Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/gZoWidfN9kjvsilzk6zaRPOydpE.roa
File: gZoWidfN9kjvsilzk6zaRPOydpE.roa (raw, json)
Hash identifier: wztgsAnEd+VFI5ErfZMRgy4/Nvyjx/kUNNWdt9wGHfM=
Subject key identifier: 81:9A:16:89:D7:CD:F6:48:EF:B2:29:73:93:AC:DA:44:F3:B2:76:91
Certificate issuer: /CN=5f0226a704cf620eb2000f27e7a919ce730991be
Certificate serial: 01856F1D988A84AB6046439F03285A7BEC47
Authority key identifier: 5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/gZoWidfN9kjvsilzk6zaRPOydpE.roa
Signing time: Sun 01 Jan 2023 20:54:48 +0000
ROA not before: Sun 01 Jan 2023 20:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59253
IP address blocks: 194.127.192.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:98:8a:84:ab:60:46:43:9f:03:28:5a:7b:ec:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0226a704cf620eb2000f27e7a919ce730991be
Validity
Not Before: Jan 1 20:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=819a1689d7cdf648efb2297393acda44f3b27691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a9:89:72:73:38:2b:d8:d2:6d:de:c3:31:6e:
e8:c7:1e:72:0d:75:11:d7:d3:67:26:b1:ea:82:7f:
03:25:07:67:8d:34:77:3d:68:b0:ba:2d:a9:24:1f:
e7:3d:47:b6:5e:92:f3:87:c0:1c:3a:58:51:da:88:
0f:7d:cb:d7:2e:fb:7c:db:10:7d:4e:a8:2a:ee:a5:
2a:c7:da:ad:ca:e5:98:4a:4d:d8:a4:2d:ec:10:82:
63:15:0a:5b:ac:96:ef:00:0f:f9:bd:73:ed:7b:16:
1a:3f:25:d4:af:36:4b:a3:be:5f:60:6a:62:db:2b:
89:f7:13:52:63:f0:b9:d0:34:fd:34:ca:11:e7:8a:
c6:ed:d1:d5:ef:86:c1:cf:3b:a8:d5:c1:72:18:a8:
63:57:08:31:e7:e2:18:9a:40:aa:f2:09:78:1e:58:
71:3e:8e:2b:c4:c7:01:cc:99:51:e9:d2:f8:25:91:
4c:06:6d:c6:ac:a6:93:09:fc:11:71:6e:08:c2:d9:
b5:85:8b:e1:b2:cc:58:ea:75:ca:ff:01:4b:a4:c5:
7d:f0:c8:0e:a5:a8:90:e7:9f:97:a3:dc:fc:73:b7:
b2:fb:f1:9c:0e:78:6a:69:67:34:95:fe:4c:ea:7e:
b5:70:01:55:1d:bd:0f:bf:82:ed:c9:75:a7:95:71:
5c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9A:16:89:D7:CD:F6:48:EF:B2:29:73:93:AC:DA:44:F3:B2:76:91
X509v3 Authority Key Identifier:
keyid:5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/gZoWidfN9kjvsilzk6zaRPOydpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.192.0/23
Signature Algorithm: sha256WithRSAEncryption
64:5c:84:34:92:b7:41:a0:91:b6:b2:53:8d:02:13:f0:61:f1:
49:be:ee:35:6d:c0:a1:d6:19:bb:4f:33:b7:ab:6f:9e:c9:56:
df:bf:72:b5:e0:d7:4f:37:54:bf:5d:7a:3f:49:0c:77:b6:b3:
5e:87:7d:cf:7f:a7:b1:0b:0b:5e:56:34:68:a5:f8:5f:09:e8:
b8:cb:a2:09:9c:5a:04:b1:d6:8a:93:8c:fc:ff:22:f2:b0:c1:
08:5d:75:f5:cf:ac:bd:9f:a4:b0:a7:4b:dd:04:c7:c5:a3:5e:
2a:42:68:62:6c:9c:08:2e:fc:16:45:e5:2f:11:ed:dd:50:99:
c1:78:71:9b:57:8d:fe:af:ba:87:54:60:ba:06:13:76:d7:d3:
cb:d6:5b:51:4e:51:ca:b6:26:6e:ec:c7:73:46:75:12:9b:e6:
b7:8f:38:e3:a7:35:b5:a7:3e:78:2e:26:27:4f:a2:59:f2:f6:
e3:01:44:d4:7e:e4:ad:6a:7c:8c:1a:47:6a:f2:a8:7f:22:8b:
ff:d1:2f:b7:82:6f:1b:61:d4:51:32:c2:82:6d:42:d4:37:14:
3a:2c:17:1e:39:6f:04:b2:31:cb:b9:a6:47:65:6d:67:a2:78:
e3:82:80:9e:08:cb:bb:1b:d5:71:c1:16:f5:ee:5c:67:8e:5e:
52:4e:da:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHZiKhKtgRkOfAyhae+xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDIyNmE3MDRjZjYyMGViMjAwMGYyN2U3YTkxOWNlNzMw
OTkxYmUwHhcNMjMwMTAxMjA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTlhMTY4OWQ3Y2RmNjQ4ZWZiMjI5NzM5M2FjZGE0NGYzYjI3NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKmJcnM4K9jSbd7DMW7oxx5yDXUR
19NnJrHqgn8DJQdnjTR3PWiwui2pJB/nPUe2XpLzh8AcOlhR2ogPfcvXLvt82xB9
Tqgq7qUqx9qtyuWYSk3YpC3sEIJjFQpbrJbvAA/5vXPtexYaPyXUrzZLo75fYGpi
2yuJ9xNSY/C50DT9NMoR54rG7dHV74bBzzuo1cFyGKhjVwgx5+IYmkCq8gl4Hlhx
Po4rxMcBzJlR6dL4JZFMBm3GrKaTCfwRcW4Iwtm1hYvhssxY6nXK/wFLpMV98MgO
paiQ55+Xo9z8c7ey+/GcDnhqaWc0lf5M6n61cAFVHb0Pv4LtyXWnlXFc7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGaFonXzfZI77Ipc5Os2kTzsnaRMB8GA1UdIwQY
MBaAFF8CJqcEz2IOsgAPJ+epGc5zCZG+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAt
NzVkOWNlNWI4ZDljLzEvZ1pvV2lkZk45a2p2c2lsems2emFSUE95ZHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAtNzVkOWNlNWI4ZDlj
LzEvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwn/AMA0G
CSqGSIb3DQEBCwUAA4IBAQBkXIQ0krdBoJG2slONAhPwYfFJvu41bcCh1hm7TzO3
q2+eyVbfv3K14NdPN1S/XXo/SQx3trNeh33Pf6exCwteVjRopfhfCei4y6IJnFoE
sdaKk4z8/yLysMEIXXX1z6y9n6Swp0vdBMfFo14qQmhibJwILvwWReUvEe3dUJnB
eHGbV43+r7qHVGC6BhN219PL1ltRTlHKtiZu7MdzRnUSm+a3jzjjpzW1pz54LiYn
T6JZ8vbjAUTUfuStanyMGkdq8qh/Iov/0S+3gm8bYdRRMsKCbULUNxQ6LBceOW8E
sjHLuaZHZW1nonjjgoCeCMu7G9VxwRb17lxnjl5STtpE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:40 2025 by rpki-client