Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/Rl8_9fFrp71L2maXzF9e-94I3W8.roa
File: Rl8_9fFrp71L2maXzF9e-94I3W8.roa (raw, json)
Hash identifier: dAylSm8fMQ7eF31to6eI3qUmbvZKw128XTC1Dt92qfU=
Subject key identifier: 46:5F:3F:F5:F1:6B:A7:BD:4B:DA:66:97:CC:5F:5E:FB:DE:08:DD:6F
Certificate issuer: /CN=bb7436808a737c5edc65256c74578be35ec41009
Certificate serial: 018571FA3110941E56F63D9D3257495564B6
Authority key identifier: BB:74:36:80:8A:73:7C:5E:DC:65:25:6C:74:57:8B:E3:5E:C4:10:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3Q2gIpzfF7cZSVsdFeL417EEAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/Rl8_9fFrp71L2maXzF9e-94I3W8.roa
Signing time: Mon 02 Jan 2023 10:14:59 +0000
ROA not before: Mon 02 Jan 2023 10:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 194.62.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:31:10:94:1e:56:f6:3d:9d:32:57:49:55:64:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7436808a737c5edc65256c74578be35ec41009
Validity
Not Before: Jan 2 10:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=465f3ff5f16ba7bd4bda6697cc5f5efbde08dd6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:96:d8:17:28:d8:26:9b:3b:d2:25:f5:d1:b0:
25:49:49:a8:20:5a:6c:07:33:77:e0:08:37:4d:60:
76:8c:7f:51:0d:30:bf:a5:bb:13:ed:ca:3c:c1:89:
27:e1:41:b9:8d:0f:18:c6:29:1b:bb:cc:d6:b7:68:
48:c5:02:aa:a1:28:fe:49:65:7d:e5:59:94:b4:47:
55:0d:3e:89:73:25:26:39:e0:ef:3f:10:cb:92:5e:
a0:8f:07:80:e2:30:bd:b0:f5:63:39:3e:db:0f:ac:
aa:df:2b:24:dd:a7:29:66:a8:83:c9:01:37:fd:87:
9a:1f:71:a1:79:7d:98:b2:0c:d4:50:27:af:bd:e2:
e1:dd:7c:14:78:eb:e5:70:d5:53:b0:82:80:77:66:
1c:5f:61:aa:40:d3:fa:1e:3d:16:25:41:4e:bf:cb:
77:51:16:12:ba:50:9f:a4:01:c5:0f:35:9a:60:65:
4d:44:2c:03:24:1d:2c:cf:02:ae:3a:4d:c6:9e:15:
23:2d:b4:47:0b:7c:e9:59:99:31:a0:46:6a:a9:34:
f2:b6:4e:e0:d7:35:c5:5c:16:5f:5f:27:5b:ee:d3:
25:4d:8d:76:1f:31:92:8f:7d:43:68:3f:e6:51:e0:
e3:68:da:5c:d4:2f:38:b0:c5:52:4c:c3:93:5c:cd:
eb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5F:3F:F5:F1:6B:A7:BD:4B:DA:66:97:CC:5F:5E:FB:DE:08:DD:6F
X509v3 Authority Key Identifier:
keyid:BB:74:36:80:8A:73:7C:5E:DC:65:25:6C:74:57:8B:E3:5E:C4:10:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3Q2gIpzfF7cZSVsdFeL417EEAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/Rl8_9fFrp71L2maXzF9e-94I3W8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/5073f7-8d19-483b-af32-32361b3d782d/1/u3Q2gIpzfF7cZSVsdFeL417EEAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.16.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:df:a6:16:13:f8:09:5d:56:b2:73:8d:66:04:69:94:14:ea:
ab:c0:b2:c5:c8:a3:45:09:e1:f6:7d:95:d1:48:80:57:b3:16:
90:41:89:04:2b:3e:6a:11:65:ba:9d:10:93:fa:57:7d:b1:00:
ac:1c:5b:3a:e8:2b:3f:28:c2:7f:34:37:36:fc:a3:d8:e8:70:
e7:6e:3a:4f:b8:79:2d:18:37:cb:3c:00:f8:ae:6a:c5:42:22:
0e:f1:30:02:ce:42:65:f3:36:98:63:5a:fb:f4:cd:4d:f5:9c:
8b:14:c9:77:96:36:b7:70:f4:45:40:a2:ef:36:d8:79:bc:d1:
0c:d6:86:03:40:0c:70:80:d8:5d:ab:b8:89:b1:e1:08:58:56:
f0:86:b5:7c:f9:dd:1b:ce:70:62:95:75:5a:37:da:ef:5b:61:
56:73:54:c5:6c:9a:59:ca:e7:43:69:2b:3a:7b:ca:f9:f9:ad:
48:82:ca:f6:62:25:5f:90:a4:ff:36:bd:fb:e0:b8:ce:91:7d:
0c:d6:31:b9:75:84:38:50:15:ac:e5:81:49:a9:6f:b9:ec:e3:
15:a0:9c:c6:16:5b:cb:69:81:30:8e:ec:c7:9f:fd:df:16:1c:
ff:b7:6c:94:04:6c:35:f8:cf:0e:74:a6:cd:2c:ee:b4:78:80:
05:8a:b2:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+jEQlB5W9j2dMldJVWS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNzQzNjgwOGE3MzdjNWVkYzY1MjU2Yzc0NTc4YmUzNWVj
NDEwMDkwHhcNMjMwMTAyMTAxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVmM2ZmNWYxNmJhN2JkNGJkYTY2OTdjYzVmNWVmYmRlMDhkZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJbYFyjYJps70iX10bAlSUmoIFps
BzN34Ag3TWB2jH9RDTC/pbsT7co8wYkn4UG5jQ8Yxikbu8zWt2hIxQKqoSj+SWV9
5VmUtEdVDT6JcyUmOeDvPxDLkl6gjweA4jC9sPVjOT7bD6yq3ysk3acpZqiDyQE3
/YeaH3GheX2YsgzUUCevveLh3XwUeOvlcNVTsIKAd2YcX2GqQNP6Hj0WJUFOv8t3
URYSulCfpAHFDzWaYGVNRCwDJB0szwKuOk3GnhUjLbRHC3zpWZkxoEZqqTTytk7g
1zXFXBZfXydb7tMlTY12HzGSj31DaD/mUeDjaNpc1C84sMVSTMOTXM3rtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEZfP/Xxa6e9S9pml8xfXvveCN1vMB8GA1UdIwQY
MBaAFLt0NoCKc3xe3GUlbHRXi+NexBAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTNRMmdJcHpmRjdjWlNWc2RGZUw0MTdFRUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS81MDczZjctOGQxOS00ODNiLWFmMzIt
MzIzNjFiM2Q3ODJkLzEvUmw4XzlmRnJwNzFMMm1hWHpGOWUtOTRJM1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS81MDczZjctOGQxOS00ODNiLWFmMzItMzIzNjFiM2Q3ODJk
LzEvdTNRMmdJcHpmRjdjWlNWc2RGZUw0MTdFRUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwj4QMA0G
CSqGSIb3DQEBCwUAA4IBAQC136YWE/gJXVayc41mBGmUFOqrwLLFyKNFCeH2fZXR
SIBXsxaQQYkEKz5qEWW6nRCT+ld9sQCsHFs66Cs/KMJ/NDc2/KPY6HDnbjpPuHkt
GDfLPAD4rmrFQiIO8TACzkJl8zaYY1r79M1N9ZyLFMl3lja3cPRFQKLvNth5vNEM
1oYDQAxwgNhdq7iJseEIWFbwhrV8+d0bznBilXVaN9rvW2FWc1TFbJpZyudDaSs6
e8r5+a1Igsr2YiVfkKT/Nr374LjOkX0M1jG5dYQ4UBWs5YFJqW+57OMVoJzGFlvL
aYEwjuzHn/3fFhz/t2yUBGw1+M8OdKbNLO60eIAFirIJ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:42 2025 by rpki-client