Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/O_grd7POAHWZ_roNKtlDYXt2jO0.roa
File: O_grd7POAHWZ_roNKtlDYXt2jO0.roa (raw, json)
Hash identifier: rfxNVGyJQ0mG58bxWyW3+sZV2tQ4etTl5Li1xE2s22Y=
Subject key identifier: 3B:F8:2B:77:B3:CE:00:75:99:FE:BA:0D:2A:D9:43:61:7B:76:8C:ED
Certificate issuer: /CN=a48d78ad89bb6fe68af2bdb11689c42cdb0fa7f3
Certificate serial: 01856FD4EB5C77A3FB45E9FFA225878DDBC3
Authority key identifier: A4:8D:78:AD:89:BB:6F:E6:8A:F2:BD:B1:16:89:C4:2C:DB:0F:A7:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pI14rYm7b-aK8r2xFonELNsPp_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/O_grd7POAHWZ_roNKtlDYXt2jO0.roa
Signing time: Mon 02 Jan 2023 00:15:02 +0000
ROA not before: Mon 02 Jan 2023 00:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207923
IP address blocks: 45.158.100.0/22 maxlen: 24
2a0f:4c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:eb:5c:77:a3:fb:45:e9:ff:a2:25:87:8d:db:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a48d78ad89bb6fe68af2bdb11689c42cdb0fa7f3
Validity
Not Before: Jan 2 00:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf82b77b3ce007599feba0d2ad943617b768ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a6:a3:59:a1:db:a7:17:ec:52:1f:60:64:40:
30:3f:4c:f7:59:5d:d1:ea:ed:04:7d:1f:ae:40:4e:
f0:13:f0:66:27:40:11:2d:ba:e9:5a:8f:66:ef:f1:
54:2e:85:1a:c4:37:be:b8:95:4f:ca:91:3a:23:52:
0c:ea:4f:52:ae:3d:56:df:39:61:11:5c:85:1c:85:
01:2d:da:52:6b:c8:ea:77:87:2f:e2:dd:9c:1f:ff:
b2:97:d4:a7:3b:1f:80:a1:12:19:15:31:2d:9e:11:
7b:02:4e:d2:c1:a2:19:0f:c0:55:8f:9e:06:90:5a:
ec:36:ca:8d:51:49:94:59:ac:96:e0:92:c4:96:01:
87:d1:c1:84:2a:9c:18:64:2a:e6:70:52:97:1f:8f:
c9:87:9f:02:fb:3b:50:59:07:99:4b:64:a2:5a:54:
c2:8a:b2:57:52:e3:a5:a8:c6:f1:67:8b:66:94:d2:
14:2d:a9:31:5c:ac:4e:06:d5:d3:7b:b0:9a:2b:f1:
de:8e:81:84:df:a3:b9:05:44:3e:30:63:74:41:45:
85:b3:8f:ba:d1:c4:dc:0d:28:c3:1c:d6:94:4f:17:
a1:6c:53:a4:bf:d1:d1:e1:26:9d:5b:f0:e5:28:a8:
b1:d3:0d:c3:97:1f:0e:f2:5f:61:bd:3b:f2:a4:d6:
f7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F8:2B:77:B3:CE:00:75:99:FE:BA:0D:2A:D9:43:61:7B:76:8C:ED
X509v3 Authority Key Identifier:
keyid:A4:8D:78:AD:89:BB:6F:E6:8A:F2:BD:B1:16:89:C4:2C:DB:0F:A7:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pI14rYm7b-aK8r2xFonELNsPp_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/O_grd7POAHWZ_roNKtlDYXt2jO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/6bc9f1-5fdc-431f-baac-72a4e16c19f0/1/pI14rYm7b-aK8r2xFonELNsPp_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.100.0/22
IPv6:
2a0f:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
16:79:ca:67:95:15:d3:1f:6a:40:b8:34:86:06:a0:d6:aa:b2:
5d:fc:e8:e9:22:a7:d1:93:40:18:65:25:2a:04:ad:83:b7:56:
5f:0e:bb:c1:f8:05:73:44:c3:e4:e4:04:6b:ee:1e:b4:49:60:
23:76:4b:5a:2f:34:32:58:0e:2d:5e:2d:ab:d7:d0:e4:ac:35:
c0:be:fc:39:e7:e9:9d:0a:de:8c:63:16:cd:bc:97:53:e0:66:
26:40:98:ef:66:96:39:81:7e:8d:5f:3e:bb:e3:16:d7:73:0b:
20:05:07:66:55:3f:4a:f8:bf:b3:7d:61:5b:b1:79:ab:64:2e:
5b:ab:48:19:04:68:76:b3:44:ac:31:10:65:8d:a2:7b:72:ae:
8c:54:77:67:dc:48:d2:8d:b0:aa:e7:e3:e0:b0:71:ed:b0:ba:
74:10:10:27:b4:f2:bd:a9:2d:5c:95:36:74:c7:79:4f:12:19:
f9:8b:4a:5e:73:1c:e1:94:87:38:aa:11:36:eb:12:88:7f:01:
3b:e5:ed:4e:f0:01:d2:1a:04:7f:cf:e5:7c:90:ae:ff:f3:a9:
5f:be:1f:31:18:a9:57:e3:27:f1:68:9e:0a:16:71:ad:d3:ef:
8f:6a:d7:ed:da:b4:ce:7a:69:14:a7:60:af:e2:fc:55:04:ea:
14:bd:88:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1Otcd6P7Ren/oiWHjdvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OGQ3OGFkODliYjZmZTY4YWYyYmRiMTE2ODljNDJjZGIw
ZmE3ZjMwHhcNMjMwMTAyMDAxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY4MmI3N2IzY2UwMDc1OTlmZWJhMGQyYWQ5NDM2MTdiNzY4Y2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KajWaHbpxfsUh9gZEAwP0z3WV3R
6u0EfR+uQE7wE/BmJ0ARLbrpWo9m7/FULoUaxDe+uJVPypE6I1IM6k9Srj1W3zlh
EVyFHIUBLdpSa8jqd4cv4t2cH/+yl9SnOx+AoRIZFTEtnhF7Ak7SwaIZD8BVj54G
kFrsNsqNUUmUWayW4JLElgGH0cGEKpwYZCrmcFKXH4/Jh58C+ztQWQeZS2SiWlTC
irJXUuOlqMbxZ4tmlNIULakxXKxOBtXTe7CaK/HejoGE36O5BUQ+MGN0QUWFs4+6
0cTcDSjDHNaUTxehbFOkv9HR4SadW/DlKKix0w3Dlx8O8l9hvTvypNb3fwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDv4K3ezzgB1mf66DSrZQ2F7doztMB8GA1UdIwQY
MBaAFKSNeK2Ju2/mivK9sRaJxCzbD6fzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEkxNHJZbTdiLWFLOHIyeEZvbkVMTnNQcF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS82YmM5ZjEtNWZkYy00MzFmLWJhYWMt
NzJhNGUxNmMxOWYwLzEvT19ncmQ3UE9BSFdaX3JvTkt0bERZWHQyak8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS82YmM5ZjEtNWZkYy00MzFmLWJhYWMtNzJhNGUxNmMxOWYw
LzEvcEkxNHJZbTdiLWFLOHIyeEZvbkVMTnNQcF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ5kMA0E
AgACMAcDBQMqD0xAMA0GCSqGSIb3DQEBCwUAA4IBAQAWecpnlRXTH2pAuDSGBqDW
qrJd/OjpIqfRk0AYZSUqBK2Dt1ZfDrvB+AVzRMPk5ARr7h60SWAjdktaLzQyWA4t
Xi2r19DkrDXAvvw55+mdCt6MYxbNvJdT4GYmQJjvZpY5gX6NXz674xbXcwsgBQdm
VT9K+L+zfWFbsXmrZC5bq0gZBGh2s0SsMRBljaJ7cq6MVHdn3EjSjbCq5+PgsHHt
sLp0EBAntPK9qS1clTZ0x3lPEhn5i0pecxzhlIc4qhE26xKIfwE75e1O8AHSGgR/
z+V8kK7/86lfvh8xGKlX4yfxaJ4KFnGt0++Patft2rTOemkUp2Cv4vxVBOoUvYj4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:56 2024 by rpki-client on console-ams.rpki-client.org