Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/XK3SoT6dGvJkfMnugY5Dm6a2sC0.roa
File: XK3SoT6dGvJkfMnugY5Dm6a2sC0.roa (raw, json)
Hash identifier: 6jGwczF5t7jValvA03RR39zlgHKv3L4lAvNFykL5tpA=
Subject key identifier: 5C:AD:D2:A1:3E:9D:1A:F2:64:7C:C9:EE:81:8E:43:9B:A6:B6:B0:2D
Certificate issuer: /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial: 01856D4AB509CD3FB5B2354EDF9B33E7B457
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/XK3SoT6dGvJkfMnugY5Dm6a2sC0.roa
Signing time: Sun 01 Jan 2023 12:24:50 +0000
ROA not before: Sun 01 Jan 2023 12:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212384
IP address blocks: 45.9.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:b5:09:cd:3f:b5:b2:35:4e:df:9b:33:e7:b4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Validity
Not Before: Jan 1 12:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cadd2a13e9d1af2647cc9ee818e439ba6b6b02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:77:e3:3b:34:e5:d1:15:fa:b7:99:d5:29:3b:
d6:3c:d8:6d:39:9c:06:6a:6d:82:be:04:5b:c1:0b:
45:2d:32:e0:54:63:b0:49:af:cc:99:c3:a2:56:73:
fc:bd:20:19:3d:43:92:6f:ed:99:b0:57:7e:a6:ee:
4a:1f:22:5a:41:8d:58:4b:bd:06:30:d0:3e:c6:20:
0a:10:49:1d:e4:92:c5:5b:30:6e:ad:81:ce:f0:f2:
32:31:2d:61:26:b0:4e:1b:70:cd:84:a0:ea:0a:b8:
f8:cb:ae:6d:ed:a9:99:be:e2:e9:d5:7c:fa:4f:78:
97:45:d7:64:3c:17:86:1d:0b:72:28:e6:65:97:2c:
7e:b9:11:1c:b4:78:03:87:e8:61:68:2d:e4:c1:d9:
6b:99:79:4b:c4:24:01:44:5a:3a:45:12:ed:c0:be:
9c:a4:4d:f4:c7:c4:53:a4:3f:1d:ab:6f:3b:64:65:
96:ee:8f:66:41:29:7b:c6:e7:39:25:6d:81:37:7f:
89:b6:25:fc:f9:cc:4a:df:0e:72:a5:43:0c:22:c9:
a6:2c:ce:e3:54:70:85:7c:b6:3d:34:50:5e:3e:e2:
43:17:85:ea:fa:54:2b:9a:f9:2f:91:66:c4:04:32:
31:ca:4d:03:a1:cd:02:ff:45:dc:c2:f5:ef:7b:8f:
fb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AD:D2:A1:3E:9D:1A:F2:64:7C:C9:EE:81:8E:43:9B:A6:B6:B0:2D
X509v3 Authority Key Identifier:
keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/XK3SoT6dGvJkfMnugY5Dm6a2sC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.124.0/22
Signature Algorithm: sha256WithRSAEncryption
26:fa:fb:46:16:1d:89:0f:d2:fe:80:55:b6:e6:c7:6e:58:d6:
e7:f0:10:fd:26:d4:3b:fa:2e:05:f1:3e:51:fe:8d:e4:c0:b2:
76:38:ec:61:fe:0a:3f:41:99:c0:5c:60:ce:99:42:52:e4:25:
82:7e:a9:b8:55:e9:c0:e3:bf:28:74:5c:1c:5d:3d:a7:44:59:
96:54:71:59:59:38:23:51:9e:3c:2b:f5:fe:da:1e:2e:b7:79:
5c:a2:ec:74:db:2e:94:3d:6d:a9:fa:fb:05:b9:f1:24:99:59:
80:df:ce:f3:01:12:49:38:c0:32:8e:91:78:b3:a7:87:9b:f3:
07:d9:fd:b2:e3:88:7d:cf:be:ff:a1:bb:18:53:8f:92:1f:e5:
df:0e:bb:d7:b8:64:29:60:8e:4d:df:21:79:ba:dd:4b:37:bf:
21:35:c4:64:eb:c1:ea:b1:ed:7d:a4:e8:85:e0:88:b7:18:de:
71:49:6d:a5:a1:56:e8:84:e4:7a:64:43:16:c2:6b:12:bc:bf:
49:12:c5:32:c1:72:9d:6b:a0:f4:73:a9:80:13:6b:bd:4e:69:
a9:99:64:12:7e:b8:f0:9e:4e:b1:f6:f9:17:5f:64:77:d9:4a:
f4:a9:9d:20:ae:c3:6b:63:18:99:4b:4e:08:8b:51:a6:de:d3:
4b:e0:c4:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSrUJzT+1sjVO35sz57RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjI4MDVkODc3NmVlZGViN2FhNGNiZTVhZjU2OGNkYjI2
MjlmYzIwHhcNMjMwMTAxMTIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FkZDJhMTNlOWQxYWYyNjQ3Y2M5ZWU4MThlNDM5YmE2YjZiMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHfjOzTl0RX6t5nVKTvWPNhtOZwG
am2CvgRbwQtFLTLgVGOwSa/MmcOiVnP8vSAZPUOSb+2ZsFd+pu5KHyJaQY1YS70G
MNA+xiAKEEkd5JLFWzBurYHO8PIyMS1hJrBOG3DNhKDqCrj4y65t7amZvuLp1Xz6
T3iXRddkPBeGHQtyKOZllyx+uREctHgDh+hhaC3kwdlrmXlLxCQBRFo6RRLtwL6c
pE30x8RTpD8dq287ZGWW7o9mQSl7xuc5JW2BN3+JtiX8+cxK3w5ypUMMIsmmLM7j
VHCFfLY9NFBePuJDF4Xq+lQrmvkvkWbEBDIxyk0Doc0C/0XcwvXve4/7eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyt0qE+nRryZHzJ7oGOQ5umtrAtMB8GA1UdIwQY
MBaAFPOygF2Hdu7et6pMvlr1aM2yYp/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgt
ODNiYzc5NzI3OGUyLzEvWEszU29UNmRHdkprZk1udWdZNURtNmEyc0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iODYyZDMtNjg0NC00NmY3LWJkOTgtODNiYzc5NzI3OGUy
LzEvODdLQVhZZDI3dDYzcWt5LVd2Vm96YkppbjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQl8MA0G
CSqGSIb3DQEBCwUAA4IBAQAm+vtGFh2JD9L+gFW25sduWNbn8BD9JtQ7+i4F8T5R
/o3kwLJ2OOxh/go/QZnAXGDOmUJS5CWCfqm4VenA478odFwcXT2nRFmWVHFZWTgj
UZ48K/X+2h4ut3lcoux02y6UPW2p+vsFufEkmVmA387zARJJOMAyjpF4s6eHm/MH
2f2y44h9z77/obsYU4+SH+XfDrvXuGQpYI5N3yF5ut1LN78hNcRk68Hqse19pOiF
4Ii3GN5xSW2loVbohOR6ZEMWwmsSvL9JEsUywXKda6D0c6mAE2u9TmmpmWQSfrjw
nk6x9vkXX2R32Ur0qZ0grsNrYxiZS04Ii1Gm3tNL4MSD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:21 2025 by rpki-client