Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6730b8-83a5-44b4-92e3-ad826a496acf/1/_cIGS3__fRfxqgMDAN5BT_gdyhw.roa
File: _cIGS3__fRfxqgMDAN5BT_gdyhw.roa (raw, json)
Hash identifier: Y0nszx3TgaWtiIhRkTfIsZ8p4Y92KBoarDB1B5jwoYQ=
Subject key identifier: FD:C2:06:4B:7F:FF:7D:17:F1:AA:03:03:00:DE:41:4F:F8:1D:CA:1C
Certificate issuer: /CN=ffd2361172862836b71c9ded3cd247616a9ceedf
Certificate serial: 018571278A35AD480298DA3E9309AA9A28D4
Authority key identifier: FF:D2:36:11:72:86:28:36:B7:1C:9D:ED:3C:D2:47:61:6A:9C:EE:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9I2EXKGKDa3HJ3tPNJHYWqc7t8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6730b8-83a5-44b4-92e3-ad826a496acf/1/_cIGS3__fRfxqgMDAN5BT_gdyhw.roa
Signing time: Mon 02 Jan 2023 06:24:54 +0000
ROA not before: Mon 02 Jan 2023 06:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212667
IP address blocks: 188.95.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:8a:35:ad:48:02:98:da:3e:93:09:aa:9a:28:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffd2361172862836b71c9ded3cd247616a9ceedf
Validity
Not Before: Jan 2 06:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdc2064b7fff7d17f1aa030300de414ff81dca1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c4:74:61:c3:1c:05:b1:79:b6:bc:d0:2b:ce:
00:dd:7f:c1:a0:81:60:11:96:6e:be:7b:7b:72:a6:
bd:08:8b:b0:82:d2:a7:ea:c7:50:0f:bb:b6:e0:4c:
97:88:82:06:3c:a1:96:74:4e:53:c1:db:0f:3b:e2:
b0:d3:32:f7:be:c0:18:75:53:f5:dd:8f:e9:53:04:
d0:98:af:31:e1:7b:dc:e0:a4:96:5f:30:c7:c1:1b:
df:f8:87:94:30:a3:30:a9:49:df:f7:79:8f:32:d3:
f7:b7:f0:3e:ad:74:78:d8:5f:c7:16:34:ed:42:a5:
fd:d2:f7:59:c3:ef:c5:7c:c4:0d:3a:af:e5:d5:90:
0a:de:76:49:85:ba:e0:53:f3:ac:d9:9a:17:dd:28:
cd:d4:16:d5:6b:d7:f3:3f:8c:ca:18:ff:07:e6:2f:
bc:9f:0f:f1:ec:17:17:e5:ee:16:f4:a6:f5:28:b9:
d7:de:07:df:f5:5c:82:97:c0:dd:0b:6b:cd:34:54:
a8:c2:63:99:3b:9f:d4:02:ab:f0:ce:82:86:4c:d9:
61:90:ca:39:f1:13:87:27:d9:2e:16:88:ca:5a:4c:
99:04:f0:06:d6:32:cf:5c:e9:b6:d5:8f:77:c9:ef:
80:77:85:8d:d7:e8:67:0c:eb:c4:fd:fc:0c:d8:95:
29:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C2:06:4B:7F:FF:7D:17:F1:AA:03:03:00:DE:41:4F:F8:1D:CA:1C
X509v3 Authority Key Identifier:
keyid:FF:D2:36:11:72:86:28:36:B7:1C:9D:ED:3C:D2:47:61:6A:9C:EE:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9I2EXKGKDa3HJ3tPNJHYWqc7t8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6730b8-83a5-44b4-92e3-ad826a496acf/1/_cIGS3__fRfxqgMDAN5BT_gdyhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6730b8-83a5-44b4-92e3-ad826a496acf/1/_9I2EXKGKDa3HJ3tPNJHYWqc7t8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.71.0/24
Signature Algorithm: sha256WithRSAEncryption
80:66:6d:41:2c:c0:59:0b:cc:e1:be:62:93:44:bf:8d:6b:31:
c8:3c:b4:a0:96:e6:7d:b2:38:0e:bf:17:f8:f0:28:1a:f4:9d:
66:3b:a9:2e:74:bf:fb:a2:0a:a0:f1:68:33:45:b1:39:4b:67:
53:e1:cd:ba:fe:99:e7:f6:fd:5f:f7:17:bf:70:d3:a0:35:87:
b4:b1:60:fa:ce:30:ef:6d:e8:83:01:5e:36:65:62:09:6a:d6:
b2:70:e9:b2:5a:4d:a6:66:cd:47:0e:d1:b6:52:5a:d3:e3:75:
62:57:82:1b:2f:27:e3:2a:5c:0e:98:ae:89:a8:17:c1:3c:df:
6f:cd:66:d2:85:17:a1:30:3a:d0:1c:e8:c9:32:b0:35:f5:8c:
f1:48:0d:a9:db:35:e1:aa:cf:39:9f:21:d1:33:e1:13:69:bb:
28:1c:5e:6f:c8:d9:2e:9a:f9:d0:57:14:43:29:c4:aa:25:df:
47:60:7a:0e:42:ae:8f:f5:67:e5:e0:ac:ae:6f:a0:a4:ed:96:
a7:fc:b0:5a:07:1e:89:ed:8d:f3:c9:25:7b:65:db:92:16:d6:
30:a8:43:5a:2b:47:8e:17:a9:46:27:53:40:63:d4:99:02:59:
82:9e:78:2c:59:3e:e7:fb:0b:58:88:85:4e:5a:d9:2d:7d:1e:
45:60:3e:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ4o1rUgCmNo+kwmqmijUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZDIzNjExNzI4NjI4MzZiNzFjOWRlZDNjZDI0NzYxNmE5
Y2VlZGYwHhcNMjMwMTAyMDYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGMyMDY0YjdmZmY3ZDE3ZjFhYTAzMDMwMGRlNDE0ZmY4MWRjYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicR0YcMcBbF5trzQK84A3X/BoIFg
EZZuvnt7cqa9CIuwgtKn6sdQD7u24EyXiIIGPKGWdE5TwdsPO+Kw0zL3vsAYdVP1
3Y/pUwTQmK8x4Xvc4KSWXzDHwRvf+IeUMKMwqUnf93mPMtP3t/A+rXR42F/HFjTt
QqX90vdZw+/FfMQNOq/l1ZAK3nZJhbrgU/Os2ZoX3SjN1BbVa9fzP4zKGP8H5i+8
nw/x7BcX5e4W9Kb1KLnX3gff9VyCl8DdC2vNNFSowmOZO5/UAqvwzoKGTNlhkMo5
8ROHJ9kuFojKWkyZBPAG1jLPXOm21Y93ye+Ad4WN1+hnDOvE/fwM2JUp/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3CBkt//30X8aoDAwDeQU/4HcocMB8GA1UdIwQY
MBaAFP/SNhFyhig2txyd7TzSR2FqnO7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzlJMkVYS0dLRGEzSEozdFBOSkhZV3FjN3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82NzMwYjgtODNhNS00NGI0LTkyZTMt
YWQ4MjZhNDk2YWNmLzEvX2NJR1MzX19mUmZ4cWdNREFONUJUX2dkeWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82NzMwYjgtODNhNS00NGI0LTkyZTMtYWQ4MjZhNDk2YWNm
LzEvXzlJMkVYS0dLRGEzSEozdFBOSkhZV3FjN3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9HMA0G
CSqGSIb3DQEBCwUAA4IBAQCAZm1BLMBZC8zhvmKTRL+NazHIPLSgluZ9sjgOvxf4
8Cga9J1mO6kudL/7ogqg8WgzRbE5S2dT4c26/pnn9v1f9xe/cNOgNYe0sWD6zjDv
beiDAV42ZWIJataycOmyWk2mZs1HDtG2UlrT43ViV4IbLyfjKlwOmK6JqBfBPN9v
zWbShRehMDrQHOjJMrA19YzxSA2p2zXhqs85nyHRM+ETabsoHF5vyNkumvnQVxRD
KcSqJd9HYHoOQq6P9Wfl4Kyub6Ck7Zan/LBaBx6J7Y3zySV7ZduSFtYwqENaK0eO
F6lGJ1NAY9SZAlmCnngsWT7n+wtYiIVOWtktfR5FYD4b
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:15 2025 by rpki-client