Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/11b1a0-22f2-40e7-a45f-cb95a286990d/1/d_5l7OsvlihUquidbeZ3q9EZdV8.roa
File: d_5l7OsvlihUquidbeZ3q9EZdV8.roa (raw, json)
Hash identifier: Wdo1VEi+fGoO8d6VAnISxtoKTfBYPttuLiYhVu2TazA=
Subject key identifier: 77:FE:65:EC:EB:2F:96:28:54:AA:E8:9D:6D:E6:77:AB:D1:19:75:5F
Certificate issuer: /CN=aa9318ec68abf7fea3bc9972bca3bde8a14cbd54
Certificate serial: 01889171F7820148CDBEFF582267E36C421B
Authority key identifier: AA:93:18:EC:68:AB:F7:FE:A3:BC:99:72:BC:A3:BD:E8:A1:4C:BD:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpMY7Gir9_6jvJlyvKO96KFMvVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/11b1a0-22f2-40e7-a45f-cb95a286990d/1/d_5l7OsvlihUquidbeZ3q9EZdV8.roa
Signing time: Tue 06 Jun 2023 16:02:25 +0000
ROA not before: Tue 06 Jun 2023 16:02:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51765
IP address blocks: 193.163.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:71:f7:82:01:48:cd:be:ff:58:22:67:e3:6c:42:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9318ec68abf7fea3bc9972bca3bde8a14cbd54
Validity
Not Before: Jun 6 16:02:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77fe65eceb2f962854aae89d6de677abd119755f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fc:df:87:5b:0f:49:1c:28:a6:8e:28:e5:7d:
cb:fe:d2:0c:c6:66:d3:52:9a:90:01:32:37:35:ab:
b7:59:42:e2:0b:ca:1f:bf:e5:6a:dc:9f:1a:33:4a:
b4:5e:9d:78:ef:07:76:aa:5d:a6:3e:18:13:8f:0d:
9d:e1:78:24:b5:03:17:5b:d3:ea:90:32:af:00:b1:
e4:5a:e8:f8:fa:47:1c:bb:ee:0f:ad:32:79:c7:44:
8e:e6:13:9b:21:6a:d7:ec:c6:47:ca:d9:e9:4e:45:
f9:db:d5:4a:5a:cb:74:62:3d:3c:d3:a6:23:c8:36:
1d:01:ea:f4:8c:dc:28:c8:f4:4d:36:40:54:69:6f:
26:00:05:b1:1e:ed:62:68:29:82:6f:9b:f7:ce:5a:
60:f8:86:9b:33:cd:e1:ff:c6:ec:4d:fc:17:b6:52:
05:ed:39:2d:60:dc:ea:e3:81:b9:ea:d0:e7:e6:7f:
c6:46:f3:03:a6:08:b0:21:b5:9a:57:67:80:e5:87:
61:48:3a:30:ff:74:4c:78:60:b8:af:ef:9f:e8:92:
10:2c:cd:c1:af:68:72:8b:bb:66:9a:07:44:9f:ae:
78:d0:be:a8:4e:74:34:8a:a4:8d:ae:e8:f4:73:7e:
74:1e:7d:bd:5c:21:d1:aa:23:ff:a5:ec:de:1f:93:
a6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:FE:65:EC:EB:2F:96:28:54:AA:E8:9D:6D:E6:77:AB:D1:19:75:5F
X509v3 Authority Key Identifier:
keyid:AA:93:18:EC:68:AB:F7:FE:A3:BC:99:72:BC:A3:BD:E8:A1:4C:BD:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpMY7Gir9_6jvJlyvKO96KFMvVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/11b1a0-22f2-40e7-a45f-cb95a286990d/1/d_5l7OsvlihUquidbeZ3q9EZdV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/11b1a0-22f2-40e7-a45f-cb95a286990d/1/qpMY7Gir9_6jvJlyvKO96KFMvVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.207.0/24
Signature Algorithm: sha256WithRSAEncryption
60:22:ce:1e:8b:1b:2c:7e:ed:6c:52:25:3b:e3:6b:e2:e5:c7:
35:79:d5:28:07:66:e8:a2:11:1d:22:32:c1:0d:25:b0:bd:ae:
15:f7:54:aa:14:11:4d:ff:e1:3b:b8:c7:1a:6e:93:df:d0:63:
41:f3:a2:a2:6f:ca:30:36:36:8d:ee:8f:e5:b2:cf:1e:35:72:
e1:88:39:84:0f:33:02:c1:2d:85:30:c8:28:80:b8:7a:1d:80:
7f:00:02:b0:0e:50:a2:69:f5:d4:87:66:36:4a:ef:52:16:00:
a9:65:1e:3b:b7:bc:ab:63:f8:54:ad:eb:d3:0a:a8:a7:ad:87:
3e:b3:ec:dd:75:9c:81:c6:1c:c0:61:21:e3:af:56:a3:3e:ee:
c6:bc:27:df:42:2f:ef:64:49:1c:a8:7b:ba:85:4d:0b:6c:8e:
cc:c4:ab:4e:57:59:64:7a:35:55:e4:ac:0a:08:d5:89:96:8b:
86:3b:09:14:7c:f8:27:57:cc:e6:5d:d5:a1:a2:28:86:bc:b7:
9d:16:2a:07:0e:a4:14:c2:76:f2:13:3c:dd:5d:6f:b5:f8:95:
f3:cf:6a:1b:f0:7e:5f:98:00:87:b1:61:b4:59:89:de:5e:da:
81:1d:7e:38:4d:c9:4a:b9:a8:48:00:7c:94:ed:c6:9d:06:2e:
78:23:a9:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiRcfeCAUjNvv9YImfjbEIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOTMxOGVjNjhhYmY3ZmVhM2JjOTk3MmJjYTNiZGU4YTE0
Y2JkNTQwHhcNMjMwNjA2MTYwMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ZlNjVlY2ViMmY5NjI4NTRhYWU4OWQ2ZGU2NzdhYmQxMTk3NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vzfh1sPSRwopo4o5X3L/tIMxmbT
UpqQATI3Nau3WULiC8ofv+Vq3J8aM0q0Xp147wd2ql2mPhgTjw2d4XgktQMXW9Pq
kDKvALHkWuj4+kccu+4PrTJ5x0SO5hObIWrX7MZHytnpTkX529VKWst0Yj0806Yj
yDYdAer0jNwoyPRNNkBUaW8mAAWxHu1iaCmCb5v3zlpg+IabM83h/8bsTfwXtlIF
7TktYNzq44G56tDn5n/GRvMDpgiwIbWaV2eA5YdhSDow/3RMeGC4r++f6JIQLM3B
r2hyi7tmmgdEn6540L6oTnQ0iqSNruj0c350Hn29XCHRqiP/pezeH5OmFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHf+ZezrL5YoVKronW3md6vRGXVfMB8GA1UdIwQY
MBaAFKqTGOxoq/f+o7yZcryjveihTL1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXBNWTdHaXI5XzZqdkpseXZLTzk2S0ZNdlZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xMWIxYTAtMjJmMi00MGU3LWE0NWYt
Y2I5NWEyODY5OTBkLzEvZF81bDdPc3ZsaWhVcXVpZGJlWjNxOUVaZFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xMWIxYTAtMjJmMi00MGU3LWE0NWYtY2I5NWEyODY5OTBk
LzEvcXBNWTdHaXI5XzZqdkpseXZLTzk2S0ZNdlZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaPPMA0G
CSqGSIb3DQEBCwUAA4IBAQBgIs4eixssfu1sUiU742vi5cc1edUoB2boohEdIjLB
DSWwva4V91SqFBFN/+E7uMcabpPf0GNB86Kib8owNjaN7o/lss8eNXLhiDmEDzMC
wS2FMMgogLh6HYB/AAKwDlCiafXUh2Y2Su9SFgCpZR47t7yrY/hUrevTCqinrYc+
s+zddZyBxhzAYSHjr1ajPu7GvCffQi/vZEkcqHu6hU0LbI7MxKtOV1lkejVV5KwK
CNWJlouGOwkUfPgnV8zmXdWhoiiGvLedFioHDqQUwnbyEzzdXW+1+JXzz2ob8H5f
mACHsWG0WYneXtqBHX44TclKuahIAHyU7cadBi54I6kX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:13 2025 by rpki-client