Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/IF6CMrm3UcEd0u51JYSti9V0cSQ.roa
File: IF6CMrm3UcEd0u51JYSti9V0cSQ.roa (raw, json)
Hash identifier: nOTbzHyz1L4hm0tQjd8IxU5oXki7bEdDrFam/ZYZ8yM=
Subject key identifier: 20:5E:82:32:B9:B7:51:C1:1D:D2:EE:75:25:84:AD:8B:D5:74:71:24
Certificate issuer: /CN=f388d3a747a92fdbfb738e1d25d01a3639c6b1a1
Certificate serial: 018964C05285D24F57908E553EE061B29095
Authority key identifier: F3:88:D3:A7:47:A9:2F:DB:FB:73:8E:1D:25:D0:1A:36:39:C6:B1:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84jTp0epL9v7c44dJdAaNjnGsaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/IF6CMrm3UcEd0u51JYSti9V0cSQ.roa
Signing time: Mon 17 Jul 2023 16:47:52 +0000
ROA not before: Mon 17 Jul 2023 16:47:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 195.64.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:c0:52:85:d2:4f:57:90:8e:55:3e:e0:61:b2:90:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f388d3a747a92fdbfb738e1d25d01a3639c6b1a1
Validity
Not Before: Jul 17 16:47:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=205e8232b9b751c11dd2ee752584ad8bd5747124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e0:b1:0c:a4:23:30:25:9c:db:7b:25:fb:1a:
1a:35:8f:99:c7:4c:e9:29:30:4b:58:08:55:c2:cc:
b8:a1:9b:be:aa:dd:df:bc:66:ae:48:13:7b:e8:fb:
8a:c6:48:55:ea:c2:0f:98:b0:6c:2f:29:a6:92:86:
fe:85:cf:2e:0e:c0:9e:5f:04:f9:45:e7:16:b3:05:
9f:2d:ad:3d:e3:83:62:24:df:c6:7f:fb:bd:ba:f8:
21:12:23:8d:e7:18:23:b1:61:5a:a3:37:09:bf:57:
19:22:4f:a4:87:22:58:d4:94:fd:e9:3e:80:a9:e5:
9b:12:eb:9d:aa:5b:f6:26:ea:ac:8b:36:74:6c:b3:
7d:82:d8:bf:de:d9:ea:92:69:7f:bd:92:9c:36:30:
b1:6c:02:13:cf:47:11:11:a2:c4:25:0a:3c:64:8e:
fb:44:4a:5b:53:74:04:98:60:b3:d8:a4:68:53:ae:
12:ff:d5:cc:76:f2:2e:08:a9:1d:f8:30:47:f8:2d:
25:cc:1d:63:ce:51:61:12:ff:2d:dc:fd:68:aa:58:
00:98:82:be:a1:02:b3:7c:bf:3f:ca:50:87:c5:88:
88:fe:07:83:53:ac:78:cc:f5:73:7a:09:48:29:c8:
d8:26:38:cc:78:4e:94:14:1a:36:a2:68:8a:e1:b0:
ae:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5E:82:32:B9:B7:51:C1:1D:D2:EE:75:25:84:AD:8B:D5:74:71:24
X509v3 Authority Key Identifier:
keyid:F3:88:D3:A7:47:A9:2F:DB:FB:73:8E:1D:25:D0:1A:36:39:C6:B1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84jTp0epL9v7c44dJdAaNjnGsaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/IF6CMrm3UcEd0u51JYSti9V0cSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/84jTp0epL9v7c44dJdAaNjnGsaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.111.0/24
Signature Algorithm: sha256WithRSAEncryption
88:6d:3f:a4:a5:92:5c:bb:31:ff:2f:38:e5:b1:79:4a:d2:f7:
b3:ff:99:f0:98:7e:43:47:39:8e:20:82:7e:c7:8e:3b:dc:4d:
fa:ae:72:aa:70:a1:88:35:e0:4c:78:64:51:02:f1:b7:fc:6f:
b9:0e:41:f0:b3:29:36:d6:4b:5b:45:77:8d:0d:cf:ee:39:1f:
1c:08:e1:50:3a:60:ee:4e:b3:2d:04:85:7a:a6:de:31:7c:46:
6e:b0:92:9a:32:31:a5:b0:8b:a0:b8:58:d1:88:fa:af:90:35:
96:cf:e8:19:6e:76:75:9e:3d:21:2c:53:79:7e:75:d2:61:cf:
8a:d0:18:a9:fe:60:bf:06:df:54:4a:50:eb:06:98:60:4b:3d:
3f:11:af:99:71:97:9c:94:60:e5:c4:50:43:9c:94:f7:76:f4:
b5:e0:de:6a:0b:48:bf:3c:d2:c1:e6:0c:d9:ee:eb:b1:50:75:
5d:c6:a9:84:6e:5f:98:0d:d2:41:68:72:ac:96:13:22:04:3c:
6d:bf:81:40:75:eb:a8:d0:17:bb:58:c8:c5:23:db:50:89:9b:
e5:c3:a5:d1:20:e5:79:96:42:56:ab:fa:ba:3f:a8:fe:c6:b5:
f4:e9:b9:85:d0:7e:88:3a:1c:65:d6:14:09:9e:ec:64:55:13:
2e:30:1d:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwFKF0k9XkI5VPuBhspCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzODhkM2E3NDdhOTJmZGJmYjczOGUxZDI1ZDAxYTM2Mzlj
NmIxYTEwHhcNMjMwNzE3MTY0NzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDVlODIzMmI5Yjc1MWMxMWRkMmVlNzUyNTg0YWQ4YmQ1NzQ3MTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+CxDKQjMCWc23sl+xoaNY+Zx0zp
KTBLWAhVwsy4oZu+qt3fvGauSBN76PuKxkhV6sIPmLBsLymmkob+hc8uDsCeXwT5
RecWswWfLa0944NiJN/Gf/u9uvghEiON5xgjsWFaozcJv1cZIk+khyJY1JT96T6A
qeWbEuudqlv2JuqsizZ0bLN9gti/3tnqkml/vZKcNjCxbAITz0cREaLEJQo8ZI77
REpbU3QEmGCz2KRoU64S/9XMdvIuCKkd+DBH+C0lzB1jzlFhEv8t3P1oqlgAmIK+
oQKzfL8/ylCHxYiI/geDU6x4zPVzeglIKcjYJjjMeE6UFBo2omiK4bCuqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBegjK5t1HBHdLudSWErYvVdHEkMB8GA1UdIwQY
MBaAFPOI06dHqS/b+3OOHSXQGjY5xrGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODRqVHAwZXBMOXY3YzQ0ZEpkQWFOam5Hc2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85NDViMmYtZGFhMS00Yzc5LTk0ZGEt
ZTZlZWQ5YzlhMjUzLzEvSUY2Q01ybTNVY0VkMHU1MUpZU3RpOVYwY1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi85NDViMmYtZGFhMS00Yzc5LTk0ZGEtZTZlZWQ5YzlhMjUz
LzEvODRqVHAwZXBMOXY3YzQ0ZEpkQWFOam5Hc2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BvMA0G
CSqGSIb3DQEBCwUAA4IBAQCIbT+kpZJcuzH/LzjlsXlK0vez/5nwmH5DRzmOIIJ+
x4473E36rnKqcKGINeBMeGRRAvG3/G+5DkHwsyk21ktbRXeNDc/uOR8cCOFQOmDu
TrMtBIV6pt4xfEZusJKaMjGlsIuguFjRiPqvkDWWz+gZbnZ1nj0hLFN5fnXSYc+K
0Bip/mC/Bt9USlDrBphgSz0/Ea+ZcZeclGDlxFBDnJT3dvS14N5qC0i/PNLB5gzZ
7uuxUHVdxqmEbl+YDdJBaHKslhMiBDxtv4FAdeuo0Be7WMjFI9tQiZvlw6XRIOV5
lkJWq/q6P6j+xrX06bmF0H6IOhxl1hQJnuxkVRMuMB2Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:02 2024 by rpki-client on console-fra.rpki-client.org