Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/xjgFnHBGFpFuw6alowH03lx05Oo.roa
File: xjgFnHBGFpFuw6alowH03lx05Oo.roa (raw, json)
Hash identifier: WbUosB6FsOZrX9eAkw7wN5DrLueYfEVH5cuZxJgVwaU=
Subject key identifier: C6:38:05:9C:70:46:16:91:6E:C3:A6:A5:A3:01:F4:DE:5C:74:E4:EA
Certificate issuer: /CN=cf640b02311376dc96eebfeca755c3b0061140ec
Certificate serial: 01856DD40479E14032FE07040F02DA2940C9
Authority key identifier: CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/xjgFnHBGFpFuw6alowH03lx05Oo.roa
Signing time: Sun 01 Jan 2023 14:54:49 +0000
ROA not before: Sun 01 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16278
IP address blocks: 89.30.224.0/22 maxlen: 24
2a02:20b2::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:04:79:e1:40:32:fe:07:04:0f:02:da:29:40:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf640b02311376dc96eebfeca755c3b0061140ec
Validity
Not Before: Jan 1 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c638059c704616916ec3a6a5a301f4de5c74e4ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bd:37:c3:fb:a4:8a:a8:d7:25:01:5b:8f:6f:
16:0a:d3:6c:2c:64:cb:22:79:fb:66:bb:35:53:b0:
4b:48:d5:cc:39:9c:ae:a8:f3:b3:01:25:ab:45:0d:
aa:31:2e:81:d9:e3:63:ca:26:d7:fb:dc:79:52:21:
ac:1c:37:ff:f2:2f:b8:59:0c:81:6c:d1:55:fc:18:
83:76:4b:13:8d:ea:60:f8:ff:2a:89:f6:09:d6:1c:
c4:18:e4:d6:8f:c8:87:a4:cc:3a:6b:7e:2a:da:c3:
c0:c2:1c:c4:cb:99:11:ab:90:79:f0:a3:3e:fc:2f:
21:0f:7c:11:1f:38:f2:15:c5:dc:4a:8b:10:b2:20:
a7:50:66:4b:d6:be:19:65:35:d6:3e:d1:eb:69:3b:
df:d3:78:6a:fd:24:1d:dc:35:36:10:4d:05:33:46:
77:b0:8c:c7:4e:3b:28:1d:d4:66:84:22:b8:d1:7e:
f5:5c:e0:74:69:2d:41:80:91:69:41:c9:90:1a:36:
94:3a:b0:3c:ff:72:6b:62:ae:7c:0d:e2:d2:91:eb:
29:11:33:1c:f8:8c:e7:45:9e:13:60:68:be:7b:41:
5c:55:1c:bc:66:b3:e2:64:42:6b:d6:70:bf:1f:2d:
06:c4:62:5d:8b:8e:00:f3:97:7e:4a:20:ba:2a:b4:
c0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:38:05:9C:70:46:16:91:6E:C3:A6:A5:A3:01:F4:DE:5C:74:E4:EA
X509v3 Authority Key Identifier:
keyid:CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/xjgFnHBGFpFuw6alowH03lx05Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/z2QLAjETdtyW7r_sp1XDsAYRQOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.224.0/22
IPv6:
2a02:20b2::/32
Signature Algorithm: sha256WithRSAEncryption
4b:95:98:57:9a:19:ed:40:e1:55:13:d6:02:9e:92:a0:a3:e4:
cd:ba:35:b5:da:05:e7:65:6b:4f:3d:ab:ae:15:80:62:11:e9:
3e:fb:d4:b3:bf:4f:1f:6f:3d:ed:54:2f:17:34:ce:82:02:a7:
d6:64:e7:e0:5a:d7:13:c7:19:21:1c:d0:e9:bf:ec:db:b8:eb:
3d:28:2b:ef:53:ba:25:5f:be:69:d6:b8:0e:b3:ca:88:46:3e:
f9:b7:c5:a1:06:1a:d0:bf:42:13:9b:e1:f2:04:92:34:d9:fc:
53:e3:bb:55:15:16:7e:91:37:29:d1:3c:97:64:3f:d7:c1:15:
97:97:86:60:91:f5:7f:39:94:bc:fb:aa:34:6e:ee:fa:cf:8e:
73:83:8d:b0:51:96:6c:39:8f:7c:68:df:cb:1d:1c:31:17:ba:
1a:06:47:bd:11:f1:9d:8c:05:cd:72:61:9e:bd:00:51:9f:68:
00:72:fc:ec:d8:56:c7:f2:21:24:00:da:89:22:59:0c:21:db:
3c:eb:40:75:80:c5:b9:31:5f:70:e5:44:36:34:9e:8e:3c:73:
c2:7b:08:d6:af:74:4e:de:74:7a:0d:3c:03:9a:26:fa:d7:90:
41:79:5b:d1:69:fe:8d:c5:94:32:06:08:62:73:ec:63:99:ec:
e3:3a:d5:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt1AR54UAy/gcEDwLaKUDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjQwYjAyMzExMzc2ZGM5NmVlYmZlY2E3NTVjM2IwMDYx
MTQwZWMwHhcNMjMwMTAxMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM4MDU5YzcwNDYxNjkxNmVjM2E2YTVhMzAxZjRkZTVjNzRlNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr03w/ukiqjXJQFbj28WCtNsLGTL
Inn7Zrs1U7BLSNXMOZyuqPOzASWrRQ2qMS6B2eNjyibX+9x5UiGsHDf/8i+4WQyB
bNFV/BiDdksTjepg+P8qifYJ1hzEGOTWj8iHpMw6a34q2sPAwhzEy5kRq5B58KM+
/C8hD3wRHzjyFcXcSosQsiCnUGZL1r4ZZTXWPtHraTvf03hq/SQd3DU2EE0FM0Z3
sIzHTjsoHdRmhCK40X71XOB0aS1BgJFpQcmQGjaUOrA8/3JrYq58DeLSkespETMc
+IznRZ4TYGi+e0FcVRy8ZrPiZEJr1nC/Hy0GxGJdi44A85d+SiC6KrTA7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMY4BZxwRhaRbsOmpaMB9N5cdOTqMB8GA1UdIwQY
MBaAFM9kCwIxE3bclu6/7KdVw7AGEUDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMt
OWRiNWJlNGQwZWZmLzEveGpnRm5IQkdGcEZ1dzZhbG93SDAzbHgwNU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMtOWRiNWJlNGQwZWZm
LzEvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWR7gMA0E
AgACMAcDBQAqAiCyMA0GCSqGSIb3DQEBCwUAA4IBAQBLlZhXmhntQOFVE9YCnpKg
o+TNujW12gXnZWtPPauuFYBiEek++9Szv08fbz3tVC8XNM6CAqfWZOfgWtcTxxkh
HNDpv+zbuOs9KCvvU7olX75p1rgOs8qIRj75t8WhBhrQv0ITm+HyBJI02fxT47tV
FRZ+kTcp0TyXZD/XwRWXl4ZgkfV/OZS8+6o0bu76z45zg42wUZZsOY98aN/LHRwx
F7oaBke9EfGdjAXNcmGevQBRn2gAcvzs2FbH8iEkANqJIlkMIds860B1gMW5MV9w
5UQ2NJ6OPHPCewjWr3RO3nR6DTwDmib615BBeVvRaf6NxZQyBghic+xjmezjOtXM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org