Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/3mFrOc9D96HWZbp0ClvAY7msu04.roa
File: 3mFrOc9D96HWZbp0ClvAY7msu04.roa (raw, json)
Hash identifier: iu4ThLSkoprH/H2caOro9UoUpt4aMV9RUyHobsGN0PQ=
Subject key identifier: DE:61:6B:39:CF:43:F7:A1:D6:65:BA:74:0A:5B:C0:63:B9:AC:BB:4E
Certificate issuer: /CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Certificate serial: 0187A55459A2801A6BBE7285412CB867EE98
Authority key identifier: 2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/3mFrOc9D96HWZbp0ClvAY7msu04.roa
Signing time: Fri 21 Apr 2023 19:39:41 +0000
ROA not before: Fri 21 Apr 2023 19:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60566
IP address blocks: 45.140.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a5:54:59:a2:80:1a:6b:be:72:85:41:2c:b8:67:ee:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cd9516db9417952dedd9252fe5d83f09a3d99f5
Validity
Not Before: Apr 21 19:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de616b39cf43f7a1d665ba740a5bc063b9acbb4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:84:e0:eb:5a:e1:07:92:c0:77:d1:f4:80:ab:
51:0a:d5:c6:87:e0:c8:60:0b:85:00:0c:61:02:08:
4c:b6:70:3e:22:84:fe:4e:05:34:c1:32:35:3d:48:
82:d6:a7:6d:ca:4d:cd:b9:1a:8a:1a:c3:82:b8:c6:
3d:2d:5f:0a:6e:26:ee:15:0b:96:d1:e2:71:04:8b:
4a:6f:de:be:ea:b5:7c:05:13:f8:ed:26:4c:44:53:
0a:a5:9f:58:7e:7c:8b:1b:51:66:f5:ad:de:46:e4:
2e:1c:95:ce:ab:e1:d7:0e:a0:e1:82:21:71:bc:44:
4a:62:b3:b5:32:cd:cc:cb:da:dc:68:20:dd:37:f9:
c7:0d:8d:06:6c:c8:82:02:1b:27:bf:e3:bf:8d:83:
ec:e1:f4:d6:7a:07:8c:44:90:15:6b:18:66:c8:a1:
a1:28:b9:98:96:1b:19:d6:aa:92:d5:b2:f2:d4:21:
7a:c4:63:70:f1:7f:f8:a0:aa:5b:6a:f0:cf:05:b9:
8c:d1:95:d6:03:3b:9a:58:54:03:65:20:61:b9:cc:
cf:e5:d5:83:dd:82:e9:01:e8:d7:58:88:a1:cb:52:
ab:d4:0e:d7:e1:a4:22:c0:69:a0:bc:77:74:ae:c2:
a8:05:77:d1:78:06:bd:e9:49:5a:0e:37:af:85:5e:
72:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:61:6B:39:CF:43:F7:A1:D6:65:BA:74:0A:5B:C0:63:B9:AC:BB:4E
X509v3 Authority Key Identifier:
keyid:2C:D9:51:6D:B9:41:79:52:DE:DD:92:52:FE:5D:83:F0:9A:3D:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/3mFrOc9D96HWZbp0ClvAY7msu04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bab53b-3115-41c5-87ea-c00454e0b12a/1/LNlRbblBeVLe3ZJS_l2D8Jo9mfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.18.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5e:4d:eb:4b:35:56:28:16:cc:05:ef:77:3b:b8:18:3f:c8:
67:8d:b1:c9:06:e7:50:cd:cb:d6:43:dd:51:65:f3:11:e4:35:
24:4c:01:fc:4e:92:75:27:3c:43:b8:af:75:0c:95:3f:ba:91:
77:b4:28:d9:97:75:1f:1e:52:52:1f:5f:29:3f:c8:d6:1e:84:
de:ab:af:2e:0f:3c:4d:0d:f3:66:ca:9f:bd:a2:9e:4d:7a:e2:
17:c9:92:24:a3:02:a2:57:19:38:ee:08:36:77:e8:50:c0:76:
c0:3a:a0:58:8e:1f:fc:78:1d:0c:ce:68:d5:5a:83:46:87:d0:
7a:57:a7:2d:59:47:13:bb:0d:76:b7:15:1f:07:59:0e:b2:79:
07:db:92:22:bc:0a:35:cd:c9:2e:b7:6e:92:56:6b:f3:06:7d:
d1:e8:08:6e:17:c2:03:3b:fb:1b:9b:98:23:d2:10:f2:a7:0f:
02:83:ee:e3:3d:f3:ea:bd:04:f3:9b:bd:b4:0c:70:68:01:7c:
54:e8:e2:4e:4c:97:5f:b0:79:b3:56:c0:b3:b2:b8:a2:ec:4a:
c0:15:3b:53:d1:f1:19:b8:f5:ce:61:5a:16:3d:dd:93:56:f3:
4d:43:19:66:ae:b2:ec:56:a0:af:07:62:19:d0:df:73:ef:ef:
d0:62:42:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYelVFmigBprvnKFQSy4Z+6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZDk1MTZkYjk0MTc5NTJkZWRkOTI1MmZlNWQ4M2YwOWEz
ZDk5ZjUwHhcNMjMwNDIxMTkzOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYxNmIzOWNmNDNmN2ExZDY2NWJhNzQwYTViYzA2M2I5YWNiYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioTg61rhB5LAd9H0gKtRCtXGh+DI
YAuFAAxhAghMtnA+IoT+TgU0wTI1PUiC1qdtyk3NuRqKGsOCuMY9LV8KbibuFQuW
0eJxBItKb96+6rV8BRP47SZMRFMKpZ9YfnyLG1Fm9a3eRuQuHJXOq+HXDqDhgiFx
vERKYrO1Ms3My9rcaCDdN/nHDY0GbMiCAhsnv+O/jYPs4fTWegeMRJAVaxhmyKGh
KLmYlhsZ1qqS1bLy1CF6xGNw8X/4oKpbavDPBbmM0ZXWAzuaWFQDZSBhuczP5dWD
3YLpAejXWIihy1Kr1A7X4aQiwGmgvHd0rsKoBXfReAa96UlaDjevhV5yQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5haznPQ/eh1mW6dApbwGO5rLtOMB8GA1UdIwQY
MBaAFCzZUW25QXlS3t2SUv5dg/CaPZn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEt
YzAwNDU0ZTBiMTJhLzEvM21Gck9jOUQ5NkhXWmJwMENsdkFZN21zdTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iYWI1M2ItMzExNS00MWM1LTg3ZWEtYzAwNDU0ZTBiMTJh
LzEvTE5sUmJibEJlVkxlM1pKU19sMkQ4Sm85bWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYwSMA0G
CSqGSIb3DQEBCwUAA4IBAQCKXk3rSzVWKBbMBe93O7gYP8hnjbHJBudQzcvWQ91R
ZfMR5DUkTAH8TpJ1JzxDuK91DJU/upF3tCjZl3UfHlJSH18pP8jWHoTeq68uDzxN
DfNmyp+9op5NeuIXyZIkowKiVxk47gg2d+hQwHbAOqBYjh/8eB0MzmjVWoNGh9B6
V6ctWUcTuw12txUfB1kOsnkH25IivAo1zckut26SVmvzBn3R6AhuF8IDO/sbm5gj
0hDypw8Cg+7jPfPqvQTzm720DHBoAXxU6OJOTJdfsHmzVsCzsrii7ErAFTtT0fEZ
uPXOYVoWPd2TVvNNQxlmrrLsVqCvB2IZ0N9z7+/QYkJN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:37 2024 by rpki-client on console-ams.rpki-client.org