Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/rZFsHf22TOY5sBGj35Jcj7XtqYQ.roa
File: rZFsHf22TOY5sBGj35Jcj7XtqYQ.roa (raw, json)
Hash identifier: kfiPEYD0CUuxp6PopXCf63jucHVZPsmCrPyH5dhAUEc=
Subject key identifier: AD:91:6C:1D:FD:B6:4C:E6:39:B0:11:A3:DF:92:5C:8F:B5:ED:A9:84
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018570D527864637EA17CCC5FD58719CA6F3
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/rZFsHf22TOY5sBGj35Jcj7XtqYQ.roa
Signing time: Mon 02 Jan 2023 04:54:55 +0000
ROA not before: Mon 02 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 86.106.24.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:27:86:46:37:ea:17:cc:c5:fd:58:71:9c:a6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 2 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad916c1dfdb64ce639b011a3df925c8fb5eda984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5a:d7:95:bc:25:e8:36:2d:86:0d:7b:88:41:
34:e9:3f:8f:f2:6a:79:be:3b:7b:87:fb:89:43:7d:
4b:ef:49:74:e5:90:8e:5c:0f:29:24:5d:67:0e:32:
21:13:e1:a7:54:28:79:23:cc:15:80:13:5c:40:1c:
5e:3f:df:e6:03:10:ea:18:9c:30:0c:b8:81:18:8e:
11:8d:cc:0f:09:71:3d:c7:a5:8e:ce:3b:ea:29:e4:
03:e2:6d:16:ee:fc:60:a4:54:29:63:1f:15:85:24:
f6:fd:60:5d:fa:a0:15:f3:e8:09:8c:aa:99:f9:e7:
0d:8d:79:4e:35:8e:32:7c:bf:54:79:a7:32:62:2c:
50:f7:45:26:2c:21:b8:d4:12:54:ca:a5:a2:58:fa:
fb:d8:94:00:ed:a4:0a:9d:a3:7e:9a:01:79:72:58:
64:ec:26:eb:7f:b8:c6:8f:2c:88:e1:f1:14:4f:bc:
b7:4c:e8:ad:fb:0c:55:2e:d6:58:a1:c3:32:74:4c:
c8:dc:8f:4e:3a:da:0e:35:63:a5:30:8a:80:60:03:
1e:74:c5:57:63:73:e8:8a:b9:f4:3a:a1:ab:5b:bf:
68:47:2a:af:29:83:50:96:5b:75:8f:c5:1f:74:84:
a3:28:e4:3a:79:92:b6:52:2d:8d:dd:fe:d2:c0:e4:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:91:6C:1D:FD:B6:4C:E6:39:B0:11:A3:DF:92:5C:8F:B5:ED:A9:84
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/rZFsHf22TOY5sBGj35Jcj7XtqYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.24.0/24
Signature Algorithm: sha256WithRSAEncryption
10:3a:7f:69:71:a7:2c:ad:ca:26:77:fa:c3:3e:18:9e:b8:42:
c5:75:8f:5f:1b:a3:5c:4e:ba:83:3c:bd:88:eb:08:90:c6:a8:
90:d4:40:95:3d:70:f9:6b:a0:9e:e5:38:1e:6d:f8:86:0f:44:
24:02:f4:dd:5e:f6:71:56:7a:f4:11:f4:f0:27:ac:81:4e:6c:
19:77:7d:07:82:d1:ae:ef:54:80:e7:0d:06:4c:d1:3a:19:2e:
65:72:6c:d5:f7:56:f8:57:05:98:5b:1d:d0:89:b4:3c:29:a7:
2d:16:0a:75:40:40:90:84:1a:bf:9b:2e:77:37:b1:11:ee:6d:
87:56:7b:42:ee:f5:8c:24:5b:69:99:bf:46:cd:66:eb:d5:3f:
9d:73:d8:d9:b3:54:47:1b:70:bd:b5:2d:41:a7:8b:c7:fc:36:
74:16:2e:95:69:22:08:bc:27:b2:91:ef:02:db:c1:5b:17:f8:
b5:fe:92:b7:e9:2b:1f:e2:45:19:da:40:fe:0e:9a:d8:62:4f:
34:00:16:3a:b6:81:2d:5c:50:87:85:5f:35:32:cd:ad:63:e4:
04:8b:ff:34:5e:58:62:14:a0:97:d0:5d:dd:33:07:bd:92:ab:
68:2e:58:1e:a0:a7:2e:b7:d5:ba:9f:7e:cf:20:90:51:30:a3:
74:d0:2b:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1SeGRjfqF8zF/VhxnKbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjMwMTAyMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDkxNmMxZGZkYjY0Y2U2MzliMDExYTNkZjkyNWM4ZmI1ZWRhOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1rXlbwl6DYthg17iEE06T+P8mp5
vjt7h/uJQ31L70l05ZCOXA8pJF1nDjIhE+GnVCh5I8wVgBNcQBxeP9/mAxDqGJww
DLiBGI4RjcwPCXE9x6WOzjvqKeQD4m0W7vxgpFQpYx8VhST2/WBd+qAV8+gJjKqZ
+ecNjXlONY4yfL9UeacyYixQ90UmLCG41BJUyqWiWPr72JQA7aQKnaN+mgF5clhk
7Cbrf7jGjyyI4fEUT7y3TOit+wxVLtZYocMydEzI3I9OOtoONWOlMIqAYAMedMVX
Y3Poirn0OqGrW79oRyqvKYNQllt1j8UfdISjKOQ6eZK2Ui2N3f7SwOQrNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2RbB39tkzmObARo9+SXI+17amEMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvclpGc0hmMjJUT1k1c0JHajM1SmNqN1h0cVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmoYMA0G
CSqGSIb3DQEBCwUAA4IBAQAQOn9pcacsrcomd/rDPhieuELFdY9fG6NcTrqDPL2I
6wiQxqiQ1ECVPXD5a6Ce5TgebfiGD0QkAvTdXvZxVnr0EfTwJ6yBTmwZd30HgtGu
71SA5w0GTNE6GS5lcmzV91b4VwWYWx3QibQ8KactFgp1QECQhBq/my53N7ER7m2H
VntC7vWMJFtpmb9GzWbr1T+dc9jZs1RHG3C9tS1Bp4vH/DZ0Fi6VaSIIvCeyke8C
28FbF/i1/pK36Ssf4kUZ2kD+DprYYk80ABY6toEtXFCHhV81Ms2tY+QEi/80Xlhi
FKCX0F3dMwe9kqtoLlgeoKcut9W6n37PIJBRMKN00Csr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:47 2025 by rpki-client