Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/cbkHhy86wlem8KmQSo0rBsezKwI.roa
File: cbkHhy86wlem8KmQSo0rBsezKwI.roa (raw, json)
Hash identifier: eWHbltGzXrgIQ3QVoTivKcWFa5pRtGmsdiGjrQlekFE=
Subject key identifier: 71:B9:07:87:2F:3A:C2:57:A6:F0:A9:90:4A:8D:2B:06:C7:B3:2B:02
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0B5D1FB65640DD628BE4FE2F1538D
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/cbkHhy86wlem8KmQSo0rBsezKwI.roa
Signing time: Mon 02 Jan 2023 05:25:01 +0000
ROA not before: Mon 02 Jan 2023 05:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198595
IP address blocks: 195.136.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b5:d1:fb:65:64:0d:d6:28:be:4f:e2:f1:53:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71b907872f3ac257a6f0a9904a8d2b06c7b32b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6a:a8:a4:ec:77:4a:51:18:5e:35:76:93:a2:
c6:b1:27:d1:96:87:80:78:15:11:1d:48:c8:2c:52:
d9:05:12:87:9f:c6:50:d4:8e:96:18:b9:70:8b:34:
3f:39:ca:8f:d4:56:8b:73:98:4b:01:3e:89:d2:34:
6e:e0:f9:a6:d7:7c:c2:5c:0e:55:79:5e:a4:40:a1:
ff:62:07:ca:1e:32:a4:6b:a2:3b:65:f2:31:52:42:
7b:68:42:26:03:93:55:da:82:b0:f0:d6:b0:18:0e:
04:81:67:82:26:00:ae:0c:7e:49:57:c9:f8:9e:4f:
e3:ef:94:8b:a6:26:63:b4:fc:05:bc:cc:74:fa:ea:
e7:be:fb:8a:11:ec:2b:f7:3d:18:66:d1:fb:e5:0b:
c9:40:93:4e:5f:2f:15:0f:0a:4b:f8:1e:b1:48:83:
a3:a8:e7:6b:45:ec:33:bc:33:9a:d7:d5:fe:c7:c6:
ea:da:13:85:42:07:76:43:39:72:96:31:7e:1b:ab:
83:ee:65:b7:53:19:56:7e:53:a7:a2:75:cd:07:42:
3d:83:b9:b7:27:4b:bb:08:07:5c:2f:5f:d1:cb:79:
5a:12:09:0b:94:4e:1f:28:47:3d:33:23:20:61:00:
7a:e2:37:45:37:d9:50:c3:a5:07:cd:1c:28:92:0b:
38:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B9:07:87:2F:3A:C2:57:A6:F0:A9:90:4A:8D:2B:06:C7:B3:2B:02
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/cbkHhy86wlem8KmQSo0rBsezKwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.173.0/24
Signature Algorithm: sha256WithRSAEncryption
79:90:45:70:1d:56:e7:54:14:59:d6:c5:63:03:da:fc:2a:89:
36:93:b6:c9:3d:0a:19:c6:72:a0:cf:20:68:85:1f:51:16:2c:
ce:35:d7:ef:82:c2:c2:ca:1b:c2:b5:a1:4e:c8:af:73:a8:05:
a2:bb:2d:c7:5f:f4:0c:06:80:59:0a:2b:0a:9b:90:2b:18:c0:
bf:a4:9f:b7:63:39:07:df:bd:0d:96:1a:be:a5:dd:11:00:ce:
08:26:92:7a:01:bd:7f:b7:56:f9:a4:6f:bb:17:be:fc:95:28:
e1:af:98:c6:cd:3e:bf:41:b8:0d:bb:a4:5d:3a:62:ee:e1:a2:
57:87:6d:6c:8a:b3:2c:2f:3e:49:fb:0b:c4:15:11:96:4b:ec:
de:7e:45:7d:45:32:32:c7:c4:df:74:42:7c:01:07:6f:d2:95:
db:26:64:b8:16:2e:d4:f8:48:16:b2:5e:27:a0:72:c8:a4:52:
3e:6f:50:de:bb:f6:2d:59:78:ef:e4:0d:73:08:21:be:00:2b:
42:84:b7:4e:48:b1:35:a0:68:fc:2e:69:b6:be:7d:ad:db:da:
f6:a9:27:1f:12:fc:b0:e1:a6:99:fd:42:08:cb:0c:a3:ee:18:
6f:5a:47:b4:bb:65:00:a1:1f:5c:da:00:00:9a:3b:41:3d:30:
7c:dc:69:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8LXR+2VkDdYovk/i8VONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI5MDc4NzJmM2FjMjU3YTZmMGE5OTA0YThkMmIwNmM3YjMyYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12qopOx3SlEYXjV2k6LGsSfRloeA
eBURHUjILFLZBRKHn8ZQ1I6WGLlwizQ/OcqP1FaLc5hLAT6J0jRu4Pmm13zCXA5V
eV6kQKH/YgfKHjKka6I7ZfIxUkJ7aEImA5NV2oKw8NawGA4EgWeCJgCuDH5JV8n4
nk/j75SLpiZjtPwFvMx0+urnvvuKEewr9z0YZtH75QvJQJNOXy8VDwpL+B6xSIOj
qOdrRewzvDOa19X+x8bq2hOFQgd2QzlyljF+G6uD7mW3UxlWflOnonXNB0I9g7m3
J0u7CAdcL1/Ry3laEgkLlE4fKEc9MyMgYQB64jdFN9lQw6UHzRwokgs46QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHG5B4cvOsJXpvCpkEqNKwbHsysCMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvY2JrSGh5ODZ3bGVtOEttUVNvMHJCc2V6S3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4itMA0G
CSqGSIb3DQEBCwUAA4IBAQB5kEVwHVbnVBRZ1sVjA9r8Kok2k7bJPQoZxnKgzyBo
hR9RFizONdfvgsLCyhvCtaFOyK9zqAWiuy3HX/QMBoBZCisKm5ArGMC/pJ+3YzkH
370Nlhq+pd0RAM4IJpJ6Ab1/t1b5pG+7F778lSjhr5jGzT6/QbgNu6RdOmLu4aJX
h21sirMsLz5J+wvEFRGWS+zefkV9RTIyx8TfdEJ8AQdv0pXbJmS4Fi7U+EgWsl4n
oHLIpFI+b1Deu/YtWXjv5A1zCCG+ACtChLdOSLE1oGj8Lmm2vn2t29r2qScfEvyw
4aaZ/UIIywyj7hhvWke0u2UAoR9c2gAAmjtBPTB83GmY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:34 2025 by rpki-client