Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/5f6ac1-b935-47b1-96c1-0a12969fbcfc/1/MsrMHIUjlN9Pawl8RaDZtTeYDP0.roa
File: MsrMHIUjlN9Pawl8RaDZtTeYDP0.roa (raw, json)
Hash identifier: UFRcCqlW6dAtEPWfNlfY/xm5Y+ehmGScl8yOxZsnSXg=
Subject key identifier: 32:CA:CC:1C:85:23:94:DF:4F:6B:09:7C:45:A0:D9:B5:37:98:0C:FD
Certificate issuer: /CN=be37cce14cb56b66497810e73baa0edf67007a48
Certificate serial: 018CC7276C6DDEA21D5E02588F86D52C0783
Authority key identifier: BE:37:CC:E1:4C:B5:6B:66:49:78:10:E7:3B:AA:0E:DF:67:00:7A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vjfM4Uy1a2ZJeBDnO6oO32cAekg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/5f6ac1-b935-47b1-96c1-0a12969fbcfc/1/MsrMHIUjlN9Pawl8RaDZtTeYDP0.roa
Signing time: Mon 01 Jan 2024 22:31:38 +0000
ROA not before: Mon 01 Jan 2024 22:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43915
IP address blocks: 45.130.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:6c:6d:de:a2:1d:5e:02:58:8f:86:d5:2c:07:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be37cce14cb56b66497810e73baa0edf67007a48
Validity
Not Before: Jan 1 22:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32cacc1c852394df4f6b097c45a0d9b537980cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fa:d4:16:ea:53:d6:f7:02:42:47:c5:d4:b1:
38:28:98:66:97:57:13:6f:74:e8:19:2b:c2:e8:77:
e1:28:de:77:c3:92:4a:1e:b0:79:aa:47:4d:8b:53:
c2:82:9b:94:4a:d3:23:37:3d:e0:a0:e2:71:9f:84:
fd:e7:61:02:cd:f3:8d:5c:c1:ff:9c:09:40:4b:b0:
01:63:7e:74:49:4d:b9:56:a0:2a:03:2d:b8:44:ff:
15:ab:60:cc:62:8c:41:7b:81:27:cb:36:a6:93:15:
dd:01:b4:16:4c:8f:0a:3d:3a:47:ee:c1:fa:65:d6:
51:5a:ee:5a:0c:b4:00:c6:5b:ca:85:6d:4b:23:0e:
06:82:b1:69:96:94:9e:87:28:97:fb:16:35:0a:da:
f8:d6:4a:61:26:46:a5:7d:a8:d3:d6:b6:31:14:a3:
c7:58:8a:6a:a0:ec:17:45:1f:9a:b8:ed:05:4d:59:
ec:34:9c:f6:b2:e1:ec:2b:a8:97:50:c1:36:48:1a:
ae:99:56:18:92:bb:a2:11:c8:d2:f5:71:55:83:61:
a6:7e:90:70:dd:51:09:84:d2:59:f0:fa:a1:1f:e3:
d5:b7:b0:41:ed:7f:8e:0f:da:40:6b:dd:bb:b6:ec:
55:4e:96:f0:58:18:06:d1:3b:74:94:bc:66:7a:a5:
3b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CA:CC:1C:85:23:94:DF:4F:6B:09:7C:45:A0:D9:B5:37:98:0C:FD
X509v3 Authority Key Identifier:
keyid:BE:37:CC:E1:4C:B5:6B:66:49:78:10:E7:3B:AA:0E:DF:67:00:7A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vjfM4Uy1a2ZJeBDnO6oO32cAekg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/5f6ac1-b935-47b1-96c1-0a12969fbcfc/1/MsrMHIUjlN9Pawl8RaDZtTeYDP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/5f6ac1-b935-47b1-96c1-0a12969fbcfc/1/vjfM4Uy1a2ZJeBDnO6oO32cAekg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:88:d4:8f:c7:e4:69:ac:56:7b:b3:1c:cd:bb:33:1e:48:98:
ef:3a:5f:f2:11:20:71:7d:04:6b:21:9d:b6:7f:f4:64:72:4e:
cf:11:06:79:07:e9:4c:7c:e0:2a:d9:f8:95:8e:3d:dd:b1:4d:
2a:2a:e5:ab:9a:98:e6:72:0f:4a:dc:6e:8e:29:c6:51:6b:29:
db:f6:34:c0:4d:a8:14:f0:28:84:48:be:36:c9:4e:fc:09:55:
b2:34:f2:ff:ac:54:a8:dd:8d:11:f8:1d:6e:bc:c3:b9:a0:13:
ee:d4:3b:ff:63:0a:8e:92:4e:81:6a:a7:76:09:78:db:99:38:
4c:6e:3d:36:0b:d6:12:a2:68:28:a8:59:b6:86:64:80:f8:77:
12:d0:6a:e2:d2:f8:df:cf:0b:67:f1:7d:e2:3b:00:20:1e:da:
ae:7a:07:93:79:71:49:1c:a1:b7:81:92:2e:00:9e:1a:bc:fd:
61:bc:62:30:a5:1d:cd:20:b9:64:be:52:94:10:84:f2:98:d3:
c8:bf:2b:46:3f:18:00:b5:a2:b8:2b:8f:ff:1d:cb:28:de:6b:
95:7f:f5:ce:19:16:08:08:70:4d:b0:81:08:f6:70:d5:8c:81:
1c:47:dd:bb:9b:0a:ba:8d:cd:83:30:80:f2:a1:c0:10:5d:17:
0f:e3:68:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ2xt3qIdXgJYj4bVLAeDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMzdjY2UxNGNiNTZiNjY0OTc4MTBlNzNiYWEwZWRmNjcw
MDdhNDgwHhcNMjQwMTAxMjIzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNhY2MxYzg1MjM5NGRmNGY2YjA5N2M0NWEwZDliNTM3OTgwY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/rUFupT1vcCQkfF1LE4KJhml1cT
b3ToGSvC6HfhKN53w5JKHrB5qkdNi1PCgpuUStMjNz3goOJxn4T952ECzfONXMH/
nAlAS7ABY350SU25VqAqAy24RP8Vq2DMYoxBe4EnyzamkxXdAbQWTI8KPTpH7sH6
ZdZRWu5aDLQAxlvKhW1LIw4GgrFplpSehyiX+xY1Ctr41kphJkalfajT1rYxFKPH
WIpqoOwXRR+auO0FTVnsNJz2suHsK6iXUME2SBqumVYYkruiEcjS9XFVg2GmfpBw
3VEJhNJZ8PqhH+PVt7BB7X+OD9pAa927tuxVTpbwWBgG0Tt0lLxmeqU73wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLKzByFI5TfT2sJfEWg2bU3mAz9MB8GA1UdIwQY
MBaAFL43zOFMtWtmSXgQ5zuqDt9nAHpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmpmTTRVeTFhMlpKZUJEbk82b08zMmNBZWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81ZjZhYzEtYjkzNS00N2IxLTk2YzEt
MGExMjk2OWZiY2ZjLzEvTXNyTUhJVWpsTjlQYXdsOFJhRFp0VGVZRFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81ZjZhYzEtYjkzNS00N2IxLTk2YzEtMGExMjk2OWZiY2Zj
LzEvdmpmTTRVeTFhMlpKZUJEbk82b08zMmNBZWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYI4MA0G
CSqGSIb3DQEBCwUAA4IBAQA8iNSPx+RprFZ7sxzNuzMeSJjvOl/yESBxfQRrIZ22
f/Rkck7PEQZ5B+lMfOAq2fiVjj3dsU0qKuWrmpjmcg9K3G6OKcZRaynb9jTATagU
8CiESL42yU78CVWyNPL/rFSo3Y0R+B1uvMO5oBPu1Dv/YwqOkk6Baqd2CXjbmThM
bj02C9YSomgoqFm2hmSA+HcS0Gri0vjfzwtn8X3iOwAgHtquegeTeXFJHKG3gZIu
AJ4avP1hvGIwpR3NILlkvlKUEITymNPIvytGPxgAtaK4K4//Hcso3muVf/XOGRYI
CHBNsIEI9nDVjIEcR927mwq6jc2DMIDyocAQXRcP42gW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:19 2025 by rpki-client