Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/bgXWDU1sYjDfTeCHXYZAv1oR7y4.roa
File: bgXWDU1sYjDfTeCHXYZAv1oR7y4.roa (raw, json)
Hash identifier: zk19BOfQMVYYzJ5aJLOly4fmSd8THgLTgaaYTNTIjSk=
Subject key identifier: 6E:05:D6:0D:4D:6C:62:30:DF:4D:E0:87:5D:86:40:BF:5A:11:EF:2E
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 0190A3353FAEBC026683C422AA4EE4ADD455
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/bgXWDU1sYjDfTeCHXYZAv1oR7y4.roa
Signing time: Thu 11 Jul 2024 19:11:34 +0000
ROA not before: Thu 11 Jul 2024 19:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206833
IP address blocks: 195.5.68.0/22 maxlen: 24
195.5.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a3:35:3f:ae:bc:02:66:83:c4:22:aa:4e:e4:ad:d4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Jul 11 19:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e05d60d4d6c6230df4de0875d8640bf5a11ef2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:17:53:90:29:2e:e6:8c:67:0b:b4:50:3c:08:
cd:dc:13:0f:93:a5:d6:22:44:93:cf:19:84:b7:30:
b6:31:75:2c:ab:65:cc:2f:fb:cf:3f:ad:11:8f:a7:
fa:9a:33:f0:a4:bc:82:46:0f:67:09:d6:3b:57:32:
49:3e:97:56:51:0d:51:6e:fd:59:8f:c0:b0:19:64:
66:c6:56:ae:5d:c5:e0:16:3c:37:e2:b7:43:6d:8f:
8f:61:63:4e:88:35:43:89:b6:be:80:99:42:03:02:
88:78:64:c1:5a:49:d0:a2:8f:da:be:4c:5a:5e:a2:
51:0e:74:ce:cd:5b:9f:0c:61:c3:64:1c:a1:2d:96:
98:47:09:97:09:2d:74:9a:74:31:f5:37:7e:66:bf:
cb:20:f5:db:a3:65:38:ca:5e:16:43:b1:c1:d2:81:
78:22:d5:1f:8f:c5:bf:e3:21:01:62:46:fc:ec:5f:
89:1c:48:5d:fd:da:77:36:bb:66:6b:6a:bd:ad:9f:
24:e6:fa:46:64:f1:fa:8c:05:e1:ed:a7:9b:67:00:
64:cf:56:25:74:ba:54:f0:1d:04:d4:39:e2:cc:1d:
0f:ca:7c:97:25:2f:ca:ef:de:dc:9b:f0:b2:ef:49:
a7:bc:48:41:7d:5c:31:8f:e1:aa:23:61:22:e7:c1:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:05:D6:0D:4D:6C:62:30:DF:4D:E0:87:5D:86:40:BF:5A:11:EF:2E
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/bgXWDU1sYjDfTeCHXYZAv1oR7y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.68.0-195.5.75.255
Signature Algorithm: sha256WithRSAEncryption
30:0c:65:bd:dc:c3:6a:2b:6a:db:e0:4b:9b:e4:ae:e7:ee:6c:
91:aa:61:f8:9c:8d:07:22:1e:33:75:7e:cb:3a:4d:ea:f7:6b:
4b:35:fc:84:0c:52:47:5c:cf:a1:9a:6a:e9:51:e5:7a:e3:c3:
06:ac:73:49:52:ef:bf:28:74:a2:9b:5a:57:b0:b2:76:59:32:
ff:c4:bb:49:0f:8f:1e:09:59:6b:87:8f:bf:40:96:64:17:d4:
00:d7:73:d7:1e:d7:04:8f:11:ed:41:f7:bf:e6:20:74:d8:e2:
ce:52:eb:59:e0:bc:85:6f:ce:26:ee:f7:43:a1:ad:98:7f:8a:
21:b1:d6:4d:75:02:7b:e2:96:24:63:01:40:b0:9b:1f:57:06:
67:a5:ae:66:36:cc:3f:9a:65:15:2d:ad:23:21:65:09:73:84:
9c:80:d5:1d:c6:51:56:f3:79:03:72:11:e9:d9:50:37:53:9e:
91:b2:a9:81:e3:a6:04:da:92:09:b3:cf:5c:05:3c:17:62:69:
c2:14:9f:92:16:69:3c:9f:23:ce:33:e9:c5:60:f2:8a:15:26:
de:72:cc:61:7f:64:94:d7:88:fd:5b:bc:4c:d7:7b:ec:15:90:
e2:5f:8c:fd:67:47:33:95:5b:36:62:da:7b:29:7d:84:31:81:
33:c9:70:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZCjNT+uvAJmg8Qiqk7krdRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwNzExMTkxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA1ZDYwZDRkNmM2MjMwZGY0ZGUwODc1ZDg2NDBiZjVhMTFlZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRdTkCku5oxnC7RQPAjN3BMPk6XW
IkSTzxmEtzC2MXUsq2XML/vPP60Rj6f6mjPwpLyCRg9nCdY7VzJJPpdWUQ1Rbv1Z
j8CwGWRmxlauXcXgFjw34rdDbY+PYWNOiDVDiba+gJlCAwKIeGTBWknQoo/avkxa
XqJRDnTOzVufDGHDZByhLZaYRwmXCS10mnQx9Td+Zr/LIPXbo2U4yl4WQ7HB0oF4
ItUfj8W/4yEBYkb87F+JHEhd/dp3Nrtma2q9rZ8k5vpGZPH6jAXh7aebZwBkz1Yl
dLpU8B0E1DnizB0PynyXJS/K797cm/Cy70mnvEhBfVwxj+GqI2Ei58Ec/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG4F1g1NbGIw303gh12GQL9aEe8uMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvYmdYV0RVMXNZakRmVGVDSFhZWkF2MW9SN3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALDBUQD
BALDBUgwDQYJKoZIhvcNAQELBQADggEBADAMZb3cw2oratvgS5vkrufubJGqYfic
jQciHjN1fss6Ter3a0s1/IQMUkdcz6GaaulR5Xrjwwasc0lS778odKKbWlewsnZZ
Mv/Eu0kPjx4JWWuHj79AlmQX1ADXc9ce1wSPEe1B97/mIHTY4s5S61ngvIVvzibu
90OhrZh/iiGx1k11AnviliRjAUCwmx9XBmelrmY2zD+aZRUtrSMhZQlzhJyA1R3G
UVbzeQNyEenZUDdTnpGyqYHjpgTakgmzz1wFPBdiacIUn5IWaTyfI84z6cVg8ooV
Jt5yzGF/ZJTXiP1bvEzXe+wVkOJfjP1nRzOVWzZi2nspfYQxgTPJcKU=
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:26:14 2024 by rpki-client on console-fra.rpki-client.org