Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/ba9884-818c-4bfc-b77d-1fcda48abe53/1/XNtBI3KcxNDGeSATshPy70PukpU.roa
File: XNtBI3KcxNDGeSATshPy70PukpU.roa (raw, json)
Hash identifier: 7oKs0huO7MJGiVZZPOfvaififmH52GKqmuYqxl+tguk=
Subject key identifier: 5C:DB:41:23:72:9C:C4:D0:C6:79:20:13:B2:13:F2:EF:43:EE:92:95
Certificate issuer: /CN=3504a4f2bd43e0f4a0673b8743f15fbd514599fe
Certificate serial: 0158787E
Authority key identifier: 35:04:A4:F2:BD:43:E0:F4:A0:67:3B:87:43:F1:5F:BD:51:45:99:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQSk8r1D4PSgZzuHQ_FfvVFFmf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/ba9884-818c-4bfc-b77d-1fcda48abe53/1/XNtBI3KcxNDGeSATshPy70PukpU.roa
Signing time: Sat 09 Apr 2022 17:23:45 +0000
ROA not before: Sat 09 Apr 2022 17:23:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 62.3.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22575230 (0x158787e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3504a4f2bd43e0f4a0673b8743f15fbd514599fe
Validity
Not Before: Apr 9 17:23:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cdb4123729cc4d0c6792013b213f2ef43ee9295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:11:fc:6c:70:a3:a8:95:d0:4b:01:92:9e:bd:
0c:a2:1f:26:dd:97:a3:93:02:f3:2c:34:99:ab:30:
89:e6:98:31:b0:a8:0d:01:30:3f:37:e9:f9:48:2c:
b1:70:51:6a:f3:23:72:53:6f:49:65:a8:50:cd:9d:
29:79:1d:a9:a4:2e:d9:4b:91:15:d3:5b:60:f2:c0:
d1:07:58:6f:69:90:6e:05:f8:05:21:92:e0:c7:a6:
7a:a5:61:94:9f:18:54:6a:d5:d8:27:3f:85:54:1b:
9f:d8:af:1b:38:7f:a7:5e:1e:4d:26:da:99:4c:65:
55:ec:0d:f7:81:4b:59:0b:b0:c7:c8:53:24:ce:ac:
4e:51:34:23:13:f6:23:8c:9d:e9:c1:fa:a5:a8:6c:
0b:3f:76:bd:2c:37:c8:9d:0f:99:ca:93:41:f8:05:
c9:f6:84:ee:e1:85:10:63:f9:2f:d7:44:d3:d0:69:
bf:13:b6:c3:f2:d4:4d:b2:67:58:b8:be:28:fb:ee:
2a:e1:5f:7e:02:07:63:9b:e8:cd:cd:b6:b1:3e:57:
58:63:05:77:6f:01:b0:04:d2:5a:c0:1b:33:3b:c1:
69:96:dc:ec:d1:1c:d1:c1:c2:7e:7e:8e:d9:56:74:
29:68:2d:e8:f3:d2:2e:82:fb:d3:7b:b9:3a:c1:a9:
f6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DB:41:23:72:9C:C4:D0:C6:79:20:13:B2:13:F2:EF:43:EE:92:95
X509v3 Authority Key Identifier:
keyid:35:04:A4:F2:BD:43:E0:F4:A0:67:3B:87:43:F1:5F:BD:51:45:99:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQSk8r1D4PSgZzuHQ_FfvVFFmf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ba9884-818c-4bfc-b77d-1fcda48abe53/1/XNtBI3KcxNDGeSATshPy70PukpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ba9884-818c-4bfc-b77d-1fcda48abe53/1/NQSk8r1D4PSgZzuHQ_FfvVFFmf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.18.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:09:48:a3:48:f4:9b:32:1e:cf:4a:3c:99:eb:0b:25:3b:f7:
0a:19:98:29:a5:5c:ae:55:b0:f8:49:cd:0c:38:9c:99:c4:0d:
16:b8:36:91:81:1a:2e:09:14:ae:f2:57:72:11:5b:1f:f9:c9:
7a:36:a1:01:28:75:3f:d5:b2:88:94:de:e1:4b:ba:03:38:79:
91:d5:48:d4:19:18:5e:96:9b:1e:62:80:f1:0a:2d:9b:39:46:
fd:48:a4:3b:99:7f:f8:4d:18:06:64:ec:54:d7:19:d8:b0:a0:
7c:e0:fd:b4:2d:f6:df:f5:8f:09:a2:58:e4:e9:97:f7:a0:1d:
ad:dc:dd:60:cb:af:3c:80:eb:17:a1:31:45:10:90:72:1a:a7:
4d:a5:83:4d:e0:a9:6e:aa:57:95:e5:e1:83:fd:e7:50:13:75:
d7:09:68:ab:5d:4d:91:b0:43:80:e8:fb:57:c0:74:87:d0:0d:
4a:99:a9:33:ac:e3:01:ae:c8:be:9f:e6:63:57:b9:03:d7:35:
d1:85:e7:9b:06:18:3d:1c:92:a4:3f:b6:28:2e:68:6d:21:dd:
a3:16:52:22:be:68:d7:d7:1b:7d:ae:48:f3:b1:8d:8c:dc:9d:
72:a6:f4:f8:8a:3a:37:6d:97:0c:cf:dc:f2:de:38:7b:7c:b9:
3f:69:3f:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVh4fjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTA0YTRmMmJkNDNlMGY0YTA2NzNiODc0M2YxNWZiZDUxNDU5OWZlMB4XDTIyMDQw
OTE3MjM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNkYjQxMjM3Mjlj
YzRkMGM2NzkyMDEzYjIxM2YyZWY0M2VlOTI5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAR/Gxwo6iV0EsBkp69DKIfJt2Xo5MC8yw0maswieaYMbCo
DQEwPzfp+UgssXBRavMjclNvSWWoUM2dKXkdqaQu2UuRFdNbYPLA0QdYb2mQbgX4
BSGS4MemeqVhlJ8YVGrV2Cc/hVQbn9ivGzh/p14eTSbamUxlVewN94FLWQuwx8hT
JM6sTlE0IxP2I4yd6cH6pahsCz92vSw3yJ0PmcqTQfgFyfaE7uGFEGP5L9dE09Bp
vxO2w/LUTbJnWLi+KPvuKuFffgIHY5vozc22sT5XWGMFd28BsATSWsAbMzvBaZbc
7NEc0cHCfn6O2VZ0KWgt6PPSLoL703u5OsGp9kMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRc20EjcpzE0MZ5IBOyE/LvQ+6SlTAfBgNVHSMEGDAWgBQ1BKTyvUPg9KBn
O4dD8V+9UUWZ/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05RU2s4cjFENFBTZ1p6dUhRX0ZmdlZGRm1mNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmUvYmE5ODg0LTgxOGMtNGJmYy1iNzdkLTFmY2RhNDhhYmU1My8x
L1hOdEJJM0tjeE5ER2VTQVRzaFB5NzBQdWtwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmUv
YmE5ODg0LTgxOGMtNGJmYy1iNzdkLTFmY2RhNDhhYmU1My8xL05RU2s4cjFENFBT
Z1p6dUhRX0ZmdlZGRm1mNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD4DEjANBgkqhkiG9w0BAQsFAAOC
AQEAHwlIo0j0mzIez0o8mesLJTv3ChmYKaVcrlWw+EnNDDicmcQNFrg2kYEaLgkU
rvJXchFbH/nJejahASh1P9WyiJTe4Uu6Azh5kdVI1BkYXpabHmKA8QotmzlG/Uik
O5l/+E0YBmTsVNcZ2LCgfOD9tC323/WPCaJY5OmX96AdrdzdYMuvPIDrF6ExRRCQ
chqnTaWDTeCpbqpXleXhg/3nUBN11wloq11NkbBDgOj7V8B0h9ANSpmpM6zjAa7I
vp/mY1e5A9c10YXnmwYYPRySpD+2KC5obSHdoxZSIr5o19cbfa5I87GNjNydcqb0
+Io6N22XDM/c8t44e3y5P2k/tw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:37 2023 by rpki-client on console-fra.rpki-client.org