Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c2ab9f-9458-4b7c-8fce-256a9010438f/1/nJ3hZ4YO449aPv8CYEcTM2anK_U.roa
File: nJ3hZ4YO449aPv8CYEcTM2anK_U.roa (raw, json)
Hash identifier: F/JKskf3uFOynU1UEp+VE+nIkVGCN/EH2zqXVxxku2M=
Subject key identifier: 9C:9D:E1:67:86:0E:E3:8F:5A:3E:FF:02:60:47:13:33:66:A7:2B:F5
Certificate issuer: /CN=bb0d71a178548765129c17fce8ec3f5b5ca09033
Certificate serial: 01850530C6A5A151038A25FFC9C30E313F2D
Authority key identifier: BB:0D:71:A1:78:54:87:65:12:9C:17:FC:E8:EC:3F:5B:5C:A0:90:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1xoXhUh2USnBf86Ow_W1ygkDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/c2ab9f-9458-4b7c-8fce-256a9010438f/1/nJ3hZ4YO449aPv8CYEcTM2anK_U.roa
Signing time: Mon 12 Dec 2022 07:16:00 +0000
ROA not before: Mon 12 Dec 2022 07:16:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12345
IP address blocks: 45.158.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:30:c6:a5:a1:51:03:8a:25:ff:c9:c3:0e:31:3f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d71a178548765129c17fce8ec3f5b5ca09033
Validity
Not Before: Dec 12 07:16:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c9de167860ee38f5a3eff026047133366a72bf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:5f:ad:44:1b:09:f8:08:99:87:47:54:83:
1e:d0:83:bb:9b:1d:51:7b:3f:1e:36:a5:77:68:9b:
8a:15:94:e7:33:89:37:e3:64:10:9b:a6:a1:12:ad:
c9:94:24:f3:b5:92:f8:69:c9:24:57:85:8e:45:51:
c1:b0:12:31:c3:a8:d2:a7:62:8e:19:80:a2:6f:eb:
5b:f0:2c:0f:40:09:73:72:46:8f:c7:1a:82:da:40:
bd:d2:84:be:c0:33:49:d8:2f:c4:13:07:e6:b1:17:
9b:b9:26:fd:c0:a2:d2:64:ea:f2:02:c3:5e:0d:2d:
f2:a8:95:74:2e:e7:6c:7a:ae:55:15:85:b5:29:2c:
47:c5:d1:23:24:35:4a:ef:3b:d9:6c:15:27:4b:cf:
a8:55:5b:f1:a9:3e:11:91:b1:cf:80:aa:6a:3d:cd:
56:25:be:6b:c7:ac:03:25:6d:e6:81:d7:db:61:f3:
72:1e:7f:ff:5e:e7:93:21:08:34:5b:f7:b9:95:7f:
47:10:b2:41:c1:d4:48:38:ca:23:f1:41:59:48:d6:
c7:cd:04:bd:6c:68:84:61:cc:e5:55:94:86:8d:5b:
84:af:65:ae:e3:52:62:9c:ae:2f:35:37:2e:01:9f:
eb:1a:ec:cd:0a:8a:fa:da:d4:94:c4:2f:4f:66:39:
f7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9D:E1:67:86:0E:E3:8F:5A:3E:FF:02:60:47:13:33:66:A7:2B:F5
X509v3 Authority Key Identifier:
keyid:BB:0D:71:A1:78:54:87:65:12:9C:17:FC:E8:EC:3F:5B:5C:A0:90:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1xoXhUh2USnBf86Ow_W1ygkDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c2ab9f-9458-4b7c-8fce-256a9010438f/1/nJ3hZ4YO449aPv8CYEcTM2anK_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c2ab9f-9458-4b7c-8fce-256a9010438f/1/uw1xoXhUh2USnBf86Ow_W1ygkDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.252.0/22
Signature Algorithm: sha256WithRSAEncryption
67:2a:be:e2:70:70:e1:54:f8:ab:3d:1a:9e:46:a6:54:13:47:
70:c1:6e:34:26:d7:05:f4:c0:99:10:20:a3:b7:55:94:1e:53:
f7:ce:0a:d5:83:dd:ea:32:ca:48:70:6f:86:c0:8f:90:b4:e0:
f3:70:55:4c:7e:01:6c:34:45:7b:c3:db:11:1f:73:30:9d:37:
8a:87:d7:04:fc:79:1e:e9:21:5f:2c:43:71:18:dd:92:1d:d5:
3a:bb:ce:e5:51:05:dd:ec:82:be:ba:0d:e7:3a:68:73:22:42:
1f:dc:6a:23:23:ec:cf:09:6a:56:d6:1d:a3:15:ff:a5:f7:c4:
07:bf:80:96:b4:be:04:a1:66:20:03:82:20:cb:c1:cb:65:84:
a2:ec:c3:bf:00:33:1e:95:26:ea:8b:c7:26:e4:04:ec:66:a8:
f1:67:7e:b8:d3:74:2b:29:ec:09:0b:2e:69:17:ba:5f:7a:e7:
74:b2:49:3b:e8:e3:d1:fe:51:25:77:f9:70:0e:13:12:72:0a:
1f:ad:c8:3e:f4:7d:a9:78:e6:a1:82:83:1f:12:2d:b2:ce:db:
89:ba:e7:59:2f:3d:55:5b:e7:db:97:40:0e:1a:13:90:36:64:
58:08:31:84:24:dd:58:ff:66:07:79:dc:53:63:a9:69:2d:2b:
45:ab:b9:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUFMMaloVEDiiX/ycMOMT8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ3MWExNzg1NDg3NjUxMjljMTdmY2U4ZWMzZjViNWNh
MDkwMzMwHhcNMjIxMjEyMDcxNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzlkZTE2Nzg2MGVlMzhmNWEzZWZmMDI2MDQ3MTMzMzY2YTcyYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf5frUQbCfgImYdHVIMe0IO7mx1R
ez8eNqV3aJuKFZTnM4k342QQm6ahEq3JlCTztZL4ackkV4WORVHBsBIxw6jSp2KO
GYCib+tb8CwPQAlzckaPxxqC2kC90oS+wDNJ2C/EEwfmsRebuSb9wKLSZOryAsNe
DS3yqJV0Ludseq5VFYW1KSxHxdEjJDVK7zvZbBUnS8+oVVvxqT4RkbHPgKpqPc1W
Jb5rx6wDJW3mgdfbYfNyHn//XueTIQg0W/e5lX9HELJBwdRIOMoj8UFZSNbHzQS9
bGiEYczlVZSGjVuEr2Wu41JinK4vNTcuAZ/rGuzNCor62tSUxC9PZjn3ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyd4WeGDuOPWj7/AmBHEzNmpyv1MB8GA1UdIwQY
MBaAFLsNcaF4VIdlEpwX/OjsP1tcoJAzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxeG9YaFVoMlVTbkJmODZPd19XMXlna0RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jMmFiOWYtOTQ1OC00YjdjLThmY2Ut
MjU2YTkwMTA0MzhmLzEvbkozaFo0WU80NDlhUHY4Q1lFY1RNMmFuS19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jMmFiOWYtOTQ1OC00YjdjLThmY2UtMjU2YTkwMTA0Mzhm
LzEvdXcxeG9YaFVoMlVTbkJmODZPd19XMXlna0RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ78MA0G
CSqGSIb3DQEBCwUAA4IBAQBnKr7icHDhVPirPRqeRqZUE0dwwW40JtcF9MCZECCj
t1WUHlP3zgrVg93qMspIcG+GwI+QtODzcFVMfgFsNEV7w9sRH3MwnTeKh9cE/Hke
6SFfLENxGN2SHdU6u87lUQXd7IK+ug3nOmhzIkIf3GojI+zPCWpW1h2jFf+l98QH
v4CWtL4EoWYgA4Igy8HLZYSi7MO/ADMelSbqi8cm5ATsZqjxZ36403QrKewJCy5p
F7pfeud0skk76OPR/lEld/lwDhMScgofrcg+9H2peOahgoMfEi2yztuJuudZLz1V
W+fbl0AOGhOQNmRYCDGEJN1Y/2YHedxTY6lpLStFq7nK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:44 2024 by rpki-client on console-fra.rpki-client.org