Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/3R2ewRemSwNdtr0U4E9r2jwdUBI.roa
File: 3R2ewRemSwNdtr0U4E9r2jwdUBI.roa (raw, json)
Hash identifier: E4O5tW9on23ix4JkEW76TzhgKWM7iBSId8J5GzmtWD0=
Subject key identifier: DD:1D:9E:C1:17:A6:4B:03:5D:B6:BD:14:E0:4F:6B:DA:3C:1D:50:12
Certificate issuer: /CN=854c8176d9c42c704b310913309470351bb599e5
Certificate serial: 018476552BE8FDBB33FD2A53A7DBAD7BF76C
Authority key identifier: 85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/3R2ewRemSwNdtr0U4E9r2jwdUBI.roa
Signing time: Mon 14 Nov 2022 13:30:04 +0000
ROA not before: Mon 14 Nov 2022 13:30:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6768
IP address blocks: 45.14.108.0/22 maxlen: 22
45.14.108.0/24 maxlen: 24
45.14.108.0/23 maxlen: 23
45.14.111.0/24 maxlen: 24
45.14.110.0/24 maxlen: 24
45.14.110.0/23 maxlen: 23
45.14.109.0/24 maxlen: 24
2a01:4a60::/32 maxlen: 32
2a0e:c080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:55:2b:e8:fd:bb:33:fd:2a:53:a7:db:ad:7b:f7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c8176d9c42c704b310913309470351bb599e5
Validity
Not Before: Nov 14 13:30:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd1d9ec117a64b035db6bd14e04f6bda3c1d5012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:72:c0:ec:2e:7c:64:5a:72:85:16:4b:e4:7c:
d6:59:18:28:c5:d2:68:38:38:34:cd:53:cf:43:d9:
d3:ed:18:41:98:e9:6f:14:c1:d7:14:8e:5e:ab:a0:
8a:e8:1e:4c:e9:0b:d7:b8:1b:78:32:6d:23:34:d6:
7a:0a:7e:dd:48:1e:d1:2b:32:d9:6e:5d:f8:9a:35:
08:2e:81:b2:aa:4b:ba:c0:96:60:87:bc:f9:6b:2b:
5d:00:27:33:ad:ce:e4:bb:d8:d7:1c:00:7f:90:ef:
d0:9d:79:37:b4:71:6b:7c:49:ac:42:60:b3:b9:33:
d5:f0:51:6e:d1:87:66:76:35:6d:3f:51:e7:12:7a:
a1:68:2c:a8:8d:bc:18:dd:53:86:da:a7:66:be:29:
f0:ab:3c:a8:9b:89:8d:58:80:3b:b2:dd:64:30:20:
ec:1f:c5:c1:58:de:ab:9b:f2:f3:4a:64:bd:51:96:
d0:c5:59:cb:cd:6d:db:38:ae:26:80:45:58:2a:65:
8f:9b:a9:65:1a:83:3f:c6:bc:e7:23:61:9f:7c:e8:
2a:3e:08:a7:0d:09:50:52:ed:37:01:5b:83:0e:d9:
6b:35:7e:32:ab:34:6f:aa:7c:e4:e8:b3:fb:f3:68:
7d:db:87:52:88:d7:91:ce:78:a5:9b:79:4d:7f:17:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1D:9E:C1:17:A6:4B:03:5D:B6:BD:14:E0:4F:6B:DA:3C:1D:50:12
X509v3 Authority Key Identifier:
keyid:85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/3R2ewRemSwNdtr0U4E9r2jwdUBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/hUyBdtnELHBLMQkTMJRwNRu1meU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.108.0/22
IPv6:
2a01:4a60::/32
2a0e:c080::/29
Signature Algorithm: sha256WithRSAEncryption
48:87:3a:89:fa:0d:eb:64:45:02:5a:a9:50:f5:a1:1e:79:be:
59:eb:6e:05:94:f3:d1:57:4d:a8:89:5b:f0:09:5f:b7:98:eb:
c4:e2:10:12:c1:cb:0f:ad:5c:7e:2a:2b:96:88:80:56:87:08:
16:95:ae:88:cf:1a:c3:22:65:11:9e:92:d2:94:7d:87:a7:09:
87:33:1c:1e:6b:46:02:da:af:b9:a6:13:ee:23:4a:55:0d:98:
f3:2e:15:94:08:a6:7e:bc:5e:f9:20:c5:ca:6e:d7:5d:7f:0a:
ce:9b:6a:a5:f3:73:7d:ad:0b:79:ca:c4:d9:8a:69:67:ec:06:
22:91:ee:f7:07:ef:5d:23:e8:e4:95:c8:99:cf:a6:7d:a3:8c:
60:a5:6f:b6:c8:d9:ff:e6:69:a9:c4:a3:3d:1f:35:70:55:a0:
08:29:76:d8:3b:35:db:4d:88:6f:65:2a:1c:b1:00:c7:36:f6:
fd:97:cd:ed:40:76:1b:57:31:b8:49:76:0b:5a:82:61:b7:87:
dc:3b:60:a4:eb:8c:e0:50:6c:51:14:d7:08:cc:27:b0:64:df:
d4:c0:ce:04:21:23:3c:67:3f:6b:1b:e0:d8:03:cb:94:2a:c1:
c0:2d:f7:dc:6e:76:ca:59:e0:bc:cd:f4:c9:10:c1:59:a2:02:
8b:00:28:61
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYR2VSvo/bsz/SpTp9ute/dsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM4MTc2ZDljNDJjNzA0YjMxMDkxMzMwOTQ3MDM1MWJi
NTk5ZTUwHhcNMjIxMTE0MTMzMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFkOWVjMTE3YTY0YjAzNWRiNmJkMTRlMDRmNmJkYTNjMWQ1MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43LA7C58ZFpyhRZL5HzWWRgoxdJo
ODg0zVPPQ9nT7RhBmOlvFMHXFI5eq6CK6B5M6QvXuBt4Mm0jNNZ6Cn7dSB7RKzLZ
bl34mjUILoGyqku6wJZgh7z5aytdACczrc7ku9jXHAB/kO/QnXk3tHFrfEmsQmCz
uTPV8FFu0YdmdjVtP1HnEnqhaCyojbwY3VOG2qdmvinwqzyom4mNWIA7st1kMCDs
H8XBWN6rm/LzSmS9UZbQxVnLzW3bOK4mgEVYKmWPm6llGoM/xrznI2GffOgqPgin
DQlQUu03AVuDDtlrNX4yqzRvqnzk6LP782h924dSiNeRznilm3lNfxdlZQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFN0dnsEXpksDXba9FOBPa9o8HVASMB8GA1UdIwQY
MBaAFIVMgXbZxCxwSzEJEzCUcDUbtZnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV5QmR0bkVMSEJMTVFrVE1KUndOUnUxbWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9jZmY2MzAtNmM4YS00M2JkLWFmYjkt
YjA3ZjAxNmExNzYyLzEvM1IyZXdSZW1Td05kdHIwVTRFOXIyandkVUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9jZmY2MzAtNmM4YS00M2JkLWFmYjktYjA3ZjAxNmExNzYy
LzEvaFV5QmR0bkVMSEJMTVFrVE1KUndOUnUxbWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLQ5sMBQE
AgACMA4DBQAqAUpgAwUDKg7AgDANBgkqhkiG9w0BAQsFAAOCAQEASIc6ifoN62RF
AlqpUPWhHnm+WetuBZTz0VdNqIlb8Alft5jrxOIQEsHLD61cfiorloiAVocIFpWu
iM8awyJlEZ6S0pR9h6cJhzMcHmtGAtqvuaYT7iNKVQ2Y8y4VlAimfrxe+SDFym7X
XX8KzptqpfNzfa0LecrE2YppZ+wGIpHu9wfvXSPo5JXImc+mfaOMYKVvtsjZ/+Zp
qcSjPR81cFWgCCl22Ds1202Ib2UqHLEAxzb2/ZfN7UB2G1cxuEl2C1qCYbeH3Dtg
pOuM4FBsURTXCMwnsGTf1MDOBCEjPGc/axvg2APLlCrBwC333G52ylngvM30yRDB
WaICiwAoYQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:13:02 2025 by rpki-client