Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/CZcOVrG52c-JTQoO0v2sRlvAwkw.roa
File: CZcOVrG52c-JTQoO0v2sRlvAwkw.roa (raw, json)
Hash identifier: QfSXu6cELseLoiMecZ/TRqKhhQeKEdR8ttvi7u4arnw=
Subject key identifier: 09:97:0E:56:B1:B9:D9:CF:89:4D:0A:0E:D2:FD:AC:46:5B:C0:C2:4C
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 01856D786A5D5CD81CFCC9BCCC14AF4EEC37
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/CZcOVrG52c-JTQoO0v2sRlvAwkw.roa
Signing time: Sun 01 Jan 2023 13:14:46 +0000
ROA not before: Sun 01 Jan 2023 13:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399045
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:6a:5d:5c:d8:1c:fc:c9:bc:cc:14:af:4e:ec:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Jan 1 13:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09970e56b1b9d9cf894d0a0ed2fdac465bc0c24c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c0:10:37:d8:70:12:26:8a:24:77:3a:b0:87:
b1:93:18:15:29:a6:84:24:1d:c4:d5:d7:b2:65:eb:
aa:dc:00:e5:2d:42:22:8e:ab:d4:52:d8:4c:a4:0a:
12:fe:42:c5:20:57:ba:73:b4:82:cc:53:14:a8:f8:
32:2a:5f:34:d3:cc:e5:c7:3a:0c:59:79:ca:52:63:
8c:94:7f:be:53:27:ea:62:91:f8:1f:ed:c1:db:54:
bc:c1:8f:56:cf:dc:f1:5e:62:43:2f:df:a1:a7:b2:
58:2a:16:0e:03:a4:25:74:29:4a:b4:25:53:3e:0e:
7b:ad:32:44:35:c6:30:05:43:23:c6:09:69:5e:9a:
de:21:9e:0a:4b:8d:a1:40:c8:52:e8:fb:90:b6:dd:
aa:20:aa:e4:49:6b:54:ea:49:e1:cb:b5:6e:d1:84:
88:2d:b8:eb:e0:ed:e1:53:d5:ac:d6:93:81:f0:c6:
5e:30:b6:c3:cc:53:2b:57:e3:33:1e:8a:0d:18:a9:
05:d2:18:48:05:76:9c:f8:1f:80:a4:44:34:e9:02:
29:e3:7d:23:08:90:8d:da:6e:3d:ba:fb:e6:34:99:
70:0d:a0:ae:44:6d:d5:a8:ff:6a:8a:42:0d:76:6f:
22:66:af:92:32:eb:7c:79:8a:49:a8:78:f4:2d:ac:
f9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:97:0E:56:B1:B9:D9:CF:89:4D:0A:0E:D2:FD:AC:46:5B:C0:C2:4C
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/CZcOVrG52c-JTQoO0v2sRlvAwkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
13:a1:49:2e:ed:de:ac:2a:ed:66:c2:4b:8f:95:4a:91:1a:37:
a6:46:38:36:d5:7c:b4:7b:72:7e:ef:bf:bd:7a:d7:fd:35:33:
8d:05:89:05:d3:43:ef:f7:60:a9:1b:0b:48:1f:d7:05:84:47:
0c:e4:71:23:ac:6c:42:48:29:2b:1c:d3:66:c7:43:6a:8e:c2:
15:3b:f3:c6:e5:90:80:27:5a:4e:ac:53:2e:1c:9c:2d:6f:60:
df:b2:25:3c:8b:ce:84:13:78:7e:5d:f0:61:ff:80:ad:70:fe:
77:35:32:06:e5:88:9a:30:db:86:3c:94:09:83:fd:bc:c2:0f:
d6:df:46:09:29:44:00:8c:ff:a3:47:c4:ad:80:d3:c0:17:ef:
12:d1:aa:a1:00:c3:6b:6d:bd:8d:e1:2a:0c:62:7d:f6:40:09:
a9:38:b0:26:4a:96:2a:23:62:be:ee:6b:b2:e4:1c:87:b5:8d:
e3:ca:ff:be:f0:37:ad:7d:fc:9f:71:1d:f4:33:48:8b:bf:3f:
a1:25:11:91:84:70:f7:b9:55:e0:92:81:92:e1:4c:09:25:00:
ef:7e:2a:6c:51:14:40:e2:16:f0:81:d4:4c:7b:70:73:25:10:
1d:73:15:d1:6f:7e:3b:2e:31:85:b0:99:30:45:f2:0e:95:a8:
ac:68:fb:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteGpdXNgc/Mm8zBSvTuw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNDAzOTM5OTAxN2ZhMDkzZGM4ZDUwMzc5OWY2Y2E0MDNm
MGJkMDUwHhcNMjMwMTAxMTMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk3MGU1NmIxYjlkOWNmODk0ZDBhMGVkMmZkYWM0NjViYzBjMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsAQN9hwEiaKJHc6sIexkxgVKaaE
JB3E1deyZeuq3ADlLUIijqvUUthMpAoS/kLFIFe6c7SCzFMUqPgyKl8008zlxzoM
WXnKUmOMlH++UyfqYpH4H+3B21S8wY9Wz9zxXmJDL9+hp7JYKhYOA6QldClKtCVT
Pg57rTJENcYwBUMjxglpXpreIZ4KS42hQMhS6PuQtt2qIKrkSWtU6knhy7Vu0YSI
Lbjr4O3hU9Ws1pOB8MZeMLbDzFMrV+MzHooNGKkF0hhIBXac+B+ApEQ06QIp430j
CJCN2m49uvvmNJlwDaCuRG3VqP9qikINdm8iZq+SMut8eYpJqHj0Laz5dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmXDlaxudnPiU0KDtL9rEZbwMJMMB8GA1UdIwQY
MBaAFGJAOTmQF/oJPcjVA3mfbKQD8L0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYt
MzI1OTQ5NmU3YzVmLzEvQ1pjT1ZyRzUyYy1KVFFvTzB2MnNSbHZBd2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYtMzI1OTQ5NmU3YzVm
LzEvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjZMA0G
CSqGSIb3DQEBCwUAA4IBAQAToUku7d6sKu1mwkuPlUqRGjemRjg21Xy0e3J+77+9
etf9NTONBYkF00Pv92CpGwtIH9cFhEcM5HEjrGxCSCkrHNNmx0NqjsIVO/PG5ZCA
J1pOrFMuHJwtb2DfsiU8i86EE3h+XfBh/4CtcP53NTIG5YiaMNuGPJQJg/28wg/W
30YJKUQAjP+jR8StgNPAF+8S0aqhAMNrbb2N4SoMYn32QAmpOLAmSpYqI2K+7muy
5ByHtY3jyv++8DetffyfcR30M0iLvz+hJRGRhHD3uVXgkoGS4UwJJQDvfipsURRA
4hbwgdRMe3BzJRAdcxXRb347LjGFsJkwRfIOlaisaPuF
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:20 2025 by rpki-client