Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/821d73-7f6f-4ba5-8f98-b6517dc41a78/1/dzLM7IMKKp7RG8uKyJ9cu3nUQuQ.roa
File: dzLM7IMKKp7RG8uKyJ9cu3nUQuQ.roa (raw, json)
Hash identifier: BAG52z+tI23F+hLgGQS6pGnXvpvYdyHDoikq8bvRcgw=
Subject key identifier: 77:32:CC:EC:83:0A:2A:9E:D1:1B:CB:8A:C8:9F:5C:BB:79:D4:42:E4
Certificate issuer: /CN=43927dc998b1101e16c78e5b36b1307bf25c8baa
Certificate serial: 0185799E65A70389B968225A7BE63A68FFF4
Authority key identifier: 43:92:7D:C9:98:B1:10:1E:16:C7:8E:5B:36:B1:30:7B:F2:5C:8B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5J9yZixEB4Wx45bNrEwe_Jci6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/821d73-7f6f-4ba5-8f98-b6517dc41a78/1/dzLM7IMKKp7RG8uKyJ9cu3nUQuQ.roa
Signing time: Tue 03 Jan 2023 21:51:41 +0000
ROA not before: Tue 03 Jan 2023 21:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205654
IP address blocks: 195.234.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:79:9e:65:a7:03:89:b9:68:22:5a:7b:e6:3a:68:ff:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43927dc998b1101e16c78e5b36b1307bf25c8baa
Validity
Not Before: Jan 3 21:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7732ccec830a2a9ed11bcb8ac89f5cbb79d442e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:27:99:df:dd:d2:ce:92:6c:68:b2:96:8b:25:
f9:18:aa:81:c4:a2:0a:7f:98:bd:fd:5d:d3:9d:1f:
94:91:66:8e:c5:76:74:27:15:36:c2:08:26:35:68:
2c:e5:9c:b8:85:75:5d:f9:6b:7c:8d:f5:e7:91:0c:
0e:fe:5f:41:42:38:b5:ac:a6:54:35:1e:54:7e:c8:
bc:d0:ae:ca:3c:d2:6e:39:4a:9b:4e:0e:96:d7:9e:
92:35:cc:e4:39:27:d1:c1:f4:4c:bd:42:16:80:72:
4a:b3:f2:79:0c:a1:7c:d2:89:43:e7:e6:5b:71:bc:
59:43:4e:2a:92:4a:32:51:d5:6a:c2:68:29:c3:39:
fa:7f:19:73:bd:ce:dd:1c:99:d3:27:03:a5:41:8a:
b9:40:07:42:98:16:11:8e:90:1f:26:82:d7:8f:ee:
24:07:c9:3d:55:dd:cd:e7:b0:32:8f:32:e8:46:d9:
f9:c0:e4:96:34:28:c0:8f:6b:3b:a1:50:18:0e:cc:
16:2d:0a:7c:65:90:ce:75:91:67:4d:9b:b9:89:ff:
d3:d6:66:ba:a3:cd:fa:2a:d9:48:7d:d8:5b:f9:25:
77:80:8a:41:36:5e:c1:55:14:ba:81:85:51:f5:ca:
1f:7f:b0:6d:af:10:13:66:4c:30:fd:ff:c3:28:ef:
fd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:32:CC:EC:83:0A:2A:9E:D1:1B:CB:8A:C8:9F:5C:BB:79:D4:42:E4
X509v3 Authority Key Identifier:
keyid:43:92:7D:C9:98:B1:10:1E:16:C7:8E:5B:36:B1:30:7B:F2:5C:8B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5J9yZixEB4Wx45bNrEwe_Jci6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/821d73-7f6f-4ba5-8f98-b6517dc41a78/1/dzLM7IMKKp7RG8uKyJ9cu3nUQuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/821d73-7f6f-4ba5-8f98-b6517dc41a78/1/Q5J9yZixEB4Wx45bNrEwe_Jci6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.95.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:8b:7b:0c:af:47:a5:cf:6a:49:cd:05:62:d6:dd:b9:69:f7:
6a:d1:98:69:40:b9:25:39:a9:30:cd:2f:5c:15:8f:74:06:af:
7e:78:78:04:29:d5:9c:19:5a:b8:80:cf:34:eb:b5:d7:b1:05:
3e:cc:1b:c6:e7:ac:9a:38:8a:89:dc:12:be:1e:7f:b0:0e:27:
04:88:5b:d4:28:bb:45:dd:64:d8:ad:d6:e8:bb:bc:24:98:ec:
71:e6:39:a0:ea:17:4d:94:8d:9c:47:c8:72:a3:74:6c:2f:fb:
32:b5:7f:47:31:e4:c6:55:e6:4e:8c:10:7e:e5:ce:00:b1:b6:
ab:33:fe:da:7b:0a:31:16:cc:10:07:9d:c2:6c:50:f6:7f:43:
29:e4:c4:b1:90:93:d3:ff:b1:9e:de:18:0a:89:5c:f9:35:50:
b1:d8:d4:8e:39:9d:8d:ad:22:e0:a7:87:b5:09:ac:05:a5:74:
6a:95:a7:d9:79:19:2d:60:13:ff:e6:f0:11:59:9a:63:48:0b:
0e:81:82:b0:86:78:d5:f4:43:7d:85:bc:9f:42:da:cf:6c:65:
c8:2a:2e:48:55:1a:76:2e:02:e4:b0:85:77:51:05:e7:68:82:
00:29:6f:8d:fb:6d:39:97:55:d8:b0:80:3b:d6:2e:ce:f0:23:
ea:d3:27:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYV5nmWnA4m5aCJae+Y6aP/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTI3ZGM5OThiMTEwMWUxNmM3OGU1YjM2YjEzMDdiZjI1
YzhiYWEwHhcNMjMwMTAzMjE1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzMyY2NlYzgzMGEyYTllZDExYmNiOGFjODlmNWNiYjc5ZDQ0MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yeZ393SzpJsaLKWiyX5GKqBxKIK
f5i9/V3TnR+UkWaOxXZ0JxU2wggmNWgs5Zy4hXVd+Wt8jfXnkQwO/l9BQji1rKZU
NR5Ufsi80K7KPNJuOUqbTg6W156SNczkOSfRwfRMvUIWgHJKs/J5DKF80olD5+Zb
cbxZQ04qkkoyUdVqwmgpwzn6fxlzvc7dHJnTJwOlQYq5QAdCmBYRjpAfJoLXj+4k
B8k9Vd3N57AyjzLoRtn5wOSWNCjAj2s7oVAYDswWLQp8ZZDOdZFnTZu5if/T1ma6
o836KtlIfdhb+SV3gIpBNl7BVRS6gYVR9coff7BtrxATZkww/f/DKO/9wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcyzOyDCiqe0RvLisifXLt51ELkMB8GA1UdIwQY
MBaAFEOSfcmYsRAeFseOWzaxMHvyXIuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVKOXlaaXhFQjRXeDQ1Yk5yRXdlX0pjaTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84MjFkNzMtN2Y2Zi00YmE1LThmOTgt
YjY1MTdkYzQxYTc4LzEvZHpMTTdJTUtLcDdSRzh1S3lKOWN1M25VUXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84MjFkNzMtN2Y2Zi00YmE1LThmOTgtYjY1MTdkYzQxYTc4
LzEvUTVKOXlaaXhFQjRXeDQ1Yk5yRXdlX0pjaTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+pfMA0G
CSqGSIb3DQEBCwUAA4IBAQCdi3sMr0elz2pJzQVi1t25afdq0ZhpQLklOakwzS9c
FY90Bq9+eHgEKdWcGVq4gM8067XXsQU+zBvG56yaOIqJ3BK+Hn+wDicEiFvUKLtF
3WTYrdbou7wkmOxx5jmg6hdNlI2cR8hyo3RsL/sytX9HMeTGVeZOjBB+5c4Asbar
M/7aewoxFswQB53CbFD2f0Mp5MSxkJPT/7Ge3hgKiVz5NVCx2NSOOZ2NrSLgp4e1
CawFpXRqlafZeRktYBP/5vARWZpjSAsOgYKwhnjV9EN9hbyfQtrPbGXIKi5IVRp2
LgLksIV3UQXnaIIAKW+N+205l1XYsIA71i7O8CPq0yc3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:41 2024 by rpki-client on console-ams.rpki-client.org