Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/331f31-9e46-4869-99e2-ba61ed087329/1/8NhLuIAgnf60hG31zcOT7dwFDts.roa
File: 8NhLuIAgnf60hG31zcOT7dwFDts.roa (raw, json)
Hash identifier: g6EmtZBdcJbZCVT/WAwIFMW3+TNljpYoOw1XJkkvdx4=
Subject key identifier: F0:D8:4B:B8:80:20:9D:FE:B4:84:6D:F5:CD:C3:93:ED:DC:05:0E:DB
Certificate issuer: /CN=c1213ebf02c5e802e03b08a3ad5d61caa8eb96d2
Certificate serial: 01856CE627FCD61471470233DFB4E267C8E5
Authority key identifier: C1:21:3E:BF:02:C5:E8:02:E0:3B:08:A3:AD:5D:61:CA:A8:EB:96:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSE-vwLF6ALgOwijrV1hyqjrltI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/331f31-9e46-4869-99e2-ba61ed087329/1/8NhLuIAgnf60hG31zcOT7dwFDts.roa
Signing time: Sun 01 Jan 2023 10:35:00 +0000
ROA not before: Sun 01 Jan 2023 10:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200567
IP address blocks: 45.146.132.0/22 maxlen: 23
2a0f:1000::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:27:fc:d6:14:71:47:02:33:df:b4:e2:67:c8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1213ebf02c5e802e03b08a3ad5d61caa8eb96d2
Validity
Not Before: Jan 1 10:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0d84bb880209dfeb4846df5cdc393eddc050edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b9:2b:02:74:02:88:fd:ec:74:50:48:7e:57:
dd:5a:d9:e8:07:00:56:6e:df:90:d2:e8:ae:32:60:
3f:d0:9e:a4:e8:c0:1d:f0:39:48:4e:70:4c:f7:db:
70:58:5f:87:48:f5:13:ae:16:0b:36:e0:f4:64:84:
b6:fc:24:58:43:48:f5:e4:30:92:07:35:ca:07:fd:
9c:42:23:d5:55:1f:6f:30:4f:2d:90:a9:83:26:ad:
e0:35:22:8b:12:da:f2:ad:97:9a:f9:81:57:89:74:
85:35:b8:0f:86:09:4a:46:be:bb:82:24:1e:5a:ef:
36:c0:51:90:7b:4a:6b:ef:d0:71:26:18:f4:27:fc:
f9:d3:db:e1:f8:bd:ee:b8:63:0d:d7:ca:aa:e1:7f:
01:33:16:59:2e:6c:21:8b:57:89:bd:d4:88:23:3b:
6a:26:20:07:5e:68:2a:bf:3a:ac:c2:35:07:49:d7:
83:5a:d5:93:a2:7f:a4:9c:ee:e5:83:13:ed:d2:ea:
f4:cf:f2:6f:db:c1:04:52:52:5c:20:bc:57:39:e6:
44:42:5f:08:1d:c3:27:de:3b:14:15:59:3d:1e:75:
57:15:3c:2c:32:c0:7d:e2:c2:46:a0:2d:a6:e4:e1:
c9:4c:1c:2c:71:4e:9d:4d:19:21:9f:74:61:47:6a:
a0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D8:4B:B8:80:20:9D:FE:B4:84:6D:F5:CD:C3:93:ED:DC:05:0E:DB
X509v3 Authority Key Identifier:
keyid:C1:21:3E:BF:02:C5:E8:02:E0:3B:08:A3:AD:5D:61:CA:A8:EB:96:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSE-vwLF6ALgOwijrV1hyqjrltI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/331f31-9e46-4869-99e2-ba61ed087329/1/8NhLuIAgnf60hG31zcOT7dwFDts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/331f31-9e46-4869-99e2-ba61ed087329/1/wSE-vwLF6ALgOwijrV1hyqjrltI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.132.0/22
IPv6:
2a0f:1000::/29
Signature Algorithm: sha256WithRSAEncryption
07:d2:01:49:c1:75:7c:aa:26:3c:37:bd:98:0d:80:aa:e6:45:
04:97:fd:c0:12:b6:8a:89:eb:29:36:2a:69:cb:f3:8e:b0:46:
02:c2:ad:ce:e0:ed:11:47:44:27:93:3f:d1:15:9f:de:23:2d:
4c:c3:90:c7:42:72:8a:0d:22:bf:98:f3:40:0d:a7:95:a3:2b:
09:a1:a7:05:bc:e1:fe:2f:98:c0:af:44:ee:b1:fe:b0:4f:00:
22:d8:fe:7d:f8:20:50:d1:a1:bb:0e:63:ee:30:50:db:35:58:
62:c9:08:9a:66:67:3f:db:be:67:85:ec:a9:a1:50:eb:f0:01:
ab:eb:f6:e4:31:fb:38:50:77:45:d3:dc:a3:36:35:24:24:30:
bd:53:1e:50:c8:7a:d4:5f:93:11:a2:2d:8e:a8:ed:93:cf:34:
9c:cb:36:27:63:bd:13:3b:af:76:9a:ec:83:7e:0c:76:7d:0e:
dc:66:c6:c2:78:02:e5:42:db:e9:5b:4e:13:57:e0:94:39:f9:
71:2a:8c:d3:98:cb:5e:d5:d8:83:cc:c2:fa:fb:ac:f5:36:04:
fd:61:5e:04:e0:9f:8e:c4:f7:d8:2d:c1:9e:d5:cb:5c:3f:ce:
da:aa:f4:8e:34:1f:30:b6:a0:e2:cc:81:0e:6f:b0:bc:aa:ab:
2a:e6:0a:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs5if81hRxRwIz37TiZ8jlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjEzZWJmMDJjNWU4MDJlMDNiMDhhM2FkNWQ2MWNhYThl
Yjk2ZDIwHhcNMjMwMTAxMTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQ4NGJiODgwMjA5ZGZlYjQ4NDZkZjVjZGMzOTNlZGRjMDUwZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLkrAnQCiP3sdFBIflfdWtnoBwBW
bt+Q0uiuMmA/0J6k6MAd8DlITnBM99twWF+HSPUTrhYLNuD0ZIS2/CRYQ0j15DCS
BzXKB/2cQiPVVR9vME8tkKmDJq3gNSKLEtryrZea+YFXiXSFNbgPhglKRr67giQe
Wu82wFGQe0pr79BxJhj0J/z509vh+L3uuGMN18qq4X8BMxZZLmwhi1eJvdSIIztq
JiAHXmgqvzqswjUHSdeDWtWTon+knO7lgxPt0ur0z/Jv28EEUlJcILxXOeZEQl8I
HcMn3jsUFVk9HnVXFTwsMsB94sJGoC2m5OHJTBwscU6dTRkhn3RhR2qgJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPDYS7iAIJ3+tIRt9c3Dk+3cBQ7bMB8GA1UdIwQY
MBaAFMEhPr8CxegC4DsIo61dYcqo65bSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NFLXZ3TEY2QUxnT3dpanJWMWh5cWpybHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzFmMzEtOWU0Ni00ODY5LTk5ZTIt
YmE2MWVkMDg3MzI5LzEvOE5oTHVJQWduZjYwaEczMXpjT1Q3ZHdGRHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzFmMzEtOWU0Ni00ODY5LTk5ZTItYmE2MWVkMDg3MzI5
LzEvd1NFLXZ3TEY2QUxnT3dpanJWMWh5cWpybHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZKEMA0E
AgACMAcDBQMqDxAAMA0GCSqGSIb3DQEBCwUAA4IBAQAH0gFJwXV8qiY8N72YDYCq
5kUEl/3AEraKiespNippy/OOsEYCwq3O4O0RR0Qnkz/RFZ/eIy1Mw5DHQnKKDSK/
mPNADaeVoysJoacFvOH+L5jAr0Tusf6wTwAi2P59+CBQ0aG7DmPuMFDbNVhiyQia
Zmc/275nheypoVDr8AGr6/bkMfs4UHdF09yjNjUkJDC9Ux5QyHrUX5MRoi2OqO2T
zzScyzYnY70TO692muyDfgx2fQ7cZsbCeALlQtvpW04TV+CUOflxKozTmMte1diD
zML6+6z1NgT9YV4E4J+OxPfYLcGe1ctcP87aqvSONB8wtqDizIEOb7C8qqsq5goi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:58 2025 by rpki-client