Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/BK7i-vZNCcedRXiT_q7VY0L2AWg.roa
File: BK7i-vZNCcedRXiT_q7VY0L2AWg.roa (raw, json)
Hash identifier: 08IFns3+wYrujMHvi1rsAEG6f/tiMLc/2MNCIJZaGSE=
Subject key identifier: 04:AE:E2:FA:F6:4D:09:C7:9D:45:78:93:FE:AE:D5:63:42:F6:01:68
Certificate issuer: /CN=d2b90d96d7a4066c97e73037e04576b6fd87f3f5
Certificate serial: 0183ECEE6D4DE2807A55A20CAFF84E766F54
Authority key identifier: D2:B9:0D:96:D7:A4:06:6C:97:E7:30:37:E0:45:76:B6:FD:87:F3:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rkNltekBmyX5zA34EV2tv2H8_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/BK7i-vZNCcedRXiT_q7VY0L2AWg.roa
Signing time: Tue 18 Oct 2022 21:09:51 +0000
ROA not before: Tue 18 Oct 2022 21:09:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34412
IP address blocks: 195.96.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ec:ee:6d:4d:e2:80:7a:55:a2:0c:af:f8:4e:76:6f:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2b90d96d7a4066c97e73037e04576b6fd87f3f5
Validity
Not Before: Oct 18 21:09:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04aee2faf64d09c79d457893feaed56342f60168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8b:d4:c3:1e:e2:f3:e4:44:51:36:1d:eb:21:
49:0d:4a:a9:b0:ce:15:57:75:f6:57:a6:b8:e9:29:
79:6d:7b:28:2e:16:8a:86:ac:c0:08:a8:3c:36:fb:
0f:cf:06:7f:8a:dc:c8:fc:9b:7b:1d:f2:79:72:27:
d4:36:3a:b3:9d:cd:52:56:06:21:d2:fa:d0:71:c9:
10:65:0f:0b:c8:32:93:94:c7:7a:3f:af:b5:b2:85:
4f:ba:62:e4:2a:26:8a:cd:d7:5c:03:68:b8:96:79:
f4:20:55:1d:63:42:a0:99:fd:4a:86:80:54:2f:56:
e8:0a:44:6e:08:34:4e:ac:58:db:bb:35:96:38:9c:
24:73:61:86:14:e4:d4:49:28:4e:e1:2f:b7:7b:6b:
2e:4d:31:15:fe:36:a0:f1:4f:00:94:c8:bf:be:16:
65:d2:47:29:e2:09:56:17:06:a2:e9:69:f8:76:d1:
8d:05:be:01:51:16:b4:17:a0:53:38:32:3c:67:ff:
c7:48:12:29:19:72:cc:0c:79:6e:5c:22:9e:f1:80:
bd:cd:d9:24:63:8e:b3:c3:53:70:b0:8a:20:59:e0:
7b:d7:00:92:f4:6e:42:97:58:37:e8:4c:9d:d1:8b:
5d:a1:c3:f1:76:ee:da:82:d7:3b:57:f4:f1:20:27:
22:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AE:E2:FA:F6:4D:09:C7:9D:45:78:93:FE:AE:D5:63:42:F6:01:68
X509v3 Authority Key Identifier:
keyid:D2:B9:0D:96:D7:A4:06:6C:97:E7:30:37:E0:45:76:B6:FD:87:F3:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rkNltekBmyX5zA34EV2tv2H8_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/BK7i-vZNCcedRXiT_q7VY0L2AWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/0rkNltekBmyX5zA34EV2tv2H8_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.128.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:6e:41:b0:ce:9c:88:19:3c:f7:a9:51:62:d0:e9:ec:9c:11:
db:19:c0:cf:7c:70:74:b4:b6:a7:89:66:13:e0:53:cd:0d:6d:
d1:cf:37:83:13:b7:ee:01:ad:f9:aa:2f:be:66:01:d9:cd:ae:
16:1b:41:de:7a:a8:97:aa:22:0e:d6:b1:0c:fe:01:8d:cd:64:
81:05:e0:00:6a:e5:7e:f7:20:5f:3a:9f:17:f2:d8:5b:ad:ac:
71:93:ff:07:39:b4:3d:59:e8:5e:47:10:fd:ba:de:ea:f4:ba:
8f:0d:83:fa:02:4f:f7:df:18:83:87:e1:8b:65:92:b9:af:83:
23:3c:23:fd:f7:ba:1f:45:d6:e4:9a:b0:a2:23:c7:da:f1:fd:
b8:b5:cb:85:3e:5d:fb:19:c7:f2:bd:d6:10:66:8b:b4:db:03:
3f:0c:67:b6:c7:6b:dc:0f:15:63:f6:36:96:ef:c2:ce:7b:20:
e9:14:5b:9a:d1:b7:f6:68:55:b3:84:47:bd:81:4e:16:57:3f:
55:88:94:6e:99:6a:fa:a2:4f:ac:50:5e:c8:2e:01:ba:4a:e8:
70:02:bc:f2:d2:2a:70:2e:3c:81:2e:8e:31:a2:2e:15:c2:db:
a7:7f:86:46:44:be:7a:53:c6:fe:62:fb:d3:ef:64:8d:fc:c5:
ea:c1:ab:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPs7m1N4oB6VaIMr/hOdm9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYjkwZDk2ZDdhNDA2NmM5N2U3MzAzN2UwNDU3NmI2ZmQ4
N2YzZjUwHhcNMjIxMDE4MjEwOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFlZTJmYWY2NGQwOWM3OWQ0NTc4OTNmZWFlZDU2MzQyZjYwMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4vUwx7i8+REUTYd6yFJDUqpsM4V
V3X2V6a46Sl5bXsoLhaKhqzACKg8NvsPzwZ/itzI/Jt7HfJ5cifUNjqznc1SVgYh
0vrQcckQZQ8LyDKTlMd6P6+1soVPumLkKiaKzddcA2i4lnn0IFUdY0Kgmf1KhoBU
L1boCkRuCDROrFjbuzWWOJwkc2GGFOTUSShO4S+3e2suTTEV/jag8U8AlMi/vhZl
0kcp4glWFwai6Wn4dtGNBb4BURa0F6BTODI8Z//HSBIpGXLMDHluXCKe8YC9zdkk
Y46zw1NwsIogWeB71wCS9G5Cl1g36Eyd0YtdocPxdu7agtc7V/TxICcimwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASu4vr2TQnHnUV4k/6u1WNC9gFoMB8GA1UdIwQY
MBaAFNK5DZbXpAZsl+cwN+BFdrb9h/P1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJrTmx0ZWtCbXlYNXpBMzRFVjJ0djJIOF9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xNjhmMTEtNDk2ZS00YjA3LThlNTgt
NGY4MWZjZmVlNWU0LzEvQks3aS12Wk5DY2VkUlhpVF9xN1ZZMEwyQVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xNjhmMTEtNDk2ZS00YjA3LThlNTgtNGY4MWZjZmVlNWU0
LzEvMHJrTmx0ZWtCbXlYNXpBMzRFVjJ0djJIOF9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CAMA0G
CSqGSIb3DQEBCwUAA4IBAQCpbkGwzpyIGTz3qVFi0OnsnBHbGcDPfHB0tLaniWYT
4FPNDW3RzzeDE7fuAa35qi++ZgHZza4WG0HeeqiXqiIO1rEM/gGNzWSBBeAAauV+
9yBfOp8X8thbraxxk/8HObQ9WeheRxD9ut7q9LqPDYP6Ak/33xiDh+GLZZK5r4Mj
PCP997ofRdbkmrCiI8fa8f24tcuFPl37GcfyvdYQZou02wM/DGe2x2vcDxVj9jaW
78LOeyDpFFua0bf2aFWzhEe9gU4WVz9ViJRumWr6ok+sUF7ILgG6SuhwArzy0ipw
LjyBLo4xoi4Vwtunf4ZGRL56U8b+YvvT72SN/MXqwav4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:00 2025 by rpki-client