Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/1k-M5Hc4cubNo0FvW-MKAYbv00k.roa
File: 1k-M5Hc4cubNo0FvW-MKAYbv00k.roa (raw, json)
Hash identifier: mWSE0HoDm6fRSOfitRjL4D9tEfPglVMJP2yITUmQ0xs=
Subject key identifier: D6:4F:8C:E4:77:38:72:E6:CD:A3:41:6F:5B:E3:0A:01:86:EF:D3:49
Certificate issuer: /CN=7835f76d377a3387f1f0fc4f47bd88dc90aa69fb
Certificate serial: 018CCA284AA485301DDD9410F869B56F8224
Authority key identifier: 78:35:F7:6D:37:7A:33:87:F1:F0:FC:4F:47:BD:88:DC:90:AA:69:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eDX3bTd6M4fx8PxPR72I3JCqafs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/1k-M5Hc4cubNo0FvW-MKAYbv00k.roa
Signing time: Tue 02 Jan 2024 12:31:27 +0000
ROA not before: Tue 02 Jan 2024 12:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 195.64.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:4a:a4:85:30:1d:dd:94:10:f8:69:b5:6f:82:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7835f76d377a3387f1f0fc4f47bd88dc90aa69fb
Validity
Not Before: Jan 2 12:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d64f8ce4773872e6cda3416f5be30a0186efd349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:fe:59:9b:03:b2:c3:f2:46:12:0e:e1:e4:
e9:b4:de:86:0c:5c:d2:57:2f:5b:25:11:8c:7d:53:
0d:9d:70:f8:89:1d:5e:d7:c9:6c:b3:e3:35:fe:7b:
22:87:5f:2b:e4:df:89:b5:60:8d:e8:d2:cf:43:01:
c9:e3:fd:77:81:43:81:69:71:c1:bd:8b:ce:fc:89:
82:98:32:42:3b:10:74:47:e3:49:11:e1:13:be:84:
6a:d2:ea:23:96:40:cd:78:1a:2d:da:1d:94:a0:3d:
79:fb:fe:0d:69:8e:fc:e0:11:c8:f2:a2:35:1d:ff:
9c:01:7b:2d:17:af:22:99:d6:91:ae:d6:da:54:19:
46:0c:02:7d:45:9d:c4:dd:c3:b9:93:4e:ca:18:2e:
19:4d:24:41:30:5a:0f:2a:a6:88:77:09:7d:01:3e:
5a:4d:e7:f6:9b:75:23:d0:a4:3f:d8:9f:d8:12:08:
51:17:d9:aa:82:88:56:a9:c1:5e:e0:5d:22:48:60:
e3:33:9d:d1:06:16:ef:75:6c:05:c5:ef:a1:64:6b:
22:d4:9c:93:7d:de:02:f0:20:8a:40:75:9c:ea:32:
4a:13:29:3a:a3:7b:11:06:88:e3:9b:1c:41:3a:33:
2b:c5:6a:e5:52:b0:8c:3f:09:39:9c:b6:0c:1b:00:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4F:8C:E4:77:38:72:E6:CD:A3:41:6F:5B:E3:0A:01:86:EF:D3:49
X509v3 Authority Key Identifier:
keyid:78:35:F7:6D:37:7A:33:87:F1:F0:FC:4F:47:BD:88:DC:90:AA:69:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eDX3bTd6M4fx8PxPR72I3JCqafs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/1k-M5Hc4cubNo0FvW-MKAYbv00k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/206bc6-f377-44b9-b53a-65ec722e7a92/1/eDX3bTd6M4fx8PxPR72I3JCqafs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.103.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:24:54:26:47:58:98:f6:24:c9:9d:b1:a0:45:82:b4:8d:9a:
06:09:2b:95:ea:72:96:f9:87:c9:eb:fd:f5:09:42:c3:36:9a:
ad:80:a5:4b:f9:bf:4e:84:f5:c9:20:07:34:5f:59:1b:83:4e:
28:42:43:aa:93:63:70:6f:c2:e4:83:f8:18:fe:99:50:ae:8e:
b5:2a:af:82:fa:f5:15:73:c0:0e:37:0b:41:be:98:a6:07:57:
39:dc:0d:bb:fd:cc:11:8b:30:50:38:01:f2:6a:ae:c2:f9:47:
ed:86:3e:a1:27:b2:e7:b2:f8:c8:90:fa:f6:de:56:b7:bc:c6:
93:00:21:5b:69:f5:98:17:e9:7e:98:43:a2:96:d4:38:b3:7d:
ee:f5:7e:47:1a:6a:84:ec:49:b9:0a:11:3a:4f:42:b2:49:02:
9c:df:86:6d:de:83:ed:88:ef:3d:9f:c4:62:d9:3d:4c:4f:58:
6b:13:d1:51:38:5f:7c:6c:94:f7:cb:2b:46:7e:24:bd:5b:19:
23:b2:c4:67:c1:e8:58:ce:1d:26:71:f9:5b:4b:83:4b:eb:f8:
fb:e2:90:4e:91:a0:66:d2:56:7d:06:34:4e:7d:42:12:59:ee:
68:e7:f1:fe:0c:92:3a:b1:20:5b:38:a0:11:31:09:c9:d4:31:
9a:60:b2:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKEqkhTAd3ZQQ+Gm1b4IkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MzVmNzZkMzc3YTMzODdmMWYwZmM0ZjQ3YmQ4OGRjOTBh
YTY5ZmIwHhcNMjQwMTAyMTIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRmOGNlNDc3Mzg3MmU2Y2RhMzQxNmY1YmUzMGEwMTg2ZWZkMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNv+WZsDssPyRhIO4eTptN6GDFzS
Vy9bJRGMfVMNnXD4iR1e18lss+M1/nsih18r5N+JtWCN6NLPQwHJ4/13gUOBaXHB
vYvO/ImCmDJCOxB0R+NJEeETvoRq0uojlkDNeBot2h2UoD15+/4NaY784BHI8qI1
Hf+cAXstF68imdaRrtbaVBlGDAJ9RZ3E3cO5k07KGC4ZTSRBMFoPKqaIdwl9AT5a
Tef2m3Uj0KQ/2J/YEghRF9mqgohWqcFe4F0iSGDjM53RBhbvdWwFxe+hZGsi1JyT
fd4C8CCKQHWc6jJKEyk6o3sRBojjmxxBOjMrxWrlUrCMPwk5nLYMGwBb4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZPjOR3OHLmzaNBb1vjCgGG79NJMB8GA1UdIwQY
MBaAFHg19203ejOH8fD8T0e9iNyQqmn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZURYM2JUZDZNNGZ4OFB4UFI3MkkzSkNxYWZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8yMDZiYzYtZjM3Ny00NGI5LWI1M2Et
NjVlYzcyMmU3YTkyLzEvMWstTTVIYzRjdWJObzBGdlctTUtBWWJ2MDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8yMDZiYzYtZjM3Ny00NGI5LWI1M2EtNjVlYzcyMmU3YTky
LzEvZURYM2JUZDZNNGZ4OFB4UFI3MkkzSkNxYWZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BnMA0G
CSqGSIb3DQEBCwUAA4IBAQBcJFQmR1iY9iTJnbGgRYK0jZoGCSuV6nKW+YfJ6/31
CULDNpqtgKVL+b9OhPXJIAc0X1kbg04oQkOqk2Nwb8Lkg/gY/plQro61Kq+C+vUV
c8AONwtBvpimB1c53A27/cwRizBQOAHyaq7C+Ufthj6hJ7LnsvjIkPr23la3vMaT
ACFbafWYF+l+mEOiltQ4s33u9X5HGmqE7Em5ChE6T0KySQKc34Zt3oPtiO89n8Ri
2T1MT1hrE9FROF98bJT3yytGfiS9WxkjssRnwehYzh0mcflbS4NL6/j74pBOkaBm
0lZ9BjROfUISWe5o5/H+DJI6sSBbOKARMQnJ1DGaYLIk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:08 2025 by rpki-client