Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/TS-rnoNIZe_xMMP_YuO1cZS8N4U.roa
File: TS-rnoNIZe_xMMP_YuO1cZS8N4U.roa (raw, json)
Hash identifier: sTtTFH7MclSMbco3dKmwqr+oNUhR5HGoV+TqBs1hPlk=
Subject key identifier: 4D:2F:AB:9E:83:48:65:EF:F1:30:C3:FF:62:E3:B5:71:94:BC:37:85
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018B03FA66D499F811453C66BD62A0038A26
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/TS-rnoNIZe_xMMP_YuO1cZS8N4U.roa
Signing time: Fri 06 Oct 2023 07:53:43 +0000
ROA not before: Fri 06 Oct 2023 07:53:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20454
IP address blocks: 45.156.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:03:fa:66:d4:99:f8:11:45:3c:66:bd:62:a0:03:8a:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Oct 6 07:53:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d2fab9e834865eff130c3ff62e3b57194bc3785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c9:8a:82:5d:d3:9d:a0:7e:9b:45:cc:22:98:
56:5b:57:fb:69:83:f9:b9:7e:71:ec:c3:51:9c:a6:
f2:5b:62:4e:9c:da:90:dc:e8:fa:4f:66:d4:43:81:
d2:ec:ba:ad:d0:5a:1e:94:b9:33:03:81:92:c8:6a:
c0:e1:cf:72:9a:6e:73:88:ce:3d:9a:07:6b:9b:df:
f8:34:79:19:e8:8a:79:c1:a7:83:a6:54:49:87:74:
d9:c3:52:fc:4b:a3:d2:eb:54:8c:2b:fe:f5:32:d2:
53:bc:c5:4c:39:76:f6:2c:17:54:0b:0a:eb:3b:30:
63:ea:f8:42:3e:c2:44:2d:94:65:d2:07:21:1b:da:
d6:ff:25:1c:35:58:cf:aa:11:90:ef:db:28:7d:5f:
48:e9:6f:4e:a4:04:b5:1b:11:66:0b:86:ab:bd:93:
81:4e:f2:a6:25:c7:ea:fd:24:50:2b:d2:56:5a:38:
27:75:4c:92:aa:91:89:d2:88:2c:0c:76:99:57:03:
9e:c1:2b:e6:d7:db:67:26:69:06:2d:23:f6:77:6a:
34:9d:a2:c6:7e:20:38:e2:97:0d:e2:a5:b1:fa:29:
fb:72:b6:1e:db:cc:8d:03:87:f4:2e:b6:46:33:68:
98:82:2c:a7:e0:9e:7f:23:37:8c:e0:7d:5b:50:0b:
ce:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2F:AB:9E:83:48:65:EF:F1:30:C3:FF:62:E3:B5:71:94:BC:37:85
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/TS-rnoNIZe_xMMP_YuO1cZS8N4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.146.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ce:7c:42:60:8a:f8:51:86:da:5a:de:2d:dc:6f:48:5c:8d:
66:0a:bf:14:4c:d5:b6:63:d8:33:fa:09:0d:d1:75:61:29:6b:
82:4d:7d:dd:0f:b9:6c:6a:46:e6:f4:6e:48:64:09:6b:9a:75:
04:35:e5:28:b9:22:0e:e8:aa:f2:54:17:1d:08:71:f7:d9:dd:
bb:e2:cb:fc:70:0c:06:db:c2:f3:b8:e0:3d:3b:f8:60:5d:8b:
e9:3d:8b:83:73:c3:8c:12:56:8b:8a:a3:8f:4b:7f:7a:97:48:
4e:c9:a3:47:fd:25:b4:b8:35:cf:9f:de:aa:0c:1f:84:05:69:
4a:da:da:68:f9:f2:f1:0b:cd:a5:b9:33:73:63:a9:52:36:29:
a3:07:07:c0:94:7e:32:c2:06:06:c8:33:0d:8d:ad:26:5c:61:
0f:c2:23:b2:83:55:ac:0c:bd:c8:3a:5f:3e:14:3c:fb:1f:3b:
e6:5b:f3:84:62:46:48:c9:6c:d0:fe:2a:2f:54:c5:23:c7:bc:
68:65:d1:13:18:16:b5:7a:54:02:01:ac:e6:1c:3c:9f:07:c1:
51:7f:ef:b2:60:a9:75:ac:15:73:89:7d:45:fc:dc:af:c0:85:
d0:d4:84:56:20:de:c1:cb:cc:70:b0:0f:86:5b:06:ce:86:f3:
03:98:ff:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsD+mbUmfgRRTxmvWKgA4omMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMxMDA2MDc1MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDJmYWI5ZTgzNDg2NWVmZjEzMGMzZmY2MmUzYjU3MTk0YmMzNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cmKgl3TnaB+m0XMIphWW1f7aYP5
uX5x7MNRnKbyW2JOnNqQ3Oj6T2bUQ4HS7Lqt0FoelLkzA4GSyGrA4c9ymm5ziM49
mgdrm9/4NHkZ6Ip5waeDplRJh3TZw1L8S6PS61SMK/71MtJTvMVMOXb2LBdUCwrr
OzBj6vhCPsJELZRl0gchG9rW/yUcNVjPqhGQ79sofV9I6W9OpAS1GxFmC4arvZOB
TvKmJcfq/SRQK9JWWjgndUySqpGJ0ogsDHaZVwOewSvm19tnJmkGLSP2d2o0naLG
fiA44pcN4qWx+in7crYe28yNA4f0LrZGM2iYgiyn4J5/IzeM4H1bUAvO1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0vq56DSGXv8TDD/2LjtXGUvDeFMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvVFMtcm5vTklaZV94TU1QX1l1TzFjWlM4TjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZySMA0G
CSqGSIb3DQEBCwUAA4IBAQCKznxCYIr4UYbaWt4t3G9IXI1mCr8UTNW2Y9gz+gkN
0XVhKWuCTX3dD7lsakbm9G5IZAlrmnUENeUouSIO6KryVBcdCHH32d274sv8cAwG
28LzuOA9O/hgXYvpPYuDc8OMElaLiqOPS396l0hOyaNH/SW0uDXPn96qDB+EBWlK
2tpo+fLxC82luTNzY6lSNimjBwfAlH4ywgYGyDMNja0mXGEPwiOyg1WsDL3IOl8+
FDz7HzvmW/OEYkZIyWzQ/iovVMUjx7xoZdETGBa1elQCAazmHDyfB8FRf++yYKl1
rBVziX1F/NyvwIXQ1IRWIN7By8xwsA+GWwbOhvMDmP/0
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:28:20 2025 by rpki-client