Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/hTo0N5rI6x1exTyC0WQqW9qmok4.roa
File: hTo0N5rI6x1exTyC0WQqW9qmok4.roa (raw, json)
Hash identifier: kEG2WD6lnRod1OPY7ihO8jkm7MUSS6pypvCT6QrF7dk=
Subject key identifier: 85:3A:34:37:9A:C8:EB:1D:5E:C5:3C:82:D1:64:2A:5B:DA:A6:A2:4E
Certificate issuer: /CN=5cdf588879026a1b483d799a8e8c3638b621ae5b
Certificate serial: 0181F46A8D64B522F90F8E25C3532CC4E0F5
Authority key identifier: 5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XN9YiHkCahtIPXmajow2OLYhrls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/hTo0N5rI6x1exTyC0WQqW9qmok4.roa
Signing time: Tue 12 Jul 2022 21:57:12 +0000
ROA not before: Tue 12 Jul 2022 21:57:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 195.96.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:6a:8d:64:b5:22:f9:0f:8e:25:c3:53:2c:c4:e0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdf588879026a1b483d799a8e8c3638b621ae5b
Validity
Not Before: Jul 12 21:57:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=853a34379ac8eb1d5ec53c82d1642a5bdaa6a24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c4:fe:52:1b:e9:6e:86:54:f2:84:94:77:40:
fd:81:31:f0:3b:68:70:ed:81:da:96:a2:77:dd:0b:
7f:0c:89:46:53:93:b0:df:58:25:27:91:50:05:41:
34:4c:ca:88:da:1f:3b:da:79:05:73:46:12:bb:88:
ed:44:ff:f0:3a:dc:5d:29:9b:5c:e8:0a:a7:ae:7a:
6d:98:97:60:53:ae:40:ef:8f:bd:7c:76:5d:81:89:
a2:c8:4e:2e:d1:8c:ab:68:dc:d8:09:87:1f:a7:e1:
fa:72:e6:ba:ec:ed:f3:e2:8c:33:a5:07:2d:8e:ef:
53:59:19:35:1d:34:69:67:6b:01:74:7a:b4:82:90:
86:34:62:bf:b5:c6:f5:2b:1c:a8:a7:62:e5:1b:ac:
7b:5b:13:1f:59:86:36:65:49:50:26:20:3d:11:47:
a9:c7:a8:52:09:a8:88:d2:0a:4f:e4:60:ec:a0:ad:
24:7b:25:98:8d:bb:9b:38:9f:43:9c:36:ca:ab:ca:
c0:ce:c3:19:f8:d5:69:11:70:9b:5d:e8:2c:9d:d2:
d8:ca:ed:0f:34:b2:b1:dd:6c:c7:db:3f:db:5d:57:
3e:e6:0e:f7:df:a0:d7:dd:d5:6f:5b:53:ca:7b:1a:
9c:26:86:db:e0:03:cb:93:82:49:9a:57:b7:fc:31:
06:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3A:34:37:9A:C8:EB:1D:5E:C5:3C:82:D1:64:2A:5B:DA:A6:A2:4E
X509v3 Authority Key Identifier:
keyid:5C:DF:58:88:79:02:6A:1B:48:3D:79:9A:8E:8C:36:38:B6:21:AE:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XN9YiHkCahtIPXmajow2OLYhrls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/hTo0N5rI6x1exTyC0WQqW9qmok4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a81707-4152-42bb-a38c-2bf3b6ce101b/1/XN9YiHkCahtIPXmajow2OLYhrls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.146.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:76:32:78:8d:e7:be:69:4d:c5:99:05:2f:e0:26:94:1f:48:
16:c2:81:bc:c2:e2:94:08:e5:fb:0d:f1:ad:69:c5:3d:de:ce:
5a:25:8e:1f:2c:e1:13:e2:d3:6a:2a:d1:58:f2:a7:12:9e:79:
8a:67:98:a9:fb:f0:b2:75:6c:1b:87:ab:63:7d:b7:72:06:2e:
80:44:4f:03:e0:e0:04:14:0b:83:68:72:81:03:e2:c5:c7:a7:
b5:29:8b:d2:60:16:fe:c5:b6:dc:54:5d:5d:d2:3d:3e:82:4a:
ca:31:09:fb:30:f3:49:20:f3:5c:6d:aa:80:d3:42:49:6f:76:
bc:95:03:44:47:e9:a4:2e:cf:19:07:7c:fd:60:55:26:49:fd:
d3:33:47:63:8d:8c:ac:c6:65:28:74:8e:2e:09:80:4e:ec:64:
24:42:d9:95:eb:5c:6b:19:d8:a4:c3:7f:11:23:03:71:88:f0:
4b:df:0e:37:6f:f9:ce:26:eb:28:b4:60:70:2c:45:75:11:0a:
5e:52:1d:42:bb:3c:fb:e4:b8:38:d1:9c:05:0b:12:4b:b5:49:
c2:2c:c3:f3:85:82:c2:59:dd:a1:87:f2:16:68:51:f1:98:bf:
dc:03:c1:d5:72:df:b1:ed:c7:e1:60:30:24:57:59:7b:b9:da:
f4:9c:4f:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH0ao1ktSL5D44lw1MsxOD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZGY1ODg4NzkwMjZhMWI0ODNkNzk5YThlOGMzNjM4YjYy
MWFlNWIwHhcNMjIwNzEyMjE1NzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNhMzQzNzlhYzhlYjFkNWVjNTNjODJkMTY0MmE1YmRhYTZhMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocT+UhvpboZU8oSUd0D9gTHwO2hw
7YHalqJ33Qt/DIlGU5Ow31glJ5FQBUE0TMqI2h872nkFc0YSu4jtRP/wOtxdKZtc
6AqnrnptmJdgU65A74+9fHZdgYmiyE4u0YyraNzYCYcfp+H6cua67O3z4owzpQct
ju9TWRk1HTRpZ2sBdHq0gpCGNGK/tcb1Kxyop2LlG6x7WxMfWYY2ZUlQJiA9EUep
x6hSCaiI0gpP5GDsoK0keyWYjbubOJ9DnDbKq8rAzsMZ+NVpEXCbXegsndLYyu0P
NLKx3WzH2z/bXVc+5g7336DX3dVvW1PKexqcJobb4APLk4JJmle3/DEGMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIU6NDeayOsdXsU8gtFkKlvapqJOMB8GA1UdIwQY
MBaAFFzfWIh5AmobSD15mo6MNji2Ia5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE45WWlIa0NhaHRJUFhtYWpvdzJPTFlocmxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hODE3MDctNDE1Mi00MmJiLWEzOGMt
MmJmM2I2Y2UxMDFiLzEvaFRvME41ckk2eDFleFR5QzBXUXFXOXFtb2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hODE3MDctNDE1Mi00MmJiLWEzOGMtMmJmM2I2Y2UxMDFi
LzEvWE45WWlIa0NhaHRJUFhtYWpvdzJPTFlocmxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CSMA0G
CSqGSIb3DQEBCwUAA4IBAQBtdjJ4jee+aU3FmQUv4CaUH0gWwoG8wuKUCOX7DfGt
acU93s5aJY4fLOET4tNqKtFY8qcSnnmKZ5ip+/CydWwbh6tjfbdyBi6ARE8D4OAE
FAuDaHKBA+LFx6e1KYvSYBb+xbbcVF1d0j0+gkrKMQn7MPNJIPNcbaqA00JJb3a8
lQNER+mkLs8ZB3z9YFUmSf3TM0djjYysxmUodI4uCYBO7GQkQtmV61xrGdikw38R
IwNxiPBL3w43b/nOJusotGBwLEV1EQpeUh1Cuzz75Lg40ZwFCxJLtUnCLMPzhYLC
Wd2hh/IWaFHxmL/cA8HVct+x7cfhYDAkV1l7udr0nE/S
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:38 2025 by rpki-client