Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/c343e3-b963-450b-98e5-7ddab80396aa/1/Xao3ZlMHDVthGTVKJPENEC-SHls.roa
File: Xao3ZlMHDVthGTVKJPENEC-SHls.roa (raw, json)
Hash identifier: V9zeujeDTTT/5LosbSuRD3zE2gDdPmVErnqXBHkeGR0=
Subject key identifier: 5D:AA:37:66:53:07:0D:5B:61:19:35:4A:24:F1:0D:10:2F:92:1E:5B
Certificate issuer: /CN=23ff02e63e8467f2119432f8dc8401334bc3528d
Certificate serial: 01856F3018FAB4D2FA84262FB0F33CC60F64
Authority key identifier: 23:FF:02:E6:3E:84:67:F2:11:94:32:F8:DC:84:01:33:4B:C3:52:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_8C5j6EZ_IRlDL43IQBM0vDUo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/c343e3-b963-450b-98e5-7ddab80396aa/1/Xao3ZlMHDVthGTVKJPENEC-SHls.roa
Signing time: Sun 01 Jan 2023 21:15:01 +0000
ROA not before: Sun 01 Jan 2023 21:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58061
IP address blocks: 185.253.4.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:18:fa:b4:d2:fa:84:26:2f:b0:f3:3c:c6:0f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ff02e63e8467f2119432f8dc8401334bc3528d
Validity
Not Before: Jan 1 21:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5daa376653070d5b6119354a24f10d102f921e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:76:1e:b4:57:58:90:94:04:26:6b:1c:19:ca:
54:7d:7e:e3:b4:77:dc:64:57:ac:8d:24:d3:51:45:
aa:9c:48:78:1d:2c:c9:75:8e:3c:96:b5:b9:b4:d1:
a5:bc:4c:be:37:23:6f:45:0e:4d:72:e9:35:cb:6c:
7e:1c:89:2b:84:52:72:bf:5b:6f:3d:72:8c:46:de:
79:cf:1e:6f:1c:73:b4:b1:20:aa:cc:64:8e:c2:ac:
c4:7d:e8:00:dc:16:cb:b1:9b:b1:e5:3f:c7:9c:9b:
87:d1:e8:82:39:c4:4b:8e:13:f7:30:bd:5e:8a:4f:
eb:56:34:a3:1e:4b:04:94:36:c1:0f:de:1f:4a:86:
48:65:07:ee:9c:96:29:2f:2d:af:7f:19:6b:68:48:
e8:3c:44:4c:99:4c:8d:54:9c:4c:91:c7:00:6b:a9:
82:84:d1:98:90:37:13:78:29:d6:f4:de:d7:e0:4f:
0c:a3:01:a8:42:4f:42:f7:ba:ac:29:db:dc:94:e5:
8f:b3:02:4a:86:f8:20:0b:5e:18:67:f3:36:db:4c:
52:6e:18:21:69:ac:a3:07:62:a8:20:aa:41:bc:5c:
b7:66:aa:62:e9:e8:a5:1f:16:52:d6:37:ed:c4:0a:
9f:f6:07:79:7a:fc:53:9d:1e:24:83:05:31:8c:a2:
5c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AA:37:66:53:07:0D:5B:61:19:35:4A:24:F1:0D:10:2F:92:1E:5B
X509v3 Authority Key Identifier:
keyid:23:FF:02:E6:3E:84:67:F2:11:94:32:F8:DC:84:01:33:4B:C3:52:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_8C5j6EZ_IRlDL43IQBM0vDUo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/c343e3-b963-450b-98e5-7ddab80396aa/1/Xao3ZlMHDVthGTVKJPENEC-SHls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/c343e3-b963-450b-98e5-7ddab80396aa/1/I_8C5j6EZ_IRlDL43IQBM0vDUo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.4.0/24
Signature Algorithm: sha256WithRSAEncryption
44:27:ce:78:25:0d:79:c9:dc:96:43:28:21:52:4e:79:76:b8:
23:6a:06:df:5d:50:fc:32:95:95:5e:78:b1:a8:cb:ac:bb:33:
4d:e0:91:3a:5e:34:74:c3:0d:7b:28:17:ec:15:16:89:fd:be:
68:6d:5c:83:88:06:5a:0e:05:2f:b7:d5:34:3a:be:40:6f:bc:
8d:4c:60:21:83:74:66:dd:f5:16:34:81:86:38:94:39:98:22:
1d:86:92:54:47:11:11:df:c5:09:24:f2:91:1f:62:f1:fa:3f:
78:59:ff:f1:20:7d:75:4a:0b:ee:6f:a7:13:4f:6b:35:93:98:
17:65:5e:11:87:70:31:b9:45:df:07:04:47:f1:43:a4:e6:dd:
86:dc:7e:7a:4b:98:14:48:84:1b:bf:fd:f8:ee:45:52:2e:8b:
aa:d4:66:aa:f9:d4:b0:2b:33:8b:51:a7:51:2d:c0:27:c9:65:
db:f4:23:55:85:2f:83:2a:b2:fe:8f:a4:96:03:9e:c1:b5:70:
e3:7e:d5:0b:a1:20:a8:e4:d3:41:af:d8:f6:3a:53:4d:8b:ae:
e1:3d:32:a7:26:91:2d:45:8f:44:85:30:6b:c5:58:e4:8e:64:
05:d2:6d:74:a1:d6:70:85:1f:b0:58:c3:51:46:63:b4:31:41:
4b:b5:4d:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMBj6tNL6hCYvsPM8xg9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZmYwMmU2M2U4NDY3ZjIxMTk0MzJmOGRjODQwMTMzNGJj
MzUyOGQwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFhMzc2NjUzMDcwZDViNjExOTM1NGEyNGYxMGQxMDJmOTIxZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHYetFdYkJQEJmscGcpUfX7jtHfc
ZFesjSTTUUWqnEh4HSzJdY48lrW5tNGlvEy+NyNvRQ5Ncuk1y2x+HIkrhFJyv1tv
PXKMRt55zx5vHHO0sSCqzGSOwqzEfegA3BbLsZux5T/HnJuH0eiCOcRLjhP3ML1e
ik/rVjSjHksElDbBD94fSoZIZQfunJYpLy2vfxlraEjoPERMmUyNVJxMkccAa6mC
hNGYkDcTeCnW9N7X4E8MowGoQk9C97qsKdvclOWPswJKhvggC14YZ/M220xSbhgh
aayjB2KoIKpBvFy3Zqpi6eilHxZS1jftxAqf9gd5evxTnR4kgwUxjKJcTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2qN2ZTBw1bYRk1SiTxDRAvkh5bMB8GA1UdIwQY
MBaAFCP/AuY+hGfyEZQy+NyEATNLw1KNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV84QzVqNkVaX0lSbERMNDNJUUJNMHZEVW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jMzQzZTMtYjk2My00NTBiLTk4ZTUt
N2RkYWI4MDM5NmFhLzEvWGFvM1psTUhEVnRoR1RWS0pQRU5FQy1TSGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jMzQzZTMtYjk2My00NTBiLTk4ZTUtN2RkYWI4MDM5NmFh
LzEvSV84QzVqNkVaX0lSbERMNDNJUUJNMHZEVW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0EMA0G
CSqGSIb3DQEBCwUAA4IBAQBEJ854JQ15ydyWQyghUk55drgjagbfXVD8MpWVXnix
qMusuzNN4JE6XjR0ww17KBfsFRaJ/b5obVyDiAZaDgUvt9U0Or5Ab7yNTGAhg3Rm
3fUWNIGGOJQ5mCIdhpJURxER38UJJPKRH2Lx+j94Wf/xIH11Sgvub6cTT2s1k5gX
ZV4Rh3AxuUXfBwRH8UOk5t2G3H56S5gUSIQbv/347kVSLouq1Gaq+dSwKzOLUadR
LcAnyWXb9CNVhS+DKrL+j6SWA57BtXDjftULoSCo5NNBr9j2OlNNi67hPTKnJpEt
RY9EhTBrxVjkjmQF0m10odZwhR+wWMNRRmO0MUFLtU0k
-----END CERTIFICATE-----
Generated at Mon Sep 18 13:38:57 2023 by rpki-client on console-fra.rpki-client.org