Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/ecd521-e7d3-4416-9f97-4deec0808d0c/1/knGcyW4dxWsYBsxxOti3tyB0gl8.roa
File: knGcyW4dxWsYBsxxOti3tyB0gl8.roa (raw, json)
Hash identifier: ezcf4NSLCdGQy7skM6gWENFDkpdu5SQVaf7nkKKM8eI=
Subject key identifier: 92:71:9C:C9:6E:1D:C5:6B:18:06:CC:71:3A:D8:B7:B7:20:74:82:5F
Certificate issuer: /CN=ab27d4f62b5ba98dfa57d73d6dd5897596ea73e9
Certificate serial: 01835F5F16B526B89515623328D94A0B74E3
Authority key identifier: AB:27:D4:F6:2B:5B:A9:8D:FA:57:D7:3D:6D:D5:89:75:96:EA:73:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qyfU9itbqY36V9c9bdWJdZbqc-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/ecd521-e7d3-4416-9f97-4deec0808d0c/1/knGcyW4dxWsYBsxxOti3tyB0gl8.roa
Signing time: Wed 21 Sep 2022 09:26:50 +0000
ROA not before: Wed 21 Sep 2022 09:26:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 193.163.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5f:5f:16:b5:26:b8:95:15:62:33:28:d9:4a:0b:74:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab27d4f62b5ba98dfa57d73d6dd5897596ea73e9
Validity
Not Before: Sep 21 09:26:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92719cc96e1dc56b1806cc713ad8b7b72074825f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b0:dc:3c:0d:cd:08:3a:9c:28:c6:c4:35:2a:
8b:e4:3c:eb:8b:f8:2c:65:4a:8e:4c:f1:bf:7d:7d:
c0:85:10:cb:f1:e8:c4:13:31:50:28:52:f6:fc:a8:
8a:e7:b1:d8:e9:f4:9f:4d:a0:50:68:0f:a0:b2:4b:
12:61:07:34:3e:16:97:ee:6a:b3:24:f2:d9:f0:c2:
82:b7:7c:d1:3d:e5:f6:4c:a8:1b:54:9e:2d:02:10:
1b:3b:7d:b5:96:47:5f:64:48:92:2f:46:df:9f:38:
92:02:8c:e0:fb:15:84:fd:cf:4c:32:91:9c:1b:af:
94:d8:bc:e1:71:cc:26:d4:49:7c:b4:d8:60:61:ca:
3e:11:44:06:fc:80:0b:f6:37:41:2f:33:2a:42:b2:
66:70:80:69:0f:86:9c:af:d2:8b:af:15:88:c4:eb:
44:ec:69:2e:a7:dd:52:a7:25:04:d1:9c:2c:77:3a:
13:74:11:22:de:95:bd:54:55:79:51:fe:bc:e2:27:
21:14:2f:d6:dc:5e:29:0f:f0:d0:9a:2e:35:af:ad:
9c:c2:c7:ca:31:12:75:25:ec:74:59:6b:41:1b:ef:
3f:49:37:97:ac:fd:f1:b6:90:22:d9:07:41:9f:df:
f2:aa:fc:ac:eb:e1:c8:bb:b0:df:98:1a:a6:c4:b2:
0c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:71:9C:C9:6E:1D:C5:6B:18:06:CC:71:3A:D8:B7:B7:20:74:82:5F
X509v3 Authority Key Identifier:
keyid:AB:27:D4:F6:2B:5B:A9:8D:FA:57:D7:3D:6D:D5:89:75:96:EA:73:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyfU9itbqY36V9c9bdWJdZbqc-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/ecd521-e7d3-4416-9f97-4deec0808d0c/1/knGcyW4dxWsYBsxxOti3tyB0gl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/ecd521-e7d3-4416-9f97-4deec0808d0c/1/qyfU9itbqY36V9c9bdWJdZbqc-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.89.0/24
Signature Algorithm: sha256WithRSAEncryption
16:1a:02:88:a8:fd:9a:ad:42:78:50:24:a4:ce:2c:90:62:d8:
1a:53:e2:fa:f3:21:51:2f:ba:6a:b2:0a:4c:93:6c:90:17:d7:
54:de:41:cc:0c:41:a8:ab:78:5f:02:42:60:c3:53:b5:82:cc:
cf:29:d2:47:9a:98:7d:53:5d:6c:de:23:78:12:8f:95:82:9a:
4f:8a:b0:d5:e7:38:88:c2:f5:b8:f9:88:2c:32:7f:2a:4e:3d:
46:33:1b:6f:d7:f6:e7:48:38:e3:1e:fa:a1:38:8c:4c:15:9a:
e4:fe:6c:1c:3f:d5:d9:75:e1:2c:f9:45:dd:29:b5:94:52:a8:
0b:52:d8:5d:52:16:9b:5e:46:a0:d6:f0:b0:0b:50:d6:59:8f:
46:20:b6:34:3a:82:3a:5e:89:2e:69:c9:d2:c8:78:d1:ba:c5:
8f:75:67:7a:dd:8c:b0:4a:5a:6e:bc:f9:d4:4f:06:25:9f:d6:
43:17:de:da:38:e2:9f:2b:cb:42:1c:ac:26:32:99:ec:79:5c:
30:f0:cc:a9:fc:ab:90:68:1c:a1:2d:65:e1:58:1f:8c:51:b6:
2f:66:4e:1b:0f:6b:cb:54:ab:ff:b1:3a:b8:70:69:bd:49:ce:
f3:76:5b:53:2e:7c:bd:af:1d:10:ab:26:01:51:29:cb:15:3d:
29:29:fd:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNfXxa1JriVFWIzKNlKC3TjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMjdkNGY2MmI1YmE5OGRmYTU3ZDczZDZkZDU4OTc1OTZl
YTczZTkwHhcNMjIwOTIxMDkyNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjcxOWNjOTZlMWRjNTZiMTgwNmNjNzEzYWQ4YjdiNzIwNzQ4MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLDcPA3NCDqcKMbENSqL5Dzri/gs
ZUqOTPG/fX3AhRDL8ejEEzFQKFL2/KiK57HY6fSfTaBQaA+gsksSYQc0PhaX7mqz
JPLZ8MKCt3zRPeX2TKgbVJ4tAhAbO321lkdfZEiSL0bfnziSAozg+xWE/c9MMpGc
G6+U2Lzhccwm1El8tNhgYco+EUQG/IAL9jdBLzMqQrJmcIBpD4acr9KLrxWIxOtE
7Gkup91SpyUE0ZwsdzoTdBEi3pW9VFV5Uf684ichFC/W3F4pD/DQmi41r62cwsfK
MRJ1Jex0WWtBG+8/STeXrP3xtpAi2QdBn9/yqvys6+HIu7DfmBqmxLIM3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJxnMluHcVrGAbMcTrYt7cgdIJfMB8GA1UdIwQY
MBaAFKsn1PYrW6mN+lfXPW3ViXWW6nPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXlmVTlpdGJxWTM2VjljOWJkV0pkWmJxYy1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lY2Q1MjEtZTdkMy00NDE2LTlmOTct
NGRlZWMwODA4ZDBjLzEva25HY3lXNGR4V3NZQnN4eE90aTN0eUIwZ2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lY2Q1MjEtZTdkMy00NDE2LTlmOTctNGRlZWMwODA4ZDBj
LzEvcXlmVTlpdGJxWTM2VjljOWJkV0pkWmJxYy1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaNZMA0G
CSqGSIb3DQEBCwUAA4IBAQAWGgKIqP2arUJ4UCSkziyQYtgaU+L68yFRL7pqsgpM
k2yQF9dU3kHMDEGoq3hfAkJgw1O1gszPKdJHmph9U11s3iN4Eo+VgppPirDV5ziI
wvW4+YgsMn8qTj1GMxtv1/bnSDjjHvqhOIxMFZrk/mwcP9XZdeEs+UXdKbWUUqgL
UthdUhabXkag1vCwC1DWWY9GILY0OoI6XokuacnSyHjRusWPdWd63YywSlpuvPnU
TwYln9ZDF97aOOKfK8tCHKwmMpnseVww8Myp/KuQaByhLWXhWB+MUbYvZk4bD2vL
VKv/sTq4cGm9Sc7zdltTLny9rx0QqyYBUSnLFT0pKf3n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:57 2024 by rpki-client on console-fra.rpki-client.org