Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/lWts5sh7FDgMf5rgw_heOFKLsXU.roa
File: lWts5sh7FDgMf5rgw_heOFKLsXU.roa (raw, json)
Hash identifier: 1q5u5KP6VqOqjsrda1D03XeltYepBFLHFQupc6WtCZw=
Subject key identifier: 95:6B:6C:E6:C8:7B:14:38:0C:7F:9A:E0:C3:F8:5E:38:52:8B:B1:75
Certificate issuer: /CN=8a6fbe22e80be7f14c1c39f848b1b80c9248ede8
Certificate serial: 01856DDD1C02FC55FBF8A47AAF3FDB971ACE
Authority key identifier: 8A:6F:BE:22:E8:0B:E7:F1:4C:1C:39:F8:48:B1:B8:0C:92:48:ED:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/im--IugL5_FMHDn4SLG4DJJI7eg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/lWts5sh7FDgMf5rgw_heOFKLsXU.roa
Signing time: Sun 01 Jan 2023 15:04:45 +0000
ROA not before: Sun 01 Jan 2023 15:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205614
IP address blocks: 45.89.160.0/23 maxlen: 24
45.89.162.0/24 maxlen: 24
2a0b:e880::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:1c:02:fc:55:fb:f8:a4:7a:af:3f:db:97:1a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6fbe22e80be7f14c1c39f848b1b80c9248ede8
Validity
Not Before: Jan 1 15:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956b6ce6c87b14380c7f9ae0c3f85e38528bb175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f6:fc:dd:85:af:19:7d:5f:9a:c4:bc:a0:c9:
66:cc:ec:9a:b8:20:ca:29:32:64:dd:67:3c:d5:9f:
29:4a:95:e1:be:45:23:5c:b7:39:8d:8b:7f:1f:20:
55:38:37:83:57:96:1e:4c:8f:f4:6b:0e:3b:bb:eb:
5a:07:6a:8f:5f:b9:f0:9f:8e:72:5b:57:2a:3c:6f:
7e:ee:5c:87:48:8d:d9:fb:74:43:d2:7e:7a:43:89:
51:7f:ec:eb:22:57:1a:90:7a:9e:8e:58:33:19:a6:
2f:3d:76:bd:5e:c9:cd:79:31:ea:be:4d:ed:7c:30:
99:6c:bd:cb:08:34:26:e6:57:f3:5b:eb:e1:3b:da:
c4:eb:71:b8:54:b6:fc:9e:4f:e1:be:a0:75:69:35:
e5:e4:f1:af:00:d3:d5:a9:93:08:2f:c5:a7:5b:a6:
47:7c:fe:e3:71:0b:fe:04:35:08:9d:c1:7b:36:b2:
69:60:dd:2c:67:00:97:ed:d9:26:c7:b0:45:4b:58:
0e:47:f1:8a:17:ff:7d:50:3c:58:53:0f:bb:22:c7:
cf:4a:4c:6d:d7:74:f4:c3:41:db:24:1e:ed:29:30:
fa:95:48:1d:0c:d2:5c:f4:fb:4e:a8:8d:ff:7c:14:
2e:f3:4c:e3:bc:7b:df:7a:86:f5:7b:7c:83:ea:59:
86:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6B:6C:E6:C8:7B:14:38:0C:7F:9A:E0:C3:F8:5E:38:52:8B:B1:75
X509v3 Authority Key Identifier:
keyid:8A:6F:BE:22:E8:0B:E7:F1:4C:1C:39:F8:48:B1:B8:0C:92:48:ED:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/im--IugL5_FMHDn4SLG4DJJI7eg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/lWts5sh7FDgMf5rgw_heOFKLsXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/c31324-c1ca-4daa-afa5-34d9143943b7/1/im--IugL5_FMHDn4SLG4DJJI7eg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.160.0-45.89.162.255
IPv6:
2a0b:e880::/29
Signature Algorithm: sha256WithRSAEncryption
dc:42:64:b4:c3:07:67:f6:50:9e:a2:60:c0:9e:4a:2c:f4:6d:
6a:e7:95:78:43:40:16:dd:55:c4:6b:21:26:37:40:7e:f0:b5:
e8:cc:73:56:e3:0a:43:7c:96:33:ec:91:7c:3d:1e:be:9a:dc:
f8:3a:b3:ba:45:0d:a7:97:e1:45:09:6d:cd:62:f9:91:03:3e:
41:db:9b:93:30:6c:04:22:87:07:b5:7e:b9:15:47:f2:e6:d2:
ed:4f:6a:cb:35:98:04:06:89:b1:0f:ce:e4:67:e8:08:b5:a3:
f2:83:22:da:24:9a:99:08:53:41:15:14:fa:6d:1e:f8:8d:04:
2d:c3:27:b1:62:d0:e6:3f:3b:45:91:bd:27:df:9e:4f:8b:16:
d7:81:0c:be:08:9e:fe:c3:5a:2e:8b:8c:6d:24:99:03:99:ce:
f6:0f:3a:68:46:86:db:d2:3b:d5:c0:71:f3:98:0b:b1:c1:9e:
a3:f7:56:bb:ed:39:db:d9:aa:24:c4:66:73:4f:92:a5:98:aa:
de:1d:98:b5:0e:d5:5d:77:5b:36:59:41:b0:5a:99:07:b1:cc:
a2:56:8e:c0:fb:2e:61:0d:05:16:f0:06:35:73:de:66:13:06:
1f:52:17:67:42:19:9f:6b:cc:5c:4f:e8:ed:d9:85:e8:8d:ce:
46:de:c3:1c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVt3RwC/FX7+KR6rz/blxrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNmZiZTIyZTgwYmU3ZjE0YzFjMzlmODQ4YjFiODBjOTI0
OGVkZTgwHhcNMjMwMTAxMTUwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZiNmNlNmM4N2IxNDM4MGM3ZjlhZTBjM2Y4NWUzODUyOGJiMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/b83YWvGX1fmsS8oMlmzOyauCDK
KTJk3Wc81Z8pSpXhvkUjXLc5jYt/HyBVODeDV5YeTI/0aw47u+taB2qPX7nwn45y
W1cqPG9+7lyHSI3Z+3RD0n56Q4lRf+zrIlcakHqejlgzGaYvPXa9XsnNeTHqvk3t
fDCZbL3LCDQm5lfzW+vhO9rE63G4VLb8nk/hvqB1aTXl5PGvANPVqZMIL8WnW6ZH
fP7jcQv+BDUIncF7NrJpYN0sZwCX7dkmx7BFS1gOR/GKF/99UDxYUw+7IsfPSkxt
13T0w0HbJB7tKTD6lUgdDNJc9PtOqI3/fBQu80zjvHvfeob1e3yD6lmGkwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJVrbObIexQ4DH+a4MP4XjhSi7F1MB8GA1UdIwQY
MBaAFIpvviLoC+fxTBw5+EixuAySSO3oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW0tLUl1Z0w1X0ZNSERuNFNMRzRESkpJN2VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9jMzEzMjQtYzFjYS00ZGFhLWFmYTUt
MzRkOTE0Mzk0M2I3LzEvbFd0czVzaDdGRGdNZjVyZ3dfaGVPRktMc1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9jMzEzMjQtYzFjYS00ZGFhLWFmYTUtMzRkOTE0Mzk0M2I3
LzEvaW0tLUl1Z0w1X0ZNSERuNFNMRzRESkpJN2VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAUtWaAD
BAAtWaIwDQQCAAIwBwMFAyoL6IAwDQYJKoZIhvcNAQELBQADggEBANxCZLTDB2f2
UJ6iYMCeSiz0bWrnlXhDQBbdVcRrISY3QH7wtejMc1bjCkN8ljPskXw9Hr6a3Pg6
s7pFDaeX4UUJbc1i+ZEDPkHbm5MwbAQihwe1frkVR/Lm0u1Pass1mAQGibEPzuRn
6Ai1o/KDItokmpkIU0EVFPptHviNBC3DJ7Fi0OY/O0WRvSffnk+LFteBDL4Inv7D
Wi6LjG0kmQOZzvYPOmhGhtvSO9XAcfOYC7HBnqP3VrvtOdvZqiTEZnNPkqWYqt4d
mLUO1V13WzZZQbBamQexzKJWjsD7LmENBRbwBjVz3mYTBh9SF2dCGZ9rzFxP6O3Z
heiNzkbewxw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:37:44 2025 by rpki-client