Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/2TxMC9wLhR40lmKxKn-ta-khKRk.roa
File: 2TxMC9wLhR40lmKxKn-ta-khKRk.roa (raw, json)
Hash identifier: b3pp7NO23jaCsAolsc8+SXkqUVdLm/exqPuJqMOwkok=
Subject key identifier: D9:3C:4C:0B:DC:0B:85:1E:34:96:62:B1:2A:7F:AD:6B:E9:21:29:19
Certificate issuer: /CN=04a08fe83a7c2bf15524f48d9a7cac439c46fd67
Certificate serial: 018570E74424677C2B8A5C162E05FE9A48FC
Authority key identifier: 04:A0:8F:E8:3A:7C:2B:F1:55:24:F4:8D:9A:7C:AC:43:9C:46:FD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKCP6Dp8K_FVJPSNmnysQ5xG_Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/2TxMC9wLhR40lmKxKn-ta-khKRk.roa
Signing time: Mon 02 Jan 2023 05:14:42 +0000
ROA not before: Mon 02 Jan 2023 05:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 195.96.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:44:24:67:7c:2b:8a:5c:16:2e:05:fe:9a:48:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a08fe83a7c2bf15524f48d9a7cac439c46fd67
Validity
Not Before: Jan 2 05:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d93c4c0bdc0b851e349662b12a7fad6be9212919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:fc:ca:4f:ea:f2:26:f7:3b:02:a8:90:c6:
e0:87:ac:13:89:e2:06:b2:04:4e:91:83:ec:82:97:
82:a7:73:96:1e:28:5e:7b:69:b4:f1:95:bd:ae:67:
5c:61:74:cc:1d:f9:af:88:8d:ca:01:8e:8f:53:c1:
c2:3a:0b:3e:5a:2f:e2:cd:47:e2:14:bd:49:c3:af:
e0:27:81:06:02:98:d7:43:bf:d2:9e:b6:27:d1:4d:
ef:1a:9f:19:29:e1:3f:85:c1:c4:01:6b:25:ac:42:
75:ed:b2:88:76:ce:f3:c7:5b:18:6b:c5:7f:72:0f:
33:a4:6d:67:8d:7b:68:1e:cc:55:b5:37:31:5c:7d:
8b:ea:12:1d:72:67:24:d5:f6:74:0e:f6:3c:e8:e0:
17:cb:5a:88:82:34:5a:92:52:2a:d7:4a:cc:14:a8:
e2:a9:77:2c:eb:b1:63:32:7a:9b:62:5b:0e:2b:9d:
68:98:a5:b2:9e:45:2e:2b:9e:f3:0f:04:67:f0:bd:
95:69:bb:f8:c3:8a:f3:41:f3:4c:32:44:f3:23:42:
af:97:39:6b:63:df:20:ce:37:df:ae:1d:b4:99:72:
98:0d:7a:78:c4:45:e3:39:c3:47:4b:c8:b6:f9:d0:
82:03:e6:d5:d8:81:30:26:9b:d8:91:99:88:6a:80:
05:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3C:4C:0B:DC:0B:85:1E:34:96:62:B1:2A:7F:AD:6B:E9:21:29:19
X509v3 Authority Key Identifier:
keyid:04:A0:8F:E8:3A:7C:2B:F1:55:24:F4:8D:9A:7C:AC:43:9C:46:FD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKCP6Dp8K_FVJPSNmnysQ5xG_Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/2TxMC9wLhR40lmKxKn-ta-khKRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/BKCP6Dp8K_FVJPSNmnysQ5xG_Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.149.0/24
Signature Algorithm: sha256WithRSAEncryption
55:db:80:ba:ee:dc:05:af:46:c0:5f:5e:af:98:cc:46:df:0d:
5e:8e:88:39:11:fd:9e:fe:65:75:2c:42:55:4d:d9:a2:6d:81:
e6:80:29:00:b6:1c:09:88:e5:8c:f4:38:d5:41:80:b3:9f:93:
4b:a9:e6:cc:11:3c:1e:a7:df:e9:39:d3:5b:72:8c:0c:93:6a:
87:e5:98:06:d5:ba:96:ad:76:ec:91:33:e0:ac:61:9f:95:f1:
b4:4d:9d:bb:de:16:44:6e:8c:4a:bd:27:33:0b:3b:69:82:70:
ec:82:6c:b1:c2:f5:f8:ee:9e:f6:a5:57:5d:0a:40:79:c0:59:
21:a1:69:f8:af:b2:2f:01:34:43:61:ca:35:a2:a1:ad:21:85:
be:cc:81:af:98:2e:57:fc:b2:b9:40:fb:95:34:c2:aa:fb:85:
53:c5:ae:cf:9f:43:b2:1c:71:6a:84:ac:24:7d:30:c8:54:bc:
33:3e:9d:d5:97:b8:93:9f:32:f9:bb:07:73:9b:60:3f:01:b8:
20:b8:34:f4:0b:19:03:69:f9:05:4b:53:ee:26:f4:ba:13:07:
c7:a2:2b:9d:bc:d6:2e:08:0a:6b:96:76:48:43:f3:30:97:78:
0a:0a:f4:e0:f9:90:8b:2a:30:35:fc:47:27:1c:e9:42:b0:7c:
59:a9:ec:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw50QkZ3wrilwWLgX+mkj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTA4ZmU4M2E3YzJiZjE1NTI0ZjQ4ZDlhN2NhYzQzOWM0
NmZkNjcwHhcNMjMwMTAyMDUxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNjNGMwYmRjMGI4NTFlMzQ5NjYyYjEyYTdmYWQ2YmU5MjEyOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJD8yk/q8ib3OwKokMbgh6wTieIG
sgROkYPsgpeCp3OWHihee2m08ZW9rmdcYXTMHfmviI3KAY6PU8HCOgs+Wi/izUfi
FL1Jw6/gJ4EGApjXQ7/SnrYn0U3vGp8ZKeE/hcHEAWslrEJ17bKIds7zx1sYa8V/
cg8zpG1njXtoHsxVtTcxXH2L6hIdcmck1fZ0DvY86OAXy1qIgjRaklIq10rMFKji
qXcs67FjMnqbYlsOK51omKWynkUuK57zDwRn8L2Vabv4w4rzQfNMMkTzI0Kvlzlr
Y98gzjffrh20mXKYDXp4xEXjOcNHS8i2+dCCA+bV2IEwJpvYkZmIaoAFEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNk8TAvcC4UeNJZisSp/rWvpISkZMB8GA1UdIwQY
MBaAFASgj+g6fCvxVST0jZp8rEOcRv1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktDUDZEcDhLX0ZWSlBTTm1ueXNRNXhHX1djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9jZjQwMjUtMzE5OC00YTkzLWFiNzYt
MzU3MjA4NjBhNWIyLzEvMlR4TUM5d0xoUjQwbG1LeEtuLXRhLWtoS1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9jZjQwMjUtMzE5OC00YTkzLWFiNzYtMzU3MjA4NjBhNWIy
LzEvQktDUDZEcDhLX0ZWSlBTTm1ueXNRNXhHX1djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CVMA0G
CSqGSIb3DQEBCwUAA4IBAQBV24C67twFr0bAX16vmMxG3w1ejog5Ef2e/mV1LEJV
TdmibYHmgCkAthwJiOWM9DjVQYCzn5NLqebMETwep9/pOdNbcowMk2qH5ZgG1bqW
rXbskTPgrGGflfG0TZ273hZEboxKvSczCztpgnDsgmyxwvX47p72pVddCkB5wFkh
oWn4r7IvATRDYco1oqGtIYW+zIGvmC5X/LK5QPuVNMKq+4VTxa7Pn0OyHHFqhKwk
fTDIVLwzPp3Vl7iTnzL5uwdzm2A/AbgguDT0CxkDafkFS1PuJvS6EwfHoiudvNYu
CAprlnZIQ/Mwl3gKCvTg+ZCLKjA1/EcnHOlCsHxZqexg
-----END CERTIFICATE-----
Generated at Fri Nov 3 09:00:50 2023 by rpki-client on console-ams.rpki-client.org