Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/7haJC1wfHpWtybw02UZwyBi69iA.roa
File: 7haJC1wfHpWtybw02UZwyBi69iA.roa (raw, json)
Hash identifier: HNNHzJCTWQs9pVBib90PYvGTBohdjlKQDSg7CmjF41k=
Subject key identifier: EE:16:89:0B:5C:1F:1E:95:AD:C9:BC:34:D9:46:70:C8:18:BA:F6:20
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 0187C2B65484E61950F60C9F2E84FEA72E8D
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/7haJC1wfHpWtybw02UZwyBi69iA.roa
Signing time: Thu 27 Apr 2023 12:35:41 +0000
ROA not before: Thu 27 Apr 2023 12:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136923
IP address blocks: 45.156.220.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
45.156.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:b6:54:84:e6:19:50:f6:0c:9f:2e:84:fe:a7:2e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: Apr 27 12:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee16890b5c1f1e95adc9bc34d94670c818baf620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:23:94:10:84:8f:84:ac:ec:2f:9c:95:95:70:
8b:c1:e0:24:58:a9:68:57:ab:17:07:45:76:4d:6f:
c7:5d:10:5f:11:78:47:8d:0a:a1:10:10:fc:44:81:
c3:81:69:64:d9:93:40:57:b9:30:78:e3:3c:53:c7:
fd:e0:30:ee:18:f4:e4:72:22:a5:8e:7e:77:56:12:
fb:a3:ef:82:f6:63:b3:6d:6d:f5:e8:90:2b:0a:e2:
0a:cd:13:8f:9f:44:e3:c4:24:2d:3c:6d:11:93:4d:
33:98:3f:73:75:f5:e9:9f:c5:da:81:a4:7b:cf:56:
6d:8d:b1:4d:bd:23:63:13:9e:9b:60:48:18:12:69:
2e:f8:f2:8d:22:e2:77:43:eb:e6:3d:41:d1:d2:b4:
ca:d5:45:cf:ac:04:7a:e2:81:27:c1:b4:80:df:51:
c7:38:40:99:e0:eb:50:62:0f:e4:11:7a:df:55:07:
77:27:0c:91:c8:76:5e:cb:2d:df:8c:8f:9b:3a:d4:
ac:6d:49:cd:d3:9b:d9:89:eb:78:3b:c8:bc:e2:82:
12:e9:39:8e:16:93:bf:77:0f:db:0f:a3:49:b5:7b:
cd:ee:22:d7:e3:94:7e:75:f4:c7:87:50:84:ca:7c:
7f:bf:b6:63:0c:c8:52:e9:16:f2:05:60:d2:e0:25:
06:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:16:89:0B:5C:1F:1E:95:AD:C9:BC:34:D9:46:70:C8:18:BA:F6:20
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/7haJC1wfHpWtybw02UZwyBi69iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.220.0/23
45.156.223.0/24
Signature Algorithm: sha256WithRSAEncryption
63:1d:51:18:d3:2e:47:2b:cf:a0:f5:88:df:00:31:9c:43:7a:
3a:31:82:ba:57:0e:2a:f9:1f:2a:c5:bb:59:65:85:fd:b7:5c:
68:c9:85:32:9d:e1:58:33:d1:70:07:ea:ae:a7:de:74:ff:7d:
a7:30:14:a1:7a:a6:f7:b5:ca:61:56:fc:3b:9f:02:a2:71:51:
5b:5d:51:08:7e:22:77:de:56:4e:0d:98:e4:f3:be:c5:ab:6d:
a6:cd:9b:27:1a:d9:96:fa:60:78:a0:84:a3:49:ea:74:80:a9:
2e:7c:c8:eb:58:4d:ac:27:b4:fb:8f:13:fd:1d:b4:6f:d7:62:
3e:13:51:09:0c:3e:90:7f:78:62:2e:e0:c6:9e:46:4e:28:ea:
5d:20:2a:b1:a1:1f:91:3b:89:43:48:e1:05:fb:27:e5:d0:99:
aa:00:1e:d9:bc:2f:e4:c7:88:c1:19:10:51:79:72:6c:92:a4:
c6:c3:cc:d8:9f:09:58:41:4b:3c:c1:1a:2b:e9:88:34:41:04:
db:c8:00:1d:e1:81:26:cc:3c:d7:cd:21:7f:81:b6:67:7a:04:
ac:ea:f7:d7:6a:86:5a:6d:e4:e3:2b:25:db:7e:50:2c:38:3f:
b0:10:bc:a2:e3:f6:d1:c7:23:ef:74:47:c0:0a:29:05:7d:dd:
72:4a:4f:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfCtlSE5hlQ9gyfLoT+py6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwNDI3MTIzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE2ODkwYjVjMWYxZTk1YWRjOWJjMzRkOTQ2NzBjODE4YmFmNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCOUEISPhKzsL5yVlXCLweAkWKlo
V6sXB0V2TW/HXRBfEXhHjQqhEBD8RIHDgWlk2ZNAV7kweOM8U8f94DDuGPTkciKl
jn53VhL7o++C9mOzbW316JArCuIKzROPn0TjxCQtPG0Rk00zmD9zdfXpn8XagaR7
z1ZtjbFNvSNjE56bYEgYEmku+PKNIuJ3Q+vmPUHR0rTK1UXPrAR64oEnwbSA31HH
OECZ4OtQYg/kEXrfVQd3JwyRyHZeyy3fjI+bOtSsbUnN05vZiet4O8i84oIS6TmO
FpO/dw/bD6NJtXvN7iLX45R+dfTHh1CEynx/v7ZjDMhS6RbyBWDS4CUG4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO4WiQtcHx6Vrcm8NNlGcMgYuvYgMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvN2hhSkMxd2ZIcFd0eWJ3MDJVWnd5Qmk2OWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZzcAwQA
LZzfMA0GCSqGSIb3DQEBCwUAA4IBAQBjHVEY0y5HK8+g9YjfADGcQ3o6MYK6Vw4q
+R8qxbtZZYX9t1xoyYUyneFYM9FwB+qup950/32nMBSheqb3tcphVvw7nwKicVFb
XVEIfiJ33lZODZjk877Fq22mzZsnGtmW+mB4oISjSep0gKkufMjrWE2sJ7T7jxP9
HbRv12I+E1EJDD6Qf3hiLuDGnkZOKOpdICqxoR+RO4lDSOEF+yfl0JmqAB7ZvC/k
x4jBGRBReXJskqTGw8zYnwlYQUs8wRor6Yg0QQTbyAAd4YEmzDzXzSF/gbZnegSs
6vfXaoZabeTjKyXbflAsOD+wELyi4/bRxyPvdEfACikFfd1ySk9q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:56 2025 by rpki-client