Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/177f29-c4eb-411f-95ff-5e102d197742/1/Ql3TfeuG8fMjxNOnv4Rvo_GU6h0.roa
File: Ql3TfeuG8fMjxNOnv4Rvo_GU6h0.roa (raw, json)
Hash identifier: nX58NYz7ak9F+wQBhIb2RU4B4Y5JWyceiLNoXg/GnLc=
Subject key identifier: 42:5D:D3:7D:EB:86:F1:F3:23:C4:D3:A7:BF:84:6F:A3:F1:94:EA:1D
Certificate issuer: /CN=ff94c4b1d33ba3094ec388f7a73d8d39cd950861
Certificate serial: 01856F0B2F76FC89FD34A7C1E8FC0C6B7692
Authority key identifier: FF:94:C4:B1:D3:3B:A3:09:4E:C3:88:F7:A7:3D:8D:39:CD:95:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_5TEsdM7owlOw4j3pz2NOc2VCGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/177f29-c4eb-411f-95ff-5e102d197742/1/Ql3TfeuG8fMjxNOnv4Rvo_GU6h0.roa
Signing time: Sun 01 Jan 2023 20:34:41 +0000
ROA not before: Sun 01 Jan 2023 20:34:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 45.12.200.0/22 maxlen: 24
2a0e:bf00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:2f:76:fc:89:fd:34:a7:c1:e8:fc:0c:6b:76:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff94c4b1d33ba3094ec388f7a73d8d39cd950861
Validity
Not Before: Jan 1 20:34:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=425dd37deb86f1f323c4d3a7bf846fa3f194ea1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:48:b8:3a:0a:46:19:37:e2:b5:19:1b:09:90:
b1:8e:8d:0c:46:57:ba:f3:3c:26:85:7e:a5:de:62:
be:87:ab:e5:be:33:9a:4f:d7:9d:bd:44:f5:9d:5c:
92:9c:a4:c6:2e:cf:f7:e8:9d:d1:b9:b2:fc:68:4d:
76:20:52:ce:d0:47:26:3f:c8:4e:52:a1:2c:65:d5:
78:19:ec:3d:c0:c7:e1:ed:77:28:0c:4c:6e:98:65:
b2:04:0c:2d:31:71:e3:7b:17:7d:82:e6:01:47:81:
7c:17:fe:07:6f:17:f8:ab:e1:19:46:12:08:ef:a2:
fc:a7:1b:24:a7:21:4c:3a:b2:2e:d4:3c:a2:7d:79:
d2:29:dd:10:ca:d2:6d:ee:6e:fc:6d:0d:8f:d4:66:
64:aa:03:cb:2a:8e:cd:28:ab:ef:37:51:77:cb:84:
63:3c:3f:a6:aa:4a:94:dd:b6:57:e4:a3:b7:7b:ef:
33:7f:35:95:37:a4:67:85:82:32:0c:a5:56:ae:2c:
b9:4e:73:75:49:b5:1d:e8:9f:71:8d:1c:62:83:7a:
79:00:01:09:fb:00:92:2b:8f:67:49:de:74:f6:8b:
e6:09:25:49:a0:69:30:08:a6:fa:f6:52:c7:5e:7f:
6f:b2:ab:13:cf:02:dd:a2:37:b0:4d:bc:cc:23:8e:
3b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5D:D3:7D:EB:86:F1:F3:23:C4:D3:A7:BF:84:6F:A3:F1:94:EA:1D
X509v3 Authority Key Identifier:
keyid:FF:94:C4:B1:D3:3B:A3:09:4E:C3:88:F7:A7:3D:8D:39:CD:95:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_5TEsdM7owlOw4j3pz2NOc2VCGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/177f29-c4eb-411f-95ff-5e102d197742/1/Ql3TfeuG8fMjxNOnv4Rvo_GU6h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/177f29-c4eb-411f-95ff-5e102d197742/1/_5TEsdM7owlOw4j3pz2NOc2VCGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.200.0/22
IPv6:
2a0e:bf00::/29
Signature Algorithm: sha256WithRSAEncryption
4d:23:e6:80:fe:ad:16:de:fc:38:4e:95:1f:8f:48:2f:1b:65:
7e:4d:f2:8f:84:a7:07:d5:fc:03:01:e4:dc:17:c0:5f:73:51:
0d:ef:a7:da:fc:6c:2c:f3:3a:5f:50:c4:d7:35:68:29:35:7b:
32:7e:62:97:51:b7:0e:62:d4:87:5f:c4:21:b4:83:04:d4:37:
83:4f:81:bc:c9:e7:53:10:14:df:45:15:d5:46:fe:64:b4:20:
cc:dd:92:2e:77:69:93:fd:bb:97:f1:94:27:7e:45:e4:43:31:
52:89:b7:33:63:32:bf:5a:3e:26:ef:88:1c:31:a9:bc:cd:41:
78:b5:d8:7b:f6:f8:49:2c:16:dc:8b:76:63:15:5c:bc:1f:60:
4f:f1:46:15:8b:26:33:0c:a2:60:43:56:b3:6a:04:ad:f8:9b:
40:8b:d6:c1:08:27:dc:57:63:ae:ac:98:25:a9:b7:77:b6:e9:
4a:98:90:20:eb:93:e9:bf:72:f6:4b:33:58:e7:d8:c6:ca:17:
b5:3e:5c:d5:51:f8:c5:7e:df:38:b1:f3:c8:20:ff:3b:5e:f1:
f5:85:43:7f:d7:70:7d:33:6d:68:7a:76:d2:01:87:51:32:46:
56:c0:74:b3:d1:41:4c:71:4e:45:83:92:ba:49:1f:c6:0e:84:
65:9b:0b:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvCy92/In9NKfB6PwMa3aSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmOTRjNGIxZDMzYmEzMDk0ZWMzODhmN2E3M2Q4ZDM5Y2Q5
NTA4NjEwHhcNMjMwMTAxMjAzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjVkZDM3ZGViODZmMWYzMjNjNGQzYTdiZjg0NmZhM2YxOTRlYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUi4OgpGGTfitRkbCZCxjo0MRle6
8zwmhX6l3mK+h6vlvjOaT9edvUT1nVySnKTGLs/36J3RubL8aE12IFLO0EcmP8hO
UqEsZdV4Gew9wMfh7XcoDExumGWyBAwtMXHjexd9guYBR4F8F/4Hbxf4q+EZRhII
76L8pxskpyFMOrIu1DyifXnSKd0QytJt7m78bQ2P1GZkqgPLKo7NKKvvN1F3y4Rj
PD+mqkqU3bZX5KO3e+8zfzWVN6RnhYIyDKVWriy5TnN1SbUd6J9xjRxig3p5AAEJ
+wCSK49nSd509ovmCSVJoGkwCKb69lLHXn9vsqsTzwLdojewTbzMI4473QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEJd033rhvHzI8TTp7+Eb6PxlOodMB8GA1UdIwQY
MBaAFP+UxLHTO6MJTsOI96c9jTnNlQhhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzVURXNkTTdvd2xPdzRqM3B6Mk5PYzJWQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xNzdmMjktYzRlYi00MTFmLTk1ZmYt
NWUxMDJkMTk3NzQyLzEvUWwzVGZldUc4Zk1qeE5PbnY0UnZvX0dVNmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xNzdmMjktYzRlYi00MTFmLTk1ZmYtNWUxMDJkMTk3NzQy
LzEvXzVURXNkTTdvd2xPdzRqM3B6Mk5PYzJWQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQzIMA0E
AgACMAcDBQMqDr8AMA0GCSqGSIb3DQEBCwUAA4IBAQBNI+aA/q0W3vw4TpUfj0gv
G2V+TfKPhKcH1fwDAeTcF8Bfc1EN76fa/Gws8zpfUMTXNWgpNXsyfmKXUbcOYtSH
X8QhtIME1DeDT4G8yedTEBTfRRXVRv5ktCDM3ZIud2mT/buX8ZQnfkXkQzFSibcz
YzK/Wj4m74gcMam8zUF4tdh79vhJLBbci3ZjFVy8H2BP8UYViyYzDKJgQ1azagSt
+JtAi9bBCCfcV2OurJglqbd3tulKmJAg65Ppv3L2SzNY59jGyhe1PlzVUfjFft84
sfPIIP87XvH1hUN/13B9M21oenbSAYdRMkZWwHSz0UFMcU5Fg5K6SR/GDoRlmwst
-----END CERTIFICATE-----
Generated at Fri Nov 3 08:33:53 2023 by rpki-client on console-fra.rpki-client.org