Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/cPobfi55U8sOObz3bxVn9c9PsQ0.roa
File: cPobfi55U8sOObz3bxVn9c9PsQ0.roa (raw, json)
Hash identifier: ttBUw17AfvwhVlZzflZq6RJvNJMzbEAe8nINJXsXHiI=
Subject key identifier: 70:FA:1B:7E:2E:79:53:CB:0E:39:BC:F7:6F:15:67:F5:CF:4F:B1:0D
Certificate issuer: /CN=9ff062b6f4dfc55351774efeb1290b9c2dd8a8c6
Certificate serial: 018A454D9FD4ED153FC3C6C3FBA599F95B8E
Authority key identifier: 9F:F0:62:B6:F4:DF:C5:53:51:77:4E:FE:B1:29:0B:9C:2D:D8:A8:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_BitvTfxVNRd07-sSkLnC3YqMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/cPobfi55U8sOObz3bxVn9c9PsQ0.roa
Signing time: Wed 30 Aug 2023 07:17:09 +0000
ROA not before: Wed 30 Aug 2023 07:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34471
IP address blocks: 194.156.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:4d:9f:d4:ed:15:3f:c3:c6:c3:fb:a5:99:f9:5b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff062b6f4dfc55351774efeb1290b9c2dd8a8c6
Validity
Not Before: Aug 30 07:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70fa1b7e2e7953cb0e39bcf76f1567f5cf4fb10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4c:69:1c:16:fa:e2:15:66:11:17:a5:f7:6c:
62:94:e3:39:d0:6e:8e:92:43:46:17:e6:a6:eb:b9:
88:52:1d:d8:e1:28:79:13:7e:98:bc:a4:cd:10:87:
80:45:54:d0:7d:73:a8:c9:1d:57:9e:73:48:b8:83:
49:f6:69:47:f1:b8:78:d9:92:f4:9c:e0:2a:31:dd:
69:69:1a:ee:e9:f7:f0:e3:d3:32:ce:f5:83:43:0a:
a0:bd:3d:cc:21:18:d8:84:1a:04:5e:57:56:66:01:
0c:da:58:04:5e:f0:25:ed:ad:8c:86:44:a9:b5:2f:
a4:0a:04:0b:bd:08:11:cc:b0:9c:53:48:98:ef:4e:
56:04:ee:ca:a8:fe:b9:db:37:eb:ed:11:4c:40:dc:
f9:93:ea:07:56:64:a1:8f:59:de:7a:2c:f1:b6:d9:
21:ae:3a:82:9d:4c:41:23:96:4e:d6:85:9e:44:98:
34:ab:89:71:e5:aa:27:b6:a6:e8:28:63:79:ac:8b:
e5:44:6d:ba:c4:03:1e:54:15:f0:72:21:f0:70:5a:
52:ed:e1:07:5e:d6:9f:3e:ce:db:66:a7:05:44:0c:
96:d3:97:40:82:61:36:5c:08:63:af:59:15:2e:8b:
4a:b6:ae:37:e5:78:cc:5c:2d:68:d4:fa:0a:9f:9d:
8e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FA:1B:7E:2E:79:53:CB:0E:39:BC:F7:6F:15:67:F5:CF:4F:B1:0D
X509v3 Authority Key Identifier:
keyid:9F:F0:62:B6:F4:DF:C5:53:51:77:4E:FE:B1:29:0B:9C:2D:D8:A8:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_BitvTfxVNRd07-sSkLnC3YqMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/cPobfi55U8sOObz3bxVn9c9PsQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/n_BitvTfxVNRd07-sSkLnC3YqMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.72.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:ee:ea:47:64:4e:b5:af:c5:46:54:94:a3:b3:4a:65:53:4d:
d5:bb:50:d5:d4:a3:b9:65:98:9c:b5:d1:cf:6b:af:67:d7:20:
0e:f9:25:b0:73:36:cc:83:9c:87:47:22:bf:8b:b4:f2:71:5b:
90:9a:f3:5b:2f:f1:4d:96:12:9f:20:ac:19:48:1d:3b:57:0b:
13:43:61:7e:78:18:fb:59:81:39:9d:99:7b:f2:a3:1c:10:04:
77:da:3b:d2:4b:d6:f4:60:b7:dc:50:09:b4:d5:e1:fa:48:18:
19:ea:67:35:52:0a:2a:c2:ed:93:d7:96:1f:86:22:05:4f:c5:
dd:8c:5f:e2:4f:4e:78:7d:99:d2:1f:2a:20:17:ef:79:b2:12:
c0:ef:eb:8e:2a:ac:70:9b:02:94:de:b2:2a:73:87:ad:9b:e5:
55:69:cd:b2:96:b3:11:89:4a:84:53:9f:03:3a:8c:2d:1d:5a:
54:a9:06:3d:cc:46:f4:e2:26:6f:81:dd:1d:f6:e1:d1:95:9b:
76:28:51:94:2c:c1:9f:b3:cb:9f:22:be:05:74:5b:df:26:01:
aa:a4:0b:ea:92:5e:a7:b6:76:63:d4:17:ed:0c:c0:e0:bb:04:
03:99:dd:c0:1b:da:d2:ea:06:1c:1f:00:f5:38:bf:48:23:bc:
b1:1b:87:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpFTZ/U7RU/w8bD+6WZ+VuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjA2MmI2ZjRkZmM1NTM1MTc3NGVmZWIxMjkwYjljMmRk
OGE4YzYwHhcNMjMwODMwMDcxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGZhMWI3ZTJlNzk1M2NiMGUzOWJjZjc2ZjE1NjdmNWNmNGZiMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUxpHBb64hVmERel92xilOM50G6O
kkNGF+am67mIUh3Y4Sh5E36YvKTNEIeARVTQfXOoyR1XnnNIuINJ9mlH8bh42ZL0
nOAqMd1paRru6ffw49MyzvWDQwqgvT3MIRjYhBoEXldWZgEM2lgEXvAl7a2MhkSp
tS+kCgQLvQgRzLCcU0iY705WBO7KqP652zfr7RFMQNz5k+oHVmShj1neeizxttkh
rjqCnUxBI5ZO1oWeRJg0q4lx5aontqboKGN5rIvlRG26xAMeVBXwciHwcFpS7eEH
XtafPs7bZqcFRAyW05dAgmE2XAhjr1kVLotKtq435XjMXC1o1PoKn52OgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHD6G34ueVPLDjm8928VZ/XPT7ENMB8GA1UdIwQY
MBaAFJ/wYrb038VTUXdO/rEpC5wt2KjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9CaXR2VGZ4Vk5SZDA3LXNTa0xuQzNZcU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kMzIwY2ItNTUxOS00YzgyLWFmMjUt
MzM3NzAwOWU3NzNhLzEvY1BvYmZpNTVVOHNPT2J6M2J4Vm45YzlQc1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kMzIwY2ItNTUxOS00YzgyLWFmMjUtMzM3NzAwOWU3NzNh
LzEvbl9CaXR2VGZ4Vk5SZDA3LXNTa0xuQzNZcU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpxIMA0G
CSqGSIb3DQEBCwUAA4IBAQCO7upHZE61r8VGVJSjs0plU03Vu1DV1KO5ZZictdHP
a69n1yAO+SWwczbMg5yHRyK/i7TycVuQmvNbL/FNlhKfIKwZSB07VwsTQ2F+eBj7
WYE5nZl78qMcEAR32jvSS9b0YLfcUAm01eH6SBgZ6mc1Ugoqwu2T15YfhiIFT8Xd
jF/iT054fZnSHyogF+95shLA7+uOKqxwmwKU3rIqc4etm+VVac2ylrMRiUqEU58D
OowtHVpUqQY9zEb04iZvgd0d9uHRlZt2KFGULMGfs8ufIr4FdFvfJgGqpAvqkl6n
tnZj1BftDMDguwQDmd3AG9rS6gYcHwD1OL9II7yxG4dk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:59 2024 by rpki-client on console-ams.rpki-client.org