Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/i_twomEgFvY5jQzj9IdGHZwtkQA.roa
File: i_twomEgFvY5jQzj9IdGHZwtkQA.roa (raw, json)
Hash identifier: yLa8SNBG0jjxPAGyvGXRGLfnZ06XekemaAeWdTuM3e0=
Subject key identifier: 8B:FB:70:A2:61:20:16:F6:39:8D:0C:E3:F4:87:46:1D:9C:2D:91:00
Certificate issuer: /CN=875c0e6edb151a8f91a0869bbfa561883e7c126b
Certificate serial: 02F857AB
Authority key identifier: 87:5C:0E:6E:DB:15:1A:8F:91:A0:86:9B:BF:A5:61:88:3E:7C:12:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h1wObtsVGo-RoIabv6VhiD58Ems.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/i_twomEgFvY5jQzj9IdGHZwtkQA.roa
Signing time: Sat 01 Jan 2022 02:53:50 +0000
ROA not before: Sat 01 Jan 2022 02:53:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
45.129.22.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49829803 (0x2f857ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=875c0e6edb151a8f91a0869bbfa561883e7c126b
Validity
Not Before: Jan 1 02:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bfb70a2612016f6398d0ce3f487461d9c2d9100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c1:73:3a:03:e7:c9:a4:95:d6:ea:69:42:0d:
9a:60:79:52:51:de:92:c4:a8:b9:be:58:86:25:9c:
b5:77:97:e9:d9:16:d5:01:c3:2c:e1:a6:69:6b:5c:
34:ae:5d:c6:c6:6a:5e:ef:3e:eb:68:e1:f3:6b:72:
23:ad:40:f9:70:fd:5c:b7:fc:d4:06:8a:6f:e4:e3:
0c:75:10:72:5e:8f:f2:1e:28:6b:7d:04:eb:86:98:
59:37:cb:00:b6:ce:a8:7a:7a:40:31:98:a2:b7:04:
57:16:76:fc:d7:5f:9a:33:46:29:15:80:46:1f:0b:
f2:b2:d1:db:a3:1e:7b:63:45:42:9a:bb:34:70:0a:
77:c0:7a:17:fc:c1:d1:f0:6e:a9:6a:de:a6:75:4a:
2f:0b:3c:42:94:0b:fd:85:19:be:e6:c5:85:dc:85:
a7:f8:2b:b3:25:ae:a3:54:7f:c2:f3:4d:60:6b:2f:
11:9d:2b:56:90:a8:b2:01:28:ab:71:49:3a:84:92:
7f:ef:ef:32:87:55:85:64:73:d5:57:51:e9:86:ba:
fb:2c:59:e5:72:c1:c3:60:e9:54:85:1b:d4:da:d1:
b5:b9:a4:2b:51:28:3e:65:10:08:d0:fe:2e:d5:b0:
aa:e4:c2:57:8f:f7:ec:56:08:81:dd:31:54:74:fc:
00:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FB:70:A2:61:20:16:F6:39:8D:0C:E3:F4:87:46:1D:9C:2D:91:00
X509v3 Authority Key Identifier:
keyid:87:5C:0E:6E:DB:15:1A:8F:91:A0:86:9B:BF:A5:61:88:3E:7C:12:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h1wObtsVGo-RoIabv6VhiD58Ems.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/i_twomEgFvY5jQzj9IdGHZwtkQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/796945-6886-43bc-ad8d-5d3fc56043bf/1/h1wObtsVGo-RoIabv6VhiD58Ems.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/22
Signature Algorithm: sha256WithRSAEncryption
22:4f:f6:d3:98:7b:a0:c8:71:b7:16:f0:3e:5e:33:6c:fe:70:
27:9f:a3:d3:77:88:cf:0b:ee:99:3f:86:97:c6:ac:2c:a0:93:
7b:03:4b:e5:09:ce:61:bc:a5:30:2c:14:f7:2d:2e:6b:2d:64:
f0:6b:a7:0d:98:b6:2b:f1:d6:83:79:67:84:a8:80:b0:35:87:
b5:4e:60:d4:98:5b:60:7d:bc:0e:28:1a:ac:76:66:81:39:c6:
86:e0:7b:a0:ad:dc:5b:11:41:74:6a:fd:ed:a7:7a:67:c3:cb:
81:4e:0d:fa:a0:3d:2e:34:62:5b:62:bf:16:5d:ad:24:31:fb:
2b:a3:d0:e2:6e:35:73:fc:cd:8f:9b:65:89:ef:ca:89:79:91:
a0:2e:2f:53:74:f2:77:71:cc:63:9e:d7:91:6d:ff:23:59:6d:
eb:b5:c5:7f:e7:ed:74:10:41:d4:b6:27:54:5f:be:7e:e3:37:
85:33:d5:73:57:b0:19:c2:ff:0c:f0:b0:65:be:98:fe:6a:32:
e2:30:4a:b0:f0:c0:b3:99:2e:0a:69:97:3a:27:0d:9c:7d:eb:
12:17:10:06:67:8c:3b:d2:65:3d:a9:85:db:77:11:0a:69:0c:
90:96:ed:00:1a:09:6f:da:69:99:dd:72:28:08:35:67:56:5b:
3e:e2:fc:bc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAvhXqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NzVjMGU2ZWRiMTUxYThmOTFhMDg2OWJiZmE1NjE4ODNlN2MxMjZiMB4XDTIyMDEw
MTAyNTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJmYjcwYTI2MTIw
MTZmNjM5OGQwY2UzZjQ4NzQ2MWQ5YzJkOTEwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMzBczoD58mkldbqaUINmmB5UlHeksSoub5YhiWctXeX6dkW
1QHDLOGmaWtcNK5dxsZqXu8+62jh82tyI61A+XD9XLf81AaKb+TjDHUQcl6P8h4o
a30E64aYWTfLALbOqHp6QDGYorcEVxZ2/NdfmjNGKRWARh8L8rLR26Mee2NFQpq7
NHAKd8B6F/zB0fBuqWrepnVKLws8QpQL/YUZvubFhdyFp/grsyWuo1R/wvNNYGsv
EZ0rVpCosgEoq3FJOoSSf+/vModVhWRz1VdR6Ya6+yxZ5XLBw2DpVIUb1NrRtbmk
K1EoPmUQCND+LtWwquTCV4/37FYIgd0xVHT8AIsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSL+3CiYSAW9jmNDOP0h0YdnC2RADAfBgNVHSMEGDAWgBSHXA5u2xUaj5Gg
hpu/pWGIPnwSazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gxd09idHNWR28tUm9JYWJ2NlZoaUQ1OEVtcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNzk2OTQ1LTY4ODYtNDNiYy1hZDhkLTVkM2ZjNTYwNDNiZi8x
L2lfdHdvbUVnRnZZNWpRemo5SWRHSFp3dGtRQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
Nzk2OTQ1LTY4ODYtNDNiYy1hZDhkLTVkM2ZjNTYwNDNiZi8xL2gxd09idHNWR28t
Um9JYWJ2NlZoaUQ1OEVtcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2BFDANBgkqhkiG9w0BAQsFAAOC
AQEAIk/205h7oMhxtxbwPl4zbP5wJ5+j03eIzwvumT+Gl8asLKCTewNL5QnOYbyl
MCwU9y0uay1k8GunDZi2K/HWg3lnhKiAsDWHtU5g1JhbYH28DigarHZmgTnGhuB7
oK3cWxFBdGr97ad6Z8PLgU4N+qA9LjRiW2K/Fl2tJDH7K6PQ4m41c/zNj5tlie/K
iXmRoC4vU3Tyd3HMY57XkW3/I1lt67XFf+ftdBBB1LYnVF++fuM3hTPVc1ewGcL/
DPCwZb6Y/moy4jBKsPDAs5kuCmmXOicNnH3rEhcQBmeMO9JlPamF23cRCmkMkJbt
ABoJb9ppmd1yKAg1Z1ZbPuL8vA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:05 2025 by rpki-client