Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/VgrYJNEFDcE7cBPhtMzGZftPm_w.roa
File: VgrYJNEFDcE7cBPhtMzGZftPm_w.roa (raw, json)
Hash identifier: KMpNh4zA1J7gmPUNGUtl/tVCMgBePGJvT+PjLUWbxWY=
Subject key identifier: 56:0A:D8:24:D1:05:0D:C1:3B:70:13:E1:B4:CC:C6:65:FB:4F:9B:FC
Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Certificate serial: 01856C413DD69B3E97B646B513C3A6728EF8
Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/VgrYJNEFDcE7cBPhtMzGZftPm_w.roa
Signing time: Sun 01 Jan 2023 07:34:53 +0000
ROA not before: Sun 01 Jan 2023 07:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 807
IP address blocks: 193.57.173.0/24 maxlen: 24
193.57.200.0/24 maxlen: 24
193.57.223.0/24 maxlen: 24
193.57.224.0/24 maxlen: 24
2a0f:8640::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:3d:d6:9b:3e:97:b6:46:b5:13:c3:a6:72:8e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Validity
Not Before: Jan 1 07:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=560ad824d1050dc13b7013e1b4ccc665fb4f9bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5b:db:49:76:58:cc:5c:36:42:ba:a2:17:18:
8e:96:18:88:a9:5d:50:83:ad:df:68:a2:b6:de:28:
34:fa:9e:f9:b6:4b:5d:37:63:d5:f8:90:33:27:f5:
1f:0c:9e:4d:47:f8:f0:a8:ef:ee:0a:76:58:ad:75:
47:dc:de:fa:89:ba:c5:96:0c:6d:48:50:2c:5e:8e:
cb:4d:36:cc:70:81:37:b5:2f:08:0d:a8:8a:a0:f6:
ba:ff:4f:e0:9f:c1:de:09:85:15:33:fc:41:9e:65:
38:30:95:e1:a3:7a:0d:37:94:0e:26:2b:50:d2:14:
2e:58:40:9d:76:a2:38:e9:57:fc:5f:ac:e6:69:19:
94:12:ea:85:4d:5e:96:41:3a:04:34:fc:02:99:7e:
38:33:b3:ae:1c:8e:1f:0c:52:b9:96:b4:11:39:ac:
c5:73:c9:61:f2:66:9a:ac:56:5b:7e:de:53:36:fd:
8f:3d:c2:04:4e:a3:1c:b3:04:83:b4:a3:03:29:d8:
d2:d6:f0:6d:3f:2c:48:fa:6e:09:70:87:48:92:ac:
9f:76:47:98:60:ce:f6:5a:97:7f:69:64:31:01:ee:
06:a7:55:8e:a0:8a:5e:e7:9f:17:eb:6d:b5:83:0c:
4e:d5:f1:ff:f8:79:52:27:ba:cb:cd:9e:8a:64:4a:
e1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:0A:D8:24:D1:05:0D:C1:3B:70:13:E1:B4:CC:C6:65:FB:4F:9B:FC
X509v3 Authority Key Identifier:
keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/VgrYJNEFDcE7cBPhtMzGZftPm_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.173.0/24
193.57.200.0/24
193.57.223.0-193.57.224.255
IPv6:
2a0f:8640::/29
Signature Algorithm: sha256WithRSAEncryption
96:ef:7d:96:5c:82:0c:c1:a3:23:38:50:8b:c4:fa:ff:12:c9:
3d:63:03:ba:04:e6:d6:60:51:d2:de:a0:5a:0d:bb:32:ea:1c:
21:5c:c8:8c:43:8f:a5:b2:3b:8f:08:fb:03:dd:52:39:b8:a6:
9d:81:16:48:c5:7e:25:44:4c:6c:dd:2f:85:0a:8c:4b:be:c7:
33:c0:ed:1f:f1:0b:a9:4f:ff:e4:2d:dd:5d:e0:5d:1c:dc:97:
49:37:08:b7:fd:59:ed:30:fe:81:fe:15:2f:f2:33:c2:e6:60:
f9:af:2d:38:63:cd:f8:b9:33:fd:7b:d9:67:ac:d5:69:e4:eb:
75:2b:08:da:d5:f4:bb:3f:de:06:a2:ac:07:6d:f8:bb:e1:bd:
63:c1:f7:b6:79:0c:1c:42:c3:d6:10:18:c1:89:84:bc:84:5f:
5c:ec:58:fb:ec:a5:bd:00:28:f3:bf:7c:d0:49:41:34:28:12:
f8:c8:41:69:e6:cb:d9:27:fb:ab:e3:87:da:60:3b:15:2d:84:
0e:7c:32:73:e1:24:d2:bc:48:49:fa:20:14:ac:f1:76:90:30:
cd:38:5a:74:20:4c:8e:c6:3c:5a:38:fc:b8:61:eb:8c:23:08:
f2:83:1a:dc:24:e4:99:94:59:2a:72:49:2f:b7:0b:41:0e:d4:
2d:83:07:8c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVsQT3Wmz6Xtka1E8Omco74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViY2Q0MGQxMGI1NmYzYjUzMmZhMGRmZDAxZDgxN2VmOTNk
YTFhMzQwHhcNMjMwMTAxMDczNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjBhZDgyNGQxMDUwZGMxM2I3MDEzZTFiNGNjYzY2NWZiNGY5YmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFvbSXZYzFw2QrqiFxiOlhiIqV1Q
g63faKK23ig0+p75tktdN2PV+JAzJ/UfDJ5NR/jwqO/uCnZYrXVH3N76ibrFlgxt
SFAsXo7LTTbMcIE3tS8IDaiKoPa6/0/gn8HeCYUVM/xBnmU4MJXho3oNN5QOJitQ
0hQuWECddqI46Vf8X6zmaRmUEuqFTV6WQToENPwCmX44M7OuHI4fDFK5lrQROazF
c8lh8maarFZbft5TNv2PPcIETqMcswSDtKMDKdjS1vBtPyxI+m4JcIdIkqyfdkeY
YM72Wpd/aWQxAe4Gp1WOoIpe558X6221gwxO1fH/+HlSJ7rLzZ6KZErhVQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFYK2CTRBQ3BO3AT4bTMxmX7T5v8MB8GA1UdIwQY
MBaAFFvNQNELVvO1MvoN/QHYF++T2ho0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzIt
YTJjZTFjYzhiODdmLzEvVmdyWUpORUZEY0U3Y0JQaHRNekdaZnRQbV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzItYTJjZTFjYzhiODdm
LzEvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwTmtAwQA
wTnIMAwDBADBOd8DBADBOeAwDQQCAAIwBwMFAyoPhkAwDQYJKoZIhvcNAQELBQAD
ggEBAJbvfZZcggzBoyM4UIvE+v8SyT1jA7oE5tZgUdLeoFoNuzLqHCFcyIxDj6Wy
O48I+wPdUjm4pp2BFkjFfiVETGzdL4UKjEu+xzPA7R/xC6lP/+Qt3V3gXRzcl0k3
CLf9We0w/oH+FS/yM8LmYPmvLThjzfi5M/172Wes1Wnk63UrCNrV9Ls/3gairAdt
+LvhvWPB97Z5DBxCw9YQGMGJhLyEX1zsWPvspb0AKPO/fNBJQTQoEvjIQWnmy9kn
+6vjh9pgOxUthA58MnPhJNK8SEn6IBSs8XaQMM04WnQgTI7GPFo4/Lhh64wjCPKD
Gtwk5JmUWSpySS+3C0EO1C2DB4w=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:51 2025 by rpki-client