Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/KjIHLduzMdpeq-hZ-bR9flZa4as.roa
File: KjIHLduzMdpeq-hZ-bR9flZa4as.roa (raw, json)
Hash identifier: U9U8AB0eOLbjzrs5BuhCk3sqGYf5lza4N5FuPZv+LPQ=
Subject key identifier: 2A:32:07:2D:DB:B3:31:DA:5E:AB:E8:59:F9:B4:7D:7E:56:5A:E1:AB
Certificate issuer: /CN=cbc07a8aae53c641e4c5b82449dd390b08c1cd9e
Certificate serial: 018DCB649A49159BF1019E9FA9942111EDE5
Authority key identifier: CB:C0:7A:8A:AE:53:C6:41:E4:C5:B8:24:49:DD:39:0B:08:C1:CD:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y8B6iq5TxkHkxbgkSd05CwjBzZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/KjIHLduzMdpeq-hZ-bR9flZa4as.roa
Signing time: Wed 21 Feb 2024 11:19:44 +0000
ROA not before: Wed 21 Feb 2024 11:19:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199783
IP address blocks: 185.45.252.0/24 maxlen: 24
185.45.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:64:9a:49:15:9b:f1:01:9e:9f:a9:94:21:11:ed:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbc07a8aae53c641e4c5b82449dd390b08c1cd9e
Validity
Not Before: Feb 21 11:19:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a32072ddbb331da5eabe859f9b47d7e565ae1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ed:1e:ce:a8:1e:05:6c:d7:c7:8d:bd:23:aa:
8d:d3:50:2e:bd:da:23:25:af:56:08:a0:f3:1c:97:
dc:c1:f7:43:fc:83:a4:ab:af:6d:fa:d5:dd:ce:f0:
6f:d2:fc:08:f5:9b:46:a5:93:f5:1f:a7:40:6f:14:
32:bd:9a:8d:37:12:88:dd:56:a4:a6:dd:a4:18:ea:
95:30:c0:de:d5:75:15:2a:82:4c:85:7c:1a:e0:5c:
7b:c1:33:0c:ee:0a:2b:40:2c:8e:69:54:81:9e:c1:
b2:b2:80:9f:2c:10:9f:04:e6:de:d3:2f:b2:70:77:
a5:60:98:78:5d:5b:02:0b:f1:d1:e4:4d:a0:90:81:
b9:59:d3:01:fb:0a:01:de:80:aa:60:de:f1:86:2c:
65:30:47:c7:ec:67:49:f3:85:22:c1:44:61:5d:1f:
4e:93:95:f0:12:b2:3e:c6:20:78:f8:73:ca:f1:86:
5d:31:15:fb:55:74:d5:18:59:21:20:74:7b:89:66:
d9:6d:b0:b9:04:d6:ba:c3:39:76:33:45:29:75:c2:
de:7d:c2:24:4b:82:a7:58:34:9f:85:cf:5c:76:03:
7f:c2:37:d4:67:59:f1:c2:4e:b6:cc:19:b6:bb:37:
1c:0e:91:74:7f:4b:4a:6b:9b:e6:d9:5f:95:1f:b3:
13:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:32:07:2D:DB:B3:31:DA:5E:AB:E8:59:F9:B4:7D:7E:56:5A:E1:AB
X509v3 Authority Key Identifier:
keyid:CB:C0:7A:8A:AE:53:C6:41:E4:C5:B8:24:49:DD:39:0B:08:C1:CD:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8B6iq5TxkHkxbgkSd05CwjBzZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/KjIHLduzMdpeq-hZ-bR9flZa4as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d8112a-788f-4805-b1e7-b722684c6a22/1/y8B6iq5TxkHkxbgkSd05CwjBzZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.252.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:38:ee:45:9b:51:03:64:fd:cd:4d:75:61:e8:f1:34:ae:af:
20:01:8b:1f:f4:61:fd:4a:a6:67:fe:52:f4:09:70:8a:12:73:
72:74:c5:60:c9:36:bf:95:7f:6a:be:37:3e:75:86:ce:22:d0:
e5:f9:16:14:01:28:a0:ea:8b:5e:99:cc:61:2e:ab:56:45:d7:
60:bf:9b:31:e9:46:6b:3a:5d:05:dd:f1:b5:59:ac:12:5b:20:
b9:04:4d:c0:6a:d9:6b:79:b2:5d:ca:9c:29:fa:60:80:27:5b:
e3:dd:c9:59:9c:8b:ac:a6:70:15:20:bc:1c:25:2f:81:ea:83:
ba:75:4f:60:2a:f3:07:06:2d:89:18:da:39:34:66:1f:92:cd:
d1:0f:f6:e4:2e:62:45:78:0a:fb:81:83:06:ae:12:c5:d2:dd:
cc:20:0b:03:b0:69:05:eb:14:5c:6f:b1:fb:24:26:76:f9:d3:
94:62:79:2a:3d:18:56:c5:2b:c3:e0:d5:6c:ee:e9:ba:1e:2c:
e9:95:c7:a4:66:e6:f4:62:d3:fd:b6:0d:8f:b5:05:b7:68:79:
90:1c:93:d1:3a:40:64:ae:ee:cd:45:f8:cf:8e:0d:68:48:c6:
49:2e:aa:f8:43:d3:b3:fc:5a:5e:2a:ba:45:a0:0a:26:78:19:
41:e0:e7:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3LZJpJFZvxAZ6fqZQhEe3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzA3YThhYWU1M2M2NDFlNGM1YjgyNDQ5ZGQzOTBiMDhj
MWNkOWUwHhcNMjQwMjIxMTExOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTMyMDcyZGRiYjMzMWRhNWVhYmU4NTlmOWI0N2Q3ZTU2NWFlMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO0ezqgeBWzXx429I6qN01Auvdoj
Ja9WCKDzHJfcwfdD/IOkq69t+tXdzvBv0vwI9ZtGpZP1H6dAbxQyvZqNNxKI3Vak
pt2kGOqVMMDe1XUVKoJMhXwa4Fx7wTMM7gorQCyOaVSBnsGysoCfLBCfBObe0y+y
cHelYJh4XVsCC/HR5E2gkIG5WdMB+woB3oCqYN7xhixlMEfH7GdJ84UiwURhXR9O
k5XwErI+xiB4+HPK8YZdMRX7VXTVGFkhIHR7iWbZbbC5BNa6wzl2M0UpdcLefcIk
S4KnWDSfhc9cdgN/wjfUZ1nxwk62zBm2uzccDpF0f0tKa5vm2V+VH7MTZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoyBy3bszHaXqvoWfm0fX5WWuGrMB8GA1UdIwQY
MBaAFMvAeoquU8ZB5MW4JEndOQsIwc2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThCNmlxNVR4a0hreGJna1NkMDVDd2pCelo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kODExMmEtNzg4Zi00ODA1LWIxZTct
YjcyMjY4NGM2YTIyLzEvS2pJSExkdXpNZHBlcS1oWi1iUjlmbFphNGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kODExMmEtNzg4Zi00ODA1LWIxZTctYjcyMjY4NGM2YTIy
LzEveThCNmlxNVR4a0hreGJna1NkMDVDd2pCelo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuS38MA0G
CSqGSIb3DQEBCwUAA4IBAQB+OO5Fm1EDZP3NTXVh6PE0rq8gAYsf9GH9SqZn/lL0
CXCKEnNydMVgyTa/lX9qvjc+dYbOItDl+RYUASig6otemcxhLqtWRddgv5sx6UZr
Ol0F3fG1WawSWyC5BE3AatlrebJdypwp+mCAJ1vj3clZnIuspnAVILwcJS+B6oO6
dU9gKvMHBi2JGNo5NGYfks3RD/bkLmJFeAr7gYMGrhLF0t3MIAsDsGkF6xRcb7H7
JCZ2+dOUYnkqPRhWxSvD4NVs7um6HizplcekZub0YtP9tg2PtQW3aHmQHJPROkBk
ru7NRfjPjg1oSMZJLqr4Q9Oz/FpeKrpFoAomeBlB4Oen
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:09:52 2025 by rpki-client