Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ApZkmJjgarHvPCOhciop20N4fLg.roa
File: ApZkmJjgarHvPCOhciop20N4fLg.roa (raw, json)
Hash identifier: RwTllCFetN2d3YzLfq5OO1JbDLbAoXFM2QbO8TyYLlQ=
Subject key identifier: 02:96:64:98:98:E0:6A:B1:EF:3C:23:A1:72:2A:29:DB:43:78:7C:B8
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018B5C0AD690F8D4E3BF7E135C6E7E9D1E99
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ApZkmJjgarHvPCOhciop20N4fLg.roa
Signing time: Mon 23 Oct 2023 10:18:16 +0000
ROA not before: Mon 23 Oct 2023 10:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51178
IP address blocks: 93.88.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:0a:d6:90:f8:d4:e3:bf:7e:13:5c:6e:7e:9d:1e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Oct 23 10:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0296649898e06ab1ef3c23a1722a29db43787cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:aa:02:d7:3c:b1:d6:db:cb:d2:b6:d5:ec:7a:
ec:0d:12:72:17:5c:72:24:bd:5d:ae:87:a4:73:16:
c6:51:c2:20:27:6e:ad:2a:92:6f:97:92:6b:fb:43:
00:84:3d:f3:7b:61:86:cd:d5:f3:7e:a7:d8:dc:5d:
1a:fd:20:87:25:cd:9f:ab:43:2f:5b:1c:52:c8:41:
00:ce:2a:43:d7:4d:9b:01:22:dd:8c:17:9b:93:ad:
e3:01:79:f4:7f:25:fa:78:74:00:d2:b9:ec:e9:bb:
4a:59:f9:73:10:1a:f8:0a:85:88:e1:b0:43:12:58:
7c:36:a4:ed:51:54:1e:bc:0a:43:05:8f:1c:4d:43:
a9:60:db:c8:ce:3c:56:84:8b:7c:ef:10:cd:76:7d:
d6:86:da:72:9d:e8:78:26:da:74:97:b5:80:6d:06:
52:f2:e8:06:b6:f7:6d:c5:66:be:1b:9c:48:f4:7a:
1a:13:9a:93:7a:89:77:3a:36:d4:4c:54:ae:a7:41:
f8:7c:9a:c6:fd:9a:54:96:3e:63:35:35:89:11:15:
c7:a2:70:db:fc:b6:a1:8d:36:eb:c2:e3:fd:50:3c:
02:e1:30:a7:36:8e:c4:2e:2f:1d:c6:66:2f:df:82:
91:e2:f7:e9:1b:5b:16:b3:30:6a:72:ae:95:9f:29:
c5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:96:64:98:98:E0:6A:B1:EF:3C:23:A1:72:2A:29:DB:43:78:7C:B8
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ApZkmJjgarHvPCOhciop20N4fLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.172.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:c0:5a:d5:59:6f:8e:e1:8e:1e:80:fe:fd:e8:ae:27:cd:6a:
10:b9:3c:2f:6a:b0:fd:ea:f9:12:d1:e9:98:f7:df:b5:f3:d5:
28:9f:be:fc:a6:de:13:9a:93:10:03:f6:44:4f:aa:51:d1:e3:
3c:93:b0:d4:f4:ea:71:8d:75:20:49:0d:2f:40:bd:32:c4:1f:
34:14:11:fe:87:97:34:2e:27:88:83:f8:f4:80:9a:3a:d9:b7:
3d:4a:3b:d5:f7:ff:4e:18:2c:eb:14:20:b4:7a:cc:82:da:45:
01:dd:30:5c:2a:02:84:da:f7:cb:64:21:45:07:50:4a:d9:6f:
3f:aa:fb:e9:34:61:db:60:b1:e3:44:26:a3:5f:ad:15:a1:b3:
24:4a:95:68:59:68:0c:8e:1d:25:6a:53:70:6f:5f:a9:29:7c:
bb:37:b8:b2:88:39:36:e6:e0:29:a1:3f:14:5d:bd:97:fb:4e:
6e:60:9d:76:74:5f:ca:63:f7:58:a3:2a:2e:09:a3:7f:34:61:
7f:97:51:9a:68:dd:fa:c1:6d:b4:36:db:1c:58:f1:5b:d1:b0:
ea:94:0f:75:93:65:60:2e:ab:d6:93:57:86:59:7b:5d:56:ac:
6f:f9:52:24:4f:98:1b:68:be:1d:8f:d6:35:f5:73:8a:2c:5b:
12:24:d0:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtcCtaQ+NTjv34TXG5+nR6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMxMDIzMTAxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjk2NjQ5ODk4ZTA2YWIxZWYzYzIzYTE3MjJhMjlkYjQzNzg3Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKoC1zyx1tvL0rbV7HrsDRJyF1xy
JL1droekcxbGUcIgJ26tKpJvl5Jr+0MAhD3ze2GGzdXzfqfY3F0a/SCHJc2fq0Mv
WxxSyEEAzipD102bASLdjBebk63jAXn0fyX6eHQA0rns6btKWflzEBr4CoWI4bBD
Elh8NqTtUVQevApDBY8cTUOpYNvIzjxWhIt87xDNdn3Whtpyneh4Jtp0l7WAbQZS
8ugGtvdtxWa+G5xI9HoaE5qTeol3OjbUTFSup0H4fJrG/ZpUlj5jNTWJERXHonDb
/LahjTbrwuP9UDwC4TCnNo7ELi8dxmYv34KR4vfpG1sWszBqcq6VnynF5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKWZJiY4Gqx7zwjoXIqKdtDeHy4MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvQXBaa21Kamdhckh2UENPaGNpb3AyME40ZkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXVisMA0G
CSqGSIb3DQEBCwUAA4IBAQDRwFrVWW+O4Y4egP796K4nzWoQuTwvarD96vkS0emY
99+189Uon778pt4TmpMQA/ZET6pR0eM8k7DU9OpxjXUgSQ0vQL0yxB80FBH+h5c0
LieIg/j0gJo62bc9SjvV9/9OGCzrFCC0esyC2kUB3TBcKgKE2vfLZCFFB1BK2W8/
qvvpNGHbYLHjRCajX60VobMkSpVoWWgMjh0lalNwb1+pKXy7N7iyiDk25uApoT8U
Xb2X+05uYJ12dF/KY/dYoyouCaN/NGF/l1GaaN36wW20NtscWPFb0bDqlA91k2Vg
LqvWk1eGWXtdVqxv+VIkT5gbaL4dj9Y19XOKLFsSJNDr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:11 2025 by rpki-client