Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/df52a4-e8f8-4740-8a54-eb54b5214bfd/1/Z7VfIaRDLMr5I_j2MxftYnJeXF8.roa
File: Z7VfIaRDLMr5I_j2MxftYnJeXF8.roa (raw, json)
Hash identifier: B68wZB320dZ/GTJoifc0uuexjyPC/a8xjeGr57iBlAg=
Subject key identifier: 67:B5:5F:21:A4:43:2C:CA:F9:23:F8:F6:33:17:ED:62:72:5E:5C:5F
Certificate issuer: /CN=7d1235c0776916507c149190a50479f067506f0c
Certificate serial: 01856F14A25E9FC9E62158D2B864F5E2EC72
Authority key identifier: 7D:12:35:C0:77:69:16:50:7C:14:91:90:A5:04:79:F0:67:50:6F:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRI1wHdpFlB8FJGQpQR58GdQbww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/df52a4-e8f8-4740-8a54-eb54b5214bfd/1/Z7VfIaRDLMr5I_j2MxftYnJeXF8.roa
Signing time: Sun 01 Jan 2023 20:45:01 +0000
ROA not before: Sun 01 Jan 2023 20:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29423
IP address blocks: 45.12.48.0/22 maxlen: 24
2a0e:9700::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a2:5e:9f:c9:e6:21:58:d2:b8:64:f5:e2:ec:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d1235c0776916507c149190a50479f067506f0c
Validity
Not Before: Jan 1 20:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67b55f21a4432ccaf923f8f63317ed62725e5c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:b9:9d:da:c2:db:3a:8d:d9:c0:54:91:de:
bf:3d:d5:db:35:d8:78:c0:0f:77:21:1b:c6:a3:e3:
b3:e7:65:f8:90:78:75:70:98:0f:21:f9:7d:44:99:
b5:fd:34:9d:e6:9a:59:5e:97:72:b3:12:b0:80:c5:
04:7a:b7:e1:2e:ae:62:04:85:93:df:90:67:2f:1e:
ed:7e:7d:31:81:d6:2f:a3:7b:7e:5d:38:14:d8:fa:
bc:fb:d1:f2:9d:28:4c:03:de:90:c7:c4:37:0e:82:
64:8b:c8:da:b1:d3:1d:64:59:35:3e:cc:a1:b6:58:
45:9d:19:5c:f6:6b:99:5b:2b:ec:fb:9f:fa:f2:88:
3b:ca:ab:b9:9a:a9:d0:de:1d:a4:06:6f:9a:be:fd:
15:d3:1e:c5:d4:e0:30:d6:f7:d7:d3:da:26:0d:fd:
76:ea:bc:59:12:13:9f:97:20:23:11:de:55:0d:21:
a7:c8:27:47:3e:98:7c:a0:4a:f0:58:c2:3d:c5:18:
72:85:09:54:37:9b:15:69:7f:45:d5:b6:ad:f1:cd:
84:be:59:ba:29:ac:cf:2b:d0:c3:0b:0b:83:4b:14:
8c:cb:9d:4b:04:59:f3:37:b6:25:c4:02:4e:84:a2:
f2:83:18:17:c4:c6:43:49:be:a7:ed:57:32:83:fb:
dc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B5:5F:21:A4:43:2C:CA:F9:23:F8:F6:33:17:ED:62:72:5E:5C:5F
X509v3 Authority Key Identifier:
keyid:7D:12:35:C0:77:69:16:50:7C:14:91:90:A5:04:79:F0:67:50:6F:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRI1wHdpFlB8FJGQpQR58GdQbww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/df52a4-e8f8-4740-8a54-eb54b5214bfd/1/Z7VfIaRDLMr5I_j2MxftYnJeXF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/df52a4-e8f8-4740-8a54-eb54b5214bfd/1/fRI1wHdpFlB8FJGQpQR58GdQbww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.48.0/22
IPv6:
2a0e:9700::/29
Signature Algorithm: sha256WithRSAEncryption
78:54:e8:85:04:1a:41:e0:fe:cb:fd:09:ee:c6:9d:b0:fe:36:
39:91:d9:e4:2d:3b:47:6f:54:d9:29:f2:79:c4:f3:31:8f:43:
ac:e4:2f:f3:69:8f:62:0f:46:63:a7:fc:48:a0:4f:80:24:49:
ea:3e:3b:c5:16:e6:65:87:c5:71:fc:99:79:b5:68:6d:1d:a7:
c4:a4:78:78:ca:be:03:ea:02:4b:e2:66:6a:05:70:73:6e:8e:
54:3e:0a:4f:f3:47:8b:dc:a4:7d:71:de:31:b5:b4:2c:4a:8c:
48:d2:9a:13:1d:82:6d:10:7e:79:f5:3c:58:e4:fd:e6:30:bb:
56:1c:16:f4:57:7a:6e:01:46:b2:01:88:e4:74:1f:0a:d3:76:
d6:6a:c8:08:68:cd:93:b9:41:10:4d:ec:49:c2:ee:75:fa:f0:
53:9c:61:a1:63:4d:dc:3d:e7:4a:a9:39:42:15:38:29:41:55:
12:b4:32:16:f0:80:b8:f0:0f:c2:f2:f3:d5:10:bd:c8:ce:ee:
d7:ee:2a:30:d4:83:bb:c9:1a:1e:7e:7b:36:02:79:b6:fe:34:
bd:88:b1:70:dc:1f:65:ca:e8:14:52:cc:de:9f:8d:ea:43:80:
08:e5:82:a9:62:af:0e:8d:bf:ae:d5:52:84:72:6c:64:a7:c3:
9a:f7:2b:9c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFKJen8nmIVjSuGT14uxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTIzNWMwNzc2OTE2NTA3YzE0OTE5MGE1MDQ3OWYwNjc1
MDZmMGMwHhcNMjMwMTAxMjA0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2I1NWYyMWE0NDMyY2NhZjkyM2Y4ZjYzMzE3ZWQ2MjcyNWU1YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprS5ndrC2zqN2cBUkd6/PdXbNdh4
wA93IRvGo+Oz52X4kHh1cJgPIfl9RJm1/TSd5ppZXpdysxKwgMUEerfhLq5iBIWT
35BnLx7tfn0xgdYvo3t+XTgU2Pq8+9HynShMA96Qx8Q3DoJki8jasdMdZFk1Psyh
tlhFnRlc9muZWyvs+5/68og7yqu5mqnQ3h2kBm+avv0V0x7F1OAw1vfX09omDf12
6rxZEhOflyAjEd5VDSGnyCdHPph8oErwWMI9xRhyhQlUN5sVaX9F1bat8c2Evlm6
KazPK9DDCwuDSxSMy51LBFnzN7YlxAJOhKLygxgXxMZDSb6n7Vcyg/vcQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGe1XyGkQyzK+SP49jMX7WJyXlxfMB8GA1UdIwQY
MBaAFH0SNcB3aRZQfBSRkKUEefBnUG8MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJJMXdIZHBGbEI4RkpHUXBRUjU4R2RRYnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kZjUyYTQtZThmOC00NzQwLThhNTQt
ZWI1NGI1MjE0YmZkLzEvWjdWZklhUkRMTXI1SV9qMk14ZnRZbkplWEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kZjUyYTQtZThmOC00NzQwLThhNTQtZWI1NGI1MjE0YmZk
LzEvZlJJMXdIZHBGbEI4RkpHUXBRUjU4R2RRYnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQwwMA0E
AgACMAcDBQMqDpcAMA0GCSqGSIb3DQEBCwUAA4IBAQB4VOiFBBpB4P7L/Qnuxp2w
/jY5kdnkLTtHb1TZKfJ5xPMxj0Os5C/zaY9iD0Zjp/xIoE+AJEnqPjvFFuZlh8Vx
/Jl5tWhtHafEpHh4yr4D6gJL4mZqBXBzbo5UPgpP80eL3KR9cd4xtbQsSoxI0poT
HYJtEH559TxY5P3mMLtWHBb0V3puAUayAYjkdB8K03bWasgIaM2TuUEQTexJwu51
+vBTnGGhY03cPedKqTlCFTgpQVUStDIW8IC48A/C8vPVEL3Izu7X7iow1IO7yRoe
fns2Anm2/jS9iLFw3B9lyugUUszen43qQ4AI5YKpYq8Ojb+u1VKEcmxkp8Oa9yuc
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:37 2023 by rpki-client on console.sobornost.net