Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/nW16v9GOb3kQa_cKY1bxdikcDfw.roa
File: nW16v9GOb3kQa_cKY1bxdikcDfw.roa (raw, json)
Hash identifier: nINoJt9kr8Lm3mUNa/4Fg/FVgP9Ug7Jxui4bKW/xrsw=
Subject key identifier: 9D:6D:7A:BF:D1:8E:6F:79:10:6B:F7:0A:63:56:F1:76:29:1C:0D:FC
Certificate issuer: /CN=d2b90d96d7a4066c97e73037e04576b6fd87f3f5
Certificate serial: 01856F9DF9A92804298FB1593B947D1FB5B5
Authority key identifier: D2:B9:0D:96:D7:A4:06:6C:97:E7:30:37:E0:45:76:B6:FD:87:F3:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rkNltekBmyX5zA34EV2tv2H8_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/nW16v9GOb3kQa_cKY1bxdikcDfw.roa
Signing time: Sun 01 Jan 2023 23:15:02 +0000
ROA not before: Sun 01 Jan 2023 23:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34412
IP address blocks: 195.96.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f9:a9:28:04:29:8f:b1:59:3b:94:7d:1f:b5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2b90d96d7a4066c97e73037e04576b6fd87f3f5
Validity
Not Before: Jan 1 23:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d6d7abfd18e6f79106bf70a6356f176291c0dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:b1:b2:8b:3d:8f:f7:05:94:1f:4e:3f:6f:
5f:86:5b:41:85:b8:d3:4b:a3:71:4c:5f:16:ac:56:
23:b8:b4:7f:65:86:55:9e:9a:3a:d0:da:6f:65:31:
c8:7f:86:2d:d4:d4:02:1c:9e:41:12:fd:df:57:1a:
c2:5e:a0:de:57:be:1b:29:64:52:8f:03:99:82:24:
b4:5f:b4:5c:d1:ed:12:3b:86:1d:e6:f6:2b:2f:a1:
64:23:bf:7e:ad:b4:bd:3b:36:c5:61:f0:5c:c6:fa:
b0:ef:09:56:d9:04:d8:8c:26:27:b6:31:09:b2:eb:
3f:6a:0c:74:03:3f:22:f8:fd:f6:e0:84:1f:89:8d:
72:49:9c:07:f8:11:e9:a6:d0:84:5e:e6:99:9d:4c:
92:29:8b:18:3d:f2:c2:29:ae:31:b0:87:ae:18:09:
56:82:2c:67:38:22:88:46:6d:6a:ec:75:d7:82:a5:
5e:46:ae:ee:14:1b:53:f7:77:b9:a9:28:a2:08:a7:
3e:bd:3e:c6:82:10:0b:bf:87:a9:7c:6c:cd:fe:46:
8b:9d:ac:9c:5f:68:71:0c:be:00:08:e0:34:d0:cc:
2f:d9:02:5d:64:7f:3c:62:1b:b3:f1:c1:39:6f:19:
af:32:fd:2e:93:39:d0:9d:1f:f9:30:9d:fb:76:a8:
08:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6D:7A:BF:D1:8E:6F:79:10:6B:F7:0A:63:56:F1:76:29:1C:0D:FC
X509v3 Authority Key Identifier:
keyid:D2:B9:0D:96:D7:A4:06:6C:97:E7:30:37:E0:45:76:B6:FD:87:F3:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rkNltekBmyX5zA34EV2tv2H8_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/nW16v9GOb3kQa_cKY1bxdikcDfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/168f11-496e-4b07-8e58-4f81fcfee5e4/1/0rkNltekBmyX5zA34EV2tv2H8_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.128.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ac:bc:1e:6f:13:be:e1:10:18:db:00:87:28:01:92:31:b0:
11:5c:d5:1c:fa:36:e2:7b:37:1d:de:67:26:3c:56:c8:e4:1c:
6b:49:f1:56:f2:3f:ff:3e:dd:25:a2:7a:71:3b:b8:2f:17:f1:
83:a7:48:e0:47:60:8a:32:58:b5:83:0f:6a:2e:56:4b:39:65:
50:f3:93:da:ef:13:3d:3b:3b:e8:92:85:85:78:16:74:1b:74:
a2:9e:28:65:ca:93:db:a4:0a:79:38:7c:ef:9b:98:f6:9d:cf:
71:d5:4f:37:28:53:d7:bb:d8:e7:67:79:b9:59:70:5c:c5:bc:
9f:90:45:b3:b9:3a:a2:0b:fb:e4:4a:8f:9b:06:7b:14:70:ad:
56:8b:94:84:ae:bc:62:16:20:69:d9:a5:44:fe:65:82:7c:23:
eb:fe:51:33:0f:72:dc:60:8c:55:cf:2c:42:b9:46:8e:a0:84:
f8:17:76:4a:b3:80:69:8d:db:66:ea:a4:95:5d:48:2e:8a:42:
1e:6b:64:c8:14:c3:6d:16:32:6f:cb:51:58:2d:79:f2:16:3f:
0a:a1:1f:f8:a8:95:a4:cf:20:d2:42:44:9c:16:fd:1d:de:04:
e2:d2:d5:ad:52:60:4d:3b:db:76:b8:c3:98:88:e7:8f:3c:28:
f9:c8:48:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnfmpKAQpj7FZO5R9H7W1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYjkwZDk2ZDdhNDA2NmM5N2U3MzAzN2UwNDU3NmI2ZmQ4
N2YzZjUwHhcNMjMwMTAxMjMxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZkN2FiZmQxOGU2Zjc5MTA2YmY3MGE2MzU2ZjE3NjI5MWMwZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdaxsos9j/cFlB9OP29fhltBhbjT
S6NxTF8WrFYjuLR/ZYZVnpo60NpvZTHIf4Yt1NQCHJ5BEv3fVxrCXqDeV74bKWRS
jwOZgiS0X7Rc0e0SO4Yd5vYrL6FkI79+rbS9OzbFYfBcxvqw7wlW2QTYjCYntjEJ
sus/agx0Az8i+P324IQfiY1ySZwH+BHpptCEXuaZnUySKYsYPfLCKa4xsIeuGAlW
gixnOCKIRm1q7HXXgqVeRq7uFBtT93e5qSiiCKc+vT7GghALv4epfGzN/kaLnayc
X2hxDL4ACOA00Mwv2QJdZH88Yhuz8cE5bxmvMv0ukznQnR/5MJ37dqgIJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1ter/Rjm95EGv3CmNW8XYpHA38MB8GA1UdIwQY
MBaAFNK5DZbXpAZsl+cwN+BFdrb9h/P1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJrTmx0ZWtCbXlYNXpBMzRFVjJ0djJIOF9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xNjhmMTEtNDk2ZS00YjA3LThlNTgt
NGY4MWZjZmVlNWU0LzEvblcxNnY5R09iM2tRYV9jS1kxYnhkaWtjRGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xNjhmMTEtNDk2ZS00YjA3LThlNTgtNGY4MWZjZmVlNWU0
LzEvMHJrTmx0ZWtCbXlYNXpBMzRFVjJ0djJIOF9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CAMA0G
CSqGSIb3DQEBCwUAA4IBAQAQrLwebxO+4RAY2wCHKAGSMbARXNUc+jbiezcd3mcm
PFbI5BxrSfFW8j//Pt0lonpxO7gvF/GDp0jgR2CKMli1gw9qLlZLOWVQ85Pa7xM9
OzvokoWFeBZ0G3SinihlypPbpAp5OHzvm5j2nc9x1U83KFPXu9jnZ3m5WXBcxbyf
kEWzuTqiC/vkSo+bBnsUcK1Wi5SErrxiFiBp2aVE/mWCfCPr/lEzD3LcYIxVzyxC
uUaOoIT4F3ZKs4Bpjdtm6qSVXUguikIea2TIFMNtFjJvy1FYLXnyFj8KoR/4qJWk
zyDSQkScFv0d3gTi0tWtUmBNO9t2uMOYiOePPCj5yEiB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org