Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/309858-25b0-4b04-a78a-a38c871b93b4/1/VHOoPxCUpyH1CMQae6eQHO5SLEw.roa
File: VHOoPxCUpyH1CMQae6eQHO5SLEw.roa (raw, json)
Hash identifier: gjkxENQfZI2QvQlEfsCrHo20TBxuhkgV722l8IqZ9rE=
Subject key identifier: 54:73:A8:3F:10:94:A7:21:F5:08:C4:1A:7B:A7:90:1C:EE:52:2C:4C
Certificate issuer: /CN=bf72ff4c79c6f8175b4835ab656a1bcf1e457432
Certificate serial: 01898954DA6823265D053B861B8E8B08B92A
Authority key identifier: BF:72:FF:4C:79:C6:F8:17:5B:48:35:AB:65:6A:1B:CF:1E:45:74:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v3L_THnG-BdbSDWrZWobzx5FdDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/309858-25b0-4b04-a78a-a38c871b93b4/1/VHOoPxCUpyH1CMQae6eQHO5SLEw.roa
Signing time: Mon 24 Jul 2023 19:16:26 +0000
ROA not before: Mon 24 Jul 2023 19:16:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 5.42.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:89:54:da:68:23:26:5d:05:3b:86:1b:8e:8b:08:b9:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf72ff4c79c6f8175b4835ab656a1bcf1e457432
Validity
Not Before: Jul 24 19:16:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5473a83f1094a721f508c41a7ba7901cee522c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:16:db:9e:d9:ca:76:25:81:b1:53:48:9d:a6:
6d:a0:ac:c3:a3:3b:b1:87:1e:9f:1d:7e:88:78:16:
f1:6f:e8:d1:92:90:27:c9:e4:35:62:f6:e1:71:e6:
c9:c6:6e:23:ff:7b:e3:01:2f:3c:a8:93:e6:fe:38:
d7:79:81:40:36:d3:b5:c8:f9:63:d6:0e:f1:4e:08:
54:a1:eb:f4:a0:16:a3:16:d1:c1:80:f6:b9:a5:c0:
71:a3:68:cc:27:96:64:f0:ae:5d:f6:04:70:44:58:
61:43:75:fd:86:82:fd:dd:d6:b0:37:5f:1f:0b:55:
96:fb:69:cc:e1:b9:a5:c2:67:b8:87:31:93:7d:9d:
38:9d:e8:55:3b:5f:c1:a0:e3:a0:9d:16:e2:e1:15:
ef:12:c4:8c:a1:49:7d:44:70:72:ba:04:75:df:b9:
31:4f:49:75:f3:40:94:37:03:87:0f:2b:4f:5a:40:
1a:bf:ab:4a:aa:a8:3d:fa:86:03:f2:b8:20:81:fd:
f0:c2:67:ce:f8:19:80:5d:e5:8a:4e:19:03:f4:9b:
21:5c:d0:0a:03:3e:cc:b5:b5:48:ca:5b:2b:fc:ac:
1f:88:d0:72:94:0d:13:d6:d2:cd:7c:ba:23:ff:69:
6e:33:12:09:e9:45:e4:67:0f:7d:0d:ff:4d:5b:94:
ec:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:73:A8:3F:10:94:A7:21:F5:08:C4:1A:7B:A7:90:1C:EE:52:2C:4C
X509v3 Authority Key Identifier:
keyid:BF:72:FF:4C:79:C6:F8:17:5B:48:35:AB:65:6A:1B:CF:1E:45:74:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v3L_THnG-BdbSDWrZWobzx5FdDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/309858-25b0-4b04-a78a-a38c871b93b4/1/VHOoPxCUpyH1CMQae6eQHO5SLEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/309858-25b0-4b04-a78a-a38c871b93b4/1/v3L_THnG-BdbSDWrZWobzx5FdDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.220.0/24
Signature Algorithm: sha256WithRSAEncryption
16:88:be:bb:6c:83:30:22:56:c6:42:76:02:0e:67:f7:72:c0:
9d:06:c1:e9:cf:32:b6:eb:72:b1:e9:af:62:ed:6e:4e:01:18:
d7:77:42:31:9d:c4:4c:06:5b:e9:e6:42:2a:6f:ca:96:2a:b2:
7d:18:ed:f4:a2:65:ea:f4:ed:14:f7:06:6b:69:4e:cc:30:7d:
f7:02:97:34:9d:a0:10:d0:3c:62:44:ba:d6:4f:10:2c:94:26:
db:64:47:d3:e9:6d:2e:aa:1c:41:f3:b9:76:18:ed:ce:b5:c1:
64:c9:1c:4b:b8:d5:ab:a6:6f:81:9e:43:d8:f8:9f:a9:22:74:
c2:09:59:1c:4e:ac:5e:ca:20:fc:8a:6c:0e:a7:96:26:ea:84:
ef:e9:a4:0c:26:21:74:6a:cd:27:29:b8:27:25:d9:91:ad:8e:
89:e6:3d:ad:5a:4b:ed:f0:e5:ae:8a:ed:25:3f:53:f6:19:5a:
81:92:74:2e:b3:9c:5c:20:ec:bd:bc:ce:56:e5:68:8e:ce:d9:
12:71:a2:5e:16:4c:29:0e:f0:1d:38:67:0e:fb:bc:77:43:a4:
4c:cb:77:b3:ff:97:5f:15:f3:50:b2:68:0d:3c:71:83:7f:f4:
d6:cb:15:dd:84:da:e5:0c:89:c5:7d:d5:2c:ec:d8:a1:0c:74:
4a:17:c3:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmJVNpoIyZdBTuGG46LCLkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNzJmZjRjNzljNmY4MTc1YjQ4MzVhYjY1NmExYmNmMWU0
NTc0MzIwHhcNMjMwNzI0MTkxNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDczYTgzZjEwOTRhNzIxZjUwOGM0MWE3YmE3OTAxY2VlNTIyYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRbbntnKdiWBsVNInaZtoKzDozux
hx6fHX6IeBbxb+jRkpAnyeQ1YvbhcebJxm4j/3vjAS88qJPm/jjXeYFANtO1yPlj
1g7xTghUoev0oBajFtHBgPa5pcBxo2jMJ5Zk8K5d9gRwRFhhQ3X9hoL93dawN18f
C1WW+2nM4bmlwme4hzGTfZ04nehVO1/BoOOgnRbi4RXvEsSMoUl9RHByugR137kx
T0l180CUNwOHDytPWkAav6tKqqg9+oYD8rgggf3wwmfO+BmAXeWKThkD9JshXNAK
Az7MtbVIylsr/KwfiNBylA0T1tLNfLoj/2luMxIJ6UXkZw99Df9NW5Ts6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFRzqD8QlKch9QjEGnunkBzuUixMMB8GA1UdIwQY
MBaAFL9y/0x5xvgXW0g1q2VqG88eRXQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjNMX1RIbkctQmRiU0RXclpXb2J6eDVGZERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zMDk4NTgtMjViMC00YjA0LWE3OGEt
YTM4Yzg3MWI5M2I0LzEvVkhPb1B4Q1VweUgxQ01RYWU2ZVFITzVTTEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zMDk4NTgtMjViMC00YjA0LWE3OGEtYTM4Yzg3MWI5M2I0
LzEvdjNMX1RIbkctQmRiU0RXclpXb2J6eDVGZERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrcMA0G
CSqGSIb3DQEBCwUAA4IBAQAWiL67bIMwIlbGQnYCDmf3csCdBsHpzzK263Kx6a9i
7W5OARjXd0IxncRMBlvp5kIqb8qWKrJ9GO30omXq9O0U9wZraU7MMH33Apc0naAQ
0DxiRLrWTxAslCbbZEfT6W0uqhxB87l2GO3OtcFkyRxLuNWrpm+BnkPY+J+pInTC
CVkcTqxeyiD8imwOp5Ym6oTv6aQMJiF0as0nKbgnJdmRrY6J5j2tWkvt8OWuiu0l
P1P2GVqBknQus5xcIOy9vM5W5WiOztkScaJeFkwpDvAdOGcO+7x3Q6RMy3ez/5df
FfNQsmgNPHGDf/TWyxXdhNrlDInFfdUs7NihDHRKF8Pj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org