Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/8_iiqvEEC0xklEUfedU8rIvXd68.roa
File: 8_iiqvEEC0xklEUfedU8rIvXd68.roa (raw, json)
Hash identifier: k5jXnaS35BTYo4xDQY/uFWLD877PGBTQ3np4MKM8vCI=
Subject key identifier: F3:F8:A2:AA:F1:04:0B:4C:64:94:45:1F:79:D5:3C:AC:8B:D7:77:AF
Certificate issuer: /CN=787650d0951529b1a817232c12c42e49b889e1b8
Certificate serial: 018D1B562952ECE448F11D7824FBF4DAFBA1
Authority key identifier: 78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/8_iiqvEEC0xklEUfedU8rIvXd68.roa
Signing time: Thu 18 Jan 2024 06:50:47 +0000
ROA not before: Thu 18 Jan 2024 06:50:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.150.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:56:29:52:ec:e4:48:f1:1d:78:24:fb:f4:da:fb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787650d0951529b1a817232c12c42e49b889e1b8
Validity
Not Before: Jan 18 06:50:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3f8a2aaf1040b4c6494451f79d53cac8bd777af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:2b:69:fb:98:3e:6c:29:79:13:86:d6:c8:
c1:5e:a2:01:dd:38:28:af:f3:ed:f7:0f:38:9e:87:
2b:be:45:b5:05:81:ba:b4:a6:96:4a:b0:8b:bb:f3:
ca:c7:ee:35:70:87:95:d5:2f:e3:39:7d:4f:27:87:
61:15:8e:f8:2c:d0:ed:01:57:d7:29:00:ec:04:fe:
a5:6a:7a:9a:e0:76:c3:0d:e8:e6:81:4a:8b:aa:16:
0e:46:30:54:12:a6:6f:e5:96:bf:d3:f7:bb:6c:41:
3d:74:09:56:94:f0:9d:8a:c8:a0:42:12:0b:36:14:
89:3d:60:e3:09:ea:11:f2:70:bb:8f:01:d8:ae:2d:
a1:d3:af:18:3d:3d:6d:00:e1:b2:fa:fb:7b:92:6d:
a7:9f:14:a9:4a:6b:25:94:26:c1:db:f9:5e:d1:9b:
f7:4f:a2:0f:c1:f5:40:d2:01:a2:d2:93:0f:5e:e4:
93:b7:12:8b:b9:05:6a:2d:07:3e:4c:e6:08:01:23:
63:53:45:cd:ac:f9:4d:e8:b8:c3:be:7b:c6:6f:20:
2a:8e:55:65:41:d4:94:93:e7:31:fe:27:58:ce:70:
be:66:15:ce:90:ff:ea:3b:33:18:59:f7:ab:74:61:
37:a5:cf:95:b6:23:0a:bc:ad:ac:8a:77:3f:38:09:
9b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F8:A2:AA:F1:04:0B:4C:64:94:45:1F:79:D5:3C:AC:8B:D7:77:AF
X509v3 Authority Key Identifier:
keyid:78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/8_iiqvEEC0xklEUfedU8rIvXd68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.149.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:16:c9:51:ec:5d:7b:c0:8d:18:c8:21:b0:c4:19:59:11:25:
c3:62:c6:7f:98:21:93:b8:dc:2d:4c:7d:6e:17:02:9c:9b:06:
10:5c:f8:d7:2b:14:7c:52:3f:4f:08:a2:59:50:61:b4:f9:28:
88:88:0f:a7:9f:fd:23:78:2a:3a:b2:83:53:57:3d:bb:17:35:
b3:fd:0d:34:33:7a:54:7e:87:d9:b3:3c:41:52:f6:e4:cd:07:
a1:4f:81:5b:8b:71:08:43:d5:cc:4f:3c:3b:d6:82:4e:59:89:
84:e9:af:c4:64:d5:38:2f:46:a0:59:f5:8b:9a:0d:4e:2a:6f:
be:ee:44:60:f1:e2:f2:ce:1d:85:e3:cb:36:c4:37:e6:11:f9:
96:d2:1c:1f:48:3d:c2:1a:77:10:08:cb:5c:26:eb:bd:b9:24:
5f:1a:34:e8:89:f1:97:1c:78:e9:50:99:eb:aa:ec:88:6d:c9:
3f:8e:74:0d:cb:cd:83:ba:d5:28:71:33:a5:e0:ed:4e:9b:5d:
0a:7c:53:08:00:43:a1:33:b5:3a:7b:6f:12:48:fb:73:2d:a7:
57:37:5a:55:de:2c:28:39:22:2b:c2:c9:2b:2e:c2:35:3a:23:
59:33:ea:2b:5e:79:11:bf:78:aa:27:61:af:d9:02:ef:d7:99:
c9:2d:fa:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0bVilS7ORI8R14JPv02vuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzY1MGQwOTUxNTI5YjFhODE3MjMyYzEyYzQyZTQ5Yjg4
OWUxYjgwHhcNMjQwMTE4MDY1MDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Y4YTJhYWYxMDQwYjRjNjQ5NDQ1MWY3OWQ1M2NhYzhiZDc3N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWMrafuYPmwpeROG1sjBXqIB3Tgo
r/Pt9w84nocrvkW1BYG6tKaWSrCLu/PKx+41cIeV1S/jOX1PJ4dhFY74LNDtAVfX
KQDsBP6lanqa4HbDDejmgUqLqhYORjBUEqZv5Za/0/e7bEE9dAlWlPCdisigQhIL
NhSJPWDjCeoR8nC7jwHYri2h068YPT1tAOGy+vt7km2nnxSpSmsllCbB2/le0Zv3
T6IPwfVA0gGi0pMPXuSTtxKLuQVqLQc+TOYIASNjU0XNrPlN6LjDvnvGbyAqjlVl
QdSUk+cx/idYznC+ZhXOkP/qOzMYWferdGE3pc+VtiMKvK2sinc/OAmbpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPP4oqrxBAtMZJRFH3nVPKyL13evMB8GA1UdIwQY
MBaAFHh2UNCVFSmxqBcjLBLELkm4ieG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmIt
OTZhNDA0Yzc5MGI3LzEvOF9paXF2RUVDMHhrbEVVZmVkVThySXZYZDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmItOTZhNDA0Yzc5MGI3
LzEvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZaVMA0G
CSqGSIb3DQEBCwUAA4IBAQAfFslR7F17wI0YyCGwxBlZESXDYsZ/mCGTuNwtTH1u
FwKcmwYQXPjXKxR8Uj9PCKJZUGG0+SiIiA+nn/0jeCo6soNTVz27FzWz/Q00M3pU
fofZszxBUvbkzQehT4Fbi3EIQ9XMTzw71oJOWYmE6a/EZNU4L0agWfWLmg1OKm++
7kRg8eLyzh2F48s2xDfmEfmW0hwfSD3CGncQCMtcJuu9uSRfGjToifGXHHjpUJnr
quyIbck/jnQNy82DutUocTOl4O1Om10KfFMIAEOhM7U6e28SSPtzLadXN1pV3iwo
OSIrwskrLsI1OiNZM+orXnkRv3iqJ2Gv2QLv15nJLfpi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:33 2025 by rpki-client