Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/1-KSCCXXd3Jn5r2O8F6mOxsOTIbM.roa
File: 1-KSCCXXd3Jn5r2O8F6mOxsOTIbM.roa (raw, json)
Hash identifier: WPZ4nDMXX6CZRSB3kXu/VM1Vv1QaHD56wFe80A83CAE=
Subject key identifier: F8:A4:82:09:75:DD:DC:99:F9:AF:63:BC:17:A9:8E:C6:C3:93:21:B3
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 019252A4DC8AFB40392DF0DA20D5C29E324C
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/1-KSCCXXd3Jn5r2O8F6mOxsOTIbM.roa
Signing time: Thu 03 Oct 2024 13:49:48 +0000
ROA not before: Thu 03 Oct 2024 13:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25400
IP address blocks: 195.67.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:a4:dc:8a:fb:40:39:2d:f0:da:20:d5:c2:9e:32:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Oct 3 13:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8a4820975dddc99f9af63bc17a98ec6c39321b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:14:60:81:9e:39:bc:4b:70:00:6e:89:8a:67:
d7:57:ae:64:04:e4:b1:02:26:12:62:9c:be:8c:30:
2e:4f:08:ba:ce:54:da:9f:cf:7d:de:99:4e:57:b3:
b3:bd:7c:17:4b:12:8e:e4:2b:1f:d7:1b:c1:76:ba:
09:5f:63:2b:9f:14:b1:28:58:ec:3a:ea:9d:d6:46:
ac:3b:75:ab:aa:25:0c:a2:e3:b2:32:4e:59:f2:a6:
c3:85:4a:69:2d:72:fe:f2:1b:b5:c3:71:4f:b4:e6:
08:9a:70:ee:b6:15:bf:31:01:d9:b3:3a:7e:d6:92:
9f:bb:77:3b:6d:60:fb:cc:27:de:89:9e:11:97:59:
68:b1:a4:6a:f5:92:3a:91:d2:de:1a:72:2d:a6:a4:
f0:7c:8c:b9:f2:20:04:47:03:78:99:44:a2:ce:2a:
62:0e:c6:f1:dd:6e:63:29:d2:a3:7d:bb:11:0f:26:
cc:56:3b:36:c7:5f:3a:25:0e:8b:da:4c:76:ea:c9:
dd:ef:06:e1:42:82:e3:52:e4:d6:ad:2f:e4:00:93:
bf:d8:bb:f8:d1:68:c9:67:03:bb:97:48:79:ca:e5:
0a:38:ee:c7:04:26:ed:6d:b0:12:d7:91:cc:98:f0:
6f:4a:74:79:fe:88:dc:e9:79:8a:bd:50:13:9f:4a:
dc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A4:82:09:75:DD:DC:99:F9:AF:63:BC:17:A9:8E:C6:C3:93:21:B3
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/1-KSCCXXd3Jn5r2O8F6mOxsOTIbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.67.231.0/24
Signature Algorithm: sha256WithRSAEncryption
11:10:a3:fa:30:2d:3e:a1:b2:6b:e3:57:05:d3:de:d4:2b:64:
45:8a:81:36:3e:2a:9a:57:6c:a4:69:9c:53:32:a0:f2:9a:d1:
72:a4:28:59:40:a2:f9:f0:f4:31:4e:7e:9e:96:49:6e:12:95:
53:d2:8a:41:c7:58:0f:3a:dc:22:d4:16:f4:da:26:77:08:c7:
e5:99:9e:60:d1:b8:31:18:50:72:fc:12:0e:d0:8e:81:17:27:
19:b3:21:0f:ea:5a:e5:e7:49:07:b3:2e:92:ec:2f:45:43:26:
13:f6:6b:33:9d:ae:8c:bb:ec:b3:cc:10:92:95:f4:99:85:c3:
99:ab:f8:f8:cb:f1:97:1d:64:48:84:db:4f:89:54:ba:62:71:
33:05:db:07:c5:96:70:b8:f2:08:42:0d:3f:df:b4:8f:ec:45:
6e:78:43:d3:fb:c7:29:67:24:bc:37:60:7e:1d:f3:c6:a3:b9:
51:7c:a0:b0:c5:e3:b6:2f:ce:73:95:02:1c:14:78:a3:39:1c:
2b:2f:03:d5:3c:c6:8f:05:26:fc:91:0a:1f:86:63:ed:9c:2c:
3d:36:22:76:ab:94:af:4a:d1:07:ec:b7:44:33:41:99:3e:d4:
db:78:a4:24:68:e3:1c:93:ee:59:a0:8a:29:93:fa:b4:6b:d7:
c2:60:c4:c8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJSpNyK+0A5LfDaINXCnjJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQxMDAzMTM0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGE0ODIwOTc1ZGRkYzk5ZjlhZjYzYmMxN2E5OGVjNmMzOTMyMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBRggZ45vEtwAG6JimfXV65kBOSx
AiYSYpy+jDAuTwi6zlTan8993plOV7OzvXwXSxKO5Csf1xvBdroJX2MrnxSxKFjs
Ouqd1kasO3WrqiUMouOyMk5Z8qbDhUppLXL+8hu1w3FPtOYImnDuthW/MQHZszp+
1pKfu3c7bWD7zCfeiZ4Rl1losaRq9ZI6kdLeGnItpqTwfIy58iAERwN4mUSizipi
Dsbx3W5jKdKjfbsRDybMVjs2x186JQ6L2kx26snd7wbhQoLjUuTWrS/kAJO/2Lv4
0WjJZwO7l0h5yuUKOO7HBCbtbbAS15HMmPBvSnR5/ojc6XmKvVATn0rcpwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPikggl13dyZ+a9jvBepjsbDkyGzMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvMS1LU0NDWFhkM0puNXIyTzhGNm1PeHNPVEliTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvYjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZk
MC8xL0gyZ1RqVTdDNmxIS3p2Q2Y4UVdLTndwYjRaQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMND5zAN
BgkqhkiG9w0BAQsFAAOCAQEAERCj+jAtPqGya+NXBdPe1CtkRYqBNj4qmldspGmc
UzKg8prRcqQoWUCi+fD0MU5+npZJbhKVU9KKQcdYDzrcItQW9NomdwjH5ZmeYNG4
MRhQcvwSDtCOgRcnGbMhD+pa5edJB7MukuwvRUMmE/ZrM52ujLvss8wQkpX0mYXD
mav4+Mvxlx1kSITbT4lUumJxMwXbB8WWcLjyCEINP9+0j+xFbnhD0/vHKWckvDdg
fh3zxqO5UXygsMXjti/Oc5UCHBR4ozkcKy8D1TzGjwUm/JEKH4Zj7ZwsPTYidquU
r0rRB+y3RDNBmT7U23ikJGjjHJPuWaCKKZP6tGvXwmDEyA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:59 2025 by rpki-client