Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/597e97-ff07-4102-ad88-1f234a957061/1/VBzXmyt77aFmVw6Bc6jYfwVsx_A.roa
File: VBzXmyt77aFmVw6Bc6jYfwVsx_A.roa (raw, json)
Hash identifier: UBrj98k1B/+rhAR4mr19NtE2u26U/zi0zfW9C9mbyaU=
Subject key identifier: 54:1C:D7:9B:2B:7B:ED:A1:66:57:0E:81:73:A8:D8:7F:05:6C:C7:F0
Certificate issuer: /CN=d674af97eed44abfbfa4d022ff75f077ceaa40e1
Certificate serial: 018CC2DB548B6E1820653AD86A32DE14E92F
Authority key identifier: D6:74:AF:97:EE:D4:4A:BF:BF:A4:D0:22:FF:75:F0:77:CE:AA:40:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nSvl-7USr-_pNAi_3Xwd86qQOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/597e97-ff07-4102-ad88-1f234a957061/1/VBzXmyt77aFmVw6Bc6jYfwVsx_A.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 62.68.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:54:8b:6e:18:20:65:3a:d8:6a:32:de:14:e9:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d674af97eed44abfbfa4d022ff75f077ceaa40e1
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=541cd79b2b7beda166570e8173a8d87f056cc7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c5:28:6c:3c:eb:04:e3:0c:f4:0b:05:e9:c5:
15:19:38:64:5f:3b:62:fb:82:1e:26:68:34:e5:22:
ef:5d:89:18:53:1b:ae:d1:d4:ef:8b:6f:0f:14:fd:
a5:dd:6d:e2:e3:b0:28:45:c0:b4:a7:8d:f0:92:7b:
f4:73:ff:0f:8f:97:4f:8f:70:73:c8:a7:84:74:d1:
cb:f6:b7:10:72:c8:1c:61:c3:a8:2d:36:64:ba:31:
87:9d:ab:b3:8d:06:27:b4:4a:68:78:85:16:8f:6c:
77:49:3a:6a:e9:bb:b7:8a:53:97:41:36:eb:7a:63:
2d:df:d8:b8:f7:ba:81:bc:76:4f:7b:f7:c3:b4:05:
48:bb:3e:36:96:45:86:bf:9e:fd:fb:24:8e:84:85:
73:af:a3:7a:aa:15:6b:84:07:4f:3e:59:c5:9d:e2:
98:25:71:11:06:31:88:e9:86:ba:e8:42:b0:27:5f:
ab:03:f8:3e:d9:94:91:5b:e6:5e:2c:f8:32:4e:bf:
d1:f7:70:7a:a8:97:db:5c:f5:29:6b:7d:23:2f:c9:
a9:cb:65:33:7b:3f:b2:05:16:53:59:82:6c:66:9c:
6b:b0:ed:c0:04:fe:0e:60:58:27:c1:9a:b7:17:c5:
b9:5d:45:14:7f:20:51:25:18:01:14:9c:d1:86:b0:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1C:D7:9B:2B:7B:ED:A1:66:57:0E:81:73:A8:D8:7F:05:6C:C7:F0
X509v3 Authority Key Identifier:
keyid:D6:74:AF:97:EE:D4:4A:BF:BF:A4:D0:22:FF:75:F0:77:CE:AA:40:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nSvl-7USr-_pNAi_3Xwd86qQOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/597e97-ff07-4102-ad88-1f234a957061/1/VBzXmyt77aFmVw6Bc6jYfwVsx_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/597e97-ff07-4102-ad88-1f234a957061/1/1nSvl-7USr-_pNAi_3Xwd86qQOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.81.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f0:e1:5c:f8:2d:03:82:86:1b:cb:20:3b:96:52:05:b3:21:
aa:f3:a5:39:3f:04:76:5c:ba:2b:8f:e6:01:77:4d:b8:e7:bc:
8f:54:59:42:f2:a3:97:0b:7a:94:f1:a9:3d:17:70:7c:6b:65:
a6:61:cb:e8:e4:e1:79:db:c0:c5:dd:06:9f:e0:d2:b6:1c:87:
7a:21:15:f2:53:bc:25:8c:31:e7:f4:ff:e3:38:13:95:8e:ae:
db:67:34:55:ca:c1:35:66:08:fc:69:b3:c0:b8:78:a2:f5:d7:
ab:39:a0:a3:ef:7f:ad:e6:f7:18:11:09:94:13:96:b8:5c:e6:
9f:0b:62:f9:ab:a9:fb:3f:8a:a4:60:0d:f6:2f:5b:fb:71:75:
a1:08:c2:51:a0:3a:c7:ec:e9:6f:2d:8a:c3:14:6f:cb:37:de:
2f:9d:2f:03:e4:27:99:07:1f:4e:8b:80:0d:02:04:32:0f:27:
57:ca:4c:4e:b1:03:e5:10:a7:3d:d5:83:29:c3:8e:f5:00:84:
77:01:e8:a8:ed:42:0b:24:ab:73:af:50:5c:df:9f:1f:5a:89:
93:ff:1e:6b:2b:49:4d:48:81:92:c7:1d:c4:1d:11:92:3d:86:
74:fd:42:83:03:63:a6:f2:c1:41:bd:3d:0f:90:fd:35:18:c6:
b1:66:4c:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21SLbhggZTrYajLeFOkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzRhZjk3ZWVkNDRhYmZiZmE0ZDAyMmZmNzVmMDc3Y2Vh
YTQwZTEwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDFjZDc5YjJiN2JlZGExNjY1NzBlODE3M2E4ZDg3ZjA1NmNjN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocUobDzrBOMM9AsF6cUVGThkXzti
+4IeJmg05SLvXYkYUxuu0dTvi28PFP2l3W3i47AoRcC0p43wknv0c/8Pj5dPj3Bz
yKeEdNHL9rcQcsgcYcOoLTZkujGHnauzjQYntEpoeIUWj2x3STpq6bu3ilOXQTbr
emMt39i497qBvHZPe/fDtAVIuz42lkWGv579+ySOhIVzr6N6qhVrhAdPPlnFneKY
JXERBjGI6Ya66EKwJ1+rA/g+2ZSRW+ZeLPgyTr/R93B6qJfbXPUpa30jL8mpy2Uz
ez+yBRZTWYJsZpxrsO3ABP4OYFgnwZq3F8W5XUUUfyBRJRgBFJzRhrB02QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQc15sre+2hZlcOgXOo2H8FbMfwMB8GA1UdIwQY
MBaAFNZ0r5fu1Eq/v6TQIv918HfOqkDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5TdmwtN1VTci1fcE5BaV8zWHdkODZxUU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81OTdlOTctZmYwNy00MTAyLWFkODgt
MWYyMzRhOTU3MDYxLzEvVkJ6WG15dDc3YUZtVnc2QmM2allmd1ZzeF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81OTdlOTctZmYwNy00MTAyLWFkODgtMWYyMzRhOTU3MDYx
LzEvMW5TdmwtN1VTci1fcE5BaV8zWHdkODZxUU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRRMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ8OFc+C0DgoYbyyA7llIFsyGq86U5PwR2XLorj+YB
d02457yPVFlC8qOXC3qU8ak9F3B8a2WmYcvo5OF528DF3Qaf4NK2HId6IRXyU7wl
jDHn9P/jOBOVjq7bZzRVysE1Zgj8abPAuHii9derOaCj73+t5vcYEQmUE5a4XOaf
C2L5q6n7P4qkYA32L1v7cXWhCMJRoDrH7OlvLYrDFG/LN94vnS8D5CeZBx9Oi4AN
AgQyDydXykxOsQPlEKc91YMpw471AIR3Aeio7UILJKtzr1Bc358fWomT/x5rK0lN
SIGSxx3EHRGSPYZ0/UKDA2Om8sFBvT0PkP01GMaxZkyH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:36 2025 by rpki-client