Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/11b7b9-1fa6-4c51-a075-85572d652a7b/1/nVhGBfdgA4GpBUAjalksbIxuZAU.roa
File: nVhGBfdgA4GpBUAjalksbIxuZAU.roa (raw, json)
Hash identifier: HPBKP55gsfXIcAP9wc9xj45hyA7eA3PXqmnQ++9vz/s=
Subject key identifier: 9D:58:46:05:F7:60:03:81:A9:05:40:23:6A:59:2C:6C:8C:6E:64:05
Certificate issuer: /CN=45afe0d73419f8aade65d2c7115c01420472ba5c
Certificate serial: 01856F5DE64390539771A265DEFCE8F7649D
Authority key identifier: 45:AF:E0:D7:34:19:F8:AA:DE:65:D2:C7:11:5C:01:42:04:72:BA:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ra_g1zQZ-KreZdLHEVwBQgRyulw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/11b7b9-1fa6-4c51-a075-85572d652a7b/1/nVhGBfdgA4GpBUAjalksbIxuZAU.roa
Signing time: Sun 01 Jan 2023 22:05:02 +0000
ROA not before: Sun 01 Jan 2023 22:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212667
IP address blocks: 80.91.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e6:43:90:53:97:71:a2:65:de:fc:e8:f7:64:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45afe0d73419f8aade65d2c7115c01420472ba5c
Validity
Not Before: Jan 1 22:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d584605f7600381a90540236a592c6c8c6e6405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:21:3c:6c:42:49:d2:57:ef:7a:92:db:3b:ab:
2a:32:d3:17:cf:03:a7:f6:3e:8e:9a:c0:2c:25:ff:
1e:bc:80:ed:9c:04:49:89:7b:68:da:d9:59:45:09:
dd:3e:e6:2c:23:31:8e:9b:2e:a5:99:ab:be:da:23:
37:fd:19:74:b7:20:ef:ed:98:4e:b0:b8:3d:60:51:
08:cf:0a:05:25:48:f1:da:86:bc:e5:91:b3:67:f4:
62:37:78:a6:83:2b:e2:de:9c:5a:fc:6f:b7:4a:cd:
2f:e4:47:0b:17:55:fb:ec:74:dd:ee:02:95:66:6b:
f5:cf:fc:26:d7:e0:0e:4f:d7:7a:18:c4:dc:2b:b8:
25:31:1e:9b:1b:80:6b:59:83:2e:09:4f:82:9d:8f:
05:14:cf:58:13:22:cb:99:3a:61:ff:5e:96:64:f3:
53:79:12:0f:5c:f6:3b:6c:a5:e3:7d:aa:2d:18:89:
35:f4:3d:ee:52:06:af:c8:84:67:39:d9:68:0e:83:
77:5e:ad:8c:52:ba:01:9f:ff:24:90:9d:e2:28:09:
e0:d7:3e:a8:b6:c0:b2:9f:7a:08:ae:bd:e1:02:3d:
a9:f7:67:e8:56:bb:07:09:fc:33:91:22:0e:8b:18:
63:6d:e3:41:99:e1:ee:1c:1d:97:bf:71:6c:55:0a:
6f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:58:46:05:F7:60:03:81:A9:05:40:23:6A:59:2C:6C:8C:6E:64:05
X509v3 Authority Key Identifier:
keyid:45:AF:E0:D7:34:19:F8:AA:DE:65:D2:C7:11:5C:01:42:04:72:BA:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ra_g1zQZ-KreZdLHEVwBQgRyulw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/11b7b9-1fa6-4c51-a075-85572d652a7b/1/nVhGBfdgA4GpBUAjalksbIxuZAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/11b7b9-1fa6-4c51-a075-85572d652a7b/1/Ra_g1zQZ-KreZdLHEVwBQgRyulw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.91.213.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b0:41:39:53:a8:4b:bc:10:ea:22:f2:99:a3:04:e3:ca:70:
36:20:2d:8d:30:ed:cd:be:21:b1:d2:b6:aa:c2:7a:8f:5b:8b:
a6:11:6c:7e:fc:c6:03:7e:16:27:bc:55:f7:89:0e:04:b0:cf:
49:18:15:97:86:5d:1b:f4:3a:1e:d7:2c:44:40:05:06:43:0b:
ed:ef:78:56:0e:8f:60:69:26:58:e1:bc:ff:7f:af:21:11:5b:
a2:b9:95:0c:be:d2:af:9e:51:f8:e1:4a:6f:ee:c7:a4:fb:b9:
4d:a1:49:c6:a3:9d:10:10:35:a8:71:79:e5:ad:c8:16:ba:55:
07:3a:a3:1d:4a:9c:3d:57:ae:9a:82:67:0e:ba:02:4c:e2:49:
2f:13:11:49:e2:2d:12:2f:83:70:f4:68:56:e4:44:a6:89:cf:
14:56:20:3a:b3:b7:f0:d4:4f:eb:4b:d3:84:43:dd:45:94:38:
e8:ec:87:ff:a7:e4:c2:06:db:7d:e1:a2:7a:aa:8d:e2:63:81:
45:7e:03:cc:5b:52:d5:d9:6d:c4:ea:62:68:36:b8:e7:55:46:
b7:12:76:47:02:f5:b9:3b:85:a5:58:ef:2d:b4:26:fa:da:fd:
a7:bf:df:d4:77:a0:c0:f6:b6:8b:38:04:cd:98:95:4f:94:46:
4a:38:c1:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXeZDkFOXcaJl3vzo92SdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YWZlMGQ3MzQxOWY4YWFkZTY1ZDJjNzExNWMwMTQyMDQ3
MmJhNWMwHhcNMjMwMTAxMjIwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDU4NDYwNWY3NjAwMzgxYTkwNTQwMjM2YTU5MmM2YzhjNmU2NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CE8bEJJ0lfvepLbO6sqMtMXzwOn
9j6OmsAsJf8evIDtnARJiXto2tlZRQndPuYsIzGOmy6lmau+2iM3/Rl0tyDv7ZhO
sLg9YFEIzwoFJUjx2oa85ZGzZ/RiN3imgyvi3pxa/G+3Ss0v5EcLF1X77HTd7gKV
Zmv1z/wm1+AOT9d6GMTcK7glMR6bG4BrWYMuCU+CnY8FFM9YEyLLmTph/16WZPNT
eRIPXPY7bKXjfaotGIk19D3uUgavyIRnOdloDoN3Xq2MUroBn/8kkJ3iKAng1z6o
tsCyn3oIrr3hAj2p92foVrsHCfwzkSIOixhjbeNBmeHuHB2Xv3FsVQpvkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1YRgX3YAOBqQVAI2pZLGyMbmQFMB8GA1UdIwQY
MBaAFEWv4Nc0Gfiq3mXSxxFcAUIEcrpcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmFfZzF6UVotS3JlWmRMSEVWd0JRZ1J5dWx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xMWI3YjktMWZhNi00YzUxLWEwNzUt
ODU1NzJkNjUyYTdiLzEvblZoR0JmZGdBNEdwQlVBamFsa3NiSXh1WkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xMWI3YjktMWZhNi00YzUxLWEwNzUtODU1NzJkNjUyYTdi
LzEvUmFfZzF6UVotS3JlWmRMSEVWd0JRZ1J5dWx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUFvVMA0G
CSqGSIb3DQEBCwUAA4IBAQA4sEE5U6hLvBDqIvKZowTjynA2IC2NMO3NviGx0raq
wnqPW4umEWx+/MYDfhYnvFX3iQ4EsM9JGBWXhl0b9Doe1yxEQAUGQwvt73hWDo9g
aSZY4bz/f68hEVuiuZUMvtKvnlH44Upv7sek+7lNoUnGo50QEDWocXnlrcgWulUH
OqMdSpw9V66agmcOugJM4kkvExFJ4i0SL4Nw9GhW5ESmic8UViA6s7fw1E/rS9OE
Q91FlDjo7If/p+TCBtt94aJ6qo3iY4FFfgPMW1LV2W3E6mJoNrjnVUa3EnZHAvW5
O4WlWO8ttCb62v2nv9/Ud6DA9raLOATNmJVPlEZKOMHO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:25 2025 by rpki-client