Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/_xNfhUl8T8lz2OVL9FPwxuRx1YI.roa
File: _xNfhUl8T8lz2OVL9FPwxuRx1YI.roa (raw, json)
Hash identifier: mVhe9FD39+V1zg/ihScQvz1ye5RfHvdqsLMAPXv8XWo=
Subject key identifier: FF:13:5F:85:49:7C:4F:C9:73:D8:E5:4B:F4:53:F0:C6:E4:71:D5:82
Certificate issuer: /CN=f388d3a747a92fdbfb738e1d25d01a3639c6b1a1
Certificate serial: 018CC34902342C043C5F1B9F395FF79E36CE
Authority key identifier: F3:88:D3:A7:47:A9:2F:DB:FB:73:8E:1D:25:D0:1A:36:39:C6:B1:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84jTp0epL9v7c44dJdAaNjnGsaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/_xNfhUl8T8lz2OVL9FPwxuRx1YI.roa
Signing time: Mon 01 Jan 2024 04:29:50 +0000
ROA not before: Mon 01 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 195.64.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:02:34:2c:04:3c:5f:1b:9f:39:5f:f7:9e:36:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f388d3a747a92fdbfb738e1d25d01a3639c6b1a1
Validity
Not Before: Jan 1 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff135f85497c4fc973d8e54bf453f0c6e471d582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a9:58:12:9c:fe:bd:e7:e9:a4:3a:11:ce:fc:
2d:ea:34:a7:c9:2c:c7:70:63:ff:b4:f4:ed:57:f6:
54:ea:49:1e:d8:bd:1b:6c:74:6a:71:70:fe:3a:95:
21:c8:da:c3:62:a5:02:03:52:03:6f:b3:84:08:52:
97:91:ba:f9:c0:d3:53:0a:05:97:2e:50:08:93:e8:
98:36:6c:0a:71:7c:4c:90:6d:77:78:8a:be:7e:54:
b6:f4:78:fd:1b:e1:28:7a:54:0f:cc:0c:47:eb:49:
bd:d1:ee:ba:72:9c:e2:2f:06:44:23:af:9f:e9:5e:
44:35:b6:46:e6:2c:64:7f:ca:33:7e:1e:34:d0:e5:
40:24:20:56:f4:22:2d:41:75:ad:3a:ed:cd:c0:1f:
86:c0:4c:54:3c:e3:99:55:1e:02:73:de:7c:19:22:
3c:08:d0:8b:fe:a2:30:bf:1c:e5:a2:e5:dd:ed:77:
01:2b:78:14:4e:3e:b8:d0:bb:e1:e9:b0:cf:1c:68:
bf:e7:0c:a1:59:0d:67:cb:11:66:fc:79:27:09:3f:
a0:67:09:f6:0f:d2:f6:bd:9e:ef:00:a5:28:e1:cd:
5d:12:81:17:37:85:22:17:1b:7a:cb:08:71:70:f7:
44:f3:35:d8:4f:13:27:82:ac:28:1c:a3:14:e5:1b:
48:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:13:5F:85:49:7C:4F:C9:73:D8:E5:4B:F4:53:F0:C6:E4:71:D5:82
X509v3 Authority Key Identifier:
keyid:F3:88:D3:A7:47:A9:2F:DB:FB:73:8E:1D:25:D0:1A:36:39:C6:B1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84jTp0epL9v7c44dJdAaNjnGsaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/_xNfhUl8T8lz2OVL9FPwxuRx1YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/945b2f-daa1-4c79-94da-e6eed9c9a253/1/84jTp0epL9v7c44dJdAaNjnGsaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.111.0/24
Signature Algorithm: sha256WithRSAEncryption
63:6f:fe:40:8f:a0:85:b6:43:2b:fa:6b:1c:d3:c4:8c:85:31:
d7:9b:c5:da:56:d2:cf:48:84:db:c8:2e:2f:db:a1:c1:cd:55:
04:dd:d0:ff:f4:b3:fb:94:ca:45:4a:ec:48:84:83:6d:f0:b3:
b2:0b:59:c4:17:cf:44:f6:2e:0d:62:1c:2d:40:d7:b9:a2:d4:
dc:7a:c8:7e:8e:eb:07:5a:a1:9c:1c:83:e9:fd:67:6c:94:72:
50:15:91:6e:12:63:4d:6c:d4:49:1a:fa:85:33:f9:fc:44:e1:
0b:9f:89:c9:7d:5c:2b:b6:48:fe:cb:89:a5:63:20:46:34:ce:
7f:3d:ba:aa:34:73:19:dc:f7:cb:34:57:29:5a:1a:43:78:81:
03:43:b2:81:1a:de:ff:32:dd:dd:f9:80:a3:5b:52:04:61:69:
88:ef:04:77:16:47:7a:bd:38:50:78:d2:aa:d3:57:05:19:1b:
a2:07:f5:b6:fc:56:0b:6f:54:e5:87:cf:2a:5a:1d:3b:81:36:
fa:7f:88:a5:3a:eb:58:67:38:90:c0:65:3d:59:e6:af:4a:b6:
6a:2d:ba:e0:d2:62:44:bc:a5:e1:f0:3d:bf:4e:1f:94:17:40:
c1:ff:0d:f3:4e:fb:5f:92:78:be:d9:d6:97:ea:43:f4:8d:17:
28:f3:1b:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSQI0LAQ8XxufOV/3njbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzODhkM2E3NDdhOTJmZGJmYjczOGUxZDI1ZDAxYTM2Mzlj
NmIxYTEwHhcNMjQwMTAxMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjEzNWY4NTQ5N2M0ZmM5NzNkOGU1NGJmNDUzZjBjNmU0NzFkNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmalYEpz+vefppDoRzvwt6jSnySzH
cGP/tPTtV/ZU6kke2L0bbHRqcXD+OpUhyNrDYqUCA1IDb7OECFKXkbr5wNNTCgWX
LlAIk+iYNmwKcXxMkG13eIq+flS29Hj9G+EoelQPzAxH60m90e66cpziLwZEI6+f
6V5ENbZG5ixkf8ozfh400OVAJCBW9CItQXWtOu3NwB+GwExUPOOZVR4Cc958GSI8
CNCL/qIwvxzlouXd7XcBK3gUTj640Lvh6bDPHGi/5wyhWQ1nyxFm/HknCT+gZwn2
D9L2vZ7vAKUo4c1dEoEXN4UiFxt6ywhxcPdE8zXYTxMngqwoHKMU5RtIywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8TX4VJfE/Jc9jlS/RT8MbkcdWCMB8GA1UdIwQY
MBaAFPOI06dHqS/b+3OOHSXQGjY5xrGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODRqVHAwZXBMOXY3YzQ0ZEpkQWFOam5Hc2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85NDViMmYtZGFhMS00Yzc5LTk0ZGEt
ZTZlZWQ5YzlhMjUzLzEvX3hOZmhVbDhUOGx6Mk9WTDlGUHd4dVJ4MVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi85NDViMmYtZGFhMS00Yzc5LTk0ZGEtZTZlZWQ5YzlhMjUz
LzEvODRqVHAwZXBMOXY3YzQ0ZEpkQWFOam5Hc2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0BvMA0G
CSqGSIb3DQEBCwUAA4IBAQBjb/5Aj6CFtkMr+msc08SMhTHXm8XaVtLPSITbyC4v
26HBzVUE3dD/9LP7lMpFSuxIhINt8LOyC1nEF89E9i4NYhwtQNe5otTcesh+jusH
WqGcHIPp/WdslHJQFZFuEmNNbNRJGvqFM/n8ROELn4nJfVwrtkj+y4mlYyBGNM5/
PbqqNHMZ3PfLNFcpWhpDeIEDQ7KBGt7/Mt3d+YCjW1IEYWmI7wR3Fkd6vThQeNKq
01cFGRuiB/W2/FYLb1Tlh88qWh07gTb6f4ilOutYZziQwGU9WeavSrZqLbrg0mJE
vKXh8D2/Th+UF0DB/w3zTvtfkni+2daX6kP0jRco8xsQ
-----END CERTIFICATE-----
Generated at Wed Feb 7 11:48:34 2024 by rpki-client on console-fra.rpki-client.org