Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/xj4WXObkMgszY68sFmyfugAOgtU.roa
File: xj4WXObkMgszY68sFmyfugAOgtU.roa (raw, json)
Hash identifier: fPrIrbzkNjvGwxMIggD6QDjGHHIZn3zsaaMxxw+e0CQ=
Subject key identifier: C6:3E:16:5C:E6:E4:32:0B:33:63:AF:2C:16:6C:9F:BA:00:0E:82:D5
Certificate issuer: /CN=220ab0d7ae01c7ba7da69d71a91472b390cd7091
Certificate serial: 0192D7DF6E382A6D4CD08D2F8F4D447AAD40
Authority key identifier: 22:0A:B0:D7:AE:01:C7:BA:7D:A6:9D:71:A9:14:72:B3:90:CD:70:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Igqw164Bx7p9pp1xqRRys5DNcJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/xj4WXObkMgszY68sFmyfugAOgtU.roa
Signing time: Tue 29 Oct 2024 10:43:17 +0000
ROA not before: Tue 29 Oct 2024 10:43:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13135
IP address blocks: 45.66.88.0/22 maxlen: 22
2a09:6640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:df:6e:38:2a:6d:4c:d0:8d:2f:8f:4d:44:7a:ad:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220ab0d7ae01c7ba7da69d71a91472b390cd7091
Validity
Not Before: Oct 29 10:43:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c63e165ce6e4320b3363af2c166c9fba000e82d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:5a:6e:a8:92:d9:ba:b2:b1:e6:83:06:f8:
ad:ef:f8:e6:8d:ca:1c:b9:60:10:3a:dc:5e:af:31:
0e:a0:f1:7b:ee:6e:8d:7b:43:60:ea:59:da:40:f3:
9f:0f:03:fe:31:0e:37:ff:97:32:af:ef:5b:44:b7:
64:3a:fb:79:ae:04:2e:68:2e:a5:14:b1:69:3f:cf:
24:0d:38:b1:59:71:e3:63:ec:39:d6:a0:b7:cc:21:
9b:72:28:1f:7e:fc:b0:06:5d:ac:38:59:22:48:51:
03:c0:f1:7b:d6:05:05:e2:d7:22:95:a8:dd:b5:63:
f4:80:cc:c7:87:b7:48:be:7e:73:4d:e3:40:8c:1e:
12:9b:32:e4:d6:77:27:c4:31:45:99:20:a3:30:c2:
aa:72:13:18:ab:da:ce:f2:8d:1a:35:d2:1a:8d:64:
66:4f:94:cc:41:32:44:16:a2:d4:18:b5:ff:11:f4:
8a:23:c9:13:b4:be:5a:ce:88:87:c5:b6:02:2a:8a:
38:71:3b:17:55:21:31:67:f6:27:a0:fc:cc:df:41:
03:5b:01:da:1e:2c:35:a8:ee:02:8a:bd:00:65:86:
ff:8d:d7:e2:a1:d0:83:ec:29:3d:37:9e:d6:5a:bf:
c5:cc:a4:0f:de:53:17:45:51:5b:b6:16:46:9d:8f:
4d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3E:16:5C:E6:E4:32:0B:33:63:AF:2C:16:6C:9F:BA:00:0E:82:D5
X509v3 Authority Key Identifier:
keyid:22:0A:B0:D7:AE:01:C7:BA:7D:A6:9D:71:A9:14:72:B3:90:CD:70:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igqw164Bx7p9pp1xqRRys5DNcJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/xj4WXObkMgszY68sFmyfugAOgtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/Igqw164Bx7p9pp1xqRRys5DNcJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.88.0/22
IPv6:
2a09:6640::/29
Signature Algorithm: sha256WithRSAEncryption
4b:2e:13:91:35:4e:f0:da:3d:42:50:9f:fc:1e:6e:c7:6d:73:
ce:95:3b:81:6b:4f:80:94:62:cd:2a:83:95:35:5a:ea:0a:40:
53:ac:22:1b:7b:be:77:04:05:60:ed:42:bb:e5:29:fa:20:00:
77:df:33:88:7c:73:ea:55:10:94:a3:c5:48:a9:28:6f:7d:37:
e2:a3:eb:70:9f:79:a6:01:db:e6:9e:eb:7e:66:9e:6f:bb:01:
dd:3a:85:47:0d:47:7f:7a:b3:25:8c:69:8a:bf:f5:85:92:3a:
fe:08:45:a7:eb:55:64:06:cf:90:f6:d4:c0:08:a4:15:98:81:
fd:81:2d:5a:26:3c:c3:0a:79:7d:3a:11:86:33:e1:33:26:49:
68:02:35:08:51:49:d0:0c:ae:6a:fa:65:08:74:ba:5f:dd:12:
41:e2:97:63:0c:6d:03:9f:e3:28:0f:81:87:e7:50:0d:d1:1e:
06:db:b2:8e:f0:69:0c:3a:e2:78:c6:59:31:e4:f8:dc:c3:46:
2d:de:0b:fd:a4:75:12:2b:1b:2f:d3:f3:83:da:b9:27:68:de:
24:84:08:e8:3f:47:b3:11:7e:2e:d7:18:09:9d:34:4b:68:63:
41:c0:bd:3f:3a:a9:6a:84:9c:e8:8a:85:fd:75:c9:1f:cb:09:
d1:16:3a:3b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZLX3244Km1M0I0vj01Eeq1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGFiMGQ3YWUwMWM3YmE3ZGE2OWQ3MWE5MTQ3MmIzOTBj
ZDcwOTEwHhcNMjQxMDI5MTA0MzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNlMTY1Y2U2ZTQzMjBiMzM2M2FmMmMxNjZjOWZiYTAwMGU4MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIVabqiS2bqyseaDBvit7/jmjcoc
uWAQOtxerzEOoPF77m6Ne0Ng6lnaQPOfDwP+MQ43/5cyr+9bRLdkOvt5rgQuaC6l
FLFpP88kDTixWXHjY+w51qC3zCGbcigffvywBl2sOFkiSFEDwPF71gUF4tcilajd
tWP0gMzHh7dIvn5zTeNAjB4SmzLk1ncnxDFFmSCjMMKqchMYq9rO8o0aNdIajWRm
T5TMQTJEFqLUGLX/EfSKI8kTtL5azoiHxbYCKoo4cTsXVSExZ/YnoPzM30EDWwHa
Hiw1qO4Cir0AZYb/jdfiodCD7Ck9N57WWr/FzKQP3lMXRVFbthZGnY9NhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMY+Flzm5DILM2OvLBZsn7oADoLVMB8GA1UdIwQY
MBaAFCIKsNeuAce6faadcakUcrOQzXCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdxdzE2NEJ4N3A5cHAxeHFSUnlzNUROY0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mMDQ2NTgtZmFkNy00MjNjLWJiNDIt
ODJmYTNkMjYwODY5LzEveGo0V1hPYmtNZ3N6WTY4c0ZteWZ1Z0FPZ3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mMDQ2NTgtZmFkNy00MjNjLWJiNDItODJmYTNkMjYwODY5
LzEvSWdxdzE2NEJ4N3A5cHAxeHFSUnlzNUROY0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUJYMA0E
AgACMAcDBQMqCWZAMA0GCSqGSIb3DQEBCwUAA4IBAQBLLhORNU7w2j1CUJ/8Hm7H
bXPOlTuBa0+AlGLNKoOVNVrqCkBTrCIbe753BAVg7UK75Sn6IAB33zOIfHPqVRCU
o8VIqShvfTfio+twn3mmAdvmnut+Zp5vuwHdOoVHDUd/erMljGmKv/WFkjr+CEWn
61VkBs+Q9tTACKQVmIH9gS1aJjzDCnl9OhGGM+EzJkloAjUIUUnQDK5q+mUIdLpf
3RJB4pdjDG0Dn+MoD4GH51AN0R4G27KO8GkMOuJ4xlkx5Pjcw0Yt3gv9pHUSKxsv
0/OD2rknaN4khAjoP0ezEX4u1xgJnTRLaGNBwL0/OqlqhJzoioX9dckfywnRFjo7
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:30:50 2025 by rpki-client