Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/1UCgzm5teKbeBNNtYVd-HZROiSc.roa
File: 1UCgzm5teKbeBNNtYVd-HZROiSc.roa (raw, json)
Hash identifier: Pmq3Q/3lubvfkYtnqw9FNpNL8Iv7tJRxoAsbKIwsQxE=
Subject key identifier: D5:40:A0:CE:6E:6D:78:A6:DE:04:D3:6D:61:57:7E:1D:94:4E:89:27
Certificate issuer: /CN=5c5cc07cfa4f0d65e68a95019c256fd7edb66f44
Certificate serial: 0185730C9F45BE526627A2DBB283653435B7
Authority key identifier: 5C:5C:C0:7C:FA:4F:0D:65:E6:8A:95:01:9C:25:6F:D7:ED:B6:6F:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFzAfPpPDWXmipUBnCVv1-22b0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/1UCgzm5teKbeBNNtYVd-HZROiSc.roa
Signing time: Mon 02 Jan 2023 15:14:44 +0000
ROA not before: Mon 02 Jan 2023 15:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202496
IP address blocks: 5.42.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:9f:45:be:52:66:27:a2:db:b2:83:65:34:35:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c5cc07cfa4f0d65e68a95019c256fd7edb66f44
Validity
Not Before: Jan 2 15:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d540a0ce6e6d78a6de04d36d61577e1d944e8927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9f:6a:64:9c:93:49:e9:19:80:b5:ba:0e:38:
ed:77:87:12:3a:d1:8e:9e:52:d6:4c:d4:57:75:e7:
aa:0c:f2:cc:1e:84:a3:a2:a5:91:b7:d5:72:5d:8c:
73:b7:a8:69:99:fa:13:0c:70:fd:aa:a1:da:0a:67:
77:4e:bf:19:89:c9:b2:4d:a6:37:50:b2:55:72:1f:
24:db:a6:8e:5d:d7:3a:55:6e:cd:74:0c:7c:4a:94:
35:32:d3:5a:cd:3d:bd:a9:90:1a:01:3e:fd:35:46:
f5:96:30:2f:45:b6:1f:d1:55:9b:a6:da:e3:7e:46:
46:04:e1:6d:0c:fa:38:7e:61:60:d8:80:ca:99:3b:
1f:38:90:e5:50:54:1e:1f:e7:51:20:f2:b2:9f:d9:
da:27:4b:5a:15:1d:4c:73:96:13:1a:7a:0f:de:70:
bd:c3:47:1f:e4:a7:50:05:fa:84:23:89:c2:4a:e7:
a8:3e:2f:ea:21:42:f3:78:ed:79:40:0f:4f:26:46:
8b:60:2c:87:2a:5c:ee:a0:1d:81:21:16:47:78:d6:
f7:25:b8:7e:0a:eb:c8:5d:29:70:03:84:bc:3e:6e:
07:2b:69:41:f0:b5:d1:95:a9:89:46:f0:91:8b:18:
d7:04:91:7d:a4:f6:21:94:2e:36:4a:39:e3:d5:4d:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:40:A0:CE:6E:6D:78:A6:DE:04:D3:6D:61:57:7E:1D:94:4E:89:27
X509v3 Authority Key Identifier:
keyid:5C:5C:C0:7C:FA:4F:0D:65:E6:8A:95:01:9C:25:6F:D7:ED:B6:6F:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFzAfPpPDWXmipUBnCVv1-22b0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/1UCgzm5teKbeBNNtYVd-HZROiSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f95a4-9785-456a-999b-0b22c780cb8d/1/XFzAfPpPDWXmipUBnCVv1-22b0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.208.0/24
Signature Algorithm: sha256WithRSAEncryption
67:c6:06:83:f6:d8:f4:39:56:41:d9:f6:6a:03:ed:37:14:2c:
95:d7:df:1e:e5:e6:c4:8a:92:c5:85:cd:6d:bc:3c:87:1d:53:
b2:f8:31:a0:f2:03:4c:92:1b:85:76:06:04:f1:ef:2b:34:3a:
b5:45:a1:05:e0:13:83:df:2b:19:4a:b1:56:f9:f5:f2:c8:90:
f2:a1:4d:fc:21:28:48:e4:bb:bf:43:b9:8d:6b:5a:10:f6:a4:
db:c3:4d:4a:95:3b:39:d1:3b:d4:3a:28:29:a6:c7:77:30:a8:
81:26:a6:a8:ad:11:ad:fd:c5:bc:3a:b5:35:47:db:24:60:f9:
a5:7d:3a:ff:12:c7:a3:70:10:c4:8d:88:f1:72:d6:03:a4:f4:
55:8c:38:91:cb:29:44:4c:7c:13:4b:2d:01:bf:93:72:cb:52:
4e:94:7c:1b:3c:8e:00:aa:79:b0:5f:6a:28:e5:25:d1:58:21:
98:16:48:d9:88:3d:dd:01:76:6c:c1:cb:73:cc:23:2d:31:60:
6e:4e:70:96:38:7f:f1:13:e8:85:e4:23:3d:25:36:6e:58:24:
67:41:8b:6b:64:95:a6:7a:1f:64:4c:7e:47:b0:30:ac:79:5b:
29:db:fb:75:78:1f:f2:2c:fd:94:c6:39:96:c7:2e:ee:10:e3:
23:23:88:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDJ9FvlJmJ6LbsoNlNDW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNWNjMDdjZmE0ZjBkNjVlNjhhOTUwMTljMjU2ZmQ3ZWRi
NjZmNDQwHhcNMjMwMTAyMTUxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQwYTBjZTZlNmQ3OGE2ZGUwNGQzNmQ2MTU3N2UxZDk0NGU4OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ9qZJyTSekZgLW6Djjtd4cSOtGO
nlLWTNRXdeeqDPLMHoSjoqWRt9VyXYxzt6hpmfoTDHD9qqHaCmd3Tr8ZicmyTaY3
ULJVch8k26aOXdc6VW7NdAx8SpQ1MtNazT29qZAaAT79NUb1ljAvRbYf0VWbptrj
fkZGBOFtDPo4fmFg2IDKmTsfOJDlUFQeH+dRIPKyn9naJ0taFR1Mc5YTGnoP3nC9
w0cf5KdQBfqEI4nCSueoPi/qIULzeO15QA9PJkaLYCyHKlzuoB2BIRZHeNb3Jbh+
CuvIXSlwA4S8Pm4HK2lB8LXRlamJRvCRixjXBJF9pPYhlC42Sjnj1U3gpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVAoM5ubXim3gTTbWFXfh2UToknMB8GA1UdIwQY
MBaAFFxcwHz6Tw1l5oqVAZwlb9fttm9EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEZ6QWZQcFBEV1htaXBVQm5DVnYxLTIyYjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjk1YTQtOTc4NS00NTZhLTk5OWIt
MGIyMmM3ODBjYjhkLzEvMVVDZ3ptNXRlS2JlQk5OdFlWZC1IWlJPaVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjk1YTQtOTc4NS00NTZhLTk5OWItMGIyMmM3ODBjYjhk
LzEvWEZ6QWZQcFBEV1htaXBVQm5DVnYxLTIyYjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrQMA0G
CSqGSIb3DQEBCwUAA4IBAQBnxgaD9tj0OVZB2fZqA+03FCyV198e5ebEipLFhc1t
vDyHHVOy+DGg8gNMkhuFdgYE8e8rNDq1RaEF4BOD3ysZSrFW+fXyyJDyoU38IShI
5Lu/Q7mNa1oQ9qTbw01KlTs50TvUOigppsd3MKiBJqaorRGt/cW8OrU1R9skYPml
fTr/EsejcBDEjYjxctYDpPRVjDiRyylETHwTSy0Bv5Nyy1JOlHwbPI4AqnmwX2oo
5SXRWCGYFkjZiD3dAXZswctzzCMtMWBuTnCWOH/xE+iF5CM9JTZuWCRnQYtrZJWm
eh9kTH5HsDCseVsp2/t1eB/yLP2UxjmWxy7uEOMjI4hc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org