Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/gsZJNAnw959pMbUBGWH7n0mTjps.roa
File: gsZJNAnw959pMbUBGWH7n0mTjps.roa (raw, json)
Hash identifier: 6mSsVEMLd5sRLKOl4LmxP4E52XBAqaLy+hiExgaohRg=
Subject key identifier: 82:C6:49:34:09:F0:F7:9F:69:31:B5:01:19:61:FB:9F:49:93:8E:9B
Certificate issuer: /CN=787650d0951529b1a817232c12c42e49b889e1b8
Certificate serial: 01848E7A0AB98B8C4E2EB6FE7A6AD3146948
Authority key identifier: 78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/gsZJNAnw959pMbUBGWH7n0mTjps.roa
Signing time: Sat 19 Nov 2022 06:01:13 +0000
ROA not before: Sat 19 Nov 2022 06:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 45.150.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8e:7a:0a:b9:8b:8c:4e:2e:b6:fe:7a:6a:d3:14:69:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787650d0951529b1a817232c12c42e49b889e1b8
Validity
Not Before: Nov 19 06:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82c6493409f0f79f6931b5011961fb9f49938e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:fd:e2:32:c6:d2:43:97:76:f5:ea:09:ec:38:
e9:02:5c:9a:8f:1f:30:a2:b9:b0:18:59:cb:07:08:
e8:e9:1c:5d:0f:8b:7b:bb:56:7d:74:23:c8:0d:2d:
32:21:d6:79:47:15:27:4b:b9:07:17:fc:11:e9:74:
38:97:ef:5a:bc:32:ef:9a:94:94:a3:df:cf:81:12:
76:36:a4:b4:b0:ee:e4:7e:bd:44:df:b5:34:ee:7f:
24:a1:06:3a:ed:a1:1e:cb:18:c1:df:ea:7c:5e:d6:
d3:4b:2b:bc:1e:bb:77:e7:38:9b:6f:45:3c:47:d3:
54:8a:ed:4e:52:95:17:39:86:17:31:a9:61:d4:ee:
4b:b5:0f:d3:fc:16:94:c5:3e:5f:2a:28:5d:97:f5:
62:36:fd:dc:af:c9:0b:3c:e3:2b:9b:ea:9b:1f:9f:
92:ec:13:7f:f7:01:38:b7:8c:66:b8:20:ab:2d:c9:
b3:00:50:b8:d5:2c:ed:09:8f:d6:b6:29:e9:08:74:
ff:24:dc:bd:41:81:9c:e1:d9:66:c5:a9:63:d3:3e:
61:c6:d9:88:d6:3d:18:a4:82:c1:c5:fa:51:ff:14:
2a:cf:5f:62:b2:c3:aa:f8:55:4f:af:47:4c:6c:eb:
b4:98:79:c5:12:a1:89:15:d7:18:fe:ee:0e:4c:0d:
cd:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C6:49:34:09:F0:F7:9F:69:31:B5:01:19:61:FB:9F:49:93:8E:9B
X509v3 Authority Key Identifier:
keyid:78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/gsZJNAnw959pMbUBGWH7n0mTjps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.149.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ca:8c:9d:e6:97:4a:c0:3b:a3:71:b7:d1:7f:f9:c6:9b:12:
9c:c0:86:45:ee:e8:f5:f8:a4:1e:a3:dc:17:8a:40:77:69:bc:
d7:a0:aa:7b:b5:a8:59:70:17:72:1d:e8:56:57:8d:a4:1c:71:
1c:cc:00:79:88:55:e1:da:f7:fc:e1:96:52:b1:26:3b:ae:79:
f4:22:77:77:dc:1f:66:fd:26:10:79:7d:4d:9d:ca:30:c8:9d:
22:aa:e5:f4:04:90:07:14:37:3e:df:f8:ba:5f:e5:f9:87:41:
43:26:58:3c:12:2c:e9:f7:22:43:b6:08:d5:c2:03:dd:12:e8:
eb:38:2a:88:90:ab:f5:8b:0b:2d:27:07:f4:6f:f6:a6:64:af:
5d:93:ac:eb:06:1c:ea:43:25:97:0e:92:fc:15:d3:20:c5:58:
db:36:12:0d:ad:35:d1:72:c0:a9:18:1b:2a:07:e7:c6:3e:f8:
1f:35:f2:7c:22:6a:aa:28:ad:78:45:48:02:9f:98:e1:01:f8:
b0:fe:04:4c:08:78:ee:04:c1:a7:43:37:67:31:72:15:5b:a4:
12:fa:63:cd:62:ef:64:4b:20:9f:da:ff:7f:64:6c:31:56:45:
bb:0d:39:f1:58:26:ae:34:22:c9:39:cc:7d:78:df:db:d1:7b:
31:be:53:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSOegq5i4xOLrb+emrTFGlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzY1MGQwOTUxNTI5YjFhODE3MjMyYzEyYzQyZTQ5Yjg4
OWUxYjgwHhcNMjIxMTE5MDYwMTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM2NDkzNDA5ZjBmNzlmNjkzMWI1MDExOTYxZmI5ZjQ5OTM4ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8P3iMsbSQ5d29eoJ7DjpAlyajx8w
ormwGFnLBwjo6RxdD4t7u1Z9dCPIDS0yIdZ5RxUnS7kHF/wR6XQ4l+9avDLvmpSU
o9/PgRJ2NqS0sO7kfr1E37U07n8koQY67aEeyxjB3+p8XtbTSyu8Hrt35zibb0U8
R9NUiu1OUpUXOYYXMalh1O5LtQ/T/BaUxT5fKihdl/ViNv3cr8kLPOMrm+qbH5+S
7BN/9wE4t4xmuCCrLcmzAFC41SztCY/WtinpCHT/JNy9QYGc4dlmxalj0z5hxtmI
1j0YpILBxfpR/xQqz19issOq+FVPr0dMbOu0mHnFEqGJFdcY/u4OTA3NHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILGSTQJ8PefaTG1ARlh+59Jk46bMB8GA1UdIwQY
MBaAFHh2UNCVFSmxqBcjLBLELkm4ieG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmIt
OTZhNDA0Yzc5MGI3LzEvZ3NaSk5Bbnc5NTlwTWJVQkdXSDduMG1UanBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmItOTZhNDA0Yzc5MGI3
LzEvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZaVMA0G
CSqGSIb3DQEBCwUAA4IBAQBAyoyd5pdKwDujcbfRf/nGmxKcwIZF7uj1+KQeo9wX
ikB3abzXoKp7tahZcBdyHehWV42kHHEczAB5iFXh2vf84ZZSsSY7rnn0Ind33B9m
/SYQeX1NncowyJ0iquX0BJAHFDc+3/i6X+X5h0FDJlg8Eizp9yJDtgjVwgPdEujr
OCqIkKv1iwstJwf0b/amZK9dk6zrBhzqQyWXDpL8FdMgxVjbNhINrTXRcsCpGBsq
B+fGPvgfNfJ8ImqqKK14RUgCn5jhAfiw/gRMCHjuBMGnQzdnMXIVW6QS+mPNYu9k
SyCf2v9/ZGwxVkW7DTnxWCauNCLJOcx9eN/b0XsxvlPi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:45 2025 by rpki-client