Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4a11ef-764f-4283-81ff-05acfacac844/1/aOt5rviKlMCkrkBgrLg1jMhKpnU.roa
File: aOt5rviKlMCkrkBgrLg1jMhKpnU.roa (raw, json)
Hash identifier: vdB4ADLysAJRo95WIA64y1tWJHgiXJpGIRCNi7i2M0I=
Subject key identifier: 68:EB:79:AE:F8:8A:94:C0:A4:AE:40:60:AC:B8:35:8C:C8:4A:A6:75
Certificate issuer: /CN=e927fdc63d310d3d231b4a7553ae4e4158025e9f
Certificate serial: 0185723A278D15B655AC17512BDBFA289479
Authority key identifier: E9:27:FD:C6:3D:31:0D:3D:23:1B:4A:75:53:AE:4E:41:58:02:5E:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Sf9xj0xDT0jG0p1U65OQVgCXp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4a11ef-764f-4283-81ff-05acfacac844/1/aOt5rviKlMCkrkBgrLg1jMhKpnU.roa
Signing time: Mon 02 Jan 2023 11:24:51 +0000
ROA not before: Mon 02 Jan 2023 11:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59745
IP address blocks: 195.20.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:27:8d:15:b6:55:ac:17:51:2b:db:fa:28:94:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e927fdc63d310d3d231b4a7553ae4e4158025e9f
Validity
Not Before: Jan 2 11:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68eb79aef88a94c0a4ae4060acb8358cc84aa675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c8:fc:87:a9:12:5f:2f:da:df:34:96:e1:b3:
7d:b8:4d:70:d2:b0:29:e7:6e:30:a7:9e:aa:0f:60:
ef:d6:c8:4e:1c:f1:30:1e:a6:75:aa:28:45:ec:8f:
2b:3b:76:71:64:ce:3d:e5:e9:b6:46:d5:7e:fa:7d:
33:45:cd:43:ac:c9:07:d4:ec:dd:d3:82:72:db:46:
a1:86:8b:61:6d:8a:18:38:98:e2:0d:0c:03:6f:d2:
bf:26:15:27:4a:28:29:6d:3f:92:84:a3:fc:25:92:
e6:17:1d:0d:1f:50:f4:78:0e:91:7f:5a:a6:25:75:
74:57:14:99:5a:3c:99:6a:73:05:97:c6:1b:74:d4:
c9:3f:61:18:40:23:43:2d:02:41:99:d5:07:4a:c7:
e0:9c:3a:5c:81:55:5a:25:0b:6b:d2:75:5c:e5:0a:
d0:31:62:ec:3e:08:af:87:62:d8:06:d3:54:c5:60:
68:12:e3:d3:9f:aa:74:0b:54:54:8f:06:74:12:36:
2f:f7:3b:c8:8e:9e:33:b0:da:dc:cf:55:93:f9:2c:
5d:9c:7c:f6:59:53:e7:06:45:d1:d3:f4:15:a8:79:
d4:97:4b:d0:59:8f:f6:dd:26:d5:22:5e:e9:0f:3a:
54:9a:4c:9a:fd:c9:cc:98:dd:87:56:16:49:aa:1d:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EB:79:AE:F8:8A:94:C0:A4:AE:40:60:AC:B8:35:8C:C8:4A:A6:75
X509v3 Authority Key Identifier:
keyid:E9:27:FD:C6:3D:31:0D:3D:23:1B:4A:75:53:AE:4E:41:58:02:5E:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Sf9xj0xDT0jG0p1U65OQVgCXp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a11ef-764f-4283-81ff-05acfacac844/1/aOt5rviKlMCkrkBgrLg1jMhKpnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4a11ef-764f-4283-81ff-05acfacac844/1/6Sf9xj0xDT0jG0p1U65OQVgCXp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.20.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:78:57:a4:09:db:1c:1e:2d:e9:75:a4:ea:37:f6:4f:f8:ae:
7f:af:9d:61:a0:df:18:4d:15:6f:3a:89:cf:52:51:7a:70:9d:
82:9d:7a:f3:d7:69:e3:64:01:17:a0:b2:8c:ec:d3:b8:23:d3:
bb:20:5d:e4:7f:eb:f7:8e:63:bb:2f:bf:a4:e6:1e:18:6c:84:
16:27:9e:07:09:09:16:43:48:73:3c:29:34:99:d2:b2:7b:f3:
de:91:fa:35:2b:e9:f4:4c:db:03:15:62:99:94:e5:41:e0:77:
7f:cd:65:73:00:9a:9b:76:db:68:6c:26:32:60:2e:1b:89:9a:
40:c5:be:2b:d6:13:d9:93:1b:03:a7:2f:99:ba:0a:7e:c6:c3:
a6:b5:45:f9:1b:65:32:b9:7d:d1:08:a5:76:8d:6a:b0:99:4e:
73:cc:6c:a3:0a:a0:97:cc:c5:38:8f:a6:2c:ad:e3:2b:bd:e1:
f2:ea:6a:d4:72:a0:c1:46:f4:f3:a6:24:57:84:50:36:e5:e3:
55:47:93:eb:dc:d6:de:e3:02:2c:05:63:fc:9b:ed:e4:17:bc:
7a:9b:fc:c0:2b:a3:5d:2e:89:e8:ed:f0:a6:26:68:82:0d:54:
98:2c:e7:f3:3a:db:da:1b:ef:3c:47:2d:81:d3:15:b3:ff:a1:
80:30:ee:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOieNFbZVrBdRK9v6KJR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MjdmZGM2M2QzMTBkM2QyMzFiNGE3NTUzYWU0ZTQxNTgw
MjVlOWYwHhcNMjMwMTAyMTEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGViNzlhZWY4OGE5NGMwYTRhZTQwNjBhY2I4MzU4Y2M4NGFhNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksj8h6kSXy/a3zSW4bN9uE1w0rAp
524wp56qD2Dv1shOHPEwHqZ1qihF7I8rO3ZxZM495em2RtV++n0zRc1DrMkH1Ozd
04Jy20ahhothbYoYOJjiDQwDb9K/JhUnSigpbT+ShKP8JZLmFx0NH1D0eA6Rf1qm
JXV0VxSZWjyZanMFl8YbdNTJP2EYQCNDLQJBmdUHSsfgnDpcgVVaJQtr0nVc5QrQ
MWLsPgivh2LYBtNUxWBoEuPTn6p0C1RUjwZ0EjYv9zvIjp4zsNrcz1WT+SxdnHz2
WVPnBkXR0/QVqHnUl0vQWY/23SbVIl7pDzpUmkya/cnMmN2HVhZJqh3OZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjrea74ipTApK5AYKy4NYzISqZ1MB8GA1UdIwQY
MBaAFOkn/cY9MQ09IxtKdVOuTkFYAl6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlNmOXhqMHhEVDBqRzBwMVU2NU9RVmdDWHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YTExZWYtNzY0Zi00MjgzLTgxZmYt
MDVhY2ZhY2FjODQ0LzEvYU90NXJ2aUtsTUNrcmtCZ3JMZzFqTWhLcG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80YTExZWYtNzY0Zi00MjgzLTgxZmYtMDVhY2ZhY2FjODQ0
LzEvNlNmOXhqMHhEVDBqRzBwMVU2NU9RVmdDWHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwxQUMA0G
CSqGSIb3DQEBCwUAA4IBAQCieFekCdscHi3pdaTqN/ZP+K5/r51hoN8YTRVvOonP
UlF6cJ2CnXrz12njZAEXoLKM7NO4I9O7IF3kf+v3jmO7L7+k5h4YbIQWJ54HCQkW
Q0hzPCk0mdKye/Pekfo1K+n0TNsDFWKZlOVB4Hd/zWVzAJqbdttobCYyYC4biZpA
xb4r1hPZkxsDpy+Zugp+xsOmtUX5G2UyuX3RCKV2jWqwmU5zzGyjCqCXzMU4j6Ys
reMrveHy6mrUcqDBRvTzpiRXhFA25eNVR5Pr3Nbe4wIsBWP8m+3kF7x6m/zAK6Nd
Lono7fCmJmiCDVSYLOfzOtvaG+88Ry2B0xWz/6GAMO4S
-----END CERTIFICATE-----
Generated at Tue Oct 24 06:53:00 2023 by rpki-client on console-ams.rpki-client.org