Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/p57t5hAe01Hg1bR555_x0z8Y_Dc.roa
File: p57t5hAe01Hg1bR555_x0z8Y_Dc.roa (raw, json)
Hash identifier: xxiXbcc+tONft0BdwhGQpRqbQIJ5H7DqXYj2y8qMrwU=
Subject key identifier: A7:9E:ED:E6:10:1E:D3:51:E0:D5:B4:79:E7:9F:F1:D3:3F:18:FC:37
Certificate issuer: /CN=9ff062b6f4dfc55351774efeb1290b9c2dd8a8c6
Certificate serial: 01868444F05A9C97410C9CD2C1D0326B9693
Authority key identifier: 9F:F0:62:B6:F4:DF:C5:53:51:77:4E:FE:B1:29:0B:9C:2D:D8:A8:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_BitvTfxVNRd07-sSkLnC3YqMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/p57t5hAe01Hg1bR555_x0z8Y_Dc.roa
Signing time: Fri 24 Feb 2023 16:32:35 +0000
ROA not before: Fri 24 Feb 2023 16:32:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209764
IP address blocks: 194.156.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:84:44:f0:5a:9c:97:41:0c:9c:d2:c1:d0:32:6b:96:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff062b6f4dfc55351774efeb1290b9c2dd8a8c6
Validity
Not Before: Feb 24 16:32:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a79eede6101ed351e0d5b479e79ff1d33f18fc37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f8:42:bd:42:b2:44:ac:b6:12:9b:aa:6c:20:
6f:76:01:26:cd:b7:78:14:dc:92:cb:21:3e:da:d6:
44:cc:4b:a5:32:50:ec:d1:73:de:f8:be:d3:5e:ca:
ed:aa:62:24:96:7a:99:d7:81:69:6d:2f:80:09:c3:
20:9d:14:d0:95:c0:ec:14:54:c0:3a:53:6b:83:eb:
77:61:2c:ac:9c:66:62:10:1e:09:35:2d:6e:45:62:
59:6c:10:e0:ca:6e:5a:c0:05:59:7f:98:69:92:1e:
8c:f4:42:73:d8:d3:03:30:2f:7d:c2:cc:54:b5:18:
96:2e:89:dc:36:66:d9:a6:3c:8e:39:d5:3e:f2:07:
63:1e:9e:33:61:f1:62:4b:1e:09:d7:3a:7a:fd:54:
c3:38:c9:f2:16:8d:ca:c6:d0:66:31:da:59:7c:2d:
e1:c3:2e:d6:e8:78:82:1e:65:5c:74:44:2b:8e:80:
b8:11:ec:e2:02:73:5c:4b:0c:64:d9:2e:97:33:36:
9f:da:af:0e:1a:90:ce:40:94:5e:71:88:3a:e9:27:
e5:65:71:73:05:7a:b3:37:07:bc:58:9c:d7:d0:75:
69:19:92:43:9d:5f:b3:9b:fe:e0:a6:17:e8:b8:79:
8a:4e:54:49:2a:a7:17:54:6d:cc:41:8b:f7:94:26:
5c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9E:ED:E6:10:1E:D3:51:E0:D5:B4:79:E7:9F:F1:D3:3F:18:FC:37
X509v3 Authority Key Identifier:
keyid:9F:F0:62:B6:F4:DF:C5:53:51:77:4E:FE:B1:29:0B:9C:2D:D8:A8:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_BitvTfxVNRd07-sSkLnC3YqMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/p57t5hAe01Hg1bR555_x0z8Y_Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d320cb-5519-4c82-af25-3377009e773a/1/n_BitvTfxVNRd07-sSkLnC3YqMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.72.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:1a:35:b7:d6:46:c0:cb:1a:f1:ed:4e:ee:4f:57:8d:da:53:
c0:08:24:e6:83:f8:fa:c1:a7:40:b5:11:c3:d3:b3:cd:6f:cd:
c7:bc:f8:d4:49:3c:a7:db:83:1d:b4:1a:26:9d:58:09:64:12:
99:61:55:9b:33:bd:6e:3d:eb:a2:6d:3e:d8:12:b7:e3:9a:52:
e7:b0:90:3f:4f:12:e0:13:a0:91:81:39:99:07:fd:c3:2e:7f:
62:32:0f:63:7e:07:05:71:84:26:2b:b7:67:a1:a3:b1:e5:c7:
bd:f9:92:17:5f:ba:64:b4:60:87:b8:33:a7:ee:77:e6:2a:3c:
b9:ee:8d:f6:2a:11:53:37:71:05:39:a5:fb:cd:74:a6:a3:65:
9d:e3:7f:18:cb:26:40:fa:76:dc:91:4f:40:9f:2f:0b:4b:98:
de:7e:fd:cc:28:b8:9d:06:19:2b:2f:07:0c:a1:97:1b:fd:ea:
74:ff:0e:8a:7a:50:42:aa:51:95:39:da:6a:52:34:60:e7:30:
49:5d:f7:22:0c:40:8e:12:4a:6f:4c:94:d8:73:6d:b6:7a:72:
8d:8b:ec:bb:c5:21:c6:47:fd:f4:f3:a6:38:ae:04:12:84:62:
39:5b:e8:4b:88:75:06:fa:9e:e6:d1:74:96:e9:64:fe:fe:b2:
ad:d7:85:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaERPBanJdBDJzSwdAya5aTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjA2MmI2ZjRkZmM1NTM1MTc3NGVmZWIxMjkwYjljMmRk
OGE4YzYwHhcNMjMwMjI0MTYzMjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzllZWRlNjEwMWVkMzUxZTBkNWI0NzllNzlmZjFkMzNmMThmYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/hCvUKyRKy2EpuqbCBvdgEmzbd4
FNySyyE+2tZEzEulMlDs0XPe+L7TXsrtqmIklnqZ14FpbS+ACcMgnRTQlcDsFFTA
OlNrg+t3YSysnGZiEB4JNS1uRWJZbBDgym5awAVZf5hpkh6M9EJz2NMDMC99wsxU
tRiWLoncNmbZpjyOOdU+8gdjHp4zYfFiSx4J1zp6/VTDOMnyFo3KxtBmMdpZfC3h
wy7W6HiCHmVcdEQrjoC4EeziAnNcSwxk2S6XMzaf2q8OGpDOQJRecYg66SflZXFz
BXqzNwe8WJzX0HVpGZJDnV+zm/7gphfouHmKTlRJKqcXVG3MQYv3lCZcgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKee7eYQHtNR4NW0eeef8dM/GPw3MB8GA1UdIwQY
MBaAFJ/wYrb038VTUXdO/rEpC5wt2KjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9CaXR2VGZ4Vk5SZDA3LXNTa0xuQzNZcU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kMzIwY2ItNTUxOS00YzgyLWFmMjUt
MzM3NzAwOWU3NzNhLzEvcDU3dDVoQWUwMUhnMWJSNTU1X3gwejhZX0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kMzIwY2ItNTUxOS00YzgyLWFmMjUtMzM3NzAwOWU3NzNh
LzEvbl9CaXR2VGZ4Vk5SZDA3LXNTa0xuQzNZcU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpxIMA0G
CSqGSIb3DQEBCwUAA4IBAQAvGjW31kbAyxrx7U7uT1eN2lPACCTmg/j6wadAtRHD
07PNb83HvPjUSTyn24MdtBomnVgJZBKZYVWbM71uPeuibT7YErfjmlLnsJA/TxLg
E6CRgTmZB/3DLn9iMg9jfgcFcYQmK7dnoaOx5ce9+ZIXX7pktGCHuDOn7nfmKjy5
7o32KhFTN3EFOaX7zXSmo2Wd438YyyZA+nbckU9Any8LS5jefv3MKLidBhkrLwcM
oZcb/ep0/w6KelBCqlGVOdpqUjRg5zBJXfciDECOEkpvTJTYc222enKNi+y7xSHG
R/3086Y4rgQShGI5W+hLiHUG+p7m0XSW6WT+/rKt14XT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:53 2025 by rpki-client