Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/9DfOwhuI1z0M5EFOJ4ApWzF07qc.roa
File: 9DfOwhuI1z0M5EFOJ4ApWzF07qc.roa (raw, json)
Hash identifier: cfkN1/oTyc5TyU26Vy4NUkDUom/ygUpEtnPPoCeYLSg=
Subject key identifier: F4:37:CE:C2:1B:88:D7:3D:0C:E4:41:4E:27:80:29:5B:31:74:EE:A7
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 0186A68083AC3CB82983B92E97961FDC9778
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/9DfOwhuI1z0M5EFOJ4ApWzF07qc.roa
Signing time: Fri 03 Mar 2023 08:04:45 +0000
ROA not before: Fri 03 Mar 2023 08:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.181.178.0/24 maxlen: 24
2.59.58.0/24 maxlen: 24
45.137.98.0/24 maxlen: 24
2.56.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a6:80:83:ac:3c:b8:29:83:b9:2e:97:96:1f:dc:97:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Mar 3 08:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f437cec21b88d73d0ce4414e2780295b3174eea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b1:10:64:e6:3c:3d:95:d0:4e:55:78:57:c7:
a6:21:34:05:07:cf:b5:6d:ec:71:60:20:e3:cb:c6:
76:21:84:61:64:09:df:78:7e:f2:e0:90:81:a6:da:
6e:ee:4f:aa:45:57:f6:85:ad:be:ae:48:ea:ff:ab:
8b:83:2c:54:20:66:b3:2f:da:af:a0:cd:23:fc:f0:
a8:f6:da:cb:ec:f8:02:61:ca:4a:ca:67:bf:9c:fb:
67:50:e6:cc:c7:f1:6a:c9:cf:80:de:01:3a:82:52:
56:b9:11:10:85:4d:d0:cc:44:1e:d6:17:8e:2d:a9:
3b:bb:f3:1c:92:8d:8d:92:c7:7d:8b:62:14:0a:54:
35:2c:ff:53:fc:d3:ae:29:4e:53:a1:a0:32:ea:ab:
1c:39:68:0b:bb:e0:24:40:5f:03:22:ad:e1:8f:4e:
b0:39:98:b9:8e:36:9f:1d:aa:8e:3f:fa:ec:82:86:
ce:a9:7a:3d:8f:26:f1:22:f0:7d:8d:eb:d6:b1:ba:
57:11:85:02:70:fa:d9:e7:44:2b:c8:0d:e7:0d:68:
ab:8c:61:cc:fc:1c:de:ec:18:fc:27:c6:24:0b:84:
63:d3:2a:0a:b1:6d:c8:56:58:25:35:b7:96:7a:89:
9f:8f:ec:a7:ae:49:46:2b:72:68:87:c6:22:10:31:
65:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:37:CE:C2:1B:88:D7:3D:0C:E4:41:4E:27:80:29:5B:31:74:EE:A7
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/9DfOwhuI1z0M5EFOJ4ApWzF07qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/22
2.59.58.0/24
5.181.178.0/24
45.137.98.0/24
Signature Algorithm: sha256WithRSAEncryption
40:eb:0f:b1:08:cb:4a:8d:6e:7d:2b:8f:33:22:ee:cf:9b:4d:
fb:63:7d:bd:a4:a9:aa:cc:1c:68:d2:6f:eb:7d:5d:02:62:6b:
bd:1b:57:8f:16:2a:1a:e7:c9:85:a0:f5:a9:7d:83:17:28:3b:
0b:2b:30:53:60:ac:0f:aa:17:80:83:d6:b5:22:82:80:3d:50:
69:50:a5:c4:ca:89:45:ea:ce:bf:94:9d:8e:72:31:d4:d3:bd:
73:06:b3:5f:32:6c:ca:f8:e6:0f:02:1a:1d:30:ca:ac:22:cc:
76:ab:4a:b4:c7:33:f0:5d:58:f2:f1:3b:b6:1a:60:63:7b:98:
96:51:16:4c:2f:28:27:91:17:18:1a:f9:e2:cd:57:cf:78:54:
c7:a8:15:af:62:f2:f2:85:54:cd:86:0c:6c:22:23:c8:6d:77:
64:4a:c0:7c:9a:43:27:19:0e:97:9f:75:7c:bf:cc:48:1d:da:
3f:72:2f:ec:8e:b2:fa:c5:c6:93:3c:12:eb:ae:26:27:12:d4:
cd:fb:cd:6a:ee:14:60:1b:79:db:2c:be:6b:fe:7d:31:14:4b:
10:20:e2:e9:05:54:8b:09:1f:7a:57:29:12:92:a3:f1:fa:dc:
42:80:a4:19:ac:75:a6:03:58:8a:2c:41:1c:2c:7d:de:1a:91:
33:67:2f:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYamgIOsPLgpg7kul5Yf3Jd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjMwMzAzMDgwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM3Y2VjMjFiODhkNzNkMGNlNDQxNGUyNzgwMjk1YjMxNzRlZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7EQZOY8PZXQTlV4V8emITQFB8+1
bexxYCDjy8Z2IYRhZAnfeH7y4JCBptpu7k+qRVf2ha2+rkjq/6uLgyxUIGazL9qv
oM0j/PCo9trL7PgCYcpKyme/nPtnUObMx/Fqyc+A3gE6glJWuREQhU3QzEQe1heO
Lak7u/Mcko2Nksd9i2IUClQ1LP9T/NOuKU5ToaAy6qscOWgLu+AkQF8DIq3hj06w
OZi5jjafHaqOP/rsgobOqXo9jybxIvB9jevWsbpXEYUCcPrZ50QryA3nDWirjGHM
/Bze7Bj8J8YkC4Rj0yoKsW3IVlglNbeWeomfj+ynrklGK3Joh8YiEDFlnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPQ3zsIbiNc9DORBTieAKVsxdO6nMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvOURmT3dodUkxejBNNUVGT0o0QXBXekYwN3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjj4AwQA
Ajs6AwQABbWyAwQALYliMA0GCSqGSIb3DQEBCwUAA4IBAQBA6w+xCMtKjW59K48z
Iu7Pm037Y329pKmqzBxo0m/rfV0CYmu9G1ePFioa58mFoPWpfYMXKDsLKzBTYKwP
qheAg9a1IoKAPVBpUKXEyolF6s6/lJ2OcjHU071zBrNfMmzK+OYPAhodMMqsIsx2
q0q0xzPwXVjy8Tu2GmBje5iWURZMLygnkRcYGvnizVfPeFTHqBWvYvLyhVTNhgxs
IiPIbXdkSsB8mkMnGQ6Xn3V8v8xIHdo/ci/sjrL6xcaTPBLrriYnEtTN+81q7hRg
G3nbLL5r/n0xFEsQIOLpBVSLCR96VykSkqPx+txCgKQZrHWmA1iKLEEcLH3eGpEz
Zy/q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org