Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/In3-vvrUtlYkxiSzwNqUI09axmM.roa
File: In3-vvrUtlYkxiSzwNqUI09axmM.roa (raw, json)
Hash identifier: N7UCGBmIyjryVY5vz0st7/1KI1k+rE+CVxTNAS4kEu8=
Subject key identifier: 22:7D:FE:BE:FA:D4:B6:56:24:C6:24:B3:C0:DA:94:23:4F:5A:C6:63
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0189FA14B4C1B68587019B49AE4B1A33CBA2
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/In3-vvrUtlYkxiSzwNqUI09axmM.roa
Signing time: Tue 15 Aug 2023 16:43:28 +0000
ROA not before: Tue 15 Aug 2023 16:43:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31244
IP address blocks: 45.131.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fa:14:b4:c1:b6:85:87:01:9b:49:ae:4b:1a:33:cb:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Aug 15 16:43:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=227dfebefad4b65624c624b3c0da94234f5ac663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:eb:8b:e7:37:3e:cb:2e:34:ea:38:5e:a0:
34:30:ab:9b:1c:17:6a:ea:fa:54:ac:b9:ca:4f:02:
1e:6e:77:d9:e1:39:c6:6c:9f:30:c6:a8:26:42:b4:
ea:82:1b:4c:6d:76:e9:26:f4:74:5e:d6:c8:fc:92:
06:56:60:32:08:f6:f7:bf:90:45:56:68:26:be:48:
e9:c0:47:ea:18:db:c8:09:a7:07:9f:22:4d:e6:e2:
4a:17:b9:6c:6d:66:d5:ce:f0:93:83:3f:11:ac:6f:
d1:c6:87:8e:cd:dc:34:67:03:d6:0c:eb:72:2e:24:
06:77:21:ae:a5:41:56:62:c5:10:66:dd:4a:52:ae:
b5:91:3e:e9:f0:99:96:90:5f:e9:e1:3d:44:cf:98:
b5:54:c5:57:a7:f0:6a:cc:3c:85:f1:cc:5a:f4:c2:
1e:17:3d:b8:ee:47:e4:85:26:11:51:90:5a:2f:6a:
1c:b8:18:1b:13:24:f9:2b:9d:58:4f:29:53:c5:f1:
da:44:3a:f7:19:c9:8a:00:28:c1:bd:7b:38:f4:ed:
73:60:ac:5b:b9:8b:b9:7b:eb:2c:06:34:d5:44:eb:
ed:59:a7:2b:81:57:ee:42:e9:f7:36:ad:a2:1f:ab:
1d:60:97:d4:ec:81:98:8d:f6:6a:9f:81:11:aa:6d:
fc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7D:FE:BE:FA:D4:B6:56:24:C6:24:B3:C0:DA:94:23:4F:5A:C6:63
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/In3-vvrUtlYkxiSzwNqUI09axmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.107.0/24
Signature Algorithm: sha256WithRSAEncryption
50:47:cd:43:47:45:f4:0d:e6:d6:77:e4:53:a2:76:d2:2c:08:
1c:6a:00:c0:9f:12:d0:c5:3e:c9:da:83:f1:61:3b:b1:b9:11:
76:93:38:c5:34:ee:28:3b:e3:ee:e0:74:2c:1a:96:80:d5:83:
79:fc:05:be:02:68:5a:0f:dd:f0:fc:57:ff:a8:11:48:f8:c1:
d5:19:3d:ea:14:91:e6:4d:d9:ff:0e:9a:4a:ec:cc:1c:68:c4:
6a:a3:01:e2:49:8b:de:ff:3d:1e:ae:8e:f9:50:d6:17:8b:3c:
fb:c8:79:76:9a:7d:da:71:ab:9b:cf:47:1e:41:80:18:69:ae:
9e:2b:6e:46:94:3e:02:7c:6f:73:74:fb:73:46:3d:30:a9:9f:
ab:57:a1:3b:81:7c:2b:aa:f1:f3:2e:0e:b2:17:79:ed:99:c8:
79:5b:77:09:84:14:59:b0:f1:36:f3:7d:17:9c:17:a3:d8:7b:
99:f7:81:89:b8:6a:8e:24:38:fc:d9:b2:59:23:28:c1:ce:7d:
e4:58:15:26:6b:08:19:ec:a0:e7:f5:1c:ce:06:ea:c2:31:10:
a7:3e:5a:51:ca:a7:02:01:74:ec:27:51:31:fc:df:de:5d:13:
99:cf:b7:de:3c:89:d0:b9:ff:5d:c0:b0:31:47:0f:e4:70:d1:
c8:4b:ac:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn6FLTBtoWHAZtJrksaM8uiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwODE1MTY0MzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjdkZmViZWZhZDRiNjU2MjRjNjI0YjNjMGRhOTQyMzRmNWFjNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMTri+c3PssuNOo4XqA0MKubHBdq
6vpUrLnKTwIebnfZ4TnGbJ8wxqgmQrTqghtMbXbpJvR0XtbI/JIGVmAyCPb3v5BF
VmgmvkjpwEfqGNvICacHnyJN5uJKF7lsbWbVzvCTgz8RrG/RxoeOzdw0ZwPWDOty
LiQGdyGupUFWYsUQZt1KUq61kT7p8JmWkF/p4T1Ez5i1VMVXp/BqzDyF8cxa9MIe
Fz247kfkhSYRUZBaL2ocuBgbEyT5K51YTylTxfHaRDr3GcmKACjBvXs49O1zYKxb
uYu5e+ssBjTVROvtWacrgVfuQun3Nq2iH6sdYJfU7IGYjfZqn4ERqm38DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJ9/r761LZWJMYks8DalCNPWsZjMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvSW4zLXZ2clV0bFlreGlTendOcVVJMDlheG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYNrMA0G
CSqGSIb3DQEBCwUAA4IBAQBQR81DR0X0DebWd+RTonbSLAgcagDAnxLQxT7J2oPx
YTuxuRF2kzjFNO4oO+Pu4HQsGpaA1YN5/AW+AmhaD93w/Ff/qBFI+MHVGT3qFJHm
Tdn/DppK7MwcaMRqowHiSYve/z0ero75UNYXizz7yHl2mn3acaubz0ceQYAYaa6e
K25GlD4CfG9zdPtzRj0wqZ+rV6E7gXwrqvHzLg6yF3ntmch5W3cJhBRZsPE2830X
nBej2HuZ94GJuGqOJDj82bJZIyjBzn3kWBUmawgZ7KDn9RzOBurCMRCnPlpRyqcC
AXTsJ1Ex/N/eXROZz7fePInQuf9dwLAxRw/kcNHIS6zx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:38 2025 by rpki-client