Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/767555-cc38-4df3-bcf7-2b1e342b2b24/1/upfecyqbrgZcVLz594piPyry5pE.roa
File: upfecyqbrgZcVLz594piPyry5pE.roa (raw, json)
Hash identifier: OxgcUsjwI7tTMEjmoHN9xHei67rz+LeAdLfKMs/p8ro=
Subject key identifier: BA:97:DE:73:2A:9B:AE:06:5C:54:BC:F9:F7:8A:62:3F:2A:F2:E6:91
Certificate issuer: /CN=3c98aeebc2d6c06c169bac30306a5e9b68426c59
Certificate serial: 0191B2D0C4E9E26EAB7083343EB511AA3391
Authority key identifier: 3C:98:AE:EB:C2:D6:C0:6C:16:9B:AC:30:30:6A:5E:9B:68:42:6C:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PJiu68LWwGwWm6wwMGpem2hCbFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/767555-cc38-4df3-bcf7-2b1e342b2b24/1/upfecyqbrgZcVLz594piPyry5pE.roa
Signing time: Mon 02 Sep 2024 12:58:31 +0000
ROA not before: Mon 02 Sep 2024 12:58:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5631
IP address blocks: 195.167.128.0/20 maxlen: 20
195.167.128.0/21 maxlen: 21
195.167.136.0/21 maxlen: 21
195.167.176.0/20 maxlen: 20
195.167.176.0/21 maxlen: 21
195.167.184.0/21 maxlen: 21
2a02:890::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:d0:c4:e9:e2:6e:ab:70:83:34:3e:b5:11:aa:33:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c98aeebc2d6c06c169bac30306a5e9b68426c59
Validity
Not Before: Sep 2 12:58:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba97de732a9bae065c54bcf9f78a623f2af2e691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:88:41:e6:fa:57:9e:fa:c8:18:f8:95:f2:3f:
f2:c0:01:f9:96:5e:9f:6e:eb:e5:e5:2a:f1:97:82:
ae:72:68:30:35:ee:06:ad:e4:9f:b5:14:76:7d:6e:
b6:e8:e4:d5:c7:a7:fc:43:db:d4:a2:e8:98:2a:b3:
06:2a:fe:a9:6e:9e:23:15:ed:e4:c1:fd:e0:99:4c:
bf:a0:5f:7b:f4:d2:bc:37:d9:58:b2:53:92:ba:54:
5f:09:dd:4a:32:51:48:59:ec:0e:8e:8d:2f:ef:b7:
0a:fd:56:ac:5c:d1:4f:0d:c1:66:c0:a8:68:65:3e:
44:53:56:eb:69:f0:99:43:9b:21:85:35:1d:fa:d0:
50:3b:e5:55:3f:75:73:a9:c9:64:7e:0f:d0:a7:0e:
71:78:77:5c:d6:c4:e2:c5:d9:71:c1:99:f3:70:29:
3a:0c:d5:c4:e3:5a:a3:be:f3:b4:54:15:84:20:27:
a2:15:c8:e6:81:0f:2a:b5:ab:04:02:7e:66:9e:18:
45:04:e6:fe:04:11:c3:1d:a5:be:11:ba:8a:db:b8:
ce:4e:5b:26:5a:dd:69:a9:f6:80:cf:ee:d8:9b:82:
a3:a6:b1:3c:6f:de:e8:f9:f3:6b:c9:2c:57:51:c4:
dc:22:7f:bf:ba:36:05:de:5a:ee:b1:6d:0d:43:57:
fb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:97:DE:73:2A:9B:AE:06:5C:54:BC:F9:F7:8A:62:3F:2A:F2:E6:91
X509v3 Authority Key Identifier:
keyid:3C:98:AE:EB:C2:D6:C0:6C:16:9B:AC:30:30:6A:5E:9B:68:42:6C:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PJiu68LWwGwWm6wwMGpem2hCbFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/767555-cc38-4df3-bcf7-2b1e342b2b24/1/upfecyqbrgZcVLz594piPyry5pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/767555-cc38-4df3-bcf7-2b1e342b2b24/1/PJiu68LWwGwWm6wwMGpem2hCbFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.167.128.0/20
195.167.176.0/20
IPv6:
2a02:890::/32
Signature Algorithm: sha256WithRSAEncryption
6c:f5:3e:fc:90:b4:9f:0f:ea:fc:7a:45:85:8d:45:87:92:6e:
8b:6b:4a:ae:de:b6:f8:2d:81:3c:c5:33:70:3e:77:a5:e2:ac:
33:5d:cd:36:3c:fd:ca:e0:41:ae:10:ec:55:d6:32:53:dc:2d:
63:da:cd:82:12:c2:fa:75:5e:e3:fd:bc:e2:91:8f:d8:8b:22:
a5:6f:6b:45:1a:c3:8b:81:f6:68:58:aa:65:fc:94:49:c5:ef:
98:a7:f9:e6:7b:3d:d8:76:27:25:0e:b8:27:98:b8:de:f1:9e:
07:79:d7:a3:22:dd:be:af:db:67:77:07:41:4c:d5:bb:aa:45:
d8:0b:74:49:9d:41:37:1c:d8:a7:02:a9:d6:5f:35:77:da:14:
47:ec:68:79:9a:de:c6:4d:3d:43:30:17:c3:dc:55:a1:4a:12:
d6:09:d1:d6:0e:d3:6a:7d:93:b0:3c:c9:cd:b6:48:d1:0d:e0:
28:3f:20:e5:19:92:22:1b:09:e1:ef:16:91:97:b9:da:1c:e8:
04:1b:57:47:49:fe:41:f6:46:e9:4d:9c:9d:42:51:78:15:22:
c4:74:fa:43:6b:f5:0a:d2:5e:e9:14:4a:fa:38:cc:2d:ba:eb:
7a:34:71:c4:fc:92:5e:1a:3f:44:35:2d:fe:5b:9f:6c:09:68:
a7:86:7e:3c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGy0MTp4m6rcIM0PrURqjORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOThhZWViYzJkNmMwNmMxNjliYWMzMDMwNmE1ZTliNjg0
MjZjNTkwHhcNMjQwOTAyMTI1ODMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk3ZGU3MzJhOWJhZTA2NWM1NGJjZjlmNzhhNjIzZjJhZjJlNjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYhB5vpXnvrIGPiV8j/ywAH5ll6f
buvl5Srxl4KucmgwNe4GreSftRR2fW626OTVx6f8Q9vUouiYKrMGKv6pbp4jFe3k
wf3gmUy/oF979NK8N9lYslOSulRfCd1KMlFIWewOjo0v77cK/VasXNFPDcFmwKho
ZT5EU1brafCZQ5shhTUd+tBQO+VVP3Vzqclkfg/Qpw5xeHdc1sTixdlxwZnzcCk6
DNXE41qjvvO0VBWEICeiFcjmgQ8qtasEAn5mnhhFBOb+BBHDHaW+EbqK27jOTlsm
Wt1pqfaAz+7Ym4KjprE8b97o+fNrySxXUcTcIn+/ujYF3lrusW0NQ1f72wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLqX3nMqm64GXFS8+feKYj8q8uaRMB8GA1UdIwQY
MBaAFDyYruvC1sBsFpusMDBqXptoQmxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEppdTY4TFd3R3dXbTZ3d01HcGVtMmhDYkZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83Njc1NTUtY2MzOC00ZGYzLWJjZjct
MmIxZTM0MmIyYjI0LzEvdXBmZWN5cWJyZ1pjVkx6NTk0cGlQeXJ5NXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83Njc1NTUtY2MzOC00ZGYzLWJjZjctMmIxZTM0MmIyYjI0
LzEvUEppdTY4TFd3R3dXbTZ3d01HcGVtMmhDYkZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEw6eAAwQE
w6ewMA0EAgACMAcDBQAqAgiQMA0GCSqGSIb3DQEBCwUAA4IBAQBs9T78kLSfD+r8
ekWFjUWHkm6La0qu3rb4LYE8xTNwPnel4qwzXc02PP3K4EGuEOxV1jJT3C1j2s2C
EsL6dV7j/bzikY/YiyKlb2tFGsOLgfZoWKpl/JRJxe+Yp/nmez3YdiclDrgnmLje
8Z4HedejIt2+r9tndwdBTNW7qkXYC3RJnUE3HNinAqnWXzV32hRH7Gh5mt7GTT1D
MBfD3FWhShLWCdHWDtNqfZOwPMnNtkjRDeAoPyDlGZIiGwnh7xaRl7naHOgEG1dH
Sf5B9kbpTZydQlF4FSLEdPpDa/UK0l7pFEr6OMwtuut6NHHE/JJeGj9ENS3+W59s
CWinhn48
-----END CERTIFICATE-----
Generated at Mon Sep 16 16:37:21 2024 by rpki-client on console-fra.rpki-client.org