Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/Xfb81MlfjZkpGQEjaaHOCClY5ZY.roa
File: Xfb81MlfjZkpGQEjaaHOCClY5ZY.roa (raw, json)
Hash identifier: +owMczmEFatp6iNVQhA+QjKdJDunl1mzVQTVUcLkqpc=
Subject key identifier: 5D:F6:FC:D4:C9:5F:8D:99:29:19:01:23:69:A1:CE:08:29:58:E5:96
Certificate issuer: /CN=8a6fbe22e80be7f14c1c39f848b1b80c9248ede8
Certificate serial: 01856DDD1B148B25C44C3F0C2A8C02051EB3
Authority key identifier: 8A:6F:BE:22:E8:0B:E7:F1:4C:1C:39:F8:48:B1:B8:0C:92:48:ED:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/im--IugL5_FMHDn4SLG4DJJI7eg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/Xfb81MlfjZkpGQEjaaHOCClY5ZY.roa
Signing time: Sun 01 Jan 2023 15:04:44 +0000
ROA not before: Sun 01 Jan 2023 15:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5404
IP address blocks: 45.89.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:1b:14:8b:25:c4:4c:3f:0c:2a:8c:02:05:1e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6fbe22e80be7f14c1c39f848b1b80c9248ede8
Validity
Not Before: Jan 1 15:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5df6fcd4c95f8d992919012369a1ce082958e596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:4c:f3:7a:2c:eb:33:4c:b2:a1:4a:f7:a7:1d:
1f:86:af:11:e5:ec:a4:a0:5c:e0:a1:21:25:4b:be:
54:78:a1:fe:85:2f:41:7e:23:b9:e9:e7:c2:ea:fc:
3c:32:44:c9:00:48:7a:54:29:50:ac:84:e8:ee:8c:
10:53:d7:1f:1f:8d:a5:ed:64:e6:96:60:a4:72:df:
3c:f6:82:f6:c0:e3:9e:4c:e2:12:82:7b:4b:e3:15:
b9:e8:f9:a3:9a:90:99:a7:52:92:9c:65:f4:89:06:
ca:84:a8:5f:1e:b9:1a:f6:c9:62:0d:6e:31:66:51:
31:b9:25:e8:63:3e:ac:d6:62:9e:26:4d:1d:62:d5:
22:a9:59:80:d7:19:30:92:8c:f4:52:f5:32:4b:22:
11:c7:4e:5f:c9:88:f4:10:0f:69:07:12:5f:18:ff:
f7:b1:67:6a:90:6d:b7:29:a8:c3:e4:53:72:c0:44:
88:26:80:9d:ed:05:ba:94:71:08:9d:30:c8:4a:a1:
5d:21:46:75:1a:f9:91:7b:7e:c5:7b:c4:8b:e9:d7:
b6:01:96:c8:c3:65:f5:62:7a:fe:88:3f:57:19:b8:
02:6c:79:8d:cc:60:9d:62:f1:2d:d6:e8:fc:16:56:
ac:a1:cf:fe:5f:73:e4:39:ec:8d:d2:58:4b:7e:64:
bf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F6:FC:D4:C9:5F:8D:99:29:19:01:23:69:A1:CE:08:29:58:E5:96
X509v3 Authority Key Identifier:
keyid:8A:6F:BE:22:E8:0B:E7:F1:4C:1C:39:F8:48:B1:B8:0C:92:48:ED:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/im--IugL5_FMHDn4SLG4DJJI7eg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/Xfb81MlfjZkpGQEjaaHOCClY5ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/im--IugL5_FMHDn4SLG4DJJI7eg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.163.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:af:80:f8:df:5e:52:f4:a9:ac:bb:06:82:93:e9:5b:e2:f2:
cc:ff:70:e8:b2:f4:6f:93:7d:4f:eb:5f:9a:36:bc:b7:fa:7f:
bf:80:e8:32:df:f9:2e:bd:db:fa:6a:11:c7:97:5c:87:f8:43:
bf:ad:a7:79:6c:36:c0:12:40:d3:2f:ad:af:1b:aa:01:61:cc:
ba:c0:03:8b:f6:60:c1:e2:26:94:3b:85:32:04:56:29:1c:bc:
a3:94:76:6e:f0:7c:e6:d0:2c:fc:e5:32:3f:51:39:e6:b3:81:
f6:c9:ac:d6:cd:79:90:44:33:a9:a9:ba:d8:77:6e:8c:57:95:
5e:13:d0:14:30:4f:25:4f:a1:33:67:ef:f9:69:f4:3f:fd:49:
d8:ed:e4:33:ea:bb:38:5d:de:58:dc:67:21:c1:6a:0f:1f:d0:
e4:ae:65:40:f7:52:f9:be:ef:21:55:c9:e9:35:43:fb:ad:1d:
5b:9d:1a:87:24:41:a1:f1:42:e2:bd:ca:63:80:a7:65:03:6f:
aa:66:6e:6b:21:17:e4:0f:6a:db:00:82:a9:f0:26:f1:fb:d0:
0f:bd:ab:d8:88:72:62:26:08:64:9d:f3:ba:fa:fc:1a:ce:3b:
09:01:f0:f0:fa:4f:59:f6:17:b5:1c:89:18:d4:33:6c:cf:23:
81:92:e4:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3RsUiyXETD8MKowCBR6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNmZiZTIyZTgwYmU3ZjE0YzFjMzlmODQ4YjFiODBjOTI0
OGVkZTgwHhcNMjMwMTAxMTUwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY2ZmNkNGM5NWY4ZDk5MjkxOTAxMjM2OWExY2UwODI5NThlNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kzzeizrM0yyoUr3px0fhq8R5eyk
oFzgoSElS75UeKH+hS9BfiO56efC6vw8MkTJAEh6VClQrITo7owQU9cfH42l7WTm
lmCkct889oL2wOOeTOISgntL4xW56PmjmpCZp1KSnGX0iQbKhKhfHrka9sliDW4x
ZlExuSXoYz6s1mKeJk0dYtUiqVmA1xkwkoz0UvUySyIRx05fyYj0EA9pBxJfGP/3
sWdqkG23KajD5FNywESIJoCd7QW6lHEInTDISqFdIUZ1GvmRe37Fe8SL6de2AZbI
w2X1Ynr+iD9XGbgCbHmNzGCdYvEt1uj8Flasoc/+X3PkOeyN0lhLfmS/dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF32/NTJX42ZKRkBI2mhzggpWOWWMB8GA1UdIwQY
MBaAFIpvviLoC+fxTBw5+EixuAySSO3oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW0tLUl1Z0w1X0ZNSERuNFNMRzRESkpJN2VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9jMzEzMjQtYzFjYS00ZGFhLWFmYTUt
MzRkOTE0Mzk0M2I3LzEvWGZiODFNbGZqWmtwR1FFamFhSE9DQ2xZNVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9jMzEzMjQtYzFjYS00ZGFhLWFmYTUtMzRkOTE0Mzk0M2I3
LzEvaW0tLUl1Z0w1X0ZNSERuNFNMRzRESkpJN2VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVmjMA0G
CSqGSIb3DQEBCwUAA4IBAQBsr4D4315S9KmsuwaCk+lb4vLM/3DosvRvk31P61+a
Nry3+n+/gOgy3/kuvdv6ahHHl1yH+EO/rad5bDbAEkDTL62vG6oBYcy6wAOL9mDB
4iaUO4UyBFYpHLyjlHZu8Hzm0Cz85TI/UTnms4H2yazWzXmQRDOpqbrYd26MV5Ve
E9AUME8lT6EzZ+/5afQ//UnY7eQz6rs4Xd5Y3GchwWoPH9DkrmVA91L5vu8hVcnp
NUP7rR1bnRqHJEGh8ULivcpjgKdlA2+qZm5rIRfkD2rbAIKp8Cbx+9APvavYiHJi
JghknfO6+vwazjsJAfDw+k9Z9he1HIkY1DNszyOBkuT/
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:20 2025 by rpki-client