Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/v5XlMu-PKh-JEaOy_1hvh0MNc2A.roa
File: v5XlMu-PKh-JEaOy_1hvh0MNc2A.roa (raw, json)
Hash identifier: PI1Iu9jmKoEBDVDfEm2ueD/Ja6OPx44tB0dKNfmxeoQ=
Subject key identifier: BF:95:E5:32:EF:8F:2A:1F:89:11:A3:B2:FF:58:6F:87:43:0D:73:60
Certificate issuer: /CN=68395fb8f4524b8a6f945bbfa938b8f61694052f
Certificate serial: 0184A916BDE8D842F46A73C1342F16693757
Authority key identifier: 68:39:5F:B8:F4:52:4B:8A:6F:94:5B:BF:A9:38:B8:F6:16:94:05:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDlfuPRSS4pvlFu_qTi49haUBS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/v5XlMu-PKh-JEaOy_1hvh0MNc2A.roa
Signing time: Thu 24 Nov 2022 10:02:30 +0000
ROA not before: Thu 24 Nov 2022 10:02:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 45.10.192.0/22 maxlen: 22
45.10.195.0/24 maxlen: 24
45.10.193.0/24 maxlen: 24
45.10.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:16:bd:e8:d8:42:f4:6a:73:c1:34:2f:16:69:37:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68395fb8f4524b8a6f945bbfa938b8f61694052f
Validity
Not Before: Nov 24 10:02:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf95e532ef8f2a1f8911a3b2ff586f87430d7360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:86:c8:d5:53:7e:39:af:d6:a4:13:e0:5d:a8:
de:f0:17:39:25:34:de:15:ca:b8:ce:87:55:16:4b:
d3:e9:00:5c:36:d8:15:90:6f:a4:24:ad:e4:00:12:
12:56:2e:70:cd:4f:d8:f3:16:e5:cd:bb:a1:a0:3a:
bf:e6:eb:b8:e8:e0:9c:df:d1:cb:17:31:28:3c:ed:
e8:4d:08:eb:51:87:26:0b:11:c7:c8:ca:23:10:4e:
7d:0b:cc:07:8a:16:14:b2:58:d3:6d:88:dc:60:ed:
9c:75:7b:ac:d9:21:9d:74:c5:85:8f:ec:71:f5:70:
76:2a:16:a4:b1:3c:bc:ad:2c:68:55:ca:f7:25:03:
09:5a:c9:26:08:94:40:50:c8:aa:da:c7:aa:6f:62:
3d:dc:ef:60:81:75:58:9f:3f:91:6d:53:33:2a:47:
47:1b:48:49:ac:fe:55:b2:2b:37:31:8d:19:5d:c1:
29:8a:19:a1:3b:6d:16:5b:d2:92:65:82:01:9e:f0:
e0:a7:8e:c9:a6:89:44:b2:b4:9b:5d:7d:27:b9:f8:
61:99:00:54:c8:12:95:a8:93:41:e1:01:51:96:1b:
c9:a9:68:08:ab:bc:21:9f:44:43:08:97:30:58:b0:
d2:27:d6:bf:ea:4d:1d:67:00:95:ce:7b:86:72:21:
b0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:95:E5:32:EF:8F:2A:1F:89:11:A3:B2:FF:58:6F:87:43:0D:73:60
X509v3 Authority Key Identifier:
keyid:68:39:5F:B8:F4:52:4B:8A:6F:94:5B:BF:A9:38:B8:F6:16:94:05:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDlfuPRSS4pvlFu_qTi49haUBS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/v5XlMu-PKh-JEaOy_1hvh0MNc2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1a3d5c-e49a-4d4d-a70d-b6d427a3b106/1/aDlfuPRSS4pvlFu_qTi49haUBS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.192.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:04:27:d3:5e:d8:9c:c2:0d:c3:3a:c5:04:d6:db:1c:1c:59:
19:4b:37:34:6a:54:3e:23:58:91:03:53:dd:a3:a1:3f:ec:7f:
e4:f9:47:a5:54:f4:6e:88:e3:ce:4d:61:8f:c4:ea:6d:2d:8f:
0c:a1:0e:23:5c:9e:38:31:b8:49:de:57:3e:db:5e:dc:51:3d:
b2:2a:f1:9f:21:4c:01:d7:91:6f:0b:e2:5e:0c:2e:f2:53:19:
77:a1:a1:0c:be:04:6b:0c:3b:b0:35:1f:f0:f4:94:e2:34:b6:
fc:48:04:6a:81:f0:71:7d:06:6f:e1:ae:36:09:40:d1:ab:f2:
a9:73:1a:dc:94:8b:98:15:f2:b4:95:1d:7d:c2:ab:4b:10:69:
3f:54:c6:66:ae:3f:d2:b3:bc:ab:7f:d8:b7:d0:c2:9e:2a:c8:
3d:d6:64:83:a1:04:26:ca:69:0a:ee:fc:8e:f2:ed:a8:30:3e:
87:ca:25:80:6c:76:02:bd:3b:b5:51:8d:df:ae:ac:a0:70:bd:
fa:53:67:85:c2:3e:e6:66:fb:1f:a5:cb:b8:a2:37:bb:0b:bc:
0a:7d:22:bd:9f:7d:3b:ef:99:ac:64:d4:4b:07:53:15:23:de:
bc:75:5c:49:ab:f9:f5:45:14:09:42:cd:22:a1:7f:86:68:4b:
99:8d:7f:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSpFr3o2EL0anPBNC8WaTdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Mzk1ZmI4ZjQ1MjRiOGE2Zjk0NWJiZmE5MzhiOGY2MTY5
NDA1MmYwHhcNMjIxMTI0MTAwMjMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk1ZTUzMmVmOGYyYTFmODkxMWEzYjJmZjU4NmY4NzQzMGQ3MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYbI1VN+Oa/WpBPgXaje8Bc5JTTe
Fcq4zodVFkvT6QBcNtgVkG+kJK3kABISVi5wzU/Y8xblzbuhoDq/5uu46OCc39HL
FzEoPO3oTQjrUYcmCxHHyMojEE59C8wHihYUsljTbYjcYO2cdXus2SGddMWFj+xx
9XB2KhaksTy8rSxoVcr3JQMJWskmCJRAUMiq2seqb2I93O9ggXVYnz+RbVMzKkdH
G0hJrP5Vsis3MY0ZXcEpihmhO20WW9KSZYIBnvDgp47JpolEsrSbXX0nufhhmQBU
yBKVqJNB4QFRlhvJqWgIq7whn0RDCJcwWLDSJ9a/6k0dZwCVznuGciGw/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+V5TLvjyofiRGjsv9Yb4dDDXNgMB8GA1UdIwQY
MBaAFGg5X7j0UkuKb5Rbv6k4uPYWlAUvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURsZnVQUlNTNHB2bEZ1X3FUaTQ5aGFVQlM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xYTNkNWMtZTQ5YS00ZDRkLWE3MGQt
YjZkNDI3YTNiMTA2LzEvdjVYbE11LVBLaC1KRWFPeV8xaHZoME1OYzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xYTNkNWMtZTQ5YS00ZDRkLWE3MGQtYjZkNDI3YTNiMTA2
LzEvYURsZnVQUlNTNHB2bEZ1X3FUaTQ5aGFVQlM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQrAMA0G
CSqGSIb3DQEBCwUAA4IBAQCuBCfTXticwg3DOsUE1tscHFkZSzc0alQ+I1iRA1Pd
o6E/7H/k+UelVPRuiOPOTWGPxOptLY8MoQ4jXJ44MbhJ3lc+217cUT2yKvGfIUwB
15FvC+JeDC7yUxl3oaEMvgRrDDuwNR/w9JTiNLb8SARqgfBxfQZv4a42CUDRq/Kp
cxrclIuYFfK0lR19wqtLEGk/VMZmrj/Ss7yrf9i30MKeKsg91mSDoQQmymkK7vyO
8u2oMD6HyiWAbHYCvTu1UY3frqygcL36U2eFwj7mZvsfpcu4oje7C7wKfSK9n307
75msZNRLB1MVI968dVxJq/n1RRQJQs0ioX+GaEuZjX8s
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:39 2023 by rpki-client on console.sobornost.net