Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/Jclb9IqPYP9q9iR1RRxqGP9EA8k.roa
File: Jclb9IqPYP9q9iR1RRxqGP9EA8k.roa (raw, json)
Hash identifier: 1FsoQmZjMpo1ItTO6H2OoLtjrzUxXJnJvyFBkRBH43k=
Subject key identifier: 25:C9:5B:F4:8A:8F:60:FF:6A:F6:24:75:45:1C:6A:18:FF:44:03:C9
Certificate issuer: /CN=e40fe224116a9f19d33727fdeb7acf82341ba603
Certificate serial: 018CC94E6CF8ADA16072872F76867D7E653F
Authority key identifier: E4:0F:E2:24:11:6A:9F:19:D3:37:27:FD:EB:7A:CF:82:34:1B:A6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5A_iJBFqnxnTNyf963rPgjQbpgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/Jclb9IqPYP9q9iR1RRxqGP9EA8k.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206764
IP address blocks: 195.85.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6c:f8:ad:a1:60:72:87:2f:76:86:7d:7e:65:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e40fe224116a9f19d33727fdeb7acf82341ba603
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25c95bf48a8f60ff6af62475451c6a18ff4403c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:64:9e:d5:be:48:61:05:a6:ec:99:5b:7a:f1:
65:d6:a2:a2:72:7e:17:cc:6b:f6:48:3d:be:df:83:
08:fd:50:96:02:c0:96:49:f4:ab:51:1c:c3:e0:2b:
76:b2:71:00:3c:bd:00:82:5e:36:2f:51:f8:75:e5:
65:8d:68:41:9b:14:5d:e2:0f:12:09:07:10:02:f7:
36:24:68:63:42:5f:68:f6:0b:1e:52:39:1b:0c:86:
1d:6a:aa:c0:f2:9d:1e:ef:b6:e0:d3:6d:40:12:1f:
1f:37:03:58:bb:a7:dc:3c:83:8d:c0:67:1e:8c:fc:
98:13:5e:3c:da:99:b0:23:01:eb:bf:79:50:a1:d2:
c0:08:36:ce:e1:89:16:c0:a3:e7:ec:be:a8:ca:e0:
a7:b5:41:2e:40:89:c3:30:ad:55:7d:e1:73:f9:5d:
10:fa:f0:63:ed:09:bd:c9:8c:8c:4a:2c:17:9f:44:
46:08:fc:5f:f1:12:6c:65:b9:e2:6c:3c:8c:b9:20:
5d:18:a9:31:c8:84:aa:44:ae:c1:30:18:13:74:bf:
98:04:2f:83:99:5a:b9:1c:e3:e2:7a:9c:5a:65:4b:
e9:b6:6a:4d:74:b8:bf:e3:8e:5d:cc:f7:0c:72:c4:
ff:87:8e:74:61:86:e2:19:6a:9a:0b:42:fd:52:07:
de:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C9:5B:F4:8A:8F:60:FF:6A:F6:24:75:45:1C:6A:18:FF:44:03:C9
X509v3 Authority Key Identifier:
keyid:E4:0F:E2:24:11:6A:9F:19:D3:37:27:FD:EB:7A:CF:82:34:1B:A6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5A_iJBFqnxnTNyf963rPgjQbpgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/Jclb9IqPYP9q9iR1RRxqGP9EA8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/900f41-a2df-4d33-a96d-20f2dcfc853f/1/5A_iJBFqnxnTNyf963rPgjQbpgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.213.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2f:42:66:6f:91:7f:d8:53:7b:fd:89:85:2d:bd:7c:51:ac:
cd:51:a5:86:81:61:90:27:f9:43:19:f5:56:02:bd:2e:d7:65:
45:8c:04:a3:34:a1:57:26:32:96:7c:cc:fd:82:80:bc:da:cf:
4b:9c:9f:88:c7:4e:e5:b3:a9:4b:17:c8:fe:63:5e:3e:58:bd:
0c:3d:2a:e6:69:79:02:c5:c2:08:31:4e:02:13:2b:ae:b0:57:
84:76:5a:e3:18:85:d4:1b:97:54:ba:86:ba:25:b5:f4:9b:e7:
76:a7:cb:d6:5d:66:d1:13:72:4c:de:e1:6d:51:3b:06:85:7b:
d6:f5:e4:e1:c5:79:72:16:d2:1c:c4:27:58:33:1d:f7:43:b3:
45:b5:07:1d:d1:36:fd:70:bc:6a:96:7d:9a:e3:d3:54:1c:17:
d5:83:ed:e1:68:65:c7:36:71:01:3f:1d:a0:26:2c:2c:1d:1b:
39:2f:de:5b:ae:1b:fa:48:20:6f:08:e6:da:08:c8:2b:de:17:
9a:e1:97:02:8f:76:ae:09:32:86:4d:34:78:a6:9e:42:ad:2d:
85:ba:b9:fd:3a:66:64:e7:f3:50:b0:5f:18:e6:0c:9f:66:0f:
9e:7b:18:0c:aa:34:3a:6c:21:ee:8c:dd:26:4e:22:90:54:2c:
f1:4a:af:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmz4raFgcocvdoZ9fmU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0MGZlMjI0MTE2YTlmMTlkMzM3MjdmZGViN2FjZjgyMzQx
YmE2MDMwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM5NWJmNDhhOGY2MGZmNmFmNjI0NzU0NTFjNmExOGZmNDQwM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGSe1b5IYQWm7JlbevFl1qKicn4X
zGv2SD2+34MI/VCWAsCWSfSrURzD4Ct2snEAPL0Agl42L1H4deVljWhBmxRd4g8S
CQcQAvc2JGhjQl9o9gseUjkbDIYdaqrA8p0e77bg021AEh8fNwNYu6fcPIONwGce
jPyYE1482pmwIwHrv3lQodLACDbO4YkWwKPn7L6oyuCntUEuQInDMK1VfeFz+V0Q
+vBj7Qm9yYyMSiwXn0RGCPxf8RJsZbnibDyMuSBdGKkxyISqRK7BMBgTdL+YBC+D
mVq5HOPiepxaZUvptmpNdLi/445dzPcMcsT/h450YYbiGWqaC0L9UgfemwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXJW/SKj2D/avYkdUUcahj/RAPJMB8GA1UdIwQY
MBaAFOQP4iQRap8Z0zcn/et6z4I0G6YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUFfaUpCRnFueG5UTnlmOTYzclBnalFicGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC85MDBmNDEtYTJkZi00ZDMzLWE5NmQt
MjBmMmRjZmM4NTNmLzEvSmNsYjlJcVBZUDlxOWlSMVJSeHFHUDlFQThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC85MDBmNDEtYTJkZi00ZDMzLWE5NmQtMjBmMmRjZmM4NTNm
LzEvNUFfaUpCRnFueG5UTnlmOTYzclBnalFicGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1XVMA0G
CSqGSIb3DQEBCwUAA4IBAQCML0Jmb5F/2FN7/YmFLb18UazNUaWGgWGQJ/lDGfVW
Ar0u12VFjASjNKFXJjKWfMz9goC82s9LnJ+Ix07ls6lLF8j+Y14+WL0MPSrmaXkC
xcIIMU4CEyuusFeEdlrjGIXUG5dUuoa6JbX0m+d2p8vWXWbRE3JM3uFtUTsGhXvW
9eThxXlyFtIcxCdYMx33Q7NFtQcd0Tb9cLxqln2a49NUHBfVg+3haGXHNnEBPx2g
JiwsHRs5L95brhv6SCBvCObaCMgr3hea4ZcCj3auCTKGTTR4pp5CrS2Furn9OmZk
5/NQsF8Y5gyfZg+eexgMqjQ6bCHujN0mTiKQVCzxSq+E
-----END CERTIFICATE-----
Generated at Fri Jul 26 12:28:13 2024 by rpki-client on console-fra.rpki-client.org