Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/682496-1d5e-402b-b6ed-8a946e9884ab/1/xf4tSygdipx0TF5rzkoOCsbUXEE.roa
File: xf4tSygdipx0TF5rzkoOCsbUXEE.roa (raw, json)
Hash identifier: tdoZL9pbmJU4HMhjszcooV1QzmAL3CP9yivGgGTfU74=
Subject key identifier: C5:FE:2D:4B:28:1D:8A:9C:74:4C:5E:6B:CE:4A:0E:0A:C6:D4:5C:41
Certificate issuer: /CN=d2e563ca014ee40b98d1e5ed7d9cc289156d443f
Certificate serial: 018571957F3AC6C4356B4B95391FC25FD831
Authority key identifier: D2:E5:63:CA:01:4E:E4:0B:98:D1:E5:ED:7D:9C:C2:89:15:6D:44:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0uVjygFO5AuY0eXtfZzCiRVtRD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/682496-1d5e-402b-b6ed-8a946e9884ab/1/xf4tSygdipx0TF5rzkoOCsbUXEE.roa
Signing time: Mon 02 Jan 2023 08:25:00 +0000
ROA not before: Mon 02 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209235
IP address blocks: 91.199.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:7f:3a:c6:c4:35:6b:4b:95:39:1f:c2:5f:d8:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2e563ca014ee40b98d1e5ed7d9cc289156d443f
Validity
Not Before: Jan 2 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5fe2d4b281d8a9c744c5e6bce4a0e0ac6d45c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3f:67:31:2f:37:2f:47:00:2c:f6:82:e1:5b:
2a:35:5b:dc:7e:93:e8:51:27:e9:af:06:2d:af:8a:
b0:81:f1:86:0b:84:8a:ee:b1:6b:d6:77:05:84:16:
dd:a0:c3:d6:a8:28:70:e7:1b:19:7c:7e:9d:31:2d:
07:70:84:e4:82:89:68:50:92:4f:8b:31:0b:d1:b5:
0d:6a:76:ab:10:9e:3d:a3:9e:76:36:ce:89:fa:4d:
0d:8b:3c:6c:11:d1:eb:db:ed:bb:58:9e:e4:5e:2f:
74:ef:fa:27:39:e1:3e:69:36:e4:d9:b4:39:76:c4:
25:24:8b:80:4a:63:4e:68:57:e2:d3:cb:bf:ee:66:
2d:ca:e0:8d:d5:72:4c:bb:7e:79:47:50:29:94:c7:
e6:11:33:5c:79:db:83:9b:c7:49:ac:ad:22:c0:a0:
5e:2b:d6:31:5c:b2:c2:6a:59:5c:7a:f0:ec:f5:33:
38:d7:0a:5a:56:44:d2:e5:da:29:69:12:11:d0:10:
ff:d2:28:e3:23:93:53:57:e6:54:7c:c7:6c:3e:8b:
26:79:9b:3e:12:09:91:b5:a8:f2:ba:21:1b:4b:12:
d0:33:82:b4:41:59:dd:5a:d8:3a:02:15:56:7d:fa:
d2:b2:54:5d:b1:df:d4:db:46:32:86:35:20:a2:6a:
f7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FE:2D:4B:28:1D:8A:9C:74:4C:5E:6B:CE:4A:0E:0A:C6:D4:5C:41
X509v3 Authority Key Identifier:
keyid:D2:E5:63:CA:01:4E:E4:0B:98:D1:E5:ED:7D:9C:C2:89:15:6D:44:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0uVjygFO5AuY0eXtfZzCiRVtRD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/682496-1d5e-402b-b6ed-8a946e9884ab/1/xf4tSygdipx0TF5rzkoOCsbUXEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/682496-1d5e-402b-b6ed-8a946e9884ab/1/0uVjygFO5AuY0eXtfZzCiRVtRD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.48.0/24
Signature Algorithm: sha256WithRSAEncryption
72:99:e2:9c:c3:3d:6b:1c:b5:7c:76:a5:8f:3d:9c:7a:99:e1:
60:cd:98:db:52:d8:47:57:82:81:f4:28:78:47:c4:cd:13:c7:
0f:68:bd:00:7e:66:e6:d5:1b:c2:dd:20:10:22:86:b1:45:a3:
40:b8:b0:df:c0:bc:ba:82:fc:2c:2d:de:d3:4a:a1:d5:7a:e3:
21:c8:59:b7:61:a0:b8:ab:aa:81:f3:70:3d:cf:9b:0e:45:69:
15:f8:5d:3c:0e:f5:c5:68:d6:09:57:62:4b:68:ec:79:d4:3c:
da:20:92:ec:c5:7e:67:59:90:4a:60:9f:04:e8:d0:2d:ed:a8:
36:83:ee:c6:5c:f7:e2:d4:39:02:66:48:fb:66:6a:f2:70:04:
68:73:ab:50:b5:a0:44:95:d9:0a:8a:93:92:2f:51:af:a9:30:
64:8d:80:1a:25:3e:cd:91:a3:cf:a9:9f:17:a8:13:88:d0:14:
8d:ff:1a:6e:5a:07:96:a0:bf:6d:2f:b2:e7:2e:81:72:41:20:
38:36:89:c0:36:5c:c1:d9:8c:26:e3:5e:79:11:6a:e6:f1:e7:
32:4e:e7:69:0d:cf:13:da:e2:5b:19:3b:5f:98:34:00:bc:11:
a0:37:eb:5d:ea:cd:6f:44:a4:40:11:7d:1c:12:52:20:f0:7e:
f8:de:85:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlX86xsQ1a0uVOR/CX9gxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZTU2M2NhMDE0ZWU0MGI5OGQxZTVlZDdkOWNjMjg5MTU2
ZDQ0M2YwHhcNMjMwMTAyMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZlMmQ0YjI4MWQ4YTljNzQ0YzVlNmJjZTRhMGUwYWM2ZDQ1YzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT9nMS83L0cALPaC4VsqNVvcfpPo
USfprwYtr4qwgfGGC4SK7rFr1ncFhBbdoMPWqChw5xsZfH6dMS0HcITkgoloUJJP
izEL0bUNanarEJ49o552Ns6J+k0NizxsEdHr2+27WJ7kXi907/onOeE+aTbk2bQ5
dsQlJIuASmNOaFfi08u/7mYtyuCN1XJMu355R1AplMfmETNceduDm8dJrK0iwKBe
K9YxXLLCallcevDs9TM41wpaVkTS5dopaRIR0BD/0ijjI5NTV+ZUfMdsPosmeZs+
EgmRtajyuiEbSxLQM4K0QVndWtg6AhVWffrSslRdsd/U20YyhjUgomr31QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMX+LUsoHYqcdExea85KDgrG1FxBMB8GA1UdIwQY
MBaAFNLlY8oBTuQLmNHl7X2cwokVbUQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVWanlnRk81QXVZMGVYdGZaekNpUlZ0UkQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82ODI0OTYtMWQ1ZS00MDJiLWI2ZWQt
OGE5NDZlOTg4NGFiLzEveGY0dFN5Z2RpcHgwVEY1cnprb09Dc2JVWEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82ODI0OTYtMWQ1ZS00MDJiLWI2ZWQtOGE5NDZlOTg4NGFi
LzEvMHVWanlnRk81QXVZMGVYdGZaekNpUlZ0UkQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8cwMA0G
CSqGSIb3DQEBCwUAA4IBAQBymeKcwz1rHLV8dqWPPZx6meFgzZjbUthHV4KB9Ch4
R8TNE8cPaL0Afmbm1RvC3SAQIoaxRaNAuLDfwLy6gvwsLd7TSqHVeuMhyFm3YaC4
q6qB83A9z5sORWkV+F08DvXFaNYJV2JLaOx51DzaIJLsxX5nWZBKYJ8E6NAt7ag2
g+7GXPfi1DkCZkj7ZmrycARoc6tQtaBEldkKipOSL1GvqTBkjYAaJT7NkaPPqZ8X
qBOI0BSN/xpuWgeWoL9tL7LnLoFyQSA4NonANlzB2Ywm4155EWrm8ecyTudpDc8T
2uJbGTtfmDQAvBGgN+td6s1vRKRAEX0cElIg8H743oV5
-----END CERTIFICATE-----
Generated at Fri Dec 15 07:36:30 2023 by rpki-client on console-ams.rpki-client.org