Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/XdXzbXHKsq_oFiAAQRUeujkbbjo.roa
File: XdXzbXHKsq_oFiAAQRUeujkbbjo.roa (raw, json)
Hash identifier: cQnWNPk5jxc/hgE2sVNxKAt5AuX+H5i4tNj+74/89+4=
Subject key identifier: 5D:D5:F3:6D:71:CA:B2:AF:E8:16:20:00:41:15:1E:BA:39:1B:6E:3A
Certificate issuer: /CN=85972a0487d95cc1bfe1da6d1a27b89d1d3576d6
Certificate serial: 0184C950B7D73CC8CA2477073060E57143CF
Authority key identifier: 85:97:2A:04:87:D9:5C:C1:BF:E1:DA:6D:1A:27:B8:9D:1D:35:76:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hZcqBIfZXMG_4dptGie4nR01dtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/XdXzbXHKsq_oFiAAQRUeujkbbjo.roa
Signing time: Wed 30 Nov 2022 16:13:41 +0000
ROA not before: Wed 30 Nov 2022 16:13:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207713
IP address blocks: 45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c9:50:b7:d7:3c:c8:ca:24:77:07:30:60:e5:71:43:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85972a0487d95cc1bfe1da6d1a27b89d1d3576d6
Validity
Not Before: Nov 30 16:13:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dd5f36d71cab2afe816200041151eba391b6e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:60:1d:6c:b6:21:39:66:51:2c:0b:c0:76:04:
1f:c7:71:e8:61:c8:69:31:59:e0:0f:50:1c:9f:12:
90:a6:a1:a0:ac:1f:8f:74:30:4d:45:9f:fc:f6:46:
0e:c1:fc:bd:5b:9a:d6:d2:dc:52:ee:91:fc:83:a9:
6c:69:cb:21:9d:19:b1:aa:5f:90:c9:6d:00:a5:85:
ca:78:e4:a5:c4:55:0a:ed:53:79:09:e6:ae:fb:f4:
e7:26:26:0c:c6:db:25:3f:33:53:46:79:a0:e1:6a:
cc:ad:7d:b1:ed:99:3b:b4:7f:b6:ff:47:96:3e:0e:
fb:f2:b8:4d:01:32:cd:28:e9:9a:f9:54:59:22:26:
71:f3:8c:2d:e7:0d:ae:c1:be:da:24:3e:12:d4:80:
b4:0e:4e:88:fa:d7:2b:03:bc:63:5d:1e:97:57:73:
f5:e7:89:b0:59:e9:8d:9f:6d:80:62:2a:1a:75:88:
b6:ac:18:50:3f:06:6b:9c:19:9d:a7:ec:4b:f0:e7:
39:78:10:c9:35:a7:5b:ec:e0:00:cc:5d:32:3d:d1:
30:5b:cc:6b:ae:88:9c:8c:82:92:6f:b1:d6:9a:52:
a7:e2:aa:68:36:2d:12:83:83:56:03:fb:41:63:3d:
ce:81:16:ac:d3:50:9a:f5:9e:22:74:11:05:bd:fb:
12:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D5:F3:6D:71:CA:B2:AF:E8:16:20:00:41:15:1E:BA:39:1B:6E:3A
X509v3 Authority Key Identifier:
keyid:85:97:2A:04:87:D9:5C:C1:BF:E1:DA:6D:1A:27:B8:9D:1D:35:76:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hZcqBIfZXMG_4dptGie4nR01dtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/XdXzbXHKsq_oFiAAQRUeujkbbjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/729034-0cea-44f8-9f30-0d5eb3d609ea/1/hZcqBIfZXMG_4dptGie4nR01dtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.232.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:5b:89:b3:19:f6:64:56:2b:4a:79:31:81:7d:cd:06:4e:c3:
8a:85:5f:ef:9c:d1:1d:15:5c:ca:b7:c5:6b:28:a8:69:d6:ef:
61:b5:0d:18:6d:db:ed:fb:d3:87:08:1b:0c:26:d6:09:de:c0:
0d:26:04:61:a9:f2:ea:a9:44:b6:d2:d1:fd:6a:f6:98:4f:3d:
29:4c:c5:04:66:a6:a0:41:26:7d:4d:7d:02:91:5c:7e:47:7a:
f0:8b:47:62:21:fa:0e:e1:a4:e3:3e:4d:fd:9c:81:a1:c2:c4:
de:87:53:1f:39:c0:8c:ed:cd:5e:0f:af:30:df:9d:59:19:d3:
b8:7e:fa:b9:75:56:92:1f:92:26:22:1a:bf:7e:9d:da:90:06:
79:12:e6:17:d9:60:23:f4:37:af:bf:dd:04:5a:39:d3:41:ce:
94:31:76:a1:25:4d:ed:66:9f:f1:0a:32:1f:d9:a9:82:cd:45:
93:f6:4b:ed:2f:5e:87:fa:de:09:7e:bd:d6:9d:6f:c5:ed:d4:
b5:85:1c:5a:7b:86:b6:ed:9e:38:6d:b1:97:94:96:bd:6b:27:
5c:21:69:2f:77:3a:54:b4:ce:8c:f2:34:e4:e9:84:9e:b2:47:
d0:53:38:97:e4:63:b0:2d:4b:e2:f6:c5:ce:69:18:2a:43:c5:
cb:bd:7f:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTJULfXPMjKJHcHMGDlcUPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1OTcyYTA0ODdkOTVjYzFiZmUxZGE2ZDFhMjdiODlkMWQz
NTc2ZDYwHhcNMjIxMTMwMTYxMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ1ZjM2ZDcxY2FiMmFmZTgxNjIwMDA0MTE1MWViYTM5MWI2ZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWAdbLYhOWZRLAvAdgQfx3HoYchp
MVngD1AcnxKQpqGgrB+PdDBNRZ/89kYOwfy9W5rW0txS7pH8g6lsacshnRmxql+Q
yW0ApYXKeOSlxFUK7VN5Ceau+/TnJiYMxtslPzNTRnmg4WrMrX2x7Zk7tH+2/0eW
Pg778rhNATLNKOma+VRZIiZx84wt5w2uwb7aJD4S1IC0Dk6I+tcrA7xjXR6XV3P1
54mwWemNn22AYioadYi2rBhQPwZrnBmdp+xL8Oc5eBDJNadb7OAAzF0yPdEwW8xr
roicjIKSb7HWmlKn4qpoNi0Sg4NWA/tBYz3OgRas01Ca9Z4idBEFvfsS1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3V821xyrKv6BYgAEEVHro5G246MB8GA1UdIwQY
MBaAFIWXKgSH2VzBv+HabRonuJ0dNXbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFpjcUJJZlpYTUdfNGRwdEdpZTRuUjAxZHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS83MjkwMzQtMGNlYS00NGY4LTlmMzAt
MGQ1ZWIzZDYwOWVhLzEvWGRYemJYSEtzcV9vRmlBQVFSVWV1amtiYmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS83MjkwMzQtMGNlYS00NGY4LTlmMzAtMGQ1ZWIzZDYwOWVh
LzEvaFpjcUJJZlpYTUdfNGRwdEdpZTRuUjAxZHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLV/oMA0G
CSqGSIb3DQEBCwUAA4IBAQBqW4mzGfZkVitKeTGBfc0GTsOKhV/vnNEdFVzKt8Vr
KKhp1u9htQ0Ybdvt+9OHCBsMJtYJ3sANJgRhqfLqqUS20tH9avaYTz0pTMUEZqag
QSZ9TX0CkVx+R3rwi0diIfoO4aTjPk39nIGhwsTeh1MfOcCM7c1eD68w351ZGdO4
fvq5dVaSH5ImIhq/fp3akAZ5EuYX2WAj9Devv90EWjnTQc6UMXahJU3tZp/xCjIf
2amCzUWT9kvtL16H+t4Jfr3WnW/F7dS1hRxae4a27Z44bbGXlJa9aydcIWkvdzpU
tM6M8jTk6YSeskfQUziX5GOwLUvi9sXOaRgqQ8XLvX+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org