Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/9tZxdkkRZF0JuTZ69BPlZK29TTA.roa
File: 9tZxdkkRZF0JuTZ69BPlZK29TTA.roa (raw, json)
Hash identifier: +yEguWvFLFNC+c0Lrig7XirbgYV0Lk4l2bQ1ijcAEwk=
Subject key identifier: F6:D6:71:76:49:11:64:5D:09:B9:36:7A:F4:13:E5:64:AD:BD:4D:30
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018CEF8D401A3CFC797CB1343A77B8E48D7E
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/9tZxdkkRZF0JuTZ69BPlZK29TTA.roa
Signing time: Tue 09 Jan 2024 18:47:40 +0000
ROA not before: Tue 09 Jan 2024 18:47:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39877
IP address blocks: 45.133.154.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:8d:40:1a:3c:fc:79:7c:b1:34:3a:77:b8:e4:8d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 9 18:47:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6d671764911645d09b9367af413e564adbd4d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:aa:d7:4d:f5:86:1e:15:04:58:71:bb:d5:74:
bb:4c:f0:6e:a4:70:01:40:d1:f8:e7:ad:e3:7e:52:
37:e9:e2:0d:28:b8:f1:9f:a3:44:bb:72:14:91:14:
cb:ad:6d:ab:07:52:aa:30:74:9b:ec:77:5c:2c:16:
d7:86:b3:25:49:59:52:6a:76:2d:8d:ea:95:9a:bb:
24:d9:2c:80:08:7c:b4:0a:fa:9a:0e:c6:5d:74:48:
e2:34:60:16:6a:20:cb:79:3b:08:c2:7c:09:0b:a4:
a9:bb:b9:59:88:56:d1:dd:a2:6a:cf:da:7f:15:d5:
dc:5e:5a:69:fa:28:89:55:f9:3b:cd:9c:1a:65:5e:
53:33:68:85:1b:a2:7c:5e:43:09:1b:6a:dc:0c:76:
fe:d2:65:52:18:85:c7:be:70:64:3b:94:59:31:ba:
78:7b:d5:fd:16:21:e1:21:8c:0d:e7:cf:a2:ea:1a:
cf:b6:58:3c:4b:a8:c5:e5:32:84:6a:2a:7c:34:4e:
d4:01:1d:ac:73:69:af:df:57:9a:5f:0c:a2:65:94:
a8:89:58:3c:ce:c5:0f:b5:a5:50:7b:4e:07:c3:9f:
d5:a4:7f:f4:1f:c8:94:47:68:0b:46:20:8f:0a:c4:
49:d4:30:cb:d4:88:36:50:dc:d1:c7:88:e7:00:cf:
d9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D6:71:76:49:11:64:5D:09:B9:36:7A:F4:13:E5:64:AD:BD:4D:30
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/9tZxdkkRZF0JuTZ69BPlZK29TTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.154.0/23
Signature Algorithm: sha256WithRSAEncryption
86:b9:3f:83:88:58:59:32:69:7f:f0:5f:ef:96:52:15:53:6a:
d9:90:bd:ed:59:7b:4b:f3:e5:cc:eb:48:88:74:82:01:9b:6f:
7f:05:5a:37:c7:62:05:c4:43:43:0b:b5:ea:08:32:17:d1:85:
eb:3e:9a:7a:2a:b7:eb:b8:56:5b:a1:17:b5:1e:ee:b6:88:ba:
ff:fc:48:f2:1a:79:84:92:65:5d:2d:ec:f5:75:80:7c:31:37:
66:a5:93:42:dc:8e:d9:98:2a:6c:63:be:e7:df:b0:ca:85:08:
c6:4f:4c:da:a1:2d:ac:35:67:10:e8:8b:7c:70:0f:13:bf:7a:
13:be:5a:3c:10:10:c5:0e:8e:d3:66:00:31:6c:5e:b5:d8:59:
21:dd:7e:1a:b2:87:63:7d:19:81:d5:a5:09:ab:fa:5d:ec:b2:
9d:87:c4:f0:81:2f:72:1b:2b:fe:e9:74:7d:90:b9:0d:f3:58:
13:10:5a:c7:2c:a2:93:85:7b:5c:57:0d:ce:8c:2f:de:07:89:
50:55:47:60:06:03:b5:4d:61:12:d7:ef:91:f2:0e:12:f1:45:
fb:2e:df:f6:32:62:89:27:1b:6b:d5:3b:e3:cc:7f:a7:8a:f1:
3b:9e:9b:81:c9:26:54:63:7d:db:ee:81:fd:e4:e2:58:37:85:
40:9e:c0:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzvjUAaPPx5fLE0One45I1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwMTA5MTg0NzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQ2NzE3NjQ5MTE2NDVkMDliOTM2N2FmNDEzZTU2NGFkYmQ0ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqrXTfWGHhUEWHG71XS7TPBupHAB
QNH4563jflI36eINKLjxn6NEu3IUkRTLrW2rB1KqMHSb7HdcLBbXhrMlSVlSanYt
jeqVmrsk2SyACHy0CvqaDsZddEjiNGAWaiDLeTsIwnwJC6Spu7lZiFbR3aJqz9p/
FdXcXlpp+iiJVfk7zZwaZV5TM2iFG6J8XkMJG2rcDHb+0mVSGIXHvnBkO5RZMbp4
e9X9FiHhIYwN58+i6hrPtlg8S6jF5TKEaip8NE7UAR2sc2mv31eaXwyiZZSoiVg8
zsUPtaVQe04Hw5/VpH/0H8iUR2gLRiCPCsRJ1DDL1Ig2UNzRx4jnAM/ZqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbWcXZJEWRdCbk2evQT5WStvU0wMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvOXRaeGRra1JaRjBKdVRaNjlCUGxaSzI5VFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYWaMA0G
CSqGSIb3DQEBCwUAA4IBAQCGuT+DiFhZMml/8F/vllIVU2rZkL3tWXtL8+XM60iI
dIIBm29/BVo3x2IFxENDC7XqCDIX0YXrPpp6KrfruFZboRe1Hu62iLr//EjyGnmE
kmVdLez1dYB8MTdmpZNC3I7ZmCpsY77n37DKhQjGT0zaoS2sNWcQ6It8cA8Tv3oT
vlo8EBDFDo7TZgAxbF612Fkh3X4asodjfRmB1aUJq/pd7LKdh8TwgS9yGyv+6XR9
kLkN81gTEFrHLKKThXtcVw3OjC/eB4lQVUdgBgO1TWES1++R8g4S8UX7Lt/2MmKJ
Jxtr1TvjzH+nivE7npuBySZUY33b7oH95OJYN4VAnsBI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:31 2025 by rpki-client