Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/xunIV9WtuE33EEFg1oycdvZH7mA.roa
File: xunIV9WtuE33EEFg1oycdvZH7mA.roa (raw, json)
Hash identifier: Pn8LwuCrtBdD9EQaxxFRQe6O3ckJz8VdR/dnO51jrmY=
Subject key identifier: C6:E9:C8:57:D5:AD:B8:4D:F7:10:41:60:D6:8C:9C:76:F6:47:EE:60
Certificate issuer: /CN=f02d21c925edd7d811e1be96f0f287d7ccd2f35b
Certificate serial: 01856ECB98B48F4F053AB8CF695E4BB70994
Authority key identifier: F0:2D:21:C9:25:ED:D7:D8:11:E1:BE:96:F0:F2:87:D7:CC:D2:F3:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C0hySXt19gR4b6W8PKH18zS81s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/xunIV9WtuE33EEFg1oycdvZH7mA.roa
Signing time: Sun 01 Jan 2023 19:25:14 +0000
ROA not before: Sun 01 Jan 2023 19:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.20.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:98:b4:8f:4f:05:3a:b8:cf:69:5e:4b:b7:09:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02d21c925edd7d811e1be96f0f287d7ccd2f35b
Validity
Not Before: Jan 1 19:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6e9c857d5adb84df7104160d68c9c76f647ee60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:03:1c:32:82:d8:89:f0:ce:7e:a2:fe:16:cd:
b6:ce:60:38:a8:bc:e7:70:84:87:06:82:c1:c4:ad:
97:2c:a5:ad:f1:96:72:14:3d:6e:c0:4d:4a:13:8d:
bb:04:a7:3b:00:76:9b:af:43:4d:1a:21:21:3b:32:
c8:9f:ce:b5:81:75:23:ba:42:ee:b4:e7:65:35:d6:
2f:43:fc:d6:0f:f9:0a:0a:f3:46:f6:4f:0f:20:e9:
d8:d1:c1:36:8b:07:47:7d:06:45:9c:e6:7a:20:04:
61:77:25:5f:a5:bd:1b:b3:53:42:51:28:97:ce:66:
7a:5f:b1:f8:e1:eb:7d:ad:f5:2b:5d:13:a3:eb:fe:
56:aa:e4:69:8e:f3:b2:99:8f:e5:9e:61:fa:c7:61:
48:aa:82:06:e6:13:b7:50:2c:19:1b:33:2c:be:12:
47:40:2c:de:43:c2:c9:0a:97:49:38:9d:89:c6:92:
30:cb:d0:f5:fb:49:7a:7e:2a:ac:c3:be:04:b2:99:
3e:f7:e9:f7:7b:9c:17:3c:dc:ab:9d:ff:b5:59:48:
66:ec:e6:bd:1f:a0:5b:48:1a:2c:5d:1e:84:15:82:
70:d0:4c:d1:db:20:eb:60:1e:6a:5c:a4:5f:c0:ae:
cf:c5:3c:0c:83:e7:1e:c0:d0:38:d4:3d:6f:9f:8a:
d8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E9:C8:57:D5:AD:B8:4D:F7:10:41:60:D6:8C:9C:76:F6:47:EE:60
X509v3 Authority Key Identifier:
keyid:F0:2D:21:C9:25:ED:D7:D8:11:E1:BE:96:F0:F2:87:D7:CC:D2:F3:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C0hySXt19gR4b6W8PKH18zS81s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/xunIV9WtuE33EEFg1oycdvZH7mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ee78f-02ea-46eb-b529-439d0da6a26e/1/8C0hySXt19gR4b6W8PKH18zS81s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.4.0/24
Signature Algorithm: sha256WithRSAEncryption
81:45:e4:54:0b:86:94:c7:9f:9d:bc:e7:a7:29:2b:e6:5c:8e:
2b:d7:eb:df:d6:22:6f:ef:67:68:df:b7:9f:c2:ad:45:11:b5:
e4:0a:d8:a9:68:45:fb:c3:2d:18:31:f8:3e:33:8a:6d:6a:3f:
ea:a8:06:11:05:c8:36:e7:8f:bd:13:5e:08:b0:3c:f5:7b:fd:
d4:44:a5:aa:7b:97:28:84:29:58:b1:4a:64:65:79:67:b9:65:
49:56:97:fa:16:1d:99:b0:89:16:9c:69:76:28:9a:19:17:d5:
84:f9:d0:04:ff:2c:18:e3:c1:d0:00:34:ef:18:9c:03:51:51:
62:6b:9c:68:5a:c3:15:81:0c:d7:e8:97:81:db:b5:1a:92:2e:
ba:82:da:3c:3b:16:0e:66:59:4d:d9:16:d2:63:6e:f6:b1:4b:
e3:09:cb:ae:b0:64:11:fe:a3:d4:68:fe:4e:e1:5c:47:36:c9:
0f:d3:65:59:09:61:f1:39:f0:5b:ba:f0:f0:d6:f5:97:0f:c8:
3f:1c:5b:47:6e:eb:56:8a:22:69:98:72:4e:ee:e4:0a:35:e1:
73:36:3c:a7:07:e7:79:2a:54:9a:50:2d:59:75:67:b1:e9:ed:
77:4f:2f:4e:56:a5:73:e0:ef:9b:96:94:c0:b0:29:65:13:dd:
49:3a:6b:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy5i0j08FOrjPaV5LtwmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmQyMWM5MjVlZGQ3ZDgxMWUxYmU5NmYwZjI4N2Q3Y2Nk
MmYzNWIwHhcNMjMwMTAxMTkyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmU5Yzg1N2Q1YWRiODRkZjcxMDQxNjBkNjhjOWM3NmY2NDdlZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgMcMoLYifDOfqL+Fs22zmA4qLzn
cISHBoLBxK2XLKWt8ZZyFD1uwE1KE427BKc7AHabr0NNGiEhOzLIn861gXUjukLu
tOdlNdYvQ/zWD/kKCvNG9k8PIOnY0cE2iwdHfQZFnOZ6IARhdyVfpb0bs1NCUSiX
zmZ6X7H44et9rfUrXROj6/5WquRpjvOymY/lnmH6x2FIqoIG5hO3UCwZGzMsvhJH
QCzeQ8LJCpdJOJ2JxpIwy9D1+0l6fiqsw74Espk+9+n3e5wXPNyrnf+1WUhm7Oa9
H6BbSBosXR6EFYJw0EzR2yDrYB5qXKRfwK7PxTwMg+cewNA41D1vn4rY0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbpyFfVrbhN9xBBYNaMnHb2R+5gMB8GA1UdIwQY
MBaAFPAtIckl7dfYEeG+lvDyh9fM0vNbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMwaHlTWHQxOWdSNGI2VzhQS0gxOHpTODFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yZWU3OGYtMDJlYS00NmViLWI1Mjkt
NDM5ZDBkYTZhMjZlLzEveHVuSVY5V3R1RTMzRUVGZzFveWNkdlpIN21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yZWU3OGYtMDJlYS00NmViLWI1MjktNDM5ZDBkYTZhMjZl
LzEvOEMwaHlTWHQxOWdSNGI2VzhQS0gxOHpTODFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRQEMA0G
CSqGSIb3DQEBCwUAA4IBAQCBReRUC4aUx5+dvOenKSvmXI4r1+vf1iJv72do37ef
wq1FEbXkCtipaEX7wy0YMfg+M4ptaj/qqAYRBcg254+9E14IsDz1e/3URKWqe5co
hClYsUpkZXlnuWVJVpf6Fh2ZsIkWnGl2KJoZF9WE+dAE/ywY48HQADTvGJwDUVFi
a5xoWsMVgQzX6JeB27Uaki66gto8OxYOZllN2RbSY272sUvjCcuusGQR/qPUaP5O
4VxHNskP02VZCWHxOfBbuvDw1vWXD8g/HFtHbutWiiJpmHJO7uQKNeFzNjynB+d5
KlSaUC1ZdWex6e13Ty9OVqVz4O+blpTAsCllE91JOmsk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:18 2024 by rpki-client on console-ams.rpki-client.org