Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/1KQknNCJPkOnj7oyDMFHqUfBldY.roa
File: 1KQknNCJPkOnj7oyDMFHqUfBldY.roa (raw, json)
Hash identifier: 3Lg8xE67A284IDqBlTaMzZW5jY/DLa64JXJU1NRmKUc=
Subject key identifier: D4:A4:24:9C:D0:89:3E:43:A7:8F:BA:32:0C:C1:47:A9:47:C1:95:D6
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 018480C3C390D8D48B7102BF0D71ED6A03E4
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/1KQknNCJPkOnj7oyDMFHqUfBldY.roa
Signing time: Wed 16 Nov 2022 14:07:03 +0000
ROA not before: Wed 16 Nov 2022 14:07:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 45.156.220.0/24 maxlen: 24
45.156.222.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
45.156.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:c3:c3:90:d8:d4:8b:71:02:bf:0d:71:ed:6a:03:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: Nov 16 14:07:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4a4249cd0893e43a78fba320cc147a947c195d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:47:bb:89:84:bd:15:61:37:48:9c:6e:38:9f:
94:6a:92:c5:3e:d4:fb:89:3f:a5:64:c3:e1:00:eb:
26:f2:84:50:6c:e6:eb:72:0c:f7:48:fb:5b:6e:87:
b0:74:78:06:35:9e:4c:66:47:01:d8:20:f3:3d:0d:
3c:e5:26:86:75:99:7b:ed:a4:61:02:83:8e:89:cc:
a4:27:0b:1d:de:6b:58:4a:2d:bd:92:2d:71:f8:5e:
3a:83:88:61:70:48:fe:e9:33:06:e2:93:80:00:44:
6f:8f:17:3a:f1:ec:8b:a9:5a:f5:43:20:79:c3:19:
cc:88:32:92:9c:41:4c:e6:f0:ac:6b:d0:fe:c6:80:
69:e1:fd:86:04:ec:bc:58:d7:9f:60:08:5d:20:cc:
15:ef:b3:8b:a9:e9:f9:5d:0a:5e:7e:53:53:c5:fb:
5f:58:67:55:84:59:ae:db:50:6c:93:3f:c5:86:9f:
d8:29:a3:ba:ec:b0:3d:5d:ea:2e:30:e8:d1:0c:fd:
7b:57:19:e7:aa:a5:3c:9f:29:ed:17:9c:a4:b3:3b:
28:65:07:a1:b2:0f:f8:7c:30:83:b5:ae:70:ab:0c:
8d:ad:de:77:f2:63:39:a2:c7:b2:6e:a9:89:fc:9a:
05:33:98:35:d1:9e:69:ab:63:c4:5e:4d:2e:45:6e:
82:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A4:24:9C:D0:89:3E:43:A7:8F:BA:32:0C:C1:47:A9:47:C1:95:D6
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/1KQknNCJPkOnj7oyDMFHqUfBldY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:d8:e2:d9:83:20:79:5e:7c:36:71:16:6d:dd:67:5b:2a:d0:
83:f2:40:b1:f4:17:5a:cc:d3:b9:41:1b:c3:96:c2:d4:97:59:
bd:28:67:0e:aa:0e:11:2d:f8:30:d1:20:8d:1f:90:ac:ab:76:
62:b6:4b:0e:a7:65:3d:83:7d:39:91:ec:8e:5d:54:d7:90:af:
11:29:40:c2:4b:d0:fb:bb:8a:ef:ec:07:e0:7e:c8:5e:4d:b0:
3d:98:d1:6f:60:42:04:f0:5b:33:88:a6:13:dc:2a:c9:2b:b5:
f7:d0:d3:dc:f7:32:d5:d2:ef:1e:b2:64:31:fe:c5:2e:ff:ed:
f0:64:c8:20:c8:f0:62:82:ff:25:10:1b:7f:11:1c:85:ac:4f:
e0:98:0e:9a:ff:e7:a3:59:03:48:62:0b:1b:2e:bb:e8:0f:fb:
59:4a:88:9c:33:96:2b:d8:f2:26:67:9a:8e:8f:e4:ee:34:55:
c0:68:8d:62:fb:10:d3:31:73:bb:90:77:d9:d5:e6:83:c6:1f:
7b:92:d2:09:eb:dc:06:e2:0a:c3:57:af:53:a4:0f:8a:53:8a:
2c:7a:57:5b:20:b7:ec:26:26:87:a0:f6:23:fd:01:58:bc:63:
ba:87:30:28:38:d1:60:97:22:bf:8f:25:81:08:98:d0:86:5e:
cf:8b:1c:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSAw8OQ2NSLcQK/DXHtagPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjIxMTE2MTQwNzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE0MjQ5Y2QwODkzZTQzYTc4ZmJhMzIwY2MxNDdhOTQ3YzE5NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUe7iYS9FWE3SJxuOJ+UapLFPtT7
iT+lZMPhAOsm8oRQbObrcgz3SPtbboewdHgGNZ5MZkcB2CDzPQ085SaGdZl77aRh
AoOOicykJwsd3mtYSi29ki1x+F46g4hhcEj+6TMG4pOAAERvjxc68eyLqVr1QyB5
wxnMiDKSnEFM5vCsa9D+xoBp4f2GBOy8WNefYAhdIMwV77OLqen5XQpeflNTxftf
WGdVhFmu21Bskz/Fhp/YKaO67LA9XeouMOjRDP17VxnnqqU8nyntF5ykszsoZQeh
sg/4fDCDta5wqwyNrd538mM5oseybqmJ/JoFM5g10Z5pq2PEXk0uRW6CrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSkJJzQiT5Dp4+6MgzBR6lHwZXWMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvMUtRa25OQ0pQa09uajdveURNRkhxVWZCbGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZzcMA0G
CSqGSIb3DQEBCwUAA4IBAQAq2OLZgyB5Xnw2cRZt3WdbKtCD8kCx9BdazNO5QRvD
lsLUl1m9KGcOqg4RLfgw0SCNH5Csq3ZitksOp2U9g305keyOXVTXkK8RKUDCS9D7
u4rv7AfgfsheTbA9mNFvYEIE8FsziKYT3CrJK7X30NPc9zLV0u8esmQx/sUu/+3w
ZMggyPBigv8lEBt/ERyFrE/gmA6a/+ejWQNIYgsbLrvoD/tZSoicM5Yr2PImZ5qO
j+TuNFXAaI1i+xDTMXO7kHfZ1eaDxh97ktIJ69wG4grDV69TpA+KU4oseldbILfs
JiaHoPYj/QFYvGO6hzAoONFglyK/jyWBCJjQhl7Pixzn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org