Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/gSAu7Q7wPa0vKQwUbFgYJhwp0BE.roa
File: gSAu7Q7wPa0vKQwUbFgYJhwp0BE.roa (raw, json)
Hash identifier: EMYw945uspHYVuPNnAmv/kTmpz2bB20lMS7UaRuRqU4=
Subject key identifier: 81:20:2E:ED:0E:F0:3D:AD:2F:29:0C:14:6C:58:18:26:1C:29:D0:11
Certificate issuer: /CN=af4c5436c9148ab39f3b90970e2c3272b2e0c6c2
Certificate serial: 01856D66309DC0DF38C07D60E617B0484A7D
Authority key identifier: AF:4C:54:36:C9:14:8A:B3:9F:3B:90:97:0E:2C:32:72:B2:E0:C6:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0xUNskUirOfO5CXDiwycrLgxsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/gSAu7Q7wPa0vKQwUbFgYJhwp0BE.roa
Signing time: Sun 01 Jan 2023 12:54:51 +0000
ROA not before: Sun 01 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202909
IP address blocks: 195.128.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:30:9d:c0:df:38:c0:7d:60:e6:17:b0:48:4a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af4c5436c9148ab39f3b90970e2c3272b2e0c6c2
Validity
Not Before: Jan 1 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81202eed0ef03dad2f290c146c5818261c29d011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:22:e8:ae:7d:68:0a:2f:1c:5a:8d:a5:59:f5:
9a:c9:6b:da:37:19:8c:a6:98:7e:09:fa:0b:d4:74:
00:d5:5a:29:27:1a:65:a5:b0:a0:1d:9c:e8:26:9f:
0e:ca:c8:a3:fa:98:21:be:fa:52:64:bd:73:c3:52:
7d:73:b2:d7:2a:6c:f7:6a:09:40:0d:7b:c1:7b:07:
f3:0b:76:cb:2d:b7:be:00:a3:2c:ea:fa:cf:0a:df:
ad:1b:e4:0b:1c:8f:b7:3d:47:15:9c:7c:d2:4d:45:
cf:b5:de:01:8a:d6:b4:e9:11:98:7d:4c:c5:66:38:
24:7e:0c:bd:3b:4e:a8:26:72:41:e3:e4:1a:5c:91:
95:36:c2:38:32:c4:22:ce:c9:f5:2c:3d:c4:cc:b2:
f6:10:e2:37:46:a5:b0:1a:fc:c6:ab:cd:5a:fa:79:
34:a0:b8:40:d5:bc:96:32:1d:06:03:c1:4d:f7:b1:
f3:1c:30:13:ac:00:dc:49:4f:fd:5e:f7:07:cd:a6:
56:05:36:2d:81:2c:a1:23:52:c4:ac:a0:5c:b0:fc:
f3:89:39:89:0d:f2:5c:e8:ae:88:53:cb:9d:30:f9:
42:65:a9:c6:a5:69:e2:4d:f0:c0:ca:01:d0:f3:c1:
14:81:bf:97:f3:af:60:7c:81:94:8c:2f:6f:5a:39:
bc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:20:2E:ED:0E:F0:3D:AD:2F:29:0C:14:6C:58:18:26:1C:29:D0:11
X509v3 Authority Key Identifier:
keyid:AF:4C:54:36:C9:14:8A:B3:9F:3B:90:97:0E:2C:32:72:B2:E0:C6:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0xUNskUirOfO5CXDiwycrLgxsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/gSAu7Q7wPa0vKQwUbFgYJhwp0BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/383b38-6786-4c11-aaea-7e70ff214871/1/r0xUNskUirOfO5CXDiwycrLgxsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.151.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:f9:f2:35:fc:ac:82:d1:f7:02:e8:c3:03:a4:97:12:88:14:
fe:08:de:b3:20:b4:58:74:5c:a8:c2:33:63:fa:09:56:1e:0f:
60:0c:3a:4e:4a:7a:e6:c1:67:d5:12:ca:08:f6:5e:9d:6c:a1:
60:f0:0c:66:1a:0b:16:e8:f8:1c:e6:85:23:ab:cd:5e:93:9e:
d0:80:c1:85:b3:48:7d:f8:d5:c8:50:b0:95:47:e3:cc:ae:0d:
d8:4e:2e:db:0d:68:05:a0:c5:f5:2f:72:9e:52:39:58:ec:4c:
ec:00:53:67:bf:96:ce:fd:c6:81:0f:62:56:01:eb:ab:8c:73:
26:62:7e:22:2b:5c:97:0c:9c:91:ae:08:6c:6d:e6:65:8d:5b:
fb:b5:a9:88:8a:9c:30:fb:bb:87:e1:45:ba:45:5c:2c:39:9c:
c9:33:83:d6:22:ab:ef:f4:ee:f5:74:d8:7b:ee:59:1a:64:e1:
05:9c:36:ef:9f:93:d7:28:fb:c3:0a:f2:bf:86:f7:5f:72:ba:
52:c8:46:46:01:2a:a7:fb:45:df:d8:06:c2:8d:8b:bc:f7:c9:
4c:1d:d3:bd:88:f2:85:5b:80:96:3c:d5:97:af:a3:b2:56:66:
7a:df:1b:44:c9:d0:d4:c0:c8:58:dc:d5:64:9e:2f:d0:94:3a:
d8:70:b9:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZjCdwN84wH1g5hewSEp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNGM1NDM2YzkxNDhhYjM5ZjNiOTA5NzBlMmMzMjcyYjJl
MGM2YzIwHhcNMjMwMTAxMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTIwMmVlZDBlZjAzZGFkMmYyOTBjMTQ2YzU4MTgyNjFjMjlkMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiLorn1oCi8cWo2lWfWayWvaNxmM
pph+CfoL1HQA1VopJxplpbCgHZzoJp8Oysij+pghvvpSZL1zw1J9c7LXKmz3aglA
DXvBewfzC3bLLbe+AKMs6vrPCt+tG+QLHI+3PUcVnHzSTUXPtd4Bita06RGYfUzF
Zjgkfgy9O06oJnJB4+QaXJGVNsI4MsQizsn1LD3EzLL2EOI3RqWwGvzGq81a+nk0
oLhA1byWMh0GA8FN97HzHDATrADcSU/9XvcHzaZWBTYtgSyhI1LErKBcsPzziTmJ
DfJc6K6IU8udMPlCZanGpWniTfDAygHQ88EUgb+X869gfIGUjC9vWjm8UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEgLu0O8D2tLykMFGxYGCYcKdARMB8GA1UdIwQY
MBaAFK9MVDbJFIqznzuQlw4sMnKy4MbCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjB4VU5za1Vpck9mTzVDWERpd3ljckxneHNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zODNiMzgtNjc4Ni00YzExLWFhZWEt
N2U3MGZmMjE0ODcxLzEvZ1NBdTdRN3dQYTB2S1F3VWJGZ1lKaHdwMEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zODNiMzgtNjc4Ni00YzExLWFhZWEtN2U3MGZmMjE0ODcx
LzEvcjB4VU5za1Vpck9mTzVDWERpd3ljckxneHNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CXMA0G
CSqGSIb3DQEBCwUAA4IBAQBc+fI1/KyC0fcC6MMDpJcSiBT+CN6zILRYdFyowjNj
+glWHg9gDDpOSnrmwWfVEsoI9l6dbKFg8AxmGgsW6Pgc5oUjq81ek57QgMGFs0h9
+NXIULCVR+PMrg3YTi7bDWgFoMX1L3KeUjlY7EzsAFNnv5bO/caBD2JWAeurjHMm
Yn4iK1yXDJyRrghsbeZljVv7tamIipww+7uH4UW6RVwsOZzJM4PWIqvv9O71dNh7
7lkaZOEFnDbvn5PXKPvDCvK/hvdfcrpSyEZGASqn+0Xf2AbCjYu898lMHdO9iPKF
W4CWPNWXr6OyVmZ63xtEydDUwMhY3NVkni/QlDrYcLl4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:34 2025 by rpki-client