Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/efspMm9AboK30d3xtiXcjqkOoMU.roa
File: efspMm9AboK30d3xtiXcjqkOoMU.roa (raw, json)
Hash identifier: NWPgB1/wYh2Z4KZ5xil05mV5/YFpkbFoDm3oYonS67Y=
Subject key identifier: 79:FB:29:32:6F:40:6E:82:B7:D1:DD:F1:B6:25:DC:8E:A9:0E:A0:C5
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 3DC65596
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/efspMm9AboK30d3xtiXcjqkOoMU.roa
Signing time: Sat 01 Jan 2022 08:56:53 +0000
ROA not before: Sat 01 Jan 2022 08:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1036408214 (0x3dc65596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 08:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79fb29326f406e82b7d1ddf1b625dc8ea90ea0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:90:d8:bc:0e:bc:ac:ba:7c:51:45:4c:86:
85:85:b4:0b:6f:27:d1:7b:18:28:f3:39:34:b6:c2:
31:9f:e3:63:88:2f:ed:4e:8c:f1:8a:b6:b6:46:d7:
9c:30:7c:0c:bb:0f:1d:f6:d7:5b:5c:a5:5e:26:c3:
40:6d:94:5a:4a:21:3a:da:cc:2b:b8:b6:d1:6a:0f:
3d:59:a8:01:d2:63:40:55:3c:e1:80:51:64:00:74:
d4:44:62:04:22:1c:97:cc:18:d0:85:6b:02:0a:f2:
0a:88:c2:45:5e:53:ff:3d:1d:97:bb:1d:f0:d0:2b:
4b:69:26:e3:f5:76:5e:f3:93:7c:78:75:21:e6:0a:
dd:cd:d9:ef:fd:1f:4c:86:e6:f2:f5:80:af:67:56:
15:4d:c7:88:bc:3b:62:1c:cc:09:af:78:26:4f:0d:
75:e0:03:64:37:01:40:cf:cd:bf:2a:38:52:37:ef:
94:57:76:eb:48:10:ed:40:db:2d:e2:fa:7b:97:e4:
e1:a2:2e:98:90:19:0a:5e:38:92:5b:31:12:1d:82:
7b:8a:ff:08:31:59:9c:c1:de:cd:03:67:19:6e:f0:
f0:d2:40:0a:86:f3:d0:a9:58:72:64:cb:04:f5:14:
5e:03:ea:74:84:5c:af:98:ac:45:a4:41:90:b6:bf:
b6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:FB:29:32:6F:40:6E:82:B7:D1:DD:F1:B6:25:DC:8E:A9:0E:A0:C5
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/efspMm9AboK30d3xtiXcjqkOoMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.255.190.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:2c:f5:cb:df:5d:ff:23:0d:01:c9:ea:61:4d:10:aa:8d:e7:
63:40:66:4a:13:9b:77:f1:f3:5d:db:03:1b:81:ed:c4:45:bf:
ab:0b:ac:ea:d1:24:df:87:24:d4:4c:3f:99:18:5c:8e:66:b6:
7b:72:b1:be:79:07:f7:2b:b2:c3:36:fc:2f:3e:0e:a6:0d:22:
2c:ef:39:81:0c:55:20:fa:ae:79:f9:81:81:92:f7:34:b7:a0:
1e:3b:0a:91:a7:b3:7c:04:dd:f6:38:23:06:1a:31:27:8b:c0:
77:58:fc:34:59:0c:5d:2f:c9:a1:28:ef:93:c0:c2:55:22:71:
3e:c9:65:9f:ee:69:8b:fa:3f:60:63:81:e0:b3:d0:32:56:ef:
de:c5:c8:cd:ca:7e:9d:8f:eb:05:07:83:25:ff:56:b5:75:13:
be:17:66:f7:f8:5c:08:0e:df:16:a9:3e:d2:9b:d8:d4:85:c8:
fb:d4:2d:a3:19:00:1b:d7:fe:cd:2f:9d:61:5b:72:8e:85:b1:
9f:02:7b:94:2a:ca:4f:45:32:b7:1a:45:3e:74:b3:8c:f9:84:
1f:d4:7b:51:cf:b9:03:02:13:9f:73:b0:b6:e3:9b:79:7b:91:
d6:80:96:f0:c9:b4:8d:1f:37:cb:71:2c:de:4f:cb:1e:9e:b4:
60:0a:c2:b0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPcZVljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY4MTM4ZDRlYzJlYTUxY2FjZWYwOWZmMTA1OGEzNzBhNWJlMTkwMB4XDTIyMDEw
MTA4NTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzlmYjI5MzI2ZjQw
NmU4MmI3ZDFkZGYxYjYyNWRjOGVhOTBlYTBjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbSkNi8DrysunxRRUyGhYW0C28n0XsYKPM5NLbCMZ/jY4gv
7U6M8Yq2tkbXnDB8DLsPHfbXW1ylXibDQG2UWkohOtrMK7i20WoPPVmoAdJjQFU8
4YBRZAB01ERiBCIcl8wY0IVrAgryCojCRV5T/z0dl7sd8NArS2km4/V2XvOTfHh1
IeYK3c3Z7/0fTIbm8vWAr2dWFU3HiLw7YhzMCa94Jk8NdeADZDcBQM/Nvyo4Ujfv
lFd260gQ7UDbLeL6e5fk4aIumJAZCl44klsxEh2Ce4r/CDFZnMHezQNnGW7w8NJA
Cobz0KlYcmTLBPUUXgPqdIRcr5isRaRBkLa/tjkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR5+ykyb0BugrfR3fG2JdyOqQ6gxTAfBgNVHSMEGDAWgBQfaBONTsLqUcrO
8J/xBYo3ClvhkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyZ1RqVTdDNmxIS3p2Q2Y4UVdLTndwYjRaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8x
L2Vmc3BNbTlBYm9LMzBkM3h0aVhjanFrT29NVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8xL0gyZ1RqVTdDNmxI
S3p2Q2Y4UVdLTndwYjRaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQL/vjANBgkqhkiG9w0BAQsFAAOC
AQEALSz1y99d/yMNAcnqYU0Qqo3nY0BmShObd/HzXdsDG4HtxEW/qwus6tEk34ck
1Ew/mRhcjma2e3KxvnkH9yuywzb8Lz4Opg0iLO85gQxVIPquefmBgZL3NLegHjsK
kaezfATd9jgjBhoxJ4vAd1j8NFkMXS/JoSjvk8DCVSJxPslln+5pi/o/YGOB4LPQ
Mlbv3sXIzcp+nY/rBQeDJf9WtXUTvhdm9/hcCA7fFqk+0pvY1IXI+9QtoxkAG9f+
zS+dYVtyjoWxnwJ7lCrKT0UytxpFPnSzjPmEH9R7Uc+5AwITn3OwtuObeXuR1oCW
8Mm0jR83y3Es3k/LHp60YArCsA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:20 2025 by rpki-client