:f7:06:a9:3b:
0e:d3:b4:29:2d:f8:20:49:c5:ca:68:9a:2a:3e:83:
70:c5:93:c5:54:5e:2b:1c:57:cf:7d:9e:48:12:e6:
b7:c2:4f:08:5e:9c:59:a9:f7:e6:95:8e:ea:5c:57:
f3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:27:0F:59:02:82:73:A3:A3:53:EE:A0:4E:30:CA:DB:1D:16:FB:90
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/vicPWQKCc6OjU-6gTjDK2x0W-5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.28.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:9c:57:97:06:e5:f3:ae:f1:02:b1:8e:af:d9:c7:2d:c2:bf:
28:82:86:b1:02:cd:dd:99:11:68:cf:a1:ee:8f:a2:44:02:ea:
e1:f9:c5:a1:80:a5:24:0f:d4:5e:77:2d:e0:a2:04:58:6e:40:
0d:6c:71:29:8c:8c:84:e4:e8:4f:7a:7e:04:bf:eb:8d:a3:59:
fd:5f:67:2e:bf:68:62:39:3d:21:35:53:fd:92:61:90:e2:fa:
13:3b:ed:2a:8c:ef:3f:12:cf:ac:7f:3d:2d:11:a0:6f:b4:b5:
7c:2a:42:b8:e7:9d:eb:f5:31:06:44:d3:f7:1c:3c:5a:f1:06:
96:f6:cf:be:e9:5e:85:4c:6f:6b:62:e9:df:11:ac:70:ca:9d:
60:15:57:00:64:0e:da:c0:a5:36:25:61:93:2c:7a:da:0d:31:
ee:a1:01:bc:52:61:44:6d:8d:d4:f2:32:e4:18:7d:c4:0c:06:
09:e8:c7:d2:85:53:d4:c8:8f:0d:23:36:aa:a3:e7:be:9f:8c:
af:5d:8d:ac:74:08:12:04:25:c3:3f:fa:4a:35:6a:05:08:ef:
56:13:21:f9:3c:fb:75:92:de:2f:23:1d:75:d5:e4:ec:13:17:
65:f6:a8:d7:c6:8d:e6:bc:8f:fb:2c:bb:3c:41:32:a3:be:0f:
89:01:09:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS14Tg5hn+ZpqkR8cubVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTI3MGY1OTAyODI3M2EzYTM1M2VlYTA0ZTMwY2FkYjFkMTZmYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGNfilCw5fhuH4ea7GkZiUiRwq+4
DR5B0SNhVK4dgT4BfQ60jvRIMK+Mq1NjPkaycXP8A0Zejy70F4HyLstgsdTKX9xI
LxYTQ2VoBDngF/b6aDovDrHNqhHOM9G4qkjVopHS4Fi+7G/yc3FtUUNyYaVaEhIJ
q78CIGWZZaKePii0l2nGwypBQsArjH51eQcSrobPqlYnYQ1ZMRcCYgezL57mkEdj
mwjgGYOwTHZd8qkbU0J4CFTtgMnBBJBEO2n0/7sk1qdQRnl2d2RkhPcGqTsO07Qp
LfggScXKaJoqPoNwxZPFVF4rHFfPfZ5IEua3wk8IXpxZqffmlY7qXFfztwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4nD1kCgnOjo1PuoE4wytsdFvuQMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvdmljUFdRS0NjNk9qVS02Z1RqREsyeDBXLTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYocMA0G
CSqGSIb3DQEBCwUAA4IBAQBKnFeXBuXzrvECsY6v2cctwr8ogoaxAs3dmRFoz6Hu
j6JEAurh+cWhgKUkD9Redy3gogRYbkANbHEpjIyE5OhPen4Ev+uNo1n9X2cuv2hi
OT0hNVP9kmGQ4voTO+0qjO8/Es+sfz0tEaBvtLV8KkK4553r9TEGRNP3HDxa8QaW
9s++6V6FTG9rYunfEaxwyp1gFVcAZA7awKU2JWGTLHraDTHuoQG8UmFEbY3U8jLk
GH3EDAYJ6MfShVPUyI8NIzaqo+e+n4yvXY2sdAgSBCXDP/pKNWoFCO9WEyH5PPt1
kt4vIx111eTsExdl9qjXxo3mvI/7LLs8QTKjvg+JAQnU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:07 2025 by rpki-client