Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/fd4a18-7007-4dc5-b8c1-6096e446c2c8/1/tHRKeFC2OFtR317AZnwReB0Qmww.roa
File: tHRKeFC2OFtR317AZnwReB0Qmww.roa (raw, json)
Hash identifier: B6RztgWXOf67jbREIBdUNQTvKfOC5WubJ80D/FewmUA=
Subject key identifier: B4:74:4A:78:50:B6:38:5B:51:DF:5E:C0:66:7C:11:78:1D:10:9B:0C
Certificate issuer: /CN=491a72d9173c315be3f474d9eabbc97ad8574786
Certificate serial: 05759C96
Authority key identifier: 49:1A:72:D9:17:3C:31:5B:E3:F4:74:D9:EA:BB:C9:7A:D8:57:47:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SRpy2Rc8MVvj9HTZ6rvJethXR4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/fd4a18-7007-4dc5-b8c1-6096e446c2c8/1/tHRKeFC2OFtR317AZnwReB0Qmww.roa
Signing time: Sat 01 Jan 2022 14:55:09 +0000
ROA not before: Sat 01 Jan 2022 14:55:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39405
IP address blocks: 45.156.188.0/22 maxlen: 22
185.224.32.0/22 maxlen: 24
185.246.24.0/22 maxlen: 24
2a0c:4400::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91593878 (0x5759c96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=491a72d9173c315be3f474d9eabbc97ad8574786
Validity
Not Before: Jan 1 14:55:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4744a7850b6385b51df5ec0667c11781d109b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:a6:99:af:c1:b3:dd:06:da:b3:89:2a:58:
49:75:ba:52:0f:10:df:0c:89:02:0a:1b:46:a0:00:
c4:19:af:d5:20:23:82:f7:4b:44:8c:02:d9:1c:1c:
59:e4:4a:c3:44:7d:a1:c6:fb:df:1c:aa:65:40:8a:
cd:91:bb:f7:e2:c6:90:c1:d3:cc:2d:52:f3:6e:1c:
c6:44:54:18:3e:38:0d:cf:bf:49:b5:d8:ba:3e:ec:
9d:0b:8d:e9:dd:2e:a0:68:06:fe:f1:7a:22:d9:49:
54:7b:45:6e:a3:8d:0e:80:3e:5e:09:e4:b3:84:d3:
e1:2d:8c:40:ab:c9:53:2a:57:9a:01:77:d2:30:fb:
4a:70:75:59:cc:7c:fa:aa:1b:52:e4:88:26:ad:16:
74:d5:61:03:53:3e:2b:99:dc:f2:45:44:d2:49:c1:
6d:32:91:8e:c5:0d:7b:ea:32:42:45:9e:b6:fd:d8:
28:86:79:6d:81:d0:79:4b:5d:09:38:22:b0:ef:66:
0d:28:52:b1:ae:93:29:4a:ac:4c:3a:d1:72:d4:98:
25:9a:6b:6e:6e:be:e7:18:21:45:90:58:72:a7:bf:
ee:7d:67:68:b6:76:fc:94:65:b9:2c:96:3c:04:88:
d5:7a:56:6c:49:37:02:9d:34:7b:65:b3:50:1e:bd:
4f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:74:4A:78:50:B6:38:5B:51:DF:5E:C0:66:7C:11:78:1D:10:9B:0C
X509v3 Authority Key Identifier:
keyid:49:1A:72:D9:17:3C:31:5B:E3:F4:74:D9:EA:BB:C9:7A:D8:57:47:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SRpy2Rc8MVvj9HTZ6rvJethXR4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/fd4a18-7007-4dc5-b8c1-6096e446c2c8/1/tHRKeFC2OFtR317AZnwReB0Qmww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/fd4a18-7007-4dc5-b8c1-6096e446c2c8/1/SRpy2Rc8MVvj9HTZ6rvJethXR4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.188.0/22
185.224.32.0/22
185.246.24.0/22
IPv6:
2a0c:4400::/32
Signature Algorithm: sha256WithRSAEncryption
61:b1:71:57:05:a2:0d:3e:66:a0:22:4d:64:95:7f:20:48:8b:
51:3f:e8:09:7c:ed:c0:02:66:9b:91:c0:c0:d9:fe:f7:9c:ef:
e8:42:29:7a:98:cf:6d:bb:9a:a6:40:29:0b:d5:7e:8c:1c:74:
fd:96:ed:f0:89:16:43:ab:e1:2b:80:f3:48:69:6e:75:b4:8d:
60:1c:8f:39:4b:b0:62:b0:8c:36:4f:cb:49:0c:78:28:5b:75:
31:3d:1f:49:12:61:83:24:f4:77:2b:5f:2a:63:fc:fc:61:04:
0c:b1:3e:e5:53:13:0e:16:c3:9d:df:ec:e6:80:ca:2e:06:09:
7a:ed:bc:2e:aa:6f:f0:31:7e:e2:91:d6:b9:d8:5f:1d:5e:ee:
9b:e1:81:be:0d:7e:90:f4:25:f9:ce:69:fd:6c:fa:35:f8:59:
ea:47:78:54:e6:c5:6d:c5:ac:a6:ba:bf:f6:c5:48:c7:df:e2:
10:39:8c:da:eb:84:d1:66:79:69:87:96:e4:a2:30:b5:6e:3b:
a7:62:80:8c:97:3f:59:6d:10:8c:78:84:45:9e:61:73:e3:4e:
88:9d:c2:b3:d8:f9:61:c2:90:cb:e1:b2:65:6e:96:10:90:22:
be:ec:8c:ef:2b:b0:b4:4b:f3:95:79:a2:35:90:67:51:40:8f:
8c:15:aa:54
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBXWcljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTFhNzJkOTE3M2MzMTViZTNmNDc0ZDllYWJiYzk3YWQ4NTc0Nzg2MB4XDTIyMDEw
MTE0NTUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ3NDRhNzg1MGI2
Mzg1YjUxZGY1ZWMwNjY3YzExNzgxZDEwOWIwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALk+ppmvwbPdBtqziSpYSXW6Ug8Q3wyJAgobRqAAxBmv1SAj
gvdLRIwC2RwcWeRKw0R9ocb73xyqZUCKzZG79+LGkMHTzC1S824cxkRUGD44Dc+/
SbXYuj7snQuN6d0uoGgG/vF6ItlJVHtFbqONDoA+Xgnks4TT4S2MQKvJUypXmgF3
0jD7SnB1Wcx8+qobUuSIJq0WdNVhA1M+K5nc8kVE0knBbTKRjsUNe+oyQkWetv3Y
KIZ5bYHQeUtdCTgisO9mDShSsa6TKUqsTDrRctSYJZprbm6+5xghRZBYcqe/7n1n
aLZ2/JRluSyWPASI1XpWbEk3Ap00e2WzUB69TxcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBS0dEp4ULY4W1HfXsBmfBF4HRCbDDAfBgNVHSMEGDAWgBRJGnLZFzwxW+P0
dNnqu8l62FdHhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NScHkyUmM4TVZ2ajlIVFo2cnZKZXRoWFI0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvZmQ0YTE4LTcwMDctNGRjNS1iOGMxLTYwOTZlNDQ2YzJjOC8x
L3RIUktlRkMyT0Z0UjMxN0FabndSZUIwUW13dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
ZmQ0YTE4LTcwMDctNGRjNS1iOGMxLTYwOTZlNDQ2YzJjOC8xL1NScHkyUmM4TVZ2
ajlIVFo2cnZKZXRoWFI0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi2cvAMEArngIAMEArn2GDANBAIA
AjAHAwUAKgxEADANBgkqhkiG9w0BAQsFAAOCAQEAYbFxVwWiDT5moCJNZJV/IEiL
UT/oCXztwAJmm5HAwNn+95zv6EIpepjPbbuapkApC9V+jBx0/Zbt8IkWQ6vhK4Dz
SGludbSNYByPOUuwYrCMNk/LSQx4KFt1MT0fSRJhgyT0dytfKmP8/GEEDLE+5VMT
DhbDnd/s5oDKLgYJeu28Lqpv8DF+4pHWudhfHV7um+GBvg1+kPQl+c5p/Wz6NfhZ
6kd4VObFbcWsprq/9sVIx9/iEDmM2uuE0WZ5aYeW5KIwtW47p2KAjJc/WW0QjHiE
RZ5hc+NOiJ3Cs9j5YcKQy+GyZW6WEJAivuyM7yuwtEvzlXmiNZBnUUCPjBWqVA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:33 2025 by rpki-client