Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/D-pi3xZ-SrfWnCQRtVVTSYhcfcw.roa
File: D-pi3xZ-SrfWnCQRtVVTSYhcfcw.roa (raw, json)
Hash identifier: iGRGSIXgmi6Si04hCKN86etnMXzUzOifiL8vJ2dDbAE=
Subject key identifier: 0F:EA:62:DF:16:7E:4A:B7:D6:9C:24:11:B5:55:53:49:88:5C:7D:CC
Certificate issuer: /CN=9efae59ebf98b0100bf14c06ca6bee266876cced
Certificate serial: 018CC4937DE1CAB94B0EC0EBBE19BD2E90E6
Authority key identifier: 9E:FA:E5:9E:BF:98:B0:10:0B:F1:4C:06:CA:6B:EE:26:68:76:CC:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nvrlnr-YsBAL8UwGymvuJmh2zO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/D-pi3xZ-SrfWnCQRtVVTSYhcfcw.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209173
IP address blocks: 2.56.36.0/23 maxlen: 23
2.56.38.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7d:e1:ca:b9:4b:0e:c0:eb:be:19:bd:2e:90:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9efae59ebf98b0100bf14c06ca6bee266876cced
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fea62df167e4ab7d69c2411b5555349885c7dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:55:c6:7d:bd:10:95:19:a7:e9:65:84:04:37:
e4:da:ab:50:14:0e:3f:7a:72:09:79:1d:68:47:d1:
8a:13:73:a8:53:73:af:25:1b:98:d9:3e:3e:37:d8:
e9:4c:8c:ce:f6:7b:5b:27:3a:e4:1e:0a:80:63:84:
6a:d0:fd:50:de:9b:55:94:8c:1d:b4:d8:3c:02:74:
0b:7e:7c:cf:13:65:4f:88:1c:70:13:2d:43:5c:f0:
9a:d5:9a:e7:9e:b6:98:f0:37:2c:68:6a:c8:fc:39:
17:ea:e1:7a:19:c8:0e:d9:c6:94:33:4e:26:f4:94:
e6:0e:6b:75:6e:5a:bb:7d:e3:71:ca:35:1a:6f:15:
f7:95:67:f7:79:4a:73:48:aa:b5:a1:b5:19:fa:70:
dd:e6:d1:e7:50:85:f0:10:e4:90:03:a7:0a:d4:f5:
6d:46:f3:79:da:b1:57:0b:44:b6:09:08:c0:7f:c6:
71:00:93:80:04:16:7d:24:d8:1a:a1:8f:0a:04:c1:
8c:0d:a9:0a:c6:40:19:99:d4:78:91:94:65:5a:bb:
fb:d6:d0:f9:6f:f2:08:bd:6e:33:a5:62:4c:92:a7:
36:16:8b:c8:af:97:6e:c2:29:b1:43:a4:0a:d4:fc:
82:24:d4:e5:84:e4:cb:7f:59:33:ee:32:83:71:f0:
5a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EA:62:DF:16:7E:4A:B7:D6:9C:24:11:B5:55:53:49:88:5C:7D:CC
X509v3 Authority Key Identifier:
keyid:9E:FA:E5:9E:BF:98:B0:10:0B:F1:4C:06:CA:6B:EE:26:68:76:CC:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvrlnr-YsBAL8UwGymvuJmh2zO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/D-pi3xZ-SrfWnCQRtVVTSYhcfcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4f2e09-6884-466e-afef-a0f5c78127bb/1/nvrlnr-YsBAL8UwGymvuJmh2zO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.36.0/22
Signature Algorithm: sha256WithRSAEncryption
70:81:bf:85:7a:1d:8d:93:9d:59:ae:49:68:47:0f:4a:d4:44:
21:3c:69:ac:1a:22:28:24:6d:7e:d8:78:22:1b:d0:55:38:cf:
7d:d9:27:51:a9:37:a9:0f:1a:26:7b:42:16:31:fb:f8:4f:ba:
af:9e:b0:ab:e1:ce:1f:07:ca:ce:75:3d:a1:81:07:97:db:9d:
10:e8:d2:ff:5a:a6:7d:6c:97:d5:8a:83:3c:36:39:86:fd:ff:
2e:6c:d4:77:3e:a6:16:f6:ff:b5:1f:74:0c:25:5e:89:9d:6d:
28:cd:81:f7:d4:12:a8:89:cf:1e:11:ef:44:dd:b4:cc:33:b1:
b2:8f:15:8a:2a:58:fe:99:29:5a:53:79:c2:51:0d:b8:4d:9e:
20:d9:23:e7:de:7d:c5:79:75:b8:2e:ee:a9:56:3b:40:63:da:
b4:81:7f:db:03:23:49:a5:f8:f6:f7:a7:78:9d:7c:22:a0:0b:
34:84:cf:29:cb:2d:3b:c3:e9:7f:bf:2e:f3:fe:62:26:c8:d9:
90:bf:8f:89:bf:37:51:e3:50:01:e9:7f:20:0a:93:e2:a7:14:
d3:c5:3e:16:7d:45:d9:39:df:c4:54:f4:a0:cc:04:00:65:10:
ad:7d:8e:2c:07:a0:11:34:7d:7f:96:c2:d3:f8:8b:03:47:46:
2f:90:49:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk33hyrlLDsDrvhm9LpDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZmFlNTllYmY5OGIwMTAwYmYxNGMwNmNhNmJlZTI2Njg3
NmNjZWQwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVhNjJkZjE2N2U0YWI3ZDY5YzI0MTFiNTU1NTM0OTg4NWM3ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VXGfb0QlRmn6WWEBDfk2qtQFA4/
enIJeR1oR9GKE3OoU3OvJRuY2T4+N9jpTIzO9ntbJzrkHgqAY4Rq0P1Q3ptVlIwd
tNg8AnQLfnzPE2VPiBxwEy1DXPCa1ZrnnraY8DcsaGrI/DkX6uF6GcgO2caUM04m
9JTmDmt1blq7feNxyjUabxX3lWf3eUpzSKq1obUZ+nDd5tHnUIXwEOSQA6cK1PVt
RvN52rFXC0S2CQjAf8ZxAJOABBZ9JNgaoY8KBMGMDakKxkAZmdR4kZRlWrv71tD5
b/IIvW4zpWJMkqc2FovIr5duwimxQ6QK1PyCJNTlhOTLf1kz7jKDcfBaUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/qYt8Wfkq31pwkEbVVU0mIXH3MMB8GA1UdIwQY
MBaAFJ765Z6/mLAQC/FMBspr7iZodsztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnZybG5yLVlzQkFMOFV3R3ltdnVKbWgyek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80ZjJlMDktNjg4NC00NjZlLWFmZWYt
YTBmNWM3ODEyN2JiLzEvRC1waTN4Wi1TcmZXbkNRUnRWVlRTWWhjZmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80ZjJlMDktNjg4NC00NjZlLWFmZWYtYTBmNWM3ODEyN2Ji
LzEvbnZybG5yLVlzQkFMOFV3R3ltdnVKbWgyek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjgkMA0G
CSqGSIb3DQEBCwUAA4IBAQBwgb+Feh2Nk51ZrkloRw9K1EQhPGmsGiIoJG1+2Hgi
G9BVOM992SdRqTepDxome0IWMfv4T7qvnrCr4c4fB8rOdT2hgQeX250Q6NL/WqZ9
bJfVioM8NjmG/f8ubNR3PqYW9v+1H3QMJV6JnW0ozYH31BKoic8eEe9E3bTMM7Gy
jxWKKlj+mSlaU3nCUQ24TZ4g2SPn3n3FeXW4Lu6pVjtAY9q0gX/bAyNJpfj296d4
nXwioAs0hM8pyy07w+l/vy7z/mImyNmQv4+JvzdR41AB6X8gCpPipxTTxT4WfUXZ
Od/EVPSgzAQAZRCtfY4sB6ARNH1/lsLT+IsDR0YvkEnO
-----END CERTIFICATE-----
Generated at Fri Sep 13 10:35:14 2024 by rpki-client on console-fra.rpki-client.org