Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/25356b-74a8-4484-b4e4-ffaf249c4d2f/1/caf46CZP438t5LTr42aj-54Gh4I.roa
File: caf46CZP438t5LTr42aj-54Gh4I.roa (raw, json)
Hash identifier: RgK7bihCwzO88NcP9lkU6+brNI79vdJmyOnaTxUFlwo=
Subject key identifier: 71:A7:F8:E8:26:4F:E3:7F:2D:E4:B4:EB:E3:66:A3:FB:9E:06:87:82
Certificate issuer: /CN=20f581368b64ba32f2c2de57f784f3846bd133b8
Certificate serial: 01856D2F516E98E9151E84F9283F39A5F410
Authority key identifier: 20:F5:81:36:8B:64:BA:32:F2:C2:DE:57:F7:84:F3:84:6B:D1:33:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPWBNotkujLywt5X94TzhGvRM7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/25356b-74a8-4484-b4e4-ffaf249c4d2f/1/caf46CZP438t5LTr42aj-54Gh4I.roa
Signing time: Sun 01 Jan 2023 11:54:55 +0000
ROA not before: Sun 01 Jan 2023 11:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50340
IP address blocks: 193.163.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:51:6e:98:e9:15:1e:84:f9:28:3f:39:a5:f4:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f581368b64ba32f2c2de57f784f3846bd133b8
Validity
Not Before: Jan 1 11:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71a7f8e8264fe37f2de4b4ebe366a3fb9e068782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:97:dc:ca:7b:93:3d:32:fd:28:23:42:2a:f5:
b5:df:94:b5:b8:80:5b:b7:1b:05:b9:ad:c1:a8:27:
5b:de:d6:c2:66:66:87:fa:5c:31:9a:15:38:39:e7:
83:dd:8a:df:65:69:ae:53:81:a3:80:81:70:11:c4:
07:6d:11:d7:31:98:77:b4:cf:d2:98:be:c8:4e:2e:
15:e1:24:87:fc:58:6d:b5:30:1e:83:da:e0:e0:32:
19:f3:d2:ac:66:c7:ef:dc:90:d7:c4:71:ec:5e:65:
d2:ec:06:5e:72:63:99:8e:bf:b8:4d:76:af:3e:44:
22:92:b1:7d:6c:02:6f:24:6f:63:b1:cc:37:9e:19:
78:c4:52:31:00:99:6b:d7:ce:c2:55:2d:8c:2b:c1:
45:b7:60:51:db:2d:72:92:ca:cc:fe:e8:a9:5a:fc:
da:46:5e:2c:b7:35:fc:fa:74:01:77:15:3a:f2:34:
0c:0a:b5:14:8d:b0:f6:16:22:e2:a5:2b:87:72:ca:
22:b0:bf:ce:87:aa:7c:fc:07:f4:44:df:52:6c:32:
48:fb:51:a6:6d:13:b3:0a:68:03:55:16:5a:63:f7:
4e:4b:29:5e:c0:86:cb:4f:51:2d:a4:39:40:57:fb:
77:83:23:1f:60:64:70:40:c1:55:f4:8e:07:b7:62:
7d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A7:F8:E8:26:4F:E3:7F:2D:E4:B4:EB:E3:66:A3:FB:9E:06:87:82
X509v3 Authority Key Identifier:
keyid:20:F5:81:36:8B:64:BA:32:F2:C2:DE:57:F7:84:F3:84:6B:D1:33:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPWBNotkujLywt5X94TzhGvRM7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/25356b-74a8-4484-b4e4-ffaf249c4d2f/1/caf46CZP438t5LTr42aj-54Gh4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/25356b-74a8-4484-b4e4-ffaf249c4d2f/1/IPWBNotkujLywt5X94TzhGvRM7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.94.0/24
Signature Algorithm: sha256WithRSAEncryption
35:af:a6:3d:7f:ec:c0:0b:7f:34:af:1f:1b:6f:6b:e3:35:15:
a8:ee:44:14:de:b6:36:2b:47:34:2b:77:8b:c8:a1:5f:2a:af:
4c:e9:75:ae:cb:72:73:55:c4:7d:5e:13:d9:f5:d3:2f:ea:ca:
6a:f5:e0:47:45:e0:8a:b7:a7:9d:03:ed:34:1c:55:9e:89:61:
67:41:d2:ec:55:71:61:26:8a:4e:fc:16:b5:a3:aa:2a:6d:78:
24:08:a6:9a:85:00:49:8e:c1:96:7e:2f:d9:be:16:8a:f8:07:
62:ba:7f:72:0d:01:ef:e7:a7:ca:0b:c7:26:c9:33:43:cb:3e:
d1:f9:07:ac:eb:6e:02:71:d5:82:31:80:0d:58:ee:1a:9b:65:
55:11:42:75:c5:12:ec:b8:e6:63:3f:e9:c5:6d:e4:75:c5:80:
af:ad:24:a1:8e:1c:6a:c7:38:b6:f9:67:04:c8:3d:57:70:9d:
4e:48:19:a7:16:61:5e:94:4c:7a:04:20:ee:e2:56:e6:f1:8a:
ed:a5:80:25:0b:06:ef:29:e6:d6:82:2d:16:02:ab:c3:aa:b3:
99:6d:81:6c:a6:a5:9c:45:62:cf:52:cd:10:2c:5a:9d:67:4a:
9e:5f:c5:51:85:4a:b1:f6:a3:2c:73:7a:28:06:86:47:92:a0:
a1:0a:d3:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtL1FumOkVHoT5KD85pfQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjU4MTM2OGI2NGJhMzJmMmMyZGU1N2Y3ODRmMzg0NmJk
MTMzYjgwHhcNMjMwMTAxMTE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWE3ZjhlODI2NGZlMzdmMmRlNGI0ZWJlMzY2YTNmYjllMDY4NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5fcynuTPTL9KCNCKvW135S1uIBb
txsFua3BqCdb3tbCZmaH+lwxmhU4OeeD3YrfZWmuU4GjgIFwEcQHbRHXMZh3tM/S
mL7ITi4V4SSH/FhttTAeg9rg4DIZ89KsZsfv3JDXxHHsXmXS7AZecmOZjr+4TXav
PkQikrF9bAJvJG9jscw3nhl4xFIxAJlr187CVS2MK8FFt2BR2y1yksrM/uipWvza
Rl4stzX8+nQBdxU68jQMCrUUjbD2FiLipSuHcsoisL/Oh6p8/Af0RN9SbDJI+1Gm
bROzCmgDVRZaY/dOSylewIbLT1EtpDlAV/t3gyMfYGRwQMFV9I4Ht2J9RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGn+OgmT+N/LeS06+Nmo/ueBoeCMB8GA1UdIwQY
MBaAFCD1gTaLZLoy8sLeV/eE84Rr0TO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBXQk5vdGt1akx5d3Q1WDk0VHpoR3ZSTTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yNTM1NmItNzRhOC00NDg0LWI0ZTQt
ZmZhZjI0OWM0ZDJmLzEvY2FmNDZDWlA0Mzh0NUxUcjQyYWotNTRHaDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yNTM1NmItNzRhOC00NDg0LWI0ZTQtZmZhZjI0OWM0ZDJm
LzEvSVBXQk5vdGt1akx5d3Q1WDk0VHpoR3ZSTTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaNeMA0G
CSqGSIb3DQEBCwUAA4IBAQA1r6Y9f+zAC380rx8bb2vjNRWo7kQU3rY2K0c0K3eL
yKFfKq9M6XWuy3JzVcR9XhPZ9dMv6spq9eBHReCKt6edA+00HFWeiWFnQdLsVXFh
JopO/Ba1o6oqbXgkCKaahQBJjsGWfi/ZvhaK+Adiun9yDQHv56fKC8cmyTNDyz7R
+Qes624CcdWCMYANWO4am2VVEUJ1xRLsuOZjP+nFbeR1xYCvrSShjhxqxzi2+WcE
yD1XcJ1OSBmnFmFelEx6BCDu4lbm8YrtpYAlCwbvKebWgi0WAqvDqrOZbYFspqWc
RWLPUs0QLFqdZ0qeX8VRhUqx9qMsc3ooBoZHkqChCtN7
-----END CERTIFICATE-----
Generated at Mon Oct 16 10:41:57 2023 by rpki-client on console-ams.rpki-client.org