Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/oKC5bEcziJFDCGcwRyK24qH3lSQ.roa
File: oKC5bEcziJFDCGcwRyK24qH3lSQ.roa (raw, json)
Hash identifier: GzVycUXBkc7hhIoSxkK/gg3KTY/LLvbYmcgrUcWEg64=
Subject key identifier: A0:A0:B9:6C:47:33:88:91:43:08:67:30:47:22:B6:E2:A1:F7:95:24
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018570D526ED264BEBC93143B7B90FDC8E64
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/oKC5bEcziJFDCGcwRyK24qH3lSQ.roa
Signing time: Mon 02 Jan 2023 04:54:55 +0000
ROA not before: Mon 02 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.89.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:26:ed:26:4b:eb:c9:31:43:b7:b9:0f:dc:8e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 2 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0a0b96c47338891430867304722b6e2a1f79524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:75:b3:b3:4f:3f:15:95:19:ca:46:f3:76:02:
e1:df:0f:9c:53:31:67:84:cb:61:aa:05:da:32:3e:
89:a8:35:5f:8d:1f:f6:03:42:25:7c:98:29:63:93:
95:90:bb:ed:c4:f9:db:30:38:98:50:bb:95:90:07:
1b:b0:76:52:58:07:a0:df:5e:02:91:16:92:45:ce:
82:a5:48:22:a9:cb:54:f6:d4:5b:f4:4f:10:83:12:
19:94:bf:41:a6:19:2b:e7:00:be:d2:92:32:9a:a7:
ae:a9:08:09:47:39:5a:0b:9a:3f:28:ed:1e:e1:51:
5e:fa:1f:53:20:37:cc:3d:29:98:cd:d9:02:8d:07:
93:c5:56:ed:ac:53:51:f1:e0:a2:16:8f:b1:b8:42:
87:b0:0a:14:77:98:64:58:c1:1f:d8:14:0d:95:15:
ce:e9:b9:09:aa:b9:69:27:69:94:1c:76:7c:f5:ff:
8c:e1:0a:75:6e:98:98:52:7f:9a:5b:83:8e:dc:7d:
de:a7:0e:8a:4e:1d:12:64:85:1d:09:11:89:7f:7d:
46:81:2c:cc:4c:11:d6:07:a5:23:3f:37:75:5e:41:
3c:94:91:57:cf:d0:77:45:7d:b1:34:4b:24:f3:b0:
5e:7d:dc:0d:f0:7b:d4:e6:9a:86:49:16:9d:a4:15:
ec:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A0:B9:6C:47:33:88:91:43:08:67:30:47:22:B6:E2:A1:F7:95:24
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/oKC5bEcziJFDCGcwRyK24qH3lSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.21.0/24
Signature Algorithm: sha256WithRSAEncryption
81:47:5d:57:f9:96:38:0b:1a:c3:73:47:eb:64:de:d7:2f:7a:
26:08:e1:41:b9:53:51:91:97:cb:93:0c:eb:74:79:37:2f:8e:
61:0d:b3:c3:cb:f8:5c:4c:d2:ee:fb:78:d7:e8:61:58:8b:73:
4f:31:95:99:e6:7d:e2:f0:25:b1:27:64:c8:08:d9:6b:e0:25:
1c:b9:44:73:ea:08:d8:b9:ac:63:ce:3c:e2:9e:87:07:ce:b3:
b7:fc:66:d1:9a:11:2f:a1:88:ae:59:49:78:6b:ed:db:44:b3:
95:57:63:53:3f:b9:02:c4:63:c6:14:8f:49:4e:f0:f9:45:77:
3d:2a:31:01:7b:37:ed:55:50:ef:d3:43:36:12:8f:86:09:4b:
4f:d3:c4:eb:40:ef:dc:81:a0:4b:c4:ec:09:9a:d0:e0:b5:5d:
c8:07:d3:12:aa:54:8b:bc:f1:ac:e0:8d:b4:fe:95:dc:8f:49:
93:a9:f7:f7:aa:69:7d:c2:3f:2b:76:1e:ee:0d:bb:eb:e1:3c:
45:c5:18:ca:5c:5e:40:a6:47:be:09:cf:d7:15:1f:e3:74:a0:
e3:83:0e:af:5f:c9:17:cd:fd:ea:2d:bb:cb:0c:7f:e9:a8:4f:
02:0a:3c:6b:8b:f3:67:ff:74:ef:ea:96:fd:ef:77:77:ce:4a:
e3:5d:c3:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1SbtJkvryTFDt7kP3I5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjMwMTAyMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGEwYjk2YzQ3MzM4ODkxNDMwODY3MzA0NzIyYjZlMmExZjc5NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXWzs08/FZUZykbzdgLh3w+cUzFn
hMthqgXaMj6JqDVfjR/2A0IlfJgpY5OVkLvtxPnbMDiYULuVkAcbsHZSWAeg314C
kRaSRc6CpUgiqctU9tRb9E8QgxIZlL9Bphkr5wC+0pIymqeuqQgJRzlaC5o/KO0e
4VFe+h9TIDfMPSmYzdkCjQeTxVbtrFNR8eCiFo+xuEKHsAoUd5hkWMEf2BQNlRXO
6bkJqrlpJ2mUHHZ89f+M4Qp1bpiYUn+aW4OO3H3epw6KTh0SZIUdCRGJf31GgSzM
TBHWB6UjPzd1XkE8lJFXz9B3RX2xNEsk87BefdwN8HvU5pqGSRadpBXsHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCguWxHM4iRQwhnMEcituKh95UkMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvb0tDNWJFY3ppSkZEQ0djd1J5SzI0cUgzbFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVkVMA0G
CSqGSIb3DQEBCwUAA4IBAQCBR11X+ZY4CxrDc0frZN7XL3omCOFBuVNRkZfLkwzr
dHk3L45hDbPDy/hcTNLu+3jX6GFYi3NPMZWZ5n3i8CWxJ2TICNlr4CUcuURz6gjY
uaxjzjzinocHzrO3/GbRmhEvoYiuWUl4a+3bRLOVV2NTP7kCxGPGFI9JTvD5RXc9
KjEBezftVVDv00M2Eo+GCUtP08TrQO/cgaBLxOwJmtDgtV3IB9MSqlSLvPGs4I20
/pXcj0mTqff3qml9wj8rdh7uDbvr4TxFxRjKXF5Apke+Cc/XFR/jdKDjgw6vX8kX
zf3qLbvLDH/pqE8CCjxri/Nn/3Tv6pb973d3zkrjXcN8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:59 2025 by rpki-client