Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1btTLyO7eI-PC2lLhxyFcy61n48.roa
File: 1btTLyO7eI-PC2lLhxyFcy61n48.roa (raw, json)
Hash identifier: csWjHVbZ4ecBSTr8Sfash8vsHZSijjlGOlmApzJ+SqA=
Subject key identifier: D5:BB:53:2F:23:BB:78:8F:8F:0B:69:4B:87:1C:85:73:2E:B5:9F:8F
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0186874200D2BF359CA84E12526CAEC2005D
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1btTLyO7eI-PC2lLhxyFcy61n48.roa
Signing time: Sat 25 Feb 2023 06:28:15 +0000
ROA not before: Sat 25 Feb 2023 06:28:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 95.82.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:87:42:00:d2:bf:35:9c:a8:4e:12:52:6c:ae:c2:00:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Feb 25 06:28:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5bb532f23bb788f8f0b694b871c85732eb59f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:02:d5:bb:a5:19:dd:73:5a:df:67:53:1a:3e:
10:ff:23:c6:82:c9:de:ff:8a:0e:7e:c9:ff:fd:8f:
d2:c5:23:d2:dc:2b:82:53:2b:7f:4f:7c:53:fc:5c:
ce:b3:85:d0:09:a6:05:f3:90:33:d8:01:f2:1d:04:
4a:6c:9c:09:18:30:3b:8b:7c:71:76:65:b3:3f:3a:
0b:6b:35:30:e2:24:a2:25:71:41:b3:02:08:28:81:
9a:d2:64:9d:80:8b:48:a5:b8:cf:c7:6e:b0:b7:78:
d5:a4:c9:77:fb:d6:be:7b:44:75:ce:97:52:0d:c0:
8d:7a:c6:0f:0d:70:cd:7a:95:46:99:ad:36:ae:3c:
47:c8:66:3b:2f:0b:e3:e2:9e:c1:b9:90:51:1c:a6:
4f:01:7e:e1:da:8a:8e:b1:25:b1:57:ae:11:21:46:
e2:a4:94:1a:eb:09:54:fc:c8:bc:7c:1a:1b:ba:8f:
c5:a7:f9:11:fb:c6:66:56:41:9c:8b:ff:44:24:5b:
66:4b:27:0a:9a:ec:f2:e1:f6:c0:f7:6c:82:25:0d:
1d:33:7b:4f:f9:6e:3e:6b:22:ab:d5:3f:a1:6e:a8:
9e:26:35:fa:9b:43:9a:a9:d5:ad:f1:56:e0:01:dd:
66:d2:f7:8f:12:84:e5:4a:27:fc:98:76:58:bc:6d:
cc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BB:53:2F:23:BB:78:8F:8F:0B:69:4B:87:1C:85:73:2E:B5:9F:8F
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1btTLyO7eI-PC2lLhxyFcy61n48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.0.0/21
Signature Algorithm: sha256WithRSAEncryption
af:19:dd:b1:8a:b6:35:29:1c:f3:6d:4c:8d:77:85:52:80:6b:
71:cd:2d:c6:0e:60:60:3e:0e:b4:1e:d3:b1:51:e7:f9:d7:7e:
fc:b2:01:75:69:04:af:1a:8d:16:55:de:ca:0d:20:7e:a2:36:
84:d3:98:82:81:70:bb:16:b0:a1:3c:9c:c6:84:d8:43:c9:98:
55:44:2e:8d:83:15:95:d9:84:97:20:d7:d4:8f:39:45:a7:1c:
47:68:32:2f:5f:17:31:9d:f8:92:b9:b7:89:23:23:0d:bb:e5:
99:9b:ec:b3:9f:d2:24:8f:41:56:e9:70:c4:06:3b:50:39:8d:
46:de:b1:3d:c5:f7:d9:f9:04:63:8f:09:3a:9b:78:93:fb:4b:
ea:4c:a5:48:80:e0:7a:44:39:6c:00:27:9b:88:3e:4e:63:3e:
3c:32:31:f0:54:e4:3a:88:d8:63:4a:f7:40:4d:d5:b5:60:7d:
bf:7d:d9:9a:b1:25:1d:50:2c:d7:46:16:62:a2:8f:ff:79:62:
98:45:da:b0:ca:2d:b9:00:d5:fc:d0:60:63:03:57:ef:d7:fe:
5b:6c:f5:c2:f6:4b:6f:d1:ea:c9:c7:18:43:5a:1d:87:31:85:
a4:37:72:26:34:90:da:ab:2b:6d:b9:0b:ca:27:56:29:f5:a2:
b8:0a:29:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaHQgDSvzWcqE4SUmyuwgBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwMjI1MDYyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJiNTMyZjIzYmI3ODhmOGYwYjY5NGI4NzFjODU3MzJlYjU5ZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgLVu6UZ3XNa32dTGj4Q/yPGgsne
/4oOfsn//Y/SxSPS3CuCUyt/T3xT/FzOs4XQCaYF85Az2AHyHQRKbJwJGDA7i3xx
dmWzPzoLazUw4iSiJXFBswIIKIGa0mSdgItIpbjPx26wt3jVpMl3+9a+e0R1zpdS
DcCNesYPDXDNepVGma02rjxHyGY7Lwvj4p7BuZBRHKZPAX7h2oqOsSWxV64RIUbi
pJQa6wlU/Mi8fBobuo/Fp/kR+8ZmVkGci/9EJFtmSycKmuzy4fbA92yCJQ0dM3tP
+W4+ayKr1T+hbqieJjX6m0OaqdWt8VbgAd1m0vePEoTlSif8mHZYvG3MhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNW7Uy8ju3iPjwtpS4cchXMutZ+PMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvMWJ0VEx5TzdlSS1QQzJsTGh4eUZjeTYxbjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDX1IAMA0G
CSqGSIb3DQEBCwUAA4IBAQCvGd2xirY1KRzzbUyNd4VSgGtxzS3GDmBgPg60HtOx
Uef51378sgF1aQSvGo0WVd7KDSB+ojaE05iCgXC7FrChPJzGhNhDyZhVRC6NgxWV
2YSXINfUjzlFpxxHaDIvXxcxnfiSubeJIyMNu+WZm+yzn9Ikj0FW6XDEBjtQOY1G
3rE9xffZ+QRjjwk6m3iT+0vqTKVIgOB6RDlsACebiD5OYz48MjHwVOQ6iNhjSvdA
TdW1YH2/fdmasSUdUCzXRhZioo//eWKYRdqwyi25ANX80GBjA1fv1/5bbPXC9ktv
0erJxxhDWh2HMYWkN3ImNJDaqyttuQvKJ1Yp9aK4Cin1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:52 2025 by rpki-client