Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/133576-aded-4cd3-b0a1-e4793facd761/1/wtrTc0PTGRW91VsJpExFoET1kS8.roa
File: wtrTc0PTGRW91VsJpExFoET1kS8.roa (raw, json)
Hash identifier: 3r8t/D9GrTRq0YJmaBq/+BCyslLLFN6SI2+LaH4Vegk=
Subject key identifier: C2:DA:D3:73:43:D3:19:15:BD:D5:5B:09:A4:4C:45:A0:44:F5:91:2F
Certificate issuer: /CN=558935af0465d52bf6a8f19999b94ec5e9a8b7c3
Certificate serial: 01822F7F3A408F42440658438F730D69EEDB
Authority key identifier: 55:89:35:AF:04:65:D5:2B:F6:A8:F1:99:99:B9:4E:C5:E9:A8:B7:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYk1rwRl1Sv2qPGZmblOxemot8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/133576-aded-4cd3-b0a1-e4793facd761/1/wtrTc0PTGRW91VsJpExFoET1kS8.roa
Signing time: Sun 24 Jul 2022 09:17:23 +0000
ROA not before: Sun 24 Jul 2022 09:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 45.143.152.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2f:7f:3a:40:8f:42:44:06:58:43:8f:73:0d:69:ee:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=558935af0465d52bf6a8f19999b94ec5e9a8b7c3
Validity
Not Before: Jul 24 09:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2dad37343d31915bdd55b09a44c45a044f5912f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:89:93:ce:80:f1:50:a5:ce:92:da:54:19:ed:
c8:5a:c9:5c:5e:d5:13:c6:3c:d5:16:71:86:fb:ce:
b6:2c:b7:d6:cc:de:4b:e4:08:42:66:fa:28:fe:28:
fb:a9:25:f3:ae:6e:cc:ae:91:50:22:d8:d2:b2:3f:
e6:9c:2e:f3:0a:a3:42:f6:d1:4f:b1:a1:81:ad:d9:
6f:d0:e8:3b:18:fd:29:93:81:15:21:2d:26:71:35:
48:b9:7f:0f:a8:65:fb:8b:41:6f:28:57:ea:0b:27:
0a:8d:b0:b9:3d:e7:7c:e1:cb:29:64:67:c1:a3:b4:
e7:93:a9:82:da:bf:e0:98:ae:c1:85:fc:9a:85:9d:
53:35:fd:be:d8:d6:82:09:fd:8d:a7:6e:b3:5a:8c:
1c:65:b8:a9:31:3b:f8:01:02:61:72:ad:3a:75:55:
11:aa:85:c8:fd:33:94:fe:7e:e0:ce:5a:88:eb:e8:
50:99:cc:06:f2:9b:3e:cf:28:85:42:12:98:90:57:
d2:f0:1d:c8:5d:de:05:d8:03:b8:c5:1b:a5:6f:6a:
7a:82:d9:e7:05:b2:60:52:ff:3e:bf:e0:54:aa:9f:
41:88:fc:ba:84:93:df:67:e1:38:87:c6:37:74:82:
8f:22:c3:a5:42:f7:c7:2e:37:3e:e9:e2:6a:ab:3c:
71:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DA:D3:73:43:D3:19:15:BD:D5:5B:09:A4:4C:45:A0:44:F5:91:2F
X509v3 Authority Key Identifier:
keyid:55:89:35:AF:04:65:D5:2B:F6:A8:F1:99:99:B9:4E:C5:E9:A8:B7:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYk1rwRl1Sv2qPGZmblOxemot8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/133576-aded-4cd3-b0a1-e4793facd761/1/wtrTc0PTGRW91VsJpExFoET1kS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/133576-aded-4cd3-b0a1-e4793facd761/1/VYk1rwRl1Sv2qPGZmblOxemot8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.152.0/22
Signature Algorithm: sha256WithRSAEncryption
19:fd:bd:4d:4f:8a:e2:d0:e8:72:1d:2e:62:21:ae:88:34:67:
57:c7:9b:dc:48:48:26:cd:ab:2b:bf:e1:d8:3a:6d:b6:05:df:
ea:83:99:2b:e5:89:b5:86:37:eb:3f:63:e4:27:36:e3:97:4b:
4f:5a:88:13:24:32:2d:af:f8:03:02:38:7a:20:94:ac:08:84:
b2:8e:aa:bb:03:ea:76:a5:fc:f3:5a:67:9b:53:cb:8c:84:ef:
b9:a7:f9:2a:bf:fb:12:46:17:9b:e1:a0:38:1f:53:88:9f:76:
60:85:d3:a9:25:a4:cc:16:c4:2b:73:9f:a8:eb:1b:35:f6:eb:
25:99:e0:fb:e2:73:5a:58:47:02:13:ac:e7:bd:78:d2:2f:d6:
94:dc:07:00:1a:6d:24:c5:bf:85:d1:ba:6f:9b:b4:ac:ee:80:
28:c8:f8:1d:af:81:cd:60:06:92:9d:16:3f:fd:1a:9b:e3:e1:
74:e6:d3:6b:fb:8a:32:8d:61:b7:6a:46:43:f8:15:62:a2:42:
6d:cc:51:06:5c:b2:ad:04:4c:f4:3a:16:c4:69:f8:3a:33:c4:
a2:1d:93:bc:c3:53:60:43:7b:e1:bc:16:9c:c0:f3:69:51:19:
dd:22:1b:17:48:49:41:11:36:94:17:8f:d4:8f:66:79:86:ed:
87:ad:32:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIvfzpAj0JEBlhDj3MNae7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODkzNWFmMDQ2NWQ1MmJmNmE4ZjE5OTk5Yjk0ZWM1ZTlh
OGI3YzMwHhcNMjIwNzI0MDkxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRhZDM3MzQzZDMxOTE1YmRkNTViMDlhNDRjNDVhMDQ0ZjU5MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtImTzoDxUKXOktpUGe3IWslcXtUT
xjzVFnGG+862LLfWzN5L5AhCZvoo/ij7qSXzrm7MrpFQItjSsj/mnC7zCqNC9tFP
saGBrdlv0Og7GP0pk4EVIS0mcTVIuX8PqGX7i0FvKFfqCycKjbC5Ped84cspZGfB
o7Tnk6mC2r/gmK7BhfyahZ1TNf2+2NaCCf2Np26zWowcZbipMTv4AQJhcq06dVUR
qoXI/TOU/n7gzlqI6+hQmcwG8ps+zyiFQhKYkFfS8B3IXd4F2AO4xRulb2p6gtnn
BbJgUv8+v+BUqp9BiPy6hJPfZ+E4h8Y3dIKPIsOlQvfHLjc+6eJqqzxxAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMLa03ND0xkVvdVbCaRMRaBE9ZEvMB8GA1UdIwQY
MBaAFFWJNa8EZdUr9qjxmZm5TsXpqLfDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllrMXJ3UmwxU3YycVBHWm1ibE94ZW1vdDhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8xMzM1NzYtYWRlZC00Y2QzLWIwYTEt
ZTQ3OTNmYWNkNzYxLzEvd3RyVGMwUFRHUlc5MVZzSnBFeEZvRVQxa1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8xMzM1NzYtYWRlZC00Y2QzLWIwYTEtZTQ3OTNmYWNkNzYx
LzEvVllrMXJ3UmwxU3YycVBHWm1ibE94ZW1vdDhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY+YMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ/b1NT4ri0OhyHS5iIa6INGdXx5vcSEgmzasrv+HY
Om22Bd/qg5kr5Ym1hjfrP2PkJzbjl0tPWogTJDItr/gDAjh6IJSsCISyjqq7A+p2
pfzzWmebU8uMhO+5p/kqv/sSRheb4aA4H1OIn3ZghdOpJaTMFsQrc5+o6xs19usl
meD74nNaWEcCE6znvXjSL9aU3AcAGm0kxb+F0bpvm7Ss7oAoyPgdr4HNYAaSnRY/
/Rqb4+F05tNr+4oyjWG3akZD+BViokJtzFEGXLKtBEz0OhbEafg6M8SiHZO8w1Ng
Q3vhvBacwPNpURndIhsXSElBETaUF4/Uj2Z5hu2HrTIM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org