Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/aXCDv4XpOMyXdoU58FfTkPGVdxY.roa
File: aXCDv4XpOMyXdoU58FfTkPGVdxY.roa (raw, json)
Hash identifier: tZSUN5LhRUb0fIExDKNDEyaY/nu8QTvh2Xbbd+e/1wo=
Subject key identifier: 69:70:83:BF:85:E9:38:CC:97:76:85:39:F0:57:D3:90:F1:95:77:16
Certificate issuer: /CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Certificate serial: 018571B0DE08873CE4815D192BD79433E1CC
Authority key identifier: B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/aXCDv4XpOMyXdoU58FfTkPGVdxY.roa
Signing time: Mon 02 Jan 2023 08:54:54 +0000
ROA not before: Mon 02 Jan 2023 08:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 194.26.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:de:08:87:3c:e4:81:5d:19:2b:d7:94:33:e1:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3efea3a72faf0df4322cdaab9a136d79de8a3ef
Validity
Not Before: Jan 2 08:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=697083bf85e938cc97768539f057d390f1957716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e6:a1:07:46:a6:0e:0e:8a:d7:61:90:90:9f:
d2:19:55:98:05:3d:56:d5:6b:b4:f1:60:f3:15:0a:
12:b9:cd:70:7a:0f:ef:07:32:06:b6:1f:1f:7f:1c:
3f:7b:18:88:d4:02:1c:24:82:73:9d:2a:da:d0:6a:
e0:fb:75:93:63:a3:7e:c0:41:3a:42:a1:c5:ce:46:
83:6f:41:e9:15:32:9e:77:37:02:51:0d:ef:f5:4e:
d6:50:cb:dd:82:4d:b3:53:13:b9:13:f0:18:df:c5:
76:6c:f1:a9:0d:1f:74:76:dd:d3:c5:b2:75:24:88:
73:f3:ea:3d:1a:86:fa:be:d1:2f:6e:e6:eb:e7:9b:
d3:9e:9d:a2:08:50:65:0b:b2:69:e3:13:0e:ad:fc:
e8:83:c3:18:ed:fd:aa:8c:e6:92:97:22:09:cd:b6:
8f:68:53:30:7f:a8:56:73:f7:ce:b2:b1:3b:bd:7f:
74:36:4b:92:9e:b2:bd:65:40:cf:2d:db:be:9f:c8:
77:6f:ce:e7:35:40:1c:d0:b4:cc:c8:44:24:1c:4d:
bc:d3:93:0d:d6:8b:64:9a:ed:6d:7d:46:8a:8d:ec:
b5:95:dc:5c:49:48:4b:6f:72:f1:a9:fa:bf:b3:1b:
95:07:c8:e0:52:60:a5:ee:c7:d0:5f:01:30:f5:3e:
47:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:70:83:BF:85:E9:38:CC:97:76:85:39:F0:57:D3:90:F1:95:77:16
X509v3 Authority Key Identifier:
keyid:B3:EF:EA:3A:72:FA:F0:DF:43:22:CD:AA:B9:A1:36:D7:9D:E8:A3:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-_qOnL68N9DIs2quaE2153oo-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/aXCDv4XpOMyXdoU58FfTkPGVdxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/cd94f2-3b19-4826-a0eb-bfe221553f07/1/s-_qOnL68N9DIs2quaE2153oo-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3f:e3:57:3e:13:c4:ff:6d:1f:15:d5:b1:3b:fb:ce:bf:bc:
02:97:c5:9e:c1:e8:a8:62:ab:3f:65:fc:f4:e3:fd:2a:b4:da:
de:81:2c:0a:a1:d9:a5:56:15:83:1e:8d:b3:73:f9:05:ec:00:
db:d3:d5:ce:2b:6c:c4:74:87:96:d3:fb:e4:c4:9b:44:77:df:
3b:0e:e6:b9:b4:60:a1:fd:be:27:c2:08:50:38:f8:9b:02:bb:
7f:7f:53:c6:fe:b2:2f:18:18:ab:84:eb:ca:46:93:97:7f:66:
1b:b5:6c:e7:a0:85:2f:e1:ab:96:3d:e8:0b:11:48:2c:cb:40:
b0:05:54:23:fd:70:0e:42:f9:1b:01:84:24:fd:75:c1:92:c7:
bb:81:4d:ad:e5:82:69:2a:0c:51:11:f2:61:51:c0:0f:c8:75:
1b:47:d6:8f:9b:64:31:a4:dd:93:7e:61:9b:5f:3d:c5:4a:54:
80:66:e2:80:32:23:c8:80:5e:fd:b6:39:32:7e:3b:07:bf:d9:
98:d3:f7:8d:4a:e4:d4:eb:15:29:43:72:5c:f3:a1:72:51:d2:
20:bb:30:1a:5c:3b:ea:61:35:73:a7:62:27:29:b5:c5:83:a0:
36:ba:3f:8c:6f:4c:6b:1e:f8:e9:ac:03:03:b7:f9:d2:58:5c:
ed:85:75:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsN4IhzzkgV0ZK9eUM+HMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWZlYTNhNzJmYWYwZGY0MzIyY2RhYWI5YTEzNmQ3OWRl
OGEzZWYwHhcNMjMwMTAyMDg1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTcwODNiZjg1ZTkzOGNjOTc3Njg1MzlmMDU3ZDM5MGYxOTU3NzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeahB0amDg6K12GQkJ/SGVWYBT1W
1Wu08WDzFQoSuc1weg/vBzIGth8ffxw/exiI1AIcJIJznSra0Grg+3WTY6N+wEE6
QqHFzkaDb0HpFTKedzcCUQ3v9U7WUMvdgk2zUxO5E/AY38V2bPGpDR90dt3TxbJ1
JIhz8+o9Gob6vtEvbubr55vTnp2iCFBlC7Jp4xMOrfzog8MY7f2qjOaSlyIJzbaP
aFMwf6hWc/fOsrE7vX90NkuSnrK9ZUDPLdu+n8h3b87nNUAc0LTMyEQkHE2805MN
1otkmu1tfUaKjey1ldxcSUhLb3Lxqfq/sxuVB8jgUmCl7sfQXwEw9T5HUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGlwg7+F6TjMl3aFOfBX05DxlXcWMB8GA1UdIwQY
MBaAFLPv6jpy+vDfQyLNqrmhNted6KPvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWIt
YmZlMjIxNTUzZjA3LzEvYVhDRHY0WHBPTXlYZG9VNThGZlRrUEdWZHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jZDk0ZjItM2IxOS00ODI2LWEwZWItYmZlMjIxNTUzZjA3
LzEvcy1fcU9uTDY4TjlESXMycXVhRTIxNTNvby04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhrXMA0G
CSqGSIb3DQEBCwUAA4IBAQAcP+NXPhPE/20fFdWxO/vOv7wCl8WeweioYqs/Zfz0
4/0qtNregSwKodmlVhWDHo2zc/kF7ADb09XOK2zEdIeW0/vkxJtEd987Dua5tGCh
/b4nwghQOPibArt/f1PG/rIvGBirhOvKRpOXf2YbtWznoIUv4auWPegLEUgsy0Cw
BVQj/XAOQvkbAYQk/XXBkse7gU2t5YJpKgxREfJhUcAPyHUbR9aPm2QxpN2TfmGb
Xz3FSlSAZuKAMiPIgF79tjkyfjsHv9mY0/eNSuTU6xUpQ3Jc86FyUdIguzAaXDvq
YTVzp2InKbXFg6A2uj+Mb0xrHvjprAMDt/nSWFzthXV9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:27 2025 by rpki-client