Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/038d1b-840b-4772-ae7e-def03d51fea4/1/brxaSijKpeF9oC-sZTlfVkQjcQw.roa
File: brxaSijKpeF9oC-sZTlfVkQjcQw.roa (raw, json)
Hash identifier: NCnQdcIhUmSha4mbk3Jmdwb3K06Jo0kITVrv1JTbIKI=
Subject key identifier: 6E:BC:5A:4A:28:CA:A5:E1:7D:A0:2F:AC:65:39:5F:56:44:23:71:0C
Certificate issuer: /CN=f2f0a391aaa6d790aae280ca589b28f444f71f57
Certificate serial: 0187068D4374EE026E0E3C5007202B01664E
Authority key identifier: F2:F0:A3:91:AA:A6:D7:90:AA:E2:80:CA:58:9B:28:F4:44:F7:1F:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8vCjkaqm15Cq4oDKWJso9ET3H1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/038d1b-840b-4772-ae7e-def03d51fea4/1/brxaSijKpeF9oC-sZTlfVkQjcQw.roa
Signing time: Tue 21 Mar 2023 23:42:13 +0000
ROA not before: Tue 21 Mar 2023 23:42:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199242
IP address blocks: 195.96.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:06:8d:43:74:ee:02:6e:0e:3c:50:07:20:2b:01:66:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2f0a391aaa6d790aae280ca589b28f444f71f57
Validity
Not Before: Mar 21 23:42:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ebc5a4a28caa5e17da02fac65395f564423710c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ec:7e:0f:b9:5e:2f:2d:5a:34:fb:2c:13:e4:
ce:1c:9d:74:1a:77:65:c0:38:4b:c8:ac:e5:ae:3b:
7b:1b:02:b9:24:b2:de:8c:6c:bd:36:55:2f:99:aa:
35:30:c4:68:bc:60:a7:f4:3e:75:ad:0e:ef:86:bc:
d1:29:54:b7:e8:f7:50:86:dc:b6:e4:2f:0a:46:8c:
69:1f:b7:eb:d2:8b:dc:7b:a1:7b:07:e4:8e:43:03:
c9:43:c0:43:80:5b:0a:19:3b:c9:5d:fe:19:84:74:
8c:38:9e:dd:b4:ff:46:a1:3f:81:82:ee:d8:0b:46:
9a:93:68:34:f0:d4:63:9b:f4:d1:98:99:93:06:15:
c8:5c:f5:7f:83:2a:7f:8d:e8:26:d5:cb:8b:c9:44:
51:f5:49:3c:ab:52:56:88:d5:11:49:5f:eb:3a:56:
89:5c:fb:10:3f:c6:ff:85:4c:80:a1:be:0d:43:4b:
75:e8:f5:48:fa:f5:87:2a:58:f3:3a:5a:bd:d7:5b:
3b:f7:a9:9f:e5:5a:1c:99:29:9c:3b:4d:b1:7a:f2:
6b:82:92:90:e0:c6:39:5e:be:9e:f4:93:4b:92:66:
82:f1:b8:c6:d6:20:10:f0:ca:95:58:e2:d1:1e:13:
1a:f5:c5:f4:ef:51:5f:d0:04:02:0a:53:8a:82:c0:
28:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BC:5A:4A:28:CA:A5:E1:7D:A0:2F:AC:65:39:5F:56:44:23:71:0C
X509v3 Authority Key Identifier:
keyid:F2:F0:A3:91:AA:A6:D7:90:AA:E2:80:CA:58:9B:28:F4:44:F7:1F:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8vCjkaqm15Cq4oDKWJso9ET3H1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/038d1b-840b-4772-ae7e-def03d51fea4/1/brxaSijKpeF9oC-sZTlfVkQjcQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/038d1b-840b-4772-ae7e-def03d51fea4/1/8vCjkaqm15Cq4oDKWJso9ET3H1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.130.0/24
Signature Algorithm: sha256WithRSAEncryption
65:97:e6:f5:c4:55:f1:1d:12:7c:bd:aa:b6:7b:54:63:30:d7:
ec:5e:68:80:45:28:19:20:37:a8:15:8d:5a:b6:9a:f1:ed:53:
71:e0:1c:ef:e7:9a:67:03:96:ae:f4:ef:20:f0:d1:a4:d7:52:
56:1e:6b:d3:0c:7f:73:1b:1b:52:3a:3f:b3:cd:c2:a8:b4:fc:
b4:99:a9:ac:a6:56:ce:fb:d7:52:2c:f5:6c:76:f6:c2:ae:ce:
9f:f0:ea:3d:4f:96:1a:e8:8d:09:e2:54:1b:71:a2:75:2f:28:
81:6f:26:a7:49:da:69:f3:47:d5:02:02:fd:24:f2:d4:a8:76:
0b:48:81:ba:8a:66:6f:63:84:31:e9:be:0e:50:2b:2c:56:17:
ac:64:d7:28:a9:50:48:12:66:59:9e:19:31:10:2c:eb:0b:7b:
a3:42:4f:77:ea:bb:85:c1:38:4c:57:60:83:43:4b:d6:cc:5b:
f4:85:23:7e:ef:97:e6:f9:52:f8:7b:d6:f0:85:51:b1:77:b1:
ae:83:d5:c2:61:75:fe:1a:ca:0d:4e:3c:65:75:1d:42:3b:a1:
85:20:66:fa:80:e7:b6:47:53:61:cb:6d:87:37:de:ab:4c:dc:
f0:01:50:4f:76:6f:cd:f8:b4:0b:b6:41:81:38:22:f2:36:33:
bc:70:6d:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcGjUN07gJuDjxQByArAWZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZjBhMzkxYWFhNmQ3OTBhYWUyODBjYTU4OWIyOGY0NDRm
NzFmNTcwHhcNMjMwMzIxMjM0MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWJjNWE0YTI4Y2FhNWUxN2RhMDJmYWM2NTM5NWY1NjQ0MjM3MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+x+D7leLy1aNPssE+TOHJ10Gndl
wDhLyKzlrjt7GwK5JLLejGy9NlUvmao1MMRovGCn9D51rQ7vhrzRKVS36PdQhty2
5C8KRoxpH7fr0ovce6F7B+SOQwPJQ8BDgFsKGTvJXf4ZhHSMOJ7dtP9GoT+Bgu7Y
C0aak2g08NRjm/TRmJmTBhXIXPV/gyp/jegm1cuLyURR9Uk8q1JWiNURSV/rOlaJ
XPsQP8b/hUyAob4NQ0t16PVI+vWHKljzOlq911s796mf5VocmSmcO02xevJrgpKQ
4MY5Xr6e9JNLkmaC8bjG1iAQ8MqVWOLRHhMa9cX071Ff0AQCClOKgsAovQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG68WkooyqXhfaAvrGU5X1ZEI3EMMB8GA1UdIwQY
MBaAFPLwo5GqpteQquKAylibKPRE9x9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHZDamthcW0xNUNxNG9ES1dKc285RVQzSDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wMzhkMWItODQwYi00NzcyLWFlN2Ut
ZGVmMDNkNTFmZWE0LzEvYnJ4YVNpaktwZUY5b0Mtc1pUbGZWa1FqY1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wMzhkMWItODQwYi00NzcyLWFlN2UtZGVmMDNkNTFmZWE0
LzEvOHZDamthcW0xNUNxNG9ES1dKc285RVQzSDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CCMA0G
CSqGSIb3DQEBCwUAA4IBAQBll+b1xFXxHRJ8vaq2e1RjMNfsXmiARSgZIDeoFY1a
tprx7VNx4Bzv55pnA5au9O8g8NGk11JWHmvTDH9zGxtSOj+zzcKotPy0mamsplbO
+9dSLPVsdvbCrs6f8Oo9T5Ya6I0J4lQbcaJ1LyiBbyanSdpp80fVAgL9JPLUqHYL
SIG6imZvY4Qx6b4OUCssVhesZNcoqVBIEmZZnhkxECzrC3ujQk936ruFwThMV2CD
Q0vWzFv0hSN+75fm+VL4e9bwhVGxd7Gug9XCYXX+GsoNTjxldR1CO6GFIGb6gOe2
R1Nhy22HN96rTNzwAVBPdm/N+LQLtkGBOCLyNjO8cG1e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:56 2024 by rpki-client on console-ams.rpki-client.org