Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d4f3af-03f6-4ed3-8d31-f993075a86a0/1/K2tV_ZVrbfCzmDhvNV5QtPrjWZE.roa
File: K2tV_ZVrbfCzmDhvNV5QtPrjWZE.roa (raw, json)
Hash identifier: K5rcAxeTfUSH9KmOeHMuVaee0k6wonQCXaRscfD8U0A=
Subject key identifier: 2B:6B:55:FD:95:6B:6D:F0:B3:98:38:6F:35:5E:50:B4:FA:E3:59:91
Certificate issuer: /CN=b68a0e6da5222e8ceea4cd0ef3b74addfac29149
Certificate serial: 01850B90BF69E36107AAE43597253BC7E94C
Authority key identifier: B6:8A:0E:6D:A5:22:2E:8C:EE:A4:CD:0E:F3:B7:4A:DD:FA:C2:91:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tooObaUiLozupM0O87dK3frCkUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/d4f3af-03f6-4ed3-8d31-f993075a86a0/1/K2tV_ZVrbfCzmDhvNV5QtPrjWZE.roa
Signing time: Tue 13 Dec 2022 12:58:33 +0000
ROA not before: Tue 13 Dec 2022 12:58:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196846
IP address blocks: 194.40.211.0/24 maxlen: 24
213.5.112.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:90:bf:69:e3:61:07:aa:e4:35:97:25:3b:c7:e9:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b68a0e6da5222e8ceea4cd0ef3b74addfac29149
Validity
Not Before: Dec 13 12:58:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b6b55fd956b6df0b398386f355e50b4fae35991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d6:17:28:9a:f1:3b:1d:30:32:c1:79:3f:1f:
1b:de:ae:db:60:d4:e6:8c:3b:d7:30:78:7c:47:59:
d5:ca:66:ad:33:58:d3:0c:ad:c3:62:a1:b0:14:9a:
27:b9:38:89:f8:5a:df:c9:28:fb:2d:91:08:39:9a:
34:2b:5f:8c:6a:96:e1:d2:ac:33:41:d7:f7:a3:69:
0b:a4:ed:35:b6:de:99:2f:72:9e:94:73:8f:ba:8d:
2e:a6:02:0d:50:2f:b2:30:9e:da:2b:4a:05:30:2d:
00:3e:d9:04:2b:a1:db:71:19:7d:9a:cc:44:2d:58:
7e:66:ec:c2:87:04:e5:30:8b:f0:24:56:c5:d0:00:
09:05:b8:f0:02:55:65:c0:7d:6a:17:82:9c:71:ad:
ba:9c:3d:ee:d4:36:f8:7e:85:67:4f:ed:b8:57:81:
c6:7e:55:ff:6f:23:15:3a:c9:a6:4f:1d:81:01:55:
bf:a6:ad:8d:8e:e1:5e:2f:a9:05:4a:07:24:14:9d:
ef:78:94:ef:11:56:90:ff:36:f9:75:1a:24:42:45:
59:0a:82:bf:b8:60:04:e6:5a:87:49:1f:03:8f:78:
60:66:ed:0f:a2:82:78:7e:1a:9d:61:f4:49:75:62:
5a:aa:47:fc:17:64:6b:4b:47:f5:32:2c:1c:dc:99:
05:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6B:55:FD:95:6B:6D:F0:B3:98:38:6F:35:5E:50:B4:FA:E3:59:91
X509v3 Authority Key Identifier:
keyid:B6:8A:0E:6D:A5:22:2E:8C:EE:A4:CD:0E:F3:B7:4A:DD:FA:C2:91:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tooObaUiLozupM0O87dK3frCkUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d4f3af-03f6-4ed3-8d31-f993075a86a0/1/K2tV_ZVrbfCzmDhvNV5QtPrjWZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d4f3af-03f6-4ed3-8d31-f993075a86a0/1/tooObaUiLozupM0O87dK3frCkUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.40.211.0/24
213.5.112.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:a1:50:83:72:ce:ba:e0:9b:10:36:39:ca:b9:bc:70:c2:2b:
da:cb:50:ad:bd:8d:04:94:04:bf:1a:d5:2b:f8:2f:ff:b5:95:
e0:db:c5:a9:28:63:af:1b:7c:c0:c4:1d:cf:40:b8:20:8f:2d:
82:21:77:89:ab:6a:98:20:08:40:8c:8b:9b:ec:aa:32:b0:e6:
0f:a7:8a:a3:fe:4b:e9:37:af:9f:0e:a2:c4:7d:14:dd:6d:76:
5f:5d:f3:27:d9:25:ce:d6:98:31:ec:e4:7d:34:52:bb:25:71:
f3:0f:34:98:9a:d1:d0:0d:bd:d1:d0:f7:37:66:05:d0:d6:fc:
63:26:0b:a3:49:f2:ec:ac:7d:cc:d7:9d:9d:c3:27:63:c1:9d:
05:58:f9:48:3d:b8:3c:04:a0:75:a2:83:a2:e5:5a:24:0b:33:
6e:48:6f:3f:1a:eb:ad:6f:96:65:bc:ea:76:f5:4b:ed:12:11:
0b:0b:9f:55:44:7b:be:f1:d7:55:69:ee:6f:fd:f9:c2:66:0c:
61:38:07:fe:74:81:f6:93:42:23:8a:36:81:68:b8:70:cf:63:
b0:2e:81:b2:8e:f9:b7:55:35:d3:75:60:24:14:b2:c2:2e:cc:
ef:9a:9e:07:5b:66:2b:ac:68:41:a7:3e:97:2a:37:a0:0a:11:
da:24:f9:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYULkL9p42EHquQ1lyU7x+lMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGEwZTZkYTUyMjJlOGNlZWE0Y2QwZWYzYjc0YWRkZmFj
MjkxNDkwHhcNMjIxMjEzMTI1ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZiNTVmZDk1NmI2ZGYwYjM5ODM4NmYzNTVlNTBiNGZhZTM1OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptYXKJrxOx0wMsF5Px8b3q7bYNTm
jDvXMHh8R1nVymatM1jTDK3DYqGwFJonuTiJ+FrfySj7LZEIOZo0K1+Mapbh0qwz
Qdf3o2kLpO01tt6ZL3KelHOPuo0upgINUC+yMJ7aK0oFMC0APtkEK6HbcRl9msxE
LVh+ZuzChwTlMIvwJFbF0AAJBbjwAlVlwH1qF4Kcca26nD3u1Db4foVnT+24V4HG
flX/byMVOsmmTx2BAVW/pq2NjuFeL6kFSgckFJ3veJTvEVaQ/zb5dRokQkVZCoK/
uGAE5lqHSR8Dj3hgZu0PooJ4fhqdYfRJdWJaqkf8F2RrS0f1Miwc3JkF1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCtrVf2Va23ws5g4bzVeULT641mRMB8GA1UdIwQY
MBaAFLaKDm2lIi6M7qTNDvO3St36wpFJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9vT2JhVWlMb3p1cE0wTzg3ZEszZnJDa1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNGYzYWYtMDNmNi00ZWQzLThkMzEt
Zjk5MzA3NWE4NmEwLzEvSzJ0Vl9aVnJiZkN6bURodk5WNVF0UHJqV1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNGYzYWYtMDNmNi00ZWQzLThkMzEtZjk5MzA3NWE4NmEw
LzEvdG9vT2JhVWlMb3p1cE0wTzg3ZEszZnJDa1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwijTAwQD
1QVwMA0GCSqGSIb3DQEBCwUAA4IBAQAPoVCDcs664JsQNjnKubxwwivay1CtvY0E
lAS/GtUr+C//tZXg28WpKGOvG3zAxB3PQLggjy2CIXeJq2qYIAhAjIub7KoysOYP
p4qj/kvpN6+fDqLEfRTdbXZfXfMn2SXO1pgx7OR9NFK7JXHzDzSYmtHQDb3R0Pc3
ZgXQ1vxjJgujSfLsrH3M152dwydjwZ0FWPlIPbg8BKB1ooOi5VokCzNuSG8/Guut
b5ZlvOp29UvtEhELC59VRHu+8ddVae5v/fnCZgxhOAf+dIH2k0IjijaBaLhwz2Ow
LoGyjvm3VTXTdWAkFLLCLszvmp4HW2YrrGhBpz6XKjegChHaJPk0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:38 2024 by rpki-client on console-fra.rpki-client.org