Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/CMCkT8XqQgdQ3kZTbFA1T-0qB4s.roa
File: CMCkT8XqQgdQ3kZTbFA1T-0qB4s.roa (raw, json)
Hash identifier: 9/218CXFT2J+P3vRICZ9n2mD5CldX74uaZy6ZOm9Mjo=
Subject key identifier: 08:C0:A4:4F:C5:EA:42:07:50:DE:46:53:6C:50:35:4F:ED:2A:07:8B
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 01856EC1F2E5010CA77599E09CFD6C5BDDFE
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/CMCkT8XqQgdQ3kZTbFA1T-0qB4s.roa
Signing time: Sun 01 Jan 2023 19:14:42 +0000
ROA not before: Sun 01 Jan 2023 19:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136923
IP address blocks: 45.156.220.0/24 maxlen: 24
45.156.222.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
45.156.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f2:e5:01:0c:a7:75:99:e0:9c:fd:6c:5b:dd:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: Jan 1 19:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08c0a44fc5ea420750de46536c50354fed2a078b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b7:e3:df:15:31:78:82:03:63:e0:72:ae:90:
dc:0a:86:57:3c:02:42:10:35:79:fc:0e:42:08:b1:
56:fe:f5:ef:9e:d5:e6:a1:6a:e6:08:92:bd:0f:c9:
4e:af:ff:87:a6:77:ea:87:0a:9c:81:b5:06:1d:50:
94:5d:75:a9:a8:e0:cf:f7:99:f7:3f:f4:bc:dc:f3:
49:c8:a1:23:52:38:4e:b6:c1:fb:6d:3d:d5:f1:37:
cc:a7:c2:83:7c:c2:11:eb:50:58:c8:0a:c0:22:88:
53:18:6f:69:aa:bd:e6:c5:e1:b8:89:4f:92:32:a7:
b8:14:cf:4c:0b:ad:d1:64:08:17:8f:8e:3b:0c:1f:
cd:9e:ae:4b:99:c8:bb:13:b8:90:73:06:94:ff:1d:
54:72:d9:b7:9a:23:25:18:89:d9:bf:d0:24:d6:16:
6d:fd:30:b9:e5:1f:04:c5:be:4d:7a:48:54:e9:52:
f5:1f:c7:52:75:99:78:eb:65:c8:d4:e1:07:00:1b:
a1:05:42:f7:a6:f6:56:5d:bf:69:7d:7e:24:7e:7d:
de:ef:f4:c8:31:cf:66:6f:fc:43:29:92:77:5e:2b:
c3:9d:fa:d1:9f:ab:e8:32:87:47:62:cd:c9:42:a3:
4b:1a:b3:57:52:b0:f4:df:08:af:4c:09:73:b3:9d:
16:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C0:A4:4F:C5:EA:42:07:50:DE:46:53:6C:50:35:4F:ED:2A:07:8B
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/CMCkT8XqQgdQ3kZTbFA1T-0qB4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.220.0/22
Signature Algorithm: sha256WithRSAEncryption
15:a6:96:87:5c:62:31:0a:58:0b:11:a2:50:37:98:e9:eb:0c:
8f:dd:17:04:f8:6c:a8:e1:b4:f2:33:5e:03:d1:94:51:a6:e9:
29:cd:ad:12:b0:ea:91:33:83:b7:c1:75:0c:29:ef:9a:bf:ca:
ec:b9:0c:e9:11:54:98:11:ef:a3:4a:98:bc:24:44:c1:eb:0a:
83:be:d1:8d:26:f1:86:5a:cf:0b:1e:ae:f1:fa:3e:77:fd:91:
17:26:ea:03:51:e7:ef:40:79:b4:c9:cf:81:5b:87:f1:e8:7b:
3f:87:99:d9:ac:70:7a:49:24:b9:b9:41:f2:e6:ee:6c:90:4c:
72:3c:10:b5:f7:43:17:4d:83:e7:17:56:70:a1:88:b3:c0:72:
a6:c9:21:ab:8f:b8:70:e1:e9:01:f2:5e:d7:4d:f1:27:34:60:
1a:6c:9e:22:aa:7d:f8:97:d7:fd:f3:98:84:76:98:f8:ed:44:
e6:27:77:db:41:df:19:b8:c5:1c:62:de:61:17:44:67:6d:c5:
65:df:bf:51:85:27:e5:0c:74:23:72:78:c8:11:2e:07:ab:20:
a4:4b:ff:35:b7:7f:00:93:e7:0c:b2:7f:5f:1b:a6:11:90:c0:
17:f1:4e:ac:65:45:7f:78:e9:90:b6:db:e3:78:71:04:41:e3:
40:8a:ac:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwfLlAQyndZngnP1sW93+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwMTAxMTkxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGMwYTQ0ZmM1ZWE0MjA3NTBkZTQ2NTM2YzUwMzU0ZmVkMmEwNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbfj3xUxeIIDY+ByrpDcCoZXPAJC
EDV5/A5CCLFW/vXvntXmoWrmCJK9D8lOr/+HpnfqhwqcgbUGHVCUXXWpqODP95n3
P/S83PNJyKEjUjhOtsH7bT3V8TfMp8KDfMIR61BYyArAIohTGG9pqr3mxeG4iU+S
Mqe4FM9MC63RZAgXj447DB/Nnq5Lmci7E7iQcwaU/x1Uctm3miMlGInZv9Ak1hZt
/TC55R8Exb5NekhU6VL1H8dSdZl462XI1OEHABuhBUL3pvZWXb9pfX4kfn3e7/TI
Mc9mb/xDKZJ3XivDnfrRn6voModHYs3JQqNLGrNXUrD03wivTAlzs50W2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjApE/F6kIHUN5GU2xQNU/tKgeLMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvQ01Da1Q4WHFRZ2RRM2taVGJGQTFULTBxQjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZzcMA0G
CSqGSIb3DQEBCwUAA4IBAQAVppaHXGIxClgLEaJQN5jp6wyP3RcE+Gyo4bTyM14D
0ZRRpukpza0SsOqRM4O3wXUMKe+av8rsuQzpEVSYEe+jSpi8JETB6wqDvtGNJvGG
Ws8LHq7x+j53/ZEXJuoDUefvQHm0yc+BW4fx6Hs/h5nZrHB6SSS5uUHy5u5skExy
PBC190MXTYPnF1ZwoYizwHKmySGrj7hw4ekB8l7XTfEnNGAabJ4iqn34l9f985iE
dpj47UTmJ3fbQd8ZuMUcYt5hF0RnbcVl379RhSflDHQjcnjIES4HqyCkS/81t38A
k+cMsn9fG6YRkMAX8U6sZUV/eOmQttvjeHEEQeNAiqxV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org