Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/K01vk0vegtEklkC_3v7OlffTCG0.roa
File: K01vk0vegtEklkC_3v7OlffTCG0.roa (raw, json)
Hash identifier: enVxGP1dOrv2lRw8oTB3X9EUpoVd2YLuDGulBNuCkzc=
Subject key identifier: 2B:4D:6F:93:4B:DE:82:D1:24:96:40:BF:DE:FE:CE:95:F7:D3:08:6D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CB10BEE48C5BB5417EAE3BAFB44C22913
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/K01vk0vegtEklkC_3v7OlffTCG0.roa
Signing time: Thu 28 Dec 2023 15:29:58 +0000
ROA not before: Thu 28 Dec 2023 15:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199658
IP address blocks: 109.167.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:0b:ee:48:c5:bb:54:17:ea:e3:ba:fb:44:c2:29:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Dec 28 15:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b4d6f934bde82d1249640bfdefece95f7d3086d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fc:23:95:02:5e:4c:f3:a4:90:48:ea:b6:71:
9d:5b:fb:5f:13:dc:5e:7c:7d:81:e4:1b:79:42:f8:
57:84:c8:cf:bb:ba:49:ea:85:2d:0d:10:50:44:ad:
ba:9c:b2:81:58:e9:3c:af:40:ef:99:7c:dc:44:ed:
b0:b3:65:76:8b:6c:fb:6d:9d:8a:b0:86:8e:0c:fe:
6a:e2:66:e6:52:f9:70:cb:98:81:2f:88:cb:bc:9e:
2c:d8:0c:cc:15:bb:43:5d:b4:d9:0d:29:fd:b4:08:
58:8e:0e:dc:a5:18:43:7c:cf:9a:f6:03:86:77:92:
c4:d7:2a:b2:93:66:96:44:fd:44:41:00:d2:b9:c7:
05:20:6b:03:c6:49:8d:27:c2:da:c6:59:12:27:97:
c2:7e:a7:2d:59:0e:9a:5d:e9:92:81:01:bf:a3:96:
c2:4a:45:4a:7a:dd:19:7e:0c:f9:d6:d8:8d:af:86:
f3:92:e4:b2:64:5d:a4:91:d5:05:e6:01:d8:a3:7f:
a0:d0:8d:76:e8:c1:61:51:e0:b7:93:6f:76:8e:fb:
57:ea:f2:5e:08:c8:23:22:75:c8:bf:e4:4a:80:90:
0b:54:c3:68:6a:a1:c9:79:5a:75:01:a4:c3:25:49:
cf:a7:4a:ad:82:c0:30:f0:d6:d8:6c:2d:f4:6d:a1:
a9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4D:6F:93:4B:DE:82:D1:24:96:40:BF:DE:FE:CE:95:F7:D3:08:6D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/K01vk0vegtEklkC_3v7OlffTCG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.167.254.0/24
Signature Algorithm: sha256WithRSAEncryption
79:12:81:d0:f9:00:db:ef:a1:32:6f:26:3d:69:f2:db:0b:42:
34:bc:08:f4:61:c7:fe:14:ee:c5:ec:06:33:05:ef:39:07:8d:
3d:d4:ec:a7:9f:ed:c8:d6:72:1d:79:f6:83:45:2d:c9:b4:6d:
3e:00:38:e3:3a:f9:4f:af:d5:a3:22:c6:25:38:38:04:97:4f:
1a:91:98:4e:5c:8d:f2:93:7f:40:83:2a:a6:d1:ed:5e:d3:d6:
42:4a:52:9b:99:fb:74:ab:79:d7:6d:00:9e:bc:32:e8:53:59:
3b:b7:e6:40:d7:ab:7b:80:c6:58:f0:4c:f2:3a:05:c3:8f:a3:
b9:c9:64:d9:e9:e4:da:20:08:90:8b:bf:20:a8:f4:04:cd:c7:
b5:8a:5e:ed:88:8e:b3:c5:69:4b:26:f5:f3:dd:3f:95:3b:cc:
e7:36:a7:3e:82:a0:24:46:f2:43:6d:93:c6:7d:52:c4:8e:17:
60:a2:f0:b1:af:b7:9a:f8:6a:14:b6:fe:ec:2b:09:16:b5:24:
c2:b9:03:55:54:64:4b:29:b0:6c:c0:6d:69:13:ea:ac:d4:69:
80:7f:d5:92:82:99:22:3e:e2:fb:e3:f9:25:ef:75:b8:5a:18:
d7:a9:a8:38:88:e1:f3:66:64:de:8f:3b:0a:a9:8b:43:f4:fa:
2d:68:08:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyxC+5IxbtUF+rjuvtEwikTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMxMjI4MTUyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRkNmY5MzRiZGU4MmQxMjQ5NjQwYmZkZWZlY2U5NWY3ZDMwODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/wjlQJeTPOkkEjqtnGdW/tfE9xe
fH2B5Bt5QvhXhMjPu7pJ6oUtDRBQRK26nLKBWOk8r0DvmXzcRO2ws2V2i2z7bZ2K
sIaODP5q4mbmUvlwy5iBL4jLvJ4s2AzMFbtDXbTZDSn9tAhYjg7cpRhDfM+a9gOG
d5LE1yqyk2aWRP1EQQDSuccFIGsDxkmNJ8LaxlkSJ5fCfqctWQ6aXemSgQG/o5bC
SkVKet0Zfgz51tiNr4bzkuSyZF2kkdUF5gHYo3+g0I126MFhUeC3k292jvtX6vJe
CMgjInXIv+RKgJALVMNoaqHJeVp1AaTDJUnPp0qtgsAw8NbYbC30baGpOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtNb5NL3oLRJJZAv97+zpX30whtMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvSzAxdmswdmVndEVrbGtDXzN2N09sZmZUQ0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaf+MA0G
CSqGSIb3DQEBCwUAA4IBAQB5EoHQ+QDb76EybyY9afLbC0I0vAj0Ycf+FO7F7AYz
Be85B4091Oynn+3I1nIdefaDRS3JtG0+ADjjOvlPr9WjIsYlODgEl08akZhOXI3y
k39Agyqm0e1e09ZCSlKbmft0q3nXbQCevDLoU1k7t+ZA16t7gMZY8EzyOgXDj6O5
yWTZ6eTaIAiQi78gqPQEzce1il7tiI6zxWlLJvXz3T+VO8znNqc+gqAkRvJDbZPG
fVLEjhdgovCxr7ea+GoUtv7sKwkWtSTCuQNVVGRLKbBswG1pE+qs1GmAf9WSgpki
PuL74/kl73W4WhjXqag4iOHzZmTejzsKqYtD9PotaAiZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:53 2025 by rpki-client