Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/RiBz15l1qRhaeKltVrOZq7WSBzU.roa
File: RiBz15l1qRhaeKltVrOZq7WSBzU.roa (raw, json)
Hash identifier: fGB8uyLtm3bXA31E/KvSVbVCiKXD9z38FppKJVKMIn8=
Subject key identifier: 46:20:73:D7:99:75:A9:18:5A:78:A9:6D:56:B3:99:AB:B5:92:07:35
Certificate issuer: /CN=bf174a5833bde6aa7824c34099762d00978857ff
Certificate serial: 01856E4AFAB9749239B2D2E27502234E1477
Authority key identifier: BF:17:4A:58:33:BD:E6:AA:78:24:C3:40:99:76:2D:00:97:88:57:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxdKWDO95qp4JMNAmXYtAJeIV_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/RiBz15l1qRhaeKltVrOZq7WSBzU.roa
Signing time: Sun 01 Jan 2023 17:04:45 +0000
ROA not before: Sun 01 Jan 2023 17:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15423
IP address blocks: 193.163.252.0/24 maxlen: 24
193.163.251.0/24 maxlen: 24
193.163.250.0/24 maxlen: 24
193.163.249.0/24 maxlen: 24
193.163.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:4a:fa:b9:74:92:39:b2:d2:e2:75:02:23:4e:14:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf174a5833bde6aa7824c34099762d00978857ff
Validity
Not Before: Jan 1 17:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=462073d79975a9185a78a96d56b399abb5920735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:05:56:17:59:9f:5f:1c:f1:69:a6:6b:94:a2:
aa:aa:2e:af:ca:38:39:67:d0:4d:1f:df:2f:a4:27:
0b:65:bc:ff:20:ec:50:00:58:be:2b:89:81:e9:2d:
13:c3:35:63:87:af:bd:c3:b9:21:49:8f:ba:bc:db:
ed:04:0c:6b:61:85:45:b3:c3:b3:98:f2:d1:3b:7f:
b9:02:8b:97:ae:37:df:2b:2a:91:fc:10:ec:90:fa:
8d:08:51:8c:98:1d:0d:bc:27:72:91:41:dc:dd:f9:
32:ad:8b:0b:90:a0:41:32:d5:69:23:2d:b5:22:89:
08:6e:06:2c:6c:8f:d6:a1:bf:12:f0:ae:9d:d0:a1:
66:2b:58:b3:b4:35:02:86:60:db:cf:32:91:29:1d:
04:7e:df:69:d7:85:79:4a:3e:69:c9:48:2a:86:b8:
96:fe:74:cd:2e:c0:37:ae:31:a5:83:46:c2:6d:20:
6f:83:65:07:97:90:fb:52:25:95:95:10:ff:98:3f:
0a:35:9e:af:29:e0:d8:d3:5b:8f:de:cd:e3:09:ba:
8c:e6:9a:5c:c7:60:ad:7e:79:42:46:7b:19:54:c6:
28:e1:8e:58:13:00:40:cb:25:b0:be:12:f6:58:9e:
98:05:f3:78:88:f1:c7:a5:4b:aa:7c:1d:27:e8:1a:
0a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:20:73:D7:99:75:A9:18:5A:78:A9:6D:56:B3:99:AB:B5:92:07:35
X509v3 Authority Key Identifier:
keyid:BF:17:4A:58:33:BD:E6:AA:78:24:C3:40:99:76:2D:00:97:88:57:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxdKWDO95qp4JMNAmXYtAJeIV_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/RiBz15l1qRhaeKltVrOZq7WSBzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/daf25c-1b49-4719-9203-3254e4d7122e/1/vxdKWDO95qp4JMNAmXYtAJeIV_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.248.0-193.163.252.255
Signature Algorithm: sha256WithRSAEncryption
5a:a1:7d:63:bf:f7:ad:6a:4d:1d:46:ff:20:ca:95:ca:d1:3a:
05:e2:e6:43:cd:69:17:aa:69:a7:8b:42:4d:6a:84:f1:50:0d:
0a:b6:d3:27:9e:0a:1c:66:9b:61:9d:6c:1b:62:e4:f1:63:13:
4a:57:7a:97:a7:7a:58:95:bf:17:f9:45:52:d4:14:ff:80:63:
88:6c:0f:14:8d:4c:de:b5:15:a0:a8:a7:d2:65:b8:f1:23:bc:
93:37:b6:e8:f0:b2:ee:7c:56:4e:cb:47:6c:fe:f8:87:5b:33:
89:7a:2d:e6:2b:49:78:7e:8b:86:ef:11:dc:d3:8f:c9:ad:73:
25:d7:92:da:d4:9c:00:a6:5a:ee:7e:1c:15:7f:12:84:6d:d1:
e1:af:4a:2e:d8:fa:bb:86:ae:5c:9b:5c:94:0d:85:ee:7c:eb:
2e:ad:15:41:14:4c:ef:50:f6:06:dd:36:2a:9e:63:6e:97:cd:
b2:2d:ad:ce:40:5d:38:da:16:84:7f:cd:5d:11:28:17:81:4a:
40:99:12:8f:74:e8:07:eb:de:ef:0f:4c:1e:73:7e:21:17:a4:
ab:16:91:c2:4b:ed:3b:0e:b3:1e:3b:8c:f0:8d:44:b5:cc:f2:
58:fc:00:c8:44:c6:73:19:ca:56:75:0b:2a:17:58:a4:29:c4:
79:7b:74:ea
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuSvq5dJI5stLidQIjThR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTc0YTU4MzNiZGU2YWE3ODI0YzM0MDk5NzYyZDAwOTc4
ODU3ZmYwHhcNMjMwMTAxMTcwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjIwNzNkNzk5NzVhOTE4NWE3OGE5NmQ1NmIzOTlhYmI1OTIwNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQVWF1mfXxzxaaZrlKKqqi6vyjg5
Z9BNH98vpCcLZbz/IOxQAFi+K4mB6S0TwzVjh6+9w7khSY+6vNvtBAxrYYVFs8Oz
mPLRO3+5AouXrjffKyqR/BDskPqNCFGMmB0NvCdykUHc3fkyrYsLkKBBMtVpIy21
IokIbgYsbI/Wob8S8K6d0KFmK1iztDUChmDbzzKRKR0Eft9p14V5Sj5pyUgqhriW
/nTNLsA3rjGlg0bCbSBvg2UHl5D7UiWVlRD/mD8KNZ6vKeDY01uP3s3jCbqM5ppc
x2CtfnlCRnsZVMYo4Y5YEwBAyyWwvhL2WJ6YBfN4iPHHpUuqfB0n6BoKfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEYgc9eZdakYWnipbVazmau1kgc1MB8GA1UdIwQY
MBaAFL8XSlgzveaqeCTDQJl2LQCXiFf/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhkS1dETzk1cXA0Sk1OQW1YWXRBSmVJVl84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kYWYyNWMtMWI0OS00NzE5LTkyMDMt
MzI1NGU0ZDcxMjJlLzEvUmlCejE1bDFxUmhhZUtsdFZyT1pxN1dTQnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kYWYyNWMtMWI0OS00NzE5LTkyMDMtMzI1NGU0ZDcxMjJl
LzEvdnhkS1dETzk1cXA0Sk1OQW1YWXRBSmVJVl84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPBo/gD
BADBo/wwDQYJKoZIhvcNAQELBQADggEBAFqhfWO/961qTR1G/yDKlcrROgXi5kPN
aReqaaeLQk1qhPFQDQq20yeeChxmm2GdbBti5PFjE0pXepeneliVvxf5RVLUFP+A
Y4hsDxSNTN61FaCop9JluPEjvJM3tujwsu58Vk7LR2z++IdbM4l6LeYrSXh+i4bv
EdzTj8mtcyXXktrUnACmWu5+HBV/EoRt0eGvSi7Y+ruGrlybXJQNhe586y6tFUEU
TO9Q9gbdNiqeY26XzbItrc5AXTjaFoR/zV0RKBeBSkCZEo906Afr3u8PTB5zfiEX
pKsWkcJL7TsOsx47jPCNRLXM8lj8AMhExnMZylZ1CyoXWKQpxHl7dOo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:33 2024 by rpki-client on console-fra.rpki-client.org