Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/tZh9gZRgXn34sawwszgQlkKbfP4.roa
File: tZh9gZRgXn34sawwszgQlkKbfP4.roa (raw, json)
Hash identifier: bj89P1CkjQVi6Sgp8UsC5x3nSW8n6Gg8sqghdpZYJiI=
Subject key identifier: B5:98:7D:81:94:60:5E:7D:F8:B1:AC:30:B3:38:10:96:42:9B:7C:FE
Certificate issuer: /CN=1bf38b6d12023ef8700a9102f94ada3361e73e03
Certificate serial: 01856BB7D397568CF69C84A08C7B008CFC9A
Authority key identifier: 1B:F3:8B:6D:12:02:3E:F8:70:0A:91:02:F9:4A:DA:33:61:E7:3E:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_OLbRICPvhwCpEC-UraM2HnPgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/tZh9gZRgXn34sawwszgQlkKbfP4.roa
Signing time: Sun 01 Jan 2023 05:04:47 +0000
ROA not before: Sun 01 Jan 2023 05:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 193.163.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:d3:97:56:8c:f6:9c:84:a0:8c:7b:00:8c:fc:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf38b6d12023ef8700a9102f94ada3361e73e03
Validity
Not Before: Jan 1 05:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5987d8194605e7df8b1ac30b3381096429b7cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a3:97:18:35:4f:5f:18:cc:c1:18:e7:7e:86:
e4:87:96:d0:2f:c2:41:25:f8:a9:72:79:2d:ca:7e:
fa:8e:09:de:fe:b5:54:2e:b2:ab:7c:7a:cd:9a:7c:
a8:c1:e8:df:09:ba:db:b9:25:00:6a:a9:ec:a7:1e:
6d:5f:f2:d8:24:7b:bb:71:ff:a3:0f:e5:97:26:f0:
34:c3:ff:74:40:e1:e8:0d:3d:25:db:21:a3:97:5d:
f4:8c:af:03:b2:de:34:42:58:57:e4:ea:d6:a1:a4:
1b:d1:e7:86:a8:46:e9:68:7a:74:69:68:e6:c1:f3:
24:d2:5a:11:ed:40:13:8c:96:fe:5f:82:90:bb:59:
e4:df:85:5a:5b:34:11:a5:fe:ea:d6:2b:73:12:57:
ba:ef:7b:7d:51:b4:db:fd:75:89:60:10:93:87:79:
9f:e2:ea:ba:b2:69:70:8c:93:5f:a9:1e:49:d7:61:
00:fb:57:af:23:a3:11:13:4a:b2:4a:c3:89:8a:45:
72:71:d7:b2:90:8b:2d:d1:9b:34:66:f4:c6:bb:80:
f4:df:9f:32:d8:03:c3:5c:ee:01:3d:11:54:61:e9:
3e:65:2a:ed:6c:9b:77:6f:c1:3b:a5:8b:e3:38:f0:
49:78:29:75:d1:3d:02:77:53:b8:5a:e1:3d:42:a3:
5a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:98:7D:81:94:60:5E:7D:F8:B1:AC:30:B3:38:10:96:42:9B:7C:FE
X509v3 Authority Key Identifier:
keyid:1B:F3:8B:6D:12:02:3E:F8:70:0A:91:02:F9:4A:DA:33:61:E7:3E:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_OLbRICPvhwCpEC-UraM2HnPgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/tZh9gZRgXn34sawwszgQlkKbfP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/919d75-885e-4be4-9d8f-d285ca9cbe16/1/G_OLbRICPvhwCpEC-UraM2HnPgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.85.0/24
Signature Algorithm: sha256WithRSAEncryption
66:23:6a:be:26:73:0d:3d:5f:d2:65:fe:c6:58:46:82:cb:c5:
d8:0d:d8:0b:1b:94:b3:44:aa:10:5f:2a:84:16:41:34:3c:98:
f4:a4:2d:ad:7d:f3:bd:b4:e2:b6:b8:4b:9f:4d:ed:dc:cb:52:
e8:18:8f:f0:0f:aa:45:48:09:d9:83:68:7a:23:aa:c3:e9:7a:
57:56:af:6a:b0:23:56:d7:6c:e6:ad:14:43:56:52:cf:ed:3b:
1e:71:5c:df:05:d7:12:cd:4d:b8:ce:6a:bd:ec:27:fa:bf:36:
1f:1a:bb:74:ef:70:9e:53:29:c7:f4:10:65:7a:ce:89:44:2b:
c0:45:d9:e0:c1:d0:1b:51:76:9c:29:03:07:ba:7e:55:5c:08:
ac:51:ec:7e:b9:3d:ff:48:6d:0b:b9:47:c4:03:d8:2c:3a:8d:
be:74:dd:9a:b2:62:8c:96:30:fa:8f:25:06:81:15:1d:c2:f2:
81:09:f6:6c:b7:86:66:6c:72:24:3c:20:f1:b8:f1:6b:ff:f8:
79:b8:ad:62:ec:9d:b3:ad:4a:43:39:5d:a4:23:2c:16:da:de:
38:a9:08:bb:fd:08:7d:be:e6:88:d5:5c:40:94:66:fb:84:99:
fb:d1:71:19:d8:e6:a0:74:2b:50:9a:88:56:18:7d:6b:59:1c:
e0:e9:4e:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrt9OXVoz2nISgjHsAjPyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjM4YjZkMTIwMjNlZjg3MDBhOTEwMmY5NGFkYTMzNjFl
NzNlMDMwHhcNMjMwMTAxMDUwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk4N2Q4MTk0NjA1ZTdkZjhiMWFjMzBiMzM4MTA5NjQyOWI3Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qOXGDVPXxjMwRjnfobkh5bQL8JB
Jfipcnktyn76jgne/rVULrKrfHrNmnyowejfCbrbuSUAaqnspx5tX/LYJHu7cf+j
D+WXJvA0w/90QOHoDT0l2yGjl130jK8Dst40QlhX5OrWoaQb0eeGqEbpaHp0aWjm
wfMk0loR7UATjJb+X4KQu1nk34VaWzQRpf7q1itzEle673t9UbTb/XWJYBCTh3mf
4uq6smlwjJNfqR5J12EA+1evI6MRE0qySsOJikVycdeykIst0Zs0ZvTGu4D0358y
2APDXO4BPRFUYek+ZSrtbJt3b8E7pYvjOPBJeCl10T0Cd1O4WuE9QqNaBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLWYfYGUYF59+LGsMLM4EJZCm3z+MB8GA1UdIwQY
MBaAFBvzi20SAj74cAqRAvlK2jNh5z4DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19PTGJSSUNQdmh3Q3BFQy1VcmFNMkhuUGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85MTlkNzUtODg1ZS00YmU0LTlkOGYt
ZDI4NWNhOWNiZTE2LzEvdFpoOWdaUmdYbjM0c2F3d3N6Z1Fsa0tiZlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85MTlkNzUtODg1ZS00YmU0LTlkOGYtZDI4NWNhOWNiZTE2
LzEvR19PTGJSSUNQdmh3Q3BFQy1VcmFNMkhuUGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaNVMA0G
CSqGSIb3DQEBCwUAA4IBAQBmI2q+JnMNPV/SZf7GWEaCy8XYDdgLG5SzRKoQXyqE
FkE0PJj0pC2tffO9tOK2uEufTe3cy1LoGI/wD6pFSAnZg2h6I6rD6XpXVq9qsCNW
12zmrRRDVlLP7TsecVzfBdcSzU24zmq97Cf6vzYfGrt073CeUynH9BBles6JRCvA
RdngwdAbUXacKQMHun5VXAisUex+uT3/SG0LuUfEA9gsOo2+dN2asmKMljD6jyUG
gRUdwvKBCfZst4ZmbHIkPCDxuPFr//h5uK1i7J2zrUpDOV2kIywW2t44qQi7/Qh9
vuaI1VxAlGb7hJn70XEZ2OagdCtQmohWGH1rWRzg6U51
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:48 2025 by rpki-client