Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/a9TWTRH2ESMKOGsCZ5DewgMjsr8.roa
File: a9TWTRH2ESMKOGsCZ5DewgMjsr8.roa (raw, json)
Hash identifier: qvVQYukGJHKTqmuliorm/RtcZhGRquyMqpNa/u1dKmA=
Subject key identifier: 6B:D4:D6:4D:11:F6:11:23:0A:38:6B:02:67:90:DE:C2:03:23:B2:BF
Certificate issuer: /CN=5cdf588879026a1b483d799a8e8c3638b621ae5b
Certificate serial: 01857102CCECC234BDD56795694782FB8208
Authority key identifier: 5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN9YiHkCahtIPXmajow2OLYhrls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/a9TWTRH2ESMKOGsCZ5DewgMjsr8.roa
Signing time: Mon 02 Jan 2023 05:44:47 +0000
ROA not before: Mon 02 Jan 2023 05:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 195.96.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:cc:ec:c2:34:bd:d5:67:95:69:47:82:fb:82:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdf588879026a1b483d799a8e8c3638b621ae5b
Validity
Not Before: Jan 2 05:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bd4d64d11f611230a386b026790dec20323b2bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bd:e9:89:92:9c:ff:a8:50:17:6e:25:74:e5:
a3:e5:5f:39:68:71:ef:13:42:38:d7:f7:12:1f:c9:
92:b3:6a:58:76:a6:f0:ea:01:1d:a8:dd:a3:f2:29:
ec:b3:73:24:8d:82:72:7d:6f:eb:dc:2b:d4:5c:16:
7e:93:35:a1:e2:ea:8c:d1:09:6d:ac:15:ec:f0:07:
06:49:68:b1:fa:4c:38:c1:f1:8f:38:d0:9a:01:e0:
15:32:5b:8c:f9:57:34:cc:1b:0d:11:94:4b:29:76:
bc:3b:3e:42:cb:f8:0f:6e:3b:0d:37:c7:51:92:25:
83:3e:da:70:47:5b:15:8c:3e:7b:c6:ca:bb:41:8e:
6f:bd:43:af:3c:8e:c0:27:e2:19:b2:66:7d:fa:f1:
a7:57:85:db:7d:61:22:f9:49:81:48:1d:f9:5f:e9:
db:6d:6a:2b:fb:20:ac:40:d0:9b:24:54:90:aa:18:
49:ed:9d:9b:cf:b2:45:a3:18:de:9c:17:87:59:ca:
2d:fc:e6:d8:b4:76:9c:0b:64:0e:ce:a4:74:10:63:
f3:91:7f:5c:87:a6:e5:be:f5:66:c1:33:8b:5d:1d:
b3:1b:79:a6:62:13:be:21:04:48:4e:73:15:e4:b9:
5f:e0:a9:52:90:a6:de:07:9a:ba:f7:05:e2:d0:3d:
67:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D4:D6:4D:11:F6:11:23:0A:38:6B:02:67:90:DE:C2:03:23:B2:BF
X509v3 Authority Key Identifier:
keyid:5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN9YiHkCahtIPXmajow2OLYhrls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/a9TWTRH2ESMKOGsCZ5DewgMjsr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.146.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:22:f1:86:14:7c:a3:8b:75:ef:e8:3d:ed:49:c8:7e:fd:1f:
c6:54:20:2f:1d:4f:2b:8f:c3:24:e0:74:ec:a6:a2:c0:a2:60:
ba:a2:8a:c1:c1:45:11:a4:00:0f:17:c4:3e:b7:23:ee:8e:9c:
23:35:9e:1a:80:e2:30:75:12:0d:7c:89:ba:30:e4:c9:bc:40:
ab:82:f5:18:04:a4:42:eb:e8:3e:a2:16:04:e6:2e:0f:0b:33:
54:58:28:8e:1e:19:69:7c:2b:1c:a8:a3:8e:16:c0:8e:bf:5a:
1d:18:ce:78:47:90:78:b6:69:17:43:ab:07:a8:8e:fb:ef:5e:
15:ce:2a:34:dc:d2:24:96:48:67:db:d4:df:22:e9:f6:e8:12:
1b:3a:67:71:6e:05:31:ee:9f:3f:0a:84:80:2b:d7:98:4d:c8:
ec:40:95:e7:10:7d:c3:ec:6c:fe:a7:7f:f2:41:2f:38:89:55:
98:1d:0e:9b:31:da:06:4e:e0:1c:24:42:55:d7:6f:ad:e9:90:
ec:f8:41:47:51:03:e6:df:2d:f2:63:3f:02:a8:55:18:99:cf:
39:87:e8:a0:17:84:5d:0e:2b:c6:e8:b9:ee:52:37:d0:b3:b8:
de:0b:c0:fd:c8:46:98:85:cf:0b:2b:65:9f:9d:d2:d5:44:05:
73:44:fc:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAszswjS91WeVaUeC+4IIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGY1ODg4NzkwMjZhMWI0ODNkNzk5YThlOGMzNjM4YjYy
MWFlNWIwHhcNMjMwMTAyMDU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQ0ZDY0ZDExZjYxMTIzMGEzODZiMDI2NzkwZGVjMjAzMjNiMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiL3piZKc/6hQF24ldOWj5V85aHHv
E0I41/cSH8mSs2pYdqbw6gEdqN2j8inss3MkjYJyfW/r3CvUXBZ+kzWh4uqM0Qlt
rBXs8AcGSWix+kw4wfGPONCaAeAVMluM+Vc0zBsNEZRLKXa8Oz5Cy/gPbjsNN8dR
kiWDPtpwR1sVjD57xsq7QY5vvUOvPI7AJ+IZsmZ9+vGnV4XbfWEi+UmBSB35X+nb
bWor+yCsQNCbJFSQqhhJ7Z2bz7JFoxjenBeHWcot/ObYtHacC2QOzqR0EGPzkX9c
h6blvvVmwTOLXR2zG3mmYhO+IQRITnMV5Llf4KlSkKbeB5q69wXi0D1nrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGvU1k0R9hEjCjhrAmeQ3sIDI7K/MB8GA1UdIwQY
MBaAFFzfWIh5AmobSD15mo6MNji2Ia5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE45WWlIa0NhaHRJUFhtYWpvdzJPTFlocmxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hODE3MDctNDE1Mi00MmJiLWEzOGMt
MmJmM2I2Y2UxMDFiLzEvYTlUV1RSSDJFU01LT0dzQ1o1RGV3Z01qc3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hODE3MDctNDE1Mi00MmJiLWEzOGMtMmJmM2I2Y2UxMDFi
LzEvWE45WWlIa0NhaHRJUFhtYWpvdzJPTFlocmxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CSMA0G
CSqGSIb3DQEBCwUAA4IBAQB9IvGGFHyji3Xv6D3tSch+/R/GVCAvHU8rj8Mk4HTs
pqLAomC6oorBwUURpAAPF8Q+tyPujpwjNZ4agOIwdRINfIm6MOTJvECrgvUYBKRC
6+g+ohYE5i4PCzNUWCiOHhlpfCscqKOOFsCOv1odGM54R5B4tmkXQ6sHqI77714V
zio03NIklkhn29TfIun26BIbOmdxbgUx7p8/CoSAK9eYTcjsQJXnEH3D7Gz+p3/y
QS84iVWYHQ6bMdoGTuAcJEJV12+t6ZDs+EFHUQPm3y3yYz8CqFUYmc85h+igF4Rd
DivG6LnuUjfQs7jeC8D9yEaYhc8LK2WfndLVRAVzRPxb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:29 2025 by rpki-client