Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/vzHeMZR1QYSgp_YY4FdEiuwFbGo.roa
File: vzHeMZR1QYSgp_YY4FdEiuwFbGo.roa (raw, json)
Hash identifier: gC62nuftAHCjguCaujP8a44UoYuVCUQVzWUaeqbAr+Q=
Subject key identifier: BF:31:DE:31:94:75:41:84:A0:A7:F6:18:E0:57:44:8A:EC:05:6C:6A
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 0184E9C82C20C5B159F7BD0D40684C64029F
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/vzHeMZR1QYSgp_YY4FdEiuwFbGo.roa
Signing time: Tue 06 Dec 2022 23:32:00 +0000
ROA not before: Tue 06 Dec 2022 23:32:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205431
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e9:c8:2c:20:c5:b1:59:f7:bd:0d:40:68:4c:64:02:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Dec 6 23:32:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf31de3194754184a0a7f618e057448aec056c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fe:81:97:fa:b3:a2:e7:78:8b:8c:4e:07:5f:
c7:17:ec:09:8a:89:64:2c:3a:10:d3:6f:9d:2f:d1:
11:c9:50:25:44:42:b3:37:91:d8:80:1d:a5:e4:84:
be:dc:ce:e7:15:9a:f1:ad:c1:16:61:0c:37:5a:bd:
13:6b:22:80:3f:aa:52:5d:92:67:22:f9:87:51:69:
92:2c:1d:8a:b3:bf:e8:3a:ef:09:31:7a:54:0a:ef:
ce:a4:98:62:57:52:3c:cb:6a:56:57:42:bd:08:65:
5d:e2:ee:3b:3a:e7:47:1c:29:41:ec:51:69:8b:30:
cb:14:5b:ea:05:2d:24:a8:85:99:56:19:4d:1f:03:
45:a6:50:00:67:7b:0b:a0:38:32:0a:dd:c2:c0:a2:
c0:ac:17:3f:95:96:bb:4e:99:18:85:7a:81:62:b8:
32:21:76:e4:5d:d5:66:e7:39:b7:24:c8:60:0b:78:
41:fe:3a:20:99:54:17:98:3c:d2:fc:b8:24:3e:2d:
44:36:8b:3f:0a:62:6a:d4:a1:93:31:dd:84:4e:53:
18:48:ac:bd:f3:bf:c7:f9:7f:77:94:89:48:dd:df:
f6:f1:ce:24:ef:f8:7e:6e:ed:d2:11:45:0c:42:11:
c6:bd:e9:d3:ee:0a:53:d7:67:5c:3a:d9:fa:cb:1b:
39:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:31:DE:31:94:75:41:84:A0:A7:F6:18:E0:57:44:8A:EC:05:6C:6A
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/vzHeMZR1QYSgp_YY4FdEiuwFbGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
66:7e:63:35:51:42:55:a0:a8:12:f1:8c:16:72:12:9f:2a:80:
5e:8c:b8:6c:08:74:fc:69:77:5c:6b:c8:de:b9:4e:0a:d5:1f:
4f:41:3e:5a:a8:87:0e:4f:6f:5a:48:1e:a3:64:fc:12:e9:98:
6d:68:c9:a9:54:8a:72:57:a6:bd:56:37:21:d7:fc:d0:c2:e3:
1a:98:e4:f4:ba:85:86:36:65:41:cf:1d:39:27:50:01:5d:54:
ff:75:82:e8:44:ff:10:29:a9:e4:84:ac:0f:39:67:7e:46:ec:
1d:08:08:a7:2f:39:e1:e2:26:d3:ab:a9:b7:ff:4b:d5:e8:42:
3a:0d:80:fe:d3:9f:23:cb:65:96:ae:fc:23:d1:62:52:9b:58:
70:8e:b5:3e:eb:8b:57:52:11:9a:79:3c:b4:dd:18:aa:08:8f:
57:61:af:c4:80:90:30:fb:4c:ce:3e:00:fd:b3:2e:4d:ab:f8:
73:8d:f6:bf:24:96:21:18:01:88:65:73:5d:e9:d6:59:c1:fc:
02:12:4b:55:89:92:9e:26:eb:1d:a9:de:ff:b6:de:43:b4:d0:
b5:0e:78:42:d4:e6:d1:e1:a8:0f:dd:01:0e:89:cf:4e:da:68:
eb:2d:9a:ee:a7:f9:e5:14:86:78:d9:79:00:bc:1c:2d:19:3d:
5b:67:c9:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTpyCwgxbFZ970NQGhMZAKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNDAzOTM5OTAxN2ZhMDkzZGM4ZDUwMzc5OWY2Y2E0MDNm
MGJkMDUwHhcNMjIxMjA2MjMzMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjMxZGUzMTk0NzU0MTg0YTBhN2Y2MThlMDU3NDQ4YWVjMDU2YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/6Bl/qzoud4i4xOB1/HF+wJiolk
LDoQ02+dL9ERyVAlREKzN5HYgB2l5IS+3M7nFZrxrcEWYQw3Wr0TayKAP6pSXZJn
IvmHUWmSLB2Ks7/oOu8JMXpUCu/OpJhiV1I8y2pWV0K9CGVd4u47OudHHClB7FFp
izDLFFvqBS0kqIWZVhlNHwNFplAAZ3sLoDgyCt3CwKLArBc/lZa7TpkYhXqBYrgy
IXbkXdVm5zm3JMhgC3hB/jogmVQXmDzS/LgkPi1ENos/CmJq1KGTMd2ETlMYSKy9
87/H+X93lIlI3d/28c4k7/h+bu3SEUUMQhHGvenT7gpT12dcOtn6yxs5WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8x3jGUdUGEoKf2GOBXRIrsBWxqMB8GA1UdIwQY
MBaAFGJAOTmQF/oJPcjVA3mfbKQD8L0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYt
MzI1OTQ5NmU3YzVmLzEvdnpIZU1aUjFRWVNncF9ZWTRGZEVpdXdGYkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYtMzI1OTQ5NmU3YzVm
LzEvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjZMA0G
CSqGSIb3DQEBCwUAA4IBAQBmfmM1UUJVoKgS8YwWchKfKoBejLhsCHT8aXdca8je
uU4K1R9PQT5aqIcOT29aSB6jZPwS6ZhtaMmpVIpyV6a9Vjch1/zQwuMamOT0uoWG
NmVBzx05J1ABXVT/dYLoRP8QKankhKwPOWd+RuwdCAinLznh4ibTq6m3/0vV6EI6
DYD+058jy2WWrvwj0WJSm1hwjrU+64tXUhGaeTy03RiqCI9XYa/EgJAw+0zOPgD9
sy5Nq/hzjfa/JJYhGAGIZXNd6dZZwfwCEktViZKeJusdqd7/tt5DtNC1DnhC1ObR
4agP3QEOic9O2mjrLZrup/nlFIZ42XkAvBwtGT1bZ8k9
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:22 2025 by rpki-client