Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/c4cdb0-d9f6-45d5-a524-f5d34f5e85d6/1/XqSU2XYjkJB9Yat8AHqNfbgF64c.roa
File: XqSU2XYjkJB9Yat8AHqNfbgF64c.roa (raw, json)
Hash identifier: HdSZO2kKAVLMFspGGdoyOTOsgKIxXLkHDtT/2iIBUE8=
Subject key identifier: 5E:A4:94:D9:76:23:90:90:7D:61:AB:7C:00:7A:8D:7D:B8:05:EB:87
Certificate issuer: /CN=2bf3746db04080c780a8bc6d95d70245818c0738
Certificate serial: 0185729EBCC0C574176D7292108F4DBB68DA
Authority key identifier: 2B:F3:74:6D:B0:40:80:C7:80:A8:BC:6D:95:D7:02:45:81:8C:07:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K_N0bbBAgMeAqLxtldcCRYGMBzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/c4cdb0-d9f6-45d5-a524-f5d34f5e85d6/1/XqSU2XYjkJB9Yat8AHqNfbgF64c.roa
Signing time: Mon 02 Jan 2023 13:14:43 +0000
ROA not before: Mon 02 Jan 2023 13:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 185.251.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:bc:c0:c5:74:17:6d:72:92:10:8f:4d:bb:68:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bf3746db04080c780a8bc6d95d70245818c0738
Validity
Not Before: Jan 2 13:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ea494d9762390907d61ab7c007a8d7db805eb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:60:50:20:43:94:31:3a:dd:d0:0f:d9:c7:a9:
21:98:2c:c8:17:c4:87:30:ef:23:a2:86:d1:7e:e7:
9e:f0:a0:22:1b:a9:5e:84:51:de:cb:2d:e1:16:c9:
4f:44:ac:6c:a4:0d:86:cd:08:31:9d:7b:16:7f:a7:
df:37:29:00:66:d1:30:85:02:32:ac:a8:5e:bc:0a:
02:45:9d:a6:96:d2:52:c0:67:dc:78:53:50:23:29:
45:e3:58:58:c0:db:9b:03:3b:fa:95:df:84:ed:4f:
24:af:39:e5:81:84:db:4b:3b:36:fe:a6:55:5d:0f:
ec:1e:79:8d:f2:40:32:d4:d8:32:71:aa:98:b0:f2:
2a:58:7b:c0:ec:98:ea:d9:85:08:63:3f:b2:27:5e:
62:4f:7b:28:08:1d:27:a3:9b:29:23:25:f3:4a:7f:
01:dc:6d:9c:d7:13:3c:ad:be:b1:d3:2c:31:b5:93:
bd:fc:33:2f:af:48:3c:42:09:b0:a6:32:05:8f:1d:
03:25:3f:ce:f4:dd:01:3d:a8:48:fb:57:cc:7f:65:
d1:a6:c8:65:cf:97:92:f9:c7:42:8f:06:b6:b2:b1:
35:cb:04:bc:81:f5:7f:f9:26:4a:56:e9:d6:ff:99:
a3:81:38:f7:f8:74:0c:eb:3d:49:d8:a2:f5:39:cd:
20:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A4:94:D9:76:23:90:90:7D:61:AB:7C:00:7A:8D:7D:B8:05:EB:87
X509v3 Authority Key Identifier:
keyid:2B:F3:74:6D:B0:40:80:C7:80:A8:BC:6D:95:D7:02:45:81:8C:07:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K_N0bbBAgMeAqLxtldcCRYGMBzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c4cdb0-d9f6-45d5-a524-f5d34f5e85d6/1/XqSU2XYjkJB9Yat8AHqNfbgF64c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c4cdb0-d9f6-45d5-a524-f5d34f5e85d6/1/K_N0bbBAgMeAqLxtldcCRYGMBzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.20.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:55:78:9a:a5:e5:27:98:ca:c7:8e:15:d2:09:2f:fd:83:1d:
60:49:ff:ca:e6:7c:ef:e8:1e:b3:79:73:fb:31:3d:5b:bc:31:
bd:43:96:29:15:19:bc:2f:5a:f7:ce:18:a9:a6:0f:bc:de:54:
11:09:64:92:d6:1e:42:40:00:96:be:c9:f5:67:c6:f3:df:3c:
24:83:f7:07:3a:0d:d2:23:6c:c0:10:87:64:c6:bf:5b:30:7c:
cb:36:e9:20:90:2f:13:6a:cc:72:77:13:b7:1d:82:59:7f:84:
20:65:e8:a9:10:c7:c4:5a:9d:2a:cf:2f:56:ac:72:3e:97:35:
67:aa:79:ea:13:51:b0:87:18:5b:fb:16:da:cd:95:9f:2c:c5:
6e:72:5e:ff:d4:55:31:ab:5f:ac:25:5a:a4:a0:f7:8d:a3:3b:
b5:05:04:a2:02:cb:34:25:65:cf:2e:0c:3f:b0:76:dc:5b:33:
88:68:f1:d9:b1:f2:25:fe:c3:59:16:52:d8:08:32:f8:86:c5:
d9:4c:e0:3f:92:d9:41:de:27:a0:78:52:04:4e:02:1a:c9:48:
a0:bc:bf:2a:2b:6e:b7:aa:d5:7e:7c:3f:48:83:fc:74:e4:08:
ff:10:8b:cb:43:16:cd:46:36:0d:81:97:72:37:12:0b:89:f7:
9d:63:d7:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynrzAxXQXbXKSEI9Nu2jaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZjM3NDZkYjA0MDgwYzc4MGE4YmM2ZDk1ZDcwMjQ1ODE4
YzA3MzgwHhcNMjMwMTAyMTMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE0OTRkOTc2MjM5MDkwN2Q2MWFiN2MwMDdhOGQ3ZGI4MDVlYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWBQIEOUMTrd0A/Zx6khmCzIF8SH
MO8joobRfuee8KAiG6lehFHeyy3hFslPRKxspA2GzQgxnXsWf6ffNykAZtEwhQIy
rKhevAoCRZ2mltJSwGfceFNQIylF41hYwNubAzv6ld+E7U8krznlgYTbSzs2/qZV
XQ/sHnmN8kAy1NgycaqYsPIqWHvA7Jjq2YUIYz+yJ15iT3soCB0no5spIyXzSn8B
3G2c1xM8rb6x0ywxtZO9/DMvr0g8QgmwpjIFjx0DJT/O9N0BPahI+1fMf2XRpshl
z5eS+cdCjwa2srE1ywS8gfV/+SZKVunW/5mjgTj3+HQM6z1J2KL1Oc0ghwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6klNl2I5CQfWGrfAB6jX24BeuHMB8GA1UdIwQY
MBaAFCvzdG2wQIDHgKi8bZXXAkWBjAc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS19OMGJiQkFnTWVBcUx4dGxkY0NSWUdNQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9jNGNkYjAtZDlmNi00NWQ1LWE1MjQt
ZjVkMzRmNWU4NWQ2LzEvWHFTVTJYWWprSkI5WWF0OEFIcU5mYmdGNjRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9jNGNkYjAtZDlmNi00NWQ1LWE1MjQtZjVkMzRmNWU4NWQ2
LzEvS19OMGJiQkFnTWVBcUx4dGxkY0NSWUdNQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufsUMA0G
CSqGSIb3DQEBCwUAA4IBAQBeVXiapeUnmMrHjhXSCS/9gx1gSf/K5nzv6B6zeXP7
MT1bvDG9Q5YpFRm8L1r3zhippg+83lQRCWSS1h5CQACWvsn1Z8bz3zwkg/cHOg3S
I2zAEIdkxr9bMHzLNukgkC8TasxydxO3HYJZf4QgZeipEMfEWp0qzy9WrHI+lzVn
qnnqE1Gwhxhb+xbazZWfLMVucl7/1FUxq1+sJVqkoPeNozu1BQSiAss0JWXPLgw/
sHbcWzOIaPHZsfIl/sNZFlLYCDL4hsXZTOA/ktlB3iegeFIETgIayUigvL8qK263
qtV+fD9Ig/x05Aj/EIvLQxbNRjYNgZdyNxILifedY9dc
-----END CERTIFICATE-----
Generated at Mon Sep 25 12:08:35 2023 by rpki-client on console-ams.rpki-client.org