Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/K2XPcYSKFu0nXtRPSup4yeObw3U.roa
File: K2XPcYSKFu0nXtRPSup4yeObw3U.roa (raw, json)
Hash identifier: HE+DkVCDFu5L2fMX/Mr0Qe/Qi4U8VCwuJbEVCrn4MSs=
Subject key identifier: 2B:65:CF:71:84:8A:16:ED:27:5E:D4:4F:4A:EA:78:C9:E3:9B:C3:75
Certificate issuer: /CN=af4c5436c9148ab39f3b90970e2c3272b2e0c6c2
Certificate serial: 01856D66301F055FDB8A6EF51E183D1F7DDF
Authority key identifier: AF:4C:54:36:C9:14:8A:B3:9F:3B:90:97:0E:2C:32:72:B2:E0:C6:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0xUNskUirOfO5CXDiwycrLgxsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/K2XPcYSKFu0nXtRPSup4yeObw3U.roa
Signing time: Sun 01 Jan 2023 12:54:51 +0000
ROA not before: Sun 01 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50255
IP address blocks: 195.128.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:30:1f:05:5f:db:8a:6e:f5:1e:18:3d:1f:7d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af4c5436c9148ab39f3b90970e2c3272b2e0c6c2
Validity
Not Before: Jan 1 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b65cf71848a16ed275ed44f4aea78c9e39bc375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c0:33:1f:71:1f:9d:30:2b:af:44:e5:04:15:
cf:26:61:43:7b:45:1a:66:51:1f:a6:df:ba:4a:1e:
c3:7f:3f:9e:62:74:a0:00:22:f9:29:32:2f:a7:69:
c7:9e:6f:62:1e:fd:01:30:1c:0b:32:fc:bc:0d:d3:
fb:4d:11:e1:a1:6b:04:1e:ad:45:31:03:bc:3a:c9:
17:55:78:cd:c7:c7:64:cd:29:d0:d6:73:c9:7f:d5:
41:dd:54:55:e7:91:76:3a:d9:7c:bb:b0:22:96:1c:
fd:97:bf:4a:50:36:d6:24:a7:58:aa:f2:1d:81:58:
f7:33:06:32:21:dd:f4:af:e9:05:00:19:28:d7:d6:
d7:b8:db:9f:1b:14:98:b6:d1:46:3f:6b:29:63:09:
0f:53:78:1f:e0:48:ea:5a:cc:b2:0e:3a:a7:49:23:
3e:d7:81:36:65:89:b2:d2:6e:ca:cc:89:f7:74:42:
c6:3e:3f:58:34:87:17:2b:1f:c8:a1:06:12:27:b8:
c2:fb:80:e8:94:41:a6:48:ee:20:26:87:9d:d3:35:
97:f4:67:68:fc:86:da:78:dd:48:df:73:42:47:cb:
e9:38:1a:2d:88:bc:16:0b:60:3a:de:ac:ab:f4:17:
c9:99:fc:c8:a6:11:62:0a:cc:ef:3f:34:8f:ad:98:
2c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:65:CF:71:84:8A:16:ED:27:5E:D4:4F:4A:EA:78:C9:E3:9B:C3:75
X509v3 Authority Key Identifier:
keyid:AF:4C:54:36:C9:14:8A:B3:9F:3B:90:97:0E:2C:32:72:B2:E0:C6:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0xUNskUirOfO5CXDiwycrLgxsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/K2XPcYSKFu0nXtRPSup4yeObw3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/r0xUNskUirOfO5CXDiwycrLgxsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.151.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:79:91:7a:c9:d9:87:d7:ba:a4:f1:88:1e:24:a7:c9:94:87:
4c:a8:1f:11:4c:9b:7c:7c:cb:d5:4f:91:ec:59:97:99:c6:a7:
35:dc:95:f4:88:5a:7d:a9:ee:5e:df:9a:eb:e2:11:ff:71:f4:
72:a1:eb:9e:f9:42:67:8f:6f:03:84:11:fd:86:08:4a:d4:66:
4e:85:64:c0:d9:2e:92:2e:2a:95:60:ad:f9:c8:63:15:04:1e:
dd:de:c8:16:27:9a:d4:12:84:99:7d:39:46:8f:49:db:ad:1c:
d1:0c:0e:d6:8c:72:e5:77:fa:84:f3:1c:7b:93:a0:92:8f:3b:
5f:3a:ed:99:f2:e9:8d:0f:3a:d2:7e:f4:5c:57:85:bf:26:3c:
be:d9:ff:16:d8:a3:e9:96:2c:3e:da:60:51:75:2c:59:0a:21:
c8:0f:54:91:88:26:7a:18:72:7e:62:47:2c:c4:01:55:69:73:
88:3f:5c:4f:a2:88:e4:5c:01:ca:39:71:ab:f3:76:85:ee:95:
37:eb:cb:e1:04:1d:62:fa:99:af:00:17:10:17:a2:0e:08:93:
c3:9c:8f:f9:7c:ca:d6:23:14:7f:a9:6a:83:b2:9f:6e:f2:7b:
07:d5:4a:17:36:2a:8b:c0:55:e5:04:32:39:1d:e0:41:07:98:
c3:3b:df:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZjAfBV/bim71Hhg9H33fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNGM1NDM2YzkxNDhhYjM5ZjNiOTA5NzBlMmMzMjcyYjJl
MGM2YzIwHhcNMjMwMTAxMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjY1Y2Y3MTg0OGExNmVkMjc1ZWQ0NGY0YWVhNzhjOWUzOWJjMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsAzH3EfnTArr0TlBBXPJmFDe0Ua
ZlEfpt+6Sh7Dfz+eYnSgACL5KTIvp2nHnm9iHv0BMBwLMvy8DdP7TRHhoWsEHq1F
MQO8OskXVXjNx8dkzSnQ1nPJf9VB3VRV55F2Otl8u7Ailhz9l79KUDbWJKdYqvId
gVj3MwYyId30r+kFABko19bXuNufGxSYttFGP2spYwkPU3gf4EjqWsyyDjqnSSM+
14E2ZYmy0m7KzIn3dELGPj9YNIcXKx/IoQYSJ7jC+4DolEGmSO4gJoed0zWX9Gdo
/IbaeN1I33NCR8vpOBotiLwWC2A63qyr9BfJmfzIphFiCszvPzSPrZgsKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtlz3GEihbtJ17UT0rqeMnjm8N1MB8GA1UdIwQY
MBaAFK9MVDbJFIqznzuQlw4sMnKy4MbCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjB4VU5za1Vpck9mTzVDWERpd3ljckxneHNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zODNiMzgtNjc4Ni00YzExLWFhZWEt
N2U3MGZmMjE0ODcxLzEvSzJYUGNZU0tGdTBuWHRSUFN1cDR5ZU9idzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zODNiMzgtNjc4Ni00YzExLWFhZWEtN2U3MGZmMjE0ODcx
LzEvcjB4VU5za1Vpck9mTzVDWERpd3ljckxneHNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CXMA0G
CSqGSIb3DQEBCwUAA4IBAQB/eZF6ydmH17qk8YgeJKfJlIdMqB8RTJt8fMvVT5Hs
WZeZxqc13JX0iFp9qe5e35rr4hH/cfRyoeue+UJnj28DhBH9hghK1GZOhWTA2S6S
LiqVYK35yGMVBB7d3sgWJ5rUEoSZfTlGj0nbrRzRDA7WjHLld/qE8xx7k6CSjztf
Ou2Z8umNDzrSfvRcV4W/Jjy+2f8W2KPpliw+2mBRdSxZCiHID1SRiCZ6GHJ+Ykcs
xAFVaXOIP1xPoojkXAHKOXGr83aF7pU368vhBB1i+pmvABcQF6IOCJPDnI/5fMrW
IxR/qWqDsp9u8nsH1UoXNiqLwFXlBDI5HeBBB5jDO99n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:34 2024 by rpki-client on console-ams.rpki-client.org