Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/D0-tSozDhcx-8MXexYZMQmGQb24.roa
File: D0-tSozDhcx-8MXexYZMQmGQb24.roa (raw, json)
Hash identifier: NmvkJKLV3Md+CwnqtIDuAJCwVC8dG1sPEoH86HBnJGo=
Subject key identifier: 0F:4F:AD:4A:8C:C3:85:CC:7E:F0:C5:DE:C5:86:4C:42:61:90:6F:6E
Certificate issuer: /CN=2b3840b5d3c3525981c8616166679de920e350f5
Certificate serial: 018C06BC213BA8A941E4316143656930F268
Authority key identifier: 2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/D0-tSozDhcx-8MXexYZMQmGQb24.roa
Signing time: Sat 25 Nov 2023 13:47:21 +0000
ROA not before: Sat 25 Nov 2023 13:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212294
IP address blocks: 31.25.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:06:bc:21:3b:a8:a9:41:e4:31:61:43:65:69:30:f2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3840b5d3c3525981c8616166679de920e350f5
Validity
Not Before: Nov 25 13:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f4fad4a8cc385cc7ef0c5dec5864c4261906f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:47:af:6f:13:12:24:b3:3c:0b:f0:ad:31:bf:
eb:3f:b4:09:b3:61:e8:1a:90:91:be:59:1c:ad:d3:
0b:c7:ee:15:62:53:7c:20:0a:f6:e0:a6:a5:01:44:
4b:f9:94:2b:83:78:92:01:6b:fb:1c:25:f0:3c:57:
aa:9a:31:f5:23:eb:1b:51:ac:46:f0:e2:81:6f:39:
0b:af:28:b2:09:4d:c9:a4:70:16:59:d8:ea:64:4e:
66:ce:fd:8c:1f:13:4c:85:63:4a:c1:58:87:e6:43:
37:4e:2d:96:c7:5a:7b:03:80:77:69:10:e1:54:44:
79:a3:a4:82:e0:64:ea:dc:88:e2:24:48:30:a6:29:
d2:53:68:d9:15:67:62:a5:31:75:76:67:62:19:66:
a4:53:47:d0:a8:de:c8:69:50:50:7e:ab:a5:13:ce:
3a:2b:8b:a4:10:a1:8f:0c:16:49:ec:11:bb:83:c2:
e8:36:fa:71:44:5e:d6:6e:43:76:84:38:b3:b0:98:
9b:9a:3e:23:dc:dc:12:cf:c9:34:ed:f7:98:83:4a:
1b:7b:89:50:30:28:3d:5e:90:4f:ae:cb:09:df:52:
11:d5:20:16:ef:11:28:26:e6:e3:f6:e4:db:3d:a0:
c6:5e:52:e9:5f:93:12:d1:de:a9:d9:31:bc:47:5d:
6e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:4F:AD:4A:8C:C3:85:CC:7E:F0:C5:DE:C5:86:4C:42:61:90:6F:6E
X509v3 Authority Key Identifier:
keyid:2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/D0-tSozDhcx-8MXexYZMQmGQb24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/KzhAtdPDUlmByGFhZmed6SDjUPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:9e:ef:3b:ce:b0:4e:03:25:6d:d1:cd:77:62:93:42:6f:3e:
1b:56:e2:a3:aa:b9:04:0d:96:f6:0c:44:8d:29:e1:06:11:62:
6d:2c:a1:26:34:51:58:62:61:a9:b1:45:51:8e:eb:70:48:e5:
73:e1:f4:c8:94:77:39:d4:10:53:13:21:cf:51:cf:65:3c:2d:
55:2d:ee:e4:ab:c7:9a:22:01:2d:f5:38:e6:e7:92:05:62:f2:
ad:ff:35:66:70:0a:4f:f6:b9:df:7b:c9:c3:eb:ca:d5:2e:74:
97:98:71:aa:e3:a5:0f:f7:cc:ea:3f:d4:cf:5c:9c:3d:69:80:
70:b4:6b:c5:49:bc:d6:f7:17:f5:42:cc:1d:06:64:0e:4d:67:
2f:d5:bc:5b:75:da:a2:88:72:2a:11:6d:5e:ba:99:f9:ad:bb:
a2:b4:3e:80:a7:f5:3b:ed:74:c9:97:68:d7:50:37:47:b6:8d:
5b:16:97:02:c6:02:80:24:56:df:8b:ed:a1:27:88:b0:6c:49:
46:ee:ed:d7:c8:fe:52:fe:f6:e0:8c:8c:71:39:b5:e5:2a:30:
e6:68:1e:23:93:18:05:bc:ef:66:20:37:87:b1:2f:d1:24:d6:
6b:5f:7f:29:62:ec:01:65:5f:09:9a:d3:97:e6:2e:9e:60:5c:
04:94:4a:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwGvCE7qKlB5DFhQ2VpMPJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMzg0MGI1ZDNjMzUyNTk4MWM4NjE2MTY2Njc5ZGU5MjBl
MzUwZjUwHhcNMjMxMTI1MTM0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjRmYWQ0YThjYzM4NWNjN2VmMGM1ZGVjNTg2NGM0MjYxOTA2ZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0evbxMSJLM8C/CtMb/rP7QJs2Ho
GpCRvlkcrdMLx+4VYlN8IAr24KalAURL+ZQrg3iSAWv7HCXwPFeqmjH1I+sbUaxG
8OKBbzkLryiyCU3JpHAWWdjqZE5mzv2MHxNMhWNKwViH5kM3Ti2Wx1p7A4B3aRDh
VER5o6SC4GTq3IjiJEgwpinSU2jZFWdipTF1dmdiGWakU0fQqN7IaVBQfqulE846
K4ukEKGPDBZJ7BG7g8LoNvpxRF7WbkN2hDizsJibmj4j3NwSz8k07feYg0obe4lQ
MCg9XpBPrssJ31IR1SAW7xEoJubj9uTbPaDGXlLpX5MS0d6p2TG8R11uZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9PrUqMw4XMfvDF3sWGTEJhkG9uMB8GA1UdIwQY
MBaAFCs4QLXTw1JZgchhYWZnnekg41D1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUt
YWQ4MGU3NTZkMjU2LzEvRDAtdFNvekRoY3gtOE1YZXhZWk1RbUdRYjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUtYWQ4MGU3NTZkMjU2
LzEvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxmKMA0G
CSqGSIb3DQEBCwUAA4IBAQAtnu87zrBOAyVt0c13YpNCbz4bVuKjqrkEDZb2DESN
KeEGEWJtLKEmNFFYYmGpsUVRjutwSOVz4fTIlHc51BBTEyHPUc9lPC1VLe7kq8ea
IgEt9Tjm55IFYvKt/zVmcApP9rnfe8nD68rVLnSXmHGq46UP98zqP9TPXJw9aYBw
tGvFSbzW9xf1QswdBmQOTWcv1bxbddqiiHIqEW1eupn5rbuitD6Ap/U77XTJl2jX
UDdHto1bFpcCxgKAJFbfi+2hJ4iwbElG7u3XyP5S/vbgjIxxObXlKjDmaB4jkxgF
vO9mIDeHsS/RJNZrX38pYuwBZV8JmtOX5i6eYFwElEpr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org