Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/K_tIJnf2uVJRdbrs9gLpq3Z2YO4.roa
File: K_tIJnf2uVJRdbrs9gLpq3Z2YO4.roa (raw, json)
Hash identifier: zOmiSicPkCaCYyLrQpVc1KJ5QLd7Yn8FYcW9Cc7Zg1k=
Subject key identifier: 2B:FB:48:26:77:F6:B9:52:51:75:BA:EC:F6:02:E9:AB:76:76:60:EE
Certificate issuer: /CN=96a8d72552e5ba942ad9d94bdbf102895ea96ee4
Certificate serial: 018570E7755EF9DBFFA0E88836D261B1DA0A
Authority key identifier: 96:A8:D7:25:52:E5:BA:94:2A:D9:D9:4B:DB:F1:02:89:5E:A9:6E:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lqjXJVLlupQq2dlL2_ECiV6pbuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/K_tIJnf2uVJRdbrs9gLpq3Z2YO4.roa
Signing time: Mon 02 Jan 2023 05:14:55 +0000
ROA not before: Mon 02 Jan 2023 05:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42323
IP address blocks: 91.202.140.0/22 maxlen: 22
109.197.128.0/21 maxlen: 21
195.238.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:75:5e:f9:db:ff:a0:e8:88:36:d2:61:b1:da:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96a8d72552e5ba942ad9d94bdbf102895ea96ee4
Validity
Not Before: Jan 2 05:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bfb482677f6b9525175baecf602e9ab767660ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bd:26:73:c3:82:1a:e9:57:4c:51:ba:c3:6f:
fd:0a:85:ec:56:42:d3:4b:08:ab:cb:2a:72:79:f0:
02:32:2a:98:c3:4d:63:fc:68:6c:5f:aa:99:70:4d:
8d:18:d0:8a:6e:2c:0d:78:3e:17:6e:eb:be:8d:7e:
e7:9f:27:5d:b1:7d:29:b5:4b:14:63:a9:f4:fd:e0:
7a:00:3d:73:da:bf:dd:a6:9d:8f:9b:52:44:95:97:
c7:c0:3b:e9:03:c0:da:81:fc:24:64:9b:70:8b:6a:
a5:d7:94:8a:65:9c:fa:21:bb:eb:71:dd:aa:00:03:
32:48:86:d9:b6:53:de:d4:a2:ae:76:98:a5:7e:2f:
19:fb:c7:56:d6:7a:8a:f4:54:b1:80:e2:c3:85:2f:
12:1b:8c:e9:1d:d6:dc:84:1a:2d:c0:57:2c:e9:70:
7d:ae:c3:71:23:5e:ae:d0:67:a8:11:19:0b:03:2c:
aa:ce:c7:9b:3c:cc:b9:54:80:f1:fc:42:85:45:84:
c8:0d:1a:c9:cc:fd:37:63:95:f6:6e:40:78:73:2f:
1d:ab:06:c2:40:a4:1c:a4:54:b9:72:78:e7:84:15:
90:3f:3b:9f:d0:28:c4:11:55:1a:cf:9e:aa:30:6e:
fb:6a:59:ef:29:a7:b1:98:3d:70:fe:81:dd:3e:df:
a6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FB:48:26:77:F6:B9:52:51:75:BA:EC:F6:02:E9:AB:76:76:60:EE
X509v3 Authority Key Identifier:
keyid:96:A8:D7:25:52:E5:BA:94:2A:D9:D9:4B:DB:F1:02:89:5E:A9:6E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lqjXJVLlupQq2dlL2_ECiV6pbuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/K_tIJnf2uVJRdbrs9gLpq3Z2YO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ce9779-3ada-4b03-a9ea-662b194869c0/1/lqjXJVLlupQq2dlL2_ECiV6pbuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.140.0/22
109.197.128.0/21
195.238.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:bb:af:55:2c:2e:30:76:1f:db:69:d0:30:9e:87:a1:45:a4:
7b:05:1a:69:3b:08:ef:d4:58:dc:16:99:e4:46:a3:2e:2b:05:
65:1e:4e:02:fe:f7:98:d2:af:5c:80:b4:8c:ff:a6:20:34:9b:
c3:06:c4:2c:50:39:fd:c3:52:1a:bd:3f:88:84:90:77:71:53:
f8:e1:a1:ca:18:af:33:6e:51:ec:0c:aa:dc:b9:35:45:51:50:
f8:51:35:94:0a:96:6b:d3:f1:1e:72:7f:98:68:b6:68:c1:b3:
57:5d:ac:2c:a1:fd:3d:bd:e1:44:0a:d2:78:74:4f:9a:a3:aa:
a1:81:4e:19:e3:3d:d7:66:1d:cd:03:af:2e:c4:e6:ab:81:6f:
0b:b1:5e:6e:fd:1b:7e:03:99:3b:77:6d:13:c4:6b:7f:12:d6:
fa:54:dc:82:3b:3e:4b:93:ca:28:7f:47:06:26:ae:cf:56:f8:
3c:ce:0b:69:65:c0:8d:fe:37:14:e8:37:ea:76:0f:f4:da:87:
e2:33:df:10:8a:c4:8a:c2:f1:db:fd:e7:6e:49:4f:98:71:34:
f5:1b:66:0b:1c:a7:b7:88:45:ce:f9:62:5f:1d:df:7a:36:58:
06:92:fb:e5:b2:ae:eb:d1:9f:88:da:7a:0c:50:c5:4a:41:4b:
5b:0e:f9:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw53Ve+dv/oOiINtJhsdoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YThkNzI1NTJlNWJhOTQyYWQ5ZDk0YmRiZjEwMjg5NWVh
OTZlZTQwHhcNMjMwMTAyMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZiNDgyNjc3ZjZiOTUyNTE3NWJhZWNmNjAyZTlhYjc2NzY2MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiL0mc8OCGulXTFG6w2/9CoXsVkLT
SwiryypyefACMiqYw01j/GhsX6qZcE2NGNCKbiwNeD4Xbuu+jX7nnyddsX0ptUsU
Y6n0/eB6AD1z2r/dpp2Pm1JElZfHwDvpA8DagfwkZJtwi2ql15SKZZz6Ibvrcd2q
AAMySIbZtlPe1KKudpilfi8Z+8dW1nqK9FSxgOLDhS8SG4zpHdbchBotwFcs6XB9
rsNxI16u0GeoERkLAyyqzsebPMy5VIDx/EKFRYTIDRrJzP03Y5X2bkB4cy8dqwbC
QKQcpFS5cnjnhBWQPzuf0CjEEVUaz56qMG77alnvKaexmD1w/oHdPt+mNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCv7SCZ39rlSUXW67PYC6at2dmDuMB8GA1UdIwQY
MBaAFJao1yVS5bqUKtnZS9vxAoleqW7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHFqWEpWTGx1cFFxMmRsTDJfRUNpVjZwYnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jZTk3NzktM2FkYS00YjAzLWE5ZWEt
NjYyYjE5NDg2OWMwLzEvS190SUpuZjJ1VkpSZGJyczlnTHBxM1oyWU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jZTk3NzktM2FkYS00YjAzLWE5ZWEtNjYyYjE5NDg2OWMw
LzEvbHFqWEpWTGx1cFFxMmRsTDJfRUNpVjZwYnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8qMAwQD
bcWAAwQCw+5kMA0GCSqGSIb3DQEBCwUAA4IBAQA8u69VLC4wdh/badAwnoehRaR7
BRppOwjv1FjcFpnkRqMuKwVlHk4C/veY0q9cgLSM/6YgNJvDBsQsUDn9w1IavT+I
hJB3cVP44aHKGK8zblHsDKrcuTVFUVD4UTWUCpZr0/Eecn+YaLZowbNXXawsof09
veFECtJ4dE+ao6qhgU4Z4z3XZh3NA68uxOargW8LsV5u/Rt+A5k7d20TxGt/Etb6
VNyCOz5Lk8oof0cGJq7PVvg8zgtpZcCN/jcU6Dfqdg/02ofiM98QisSKwvHb/edu
SU+YcTT1G2YLHKe3iEXO+WJfHd96NlgGkvvlsq7r0Z+I2noMUMVKQUtbDvnB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:34 2024 by rpki-client on console-ams.rpki-client.org