Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/rkFrF0sm5SlFcNZcA5ydYVp9thU.roa
File: rkFrF0sm5SlFcNZcA5ydYVp9thU.roa (raw, json)
Hash identifier: P0yNF7AxGhpy2WuVhNpw8536amkL0OXrTTcycLl+bDw=
Subject key identifier: AE:41:6B:17:4B:26:E5:29:45:70:D6:5C:03:9C:9D:61:5A:7D:B6:15
Certificate issuer: /CN=968e53094a6207a0a65cdeec2e898b2c81267ae1
Certificate serial: 01856EB8E2EDFA336037BA27A6AB8B21B06B
Authority key identifier: 96:8E:53:09:4A:62:07:A0:A6:5C:DE:EC:2E:89:8B:2C:81:26:7A:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lo5TCUpiB6CmXN7sLomLLIEmeuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/rkFrF0sm5SlFcNZcA5ydYVp9thU.roa
Signing time: Sun 01 Jan 2023 19:04:48 +0000
ROA not before: Sun 01 Jan 2023 19:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51297
IP address blocks: 178.255.200.0/21 maxlen: 24
2a01:a440:1::/48 maxlen: 48
2a01:a440:2::/48 maxlen: 48
2a01:a440::/32 maxlen: 32
2a01:a440::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:e2:ed:fa:33:60:37:ba:27:a6:ab:8b:21:b0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=968e53094a6207a0a65cdeec2e898b2c81267ae1
Validity
Not Before: Jan 1 19:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae416b174b26e5294570d65c039c9d615a7db615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e3:63:18:79:d5:52:9a:6e:57:1d:b4:a6:54:
ed:c4:39:19:56:36:1c:07:91:5c:22:fa:4b:6c:61:
a7:9f:b8:89:16:d3:50:85:d5:16:44:f9:49:dd:56:
84:d7:ff:f2:34:f6:f5:c9:f5:d7:bc:53:af:e0:f6:
99:1c:03:48:32:e1:c9:02:ae:f2:02:ab:54:8f:60:
11:c9:d5:51:ec:b9:98:81:66:7a:de:ab:76:01:30:
d2:73:73:e4:fe:5c:e1:81:f9:32:77:d1:4e:f4:50:
2c:ea:cf:c1:50:25:cf:9f:dc:f4:25:62:e4:04:54:
16:11:0c:47:61:23:5f:f9:43:a5:aa:31:93:44:f7:
81:44:ef:e5:23:04:c5:70:81:c6:55:fb:e3:ec:48:
9c:b5:c8:25:f3:ec:0d:d1:65:00:e4:0b:08:bf:8b:
40:37:5f:f6:b2:b1:f2:9a:26:7e:0a:9e:14:96:19:
8f:33:f3:be:e4:f8:4b:81:4d:36:c4:f9:87:36:65:
c4:47:a9:47:e1:87:3b:a2:cb:42:f6:b5:f2:88:10:
92:52:a6:b1:a7:a8:c9:4e:5b:0d:9c:fb:46:28:4c:
01:5d:d1:7f:17:8c:90:d4:bc:7c:5a:c4:ad:30:c9:
a9:43:1d:30:96:05:41:cb:f8:53:00:62:a5:a9:ed:
51:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:41:6B:17:4B:26:E5:29:45:70:D6:5C:03:9C:9D:61:5A:7D:B6:15
X509v3 Authority Key Identifier:
keyid:96:8E:53:09:4A:62:07:A0:A6:5C:DE:EC:2E:89:8B:2C:81:26:7A:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lo5TCUpiB6CmXN7sLomLLIEmeuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/rkFrF0sm5SlFcNZcA5ydYVp9thU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/514258-0fd0-4831-bcf6-d4d69a1d4347/1/lo5TCUpiB6CmXN7sLomLLIEmeuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.200.0/21
IPv6:
2a01:a440::/32
Signature Algorithm: sha256WithRSAEncryption
63:3f:d1:f9:b8:7e:0f:d6:fb:ed:f4:3f:d8:93:aa:c8:80:80:
35:b2:1d:72:16:cb:ac:55:51:fd:05:81:f4:08:32:f6:0f:5a:
f8:9f:98:c3:ca:5c:72:fd:bb:a4:ee:c2:42:19:32:ab:f0:49:
0a:15:47:61:1f:a7:56:07:e0:b5:c1:c0:23:31:9b:a0:d1:1b:
f7:f9:c0:cc:2b:99:4a:f8:2f:48:3f:fd:be:a6:1e:a9:e1:d3:
a6:89:f3:a3:48:da:09:a1:e4:1f:d0:e9:4d:39:c7:0b:f6:f8:
e5:5d:92:dc:22:6c:2d:aa:11:58:31:a6:67:c3:91:1f:b5:0f:
11:b5:bc:bd:71:de:d5:5b:71:73:1c:ed:eb:14:46:46:d4:6c:
20:97:2e:c1:e1:51:1c:fb:6b:4b:3d:38:1d:15:69:f2:1e:e1:
f0:ac:a6:0d:7e:3e:5e:2d:21:ca:fb:4b:f1:c6:15:d0:c2:a0:
9b:89:3d:60:40:84:3d:29:98:dd:37:e1:69:2e:de:9a:98:74:
1e:48:19:7f:dd:99:da:52:4f:e2:58:34:a1:fd:59:71:85:b4:
62:e8:00:0e:e2:95:13:50:e2:43:2a:e5:2b:4b:14:d3:a8:df:
ef:2f:41:9e:9c:8f:6b:62:b3:83:15:3e:37:48:75:a1:9b:c8:
2f:b7:94:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuuOLt+jNgN7onpquLIbBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OGU1MzA5NGE2MjA3YTBhNjVjZGVlYzJlODk4YjJjODEy
NjdhZTEwHhcNMjMwMTAxMTkwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQxNmIxNzRiMjZlNTI5NDU3MGQ2NWMwMzljOWQ2MTVhN2RiNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlONjGHnVUppuVx20plTtxDkZVjYc
B5FcIvpLbGGnn7iJFtNQhdUWRPlJ3VaE1//yNPb1yfXXvFOv4PaZHANIMuHJAq7y
AqtUj2ARydVR7LmYgWZ63qt2ATDSc3Pk/lzhgfkyd9FO9FAs6s/BUCXPn9z0JWLk
BFQWEQxHYSNf+UOlqjGTRPeBRO/lIwTFcIHGVfvj7Eictcgl8+wN0WUA5AsIv4tA
N1/2srHymiZ+Cp4UlhmPM/O+5PhLgU02xPmHNmXER6lH4Yc7ostC9rXyiBCSUqax
p6jJTlsNnPtGKEwBXdF/F4yQ1Lx8WsStMMmpQx0wlgVBy/hTAGKlqe1RuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK5BaxdLJuUpRXDWXAOcnWFafbYVMB8GA1UdIwQY
MBaAFJaOUwlKYgegplze7C6JiyyBJnrhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG81VENVcGlCNkNtWE43c0xvbUxMSUVtZXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy81MTQyNTgtMGZkMC00ODMxLWJjZjYt
ZDRkNjlhMWQ0MzQ3LzEvcmtGckYwc201U2xGY05aY0E1eWRZVnA5dGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy81MTQyNTgtMGZkMC00ODMxLWJjZjYtZDRkNjlhMWQ0MzQ3
LzEvbG81VENVcGlCNkNtWE43c0xvbUxMSUVtZXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsv/IMA0E
AgACMAcDBQAqAaRAMA0GCSqGSIb3DQEBCwUAA4IBAQBjP9H5uH4P1vvt9D/Yk6rI
gIA1sh1yFsusVVH9BYH0CDL2D1r4n5jDylxy/buk7sJCGTKr8EkKFUdhH6dWB+C1
wcAjMZug0Rv3+cDMK5lK+C9IP/2+ph6p4dOmifOjSNoJoeQf0OlNOccL9vjlXZLc
ImwtqhFYMaZnw5EftQ8Rtby9cd7VW3FzHO3rFEZG1Gwgly7B4VEc+2tLPTgdFWny
HuHwrKYNfj5eLSHK+0vxxhXQwqCbiT1gQIQ9KZjdN+FpLt6amHQeSBl/3ZnaUk/i
WDSh/VlxhbRi6AAO4pUTUOJDKuUrSxTTqN/vL0GenI9rYrODFT43SHWhm8gvt5Tc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:23 2024 by rpki-client on console-ams.rpki-client.org