Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/8144nC_f8LJO45gLrBslv0Rw788.roa
File: 8144nC_f8LJO45gLrBslv0Rw788.roa (raw, json)
Hash identifier: jnXfDXyXBkORVwEhY8m6ObDvJYQBAASa/d0Xvope8c8=
Subject key identifier: F3:5E:38:9C:2F:DF:F0:B2:4E:E3:98:0B:AC:1B:25:BF:44:70:EF:CF
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018495467F44D6CEC8ACA5BFDCEB95AF7065
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/8144nC_f8LJO45gLrBslv0Rw788.roa
Signing time: Sun 20 Nov 2022 13:42:16 +0000
ROA not before: Sun 20 Nov 2022 13:42:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212512
IP address blocks: 45.147.47.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:95:46:7f:44:d6:ce:c8:ac:a5:bf:dc:eb:95:af:70:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 20 13:42:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f35e389c2fdff0b24ee3980bac1b25bf4470efcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0a:e1:92:4b:9b:1f:61:92:e8:17:0d:40:3e:
e4:bc:af:00:d7:f9:06:69:93:e7:28:c2:51:5b:2d:
e0:59:26:17:8e:ba:3b:e5:55:0b:61:82:38:1e:60:
cc:81:b3:46:ec:d1:33:21:d2:16:6c:82:56:88:5e:
49:3e:59:15:aa:eb:5b:62:b1:3d:ca:86:b5:11:bc:
7a:59:ad:7f:b0:7d:62:e3:e6:99:55:73:76:20:13:
8f:40:85:ae:4f:f8:cf:3b:2a:2a:86:9d:9e:a7:8e:
2f:ae:73:1e:75:24:61:41:40:ba:6c:25:f5:d5:2e:
cf:50:5b:b8:29:d3:4a:da:48:8f:da:62:0c:0c:32:
29:72:9f:e0:c3:e3:3b:e1:1d:b9:96:bf:59:63:fe:
d9:c3:8e:de:9a:d8:5e:7d:0c:41:c0:b5:80:9d:f3:
50:7d:89:98:b3:60:4a:55:91:13:01:d8:76:c4:82:
37:cd:32:29:4e:3d:91:7f:24:1a:63:13:b1:03:35:
62:71:7c:5d:95:6a:1f:9b:25:62:53:31:e2:ca:95:
08:bf:40:33:b1:70:ad:f4:dd:40:24:44:21:12:16:
87:b7:67:17:d1:c4:dd:f8:35:f0:93:97:5c:cc:2b:
81:b7:52:ce:f6:96:40:21:e4:01:39:84:14:48:92:
2a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5E:38:9C:2F:DF:F0:B2:4E:E3:98:0B:AC:1B:25:BF:44:70:EF:CF
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/8144nC_f8LJO45gLrBslv0Rw788.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.2.0/24
45.141.148.0/24
45.141.150.0/24
45.147.47.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ce:bf:c5:02:bd:8d:20:91:22:c5:e5:d0:33:34:2c:2d:0e:
50:be:05:d8:39:55:4c:25:0c:88:d3:29:c4:e6:bb:0a:e8:cb:
ed:73:35:77:cd:78:63:ce:21:50:25:62:b7:54:6a:95:82:bb:
69:bc:c3:65:cf:38:b3:df:84:fe:23:16:f2:91:88:66:24:a3:
cb:82:d4:06:03:ee:70:84:fb:ea:aa:8a:6b:5d:68:18:f4:bc:
77:d5:8e:ba:f0:81:24:f1:05:8c:81:36:78:b2:99:e8:a0:62:
d0:fb:7b:cc:ee:99:c0:55:77:be:f2:35:17:c7:10:6f:0d:c1:
fd:d7:bf:b5:4d:0a:af:4c:8f:a0:f3:43:cd:ce:93:18:0f:2d:
c7:be:60:40:7e:d5:de:dc:ce:c1:05:c6:c0:17:3e:bb:79:86:
2e:12:b3:9b:f6:ad:a3:4d:ff:b7:2a:6c:c9:f3:e5:81:4e:69:
25:28:d6:52:2d:d9:b4:88:0f:f6:07:04:88:b2:2a:2c:b8:6d:
8d:bd:29:f1:3d:51:b2:f0:80:9a:0d:11:dc:c6:89:ad:db:71:
ce:b3:db:4e:92:fa:34:9d:79:5a:21:53:77:67:3e:2e:55:a3:
a2:4b:ca:0c:4f:6d:cf:e1:f3:8b:c0:2c:93:b1:4f:27:b7:66:
5e:7e:2a:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSVRn9E1s7IrKW/3OuVr3BlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjIxMTIwMTM0MjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzVlMzg5YzJmZGZmMGIyNGVlMzk4MGJhYzFiMjViZjQ0NzBlZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgArhkkubH2GS6BcNQD7kvK8A1/kG
aZPnKMJRWy3gWSYXjro75VULYYI4HmDMgbNG7NEzIdIWbIJWiF5JPlkVqutbYrE9
yoa1Ebx6Wa1/sH1i4+aZVXN2IBOPQIWuT/jPOyoqhp2ep44vrnMedSRhQUC6bCX1
1S7PUFu4KdNK2kiP2mIMDDIpcp/gw+M74R25lr9ZY/7Zw47emthefQxBwLWAnfNQ
fYmYs2BKVZETAdh2xII3zTIpTj2RfyQaYxOxAzVicXxdlWofmyViUzHiypUIv0Az
sXCt9N1AJEQhEhaHt2cX0cTd+DXwk5dczCuBt1LO9pZAIeQBOYQUSJIquQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPNeOJwv3/CyTuOYC6wbJb9EcO/PMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvODE0NG5DX2Y4TEpPNDVnTHJCc2x2MFJ3Nzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYMCAwQA
LY2UAwQALY2WAwQALZMvMA0GCSqGSIb3DQEBCwUAA4IBAQCIzr/FAr2NIJEixeXQ
MzQsLQ5QvgXYOVVMJQyI0ynE5rsK6MvtczV3zXhjziFQJWK3VGqVgrtpvMNlzziz
34T+IxbykYhmJKPLgtQGA+5whPvqqoprXWgY9Lx31Y668IEk8QWMgTZ4spnooGLQ
+3vM7pnAVXe+8jUXxxBvDcH917+1TQqvTI+g80PNzpMYDy3HvmBAftXe3M7BBcbA
Fz67eYYuErOb9q2jTf+3KmzJ8+WBTmklKNZSLdm0iA/2BwSIsiosuG2NvSnxPVGy
8ICaDRHcxomt23HOs9tOkvo0nXlaIVN3Zz4uVaOiS8oMT23P4fOLwCyTsU8nt2Ze
fird
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:27 2025 by rpki-client