Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/AMHSSou9LxojcPoxUJDFEvNhxms.roa
File: AMHSSou9LxojcPoxUJDFEvNhxms.roa (raw, json)
Hash identifier: IXm6q1b7C3xvjKBPYH1SbkOSfQG7ikR/TTZ3f+V1rDc=
Subject key identifier: 00:C1:D2:4A:8B:BD:2F:1A:23:70:FA:31:50:90:C5:12:F3:61:C6:6B
Certificate issuer: /CN=abf60aa994a34cd4ad3ddba65b9af4d30aa34ce7
Certificate serial: 01857139C7880F422623115A0816145BB328
Authority key identifier: AB:F6:0A:A9:94:A3:4C:D4:AD:3D:DB:A6:5B:9A:F4:D3:0A:A3:4C:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_YKqZSjTNStPdumW5r00wqjTOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/AMHSSou9LxojcPoxUJDFEvNhxms.roa
Signing time: Mon 02 Jan 2023 06:44:50 +0000
ROA not before: Mon 02 Jan 2023 06:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60287
IP address blocks: 5.42.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c7:88:0f:42:26:23:11:5a:08:16:14:5b:b3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abf60aa994a34cd4ad3ddba65b9af4d30aa34ce7
Validity
Not Before: Jan 2 06:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00c1d24a8bbd2f1a2370fa315090c512f361c66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3e:23:4e:7f:a2:62:16:c2:77:54:f6:a1:c1:
4e:61:9b:10:ab:6d:5d:73:d3:07:0c:1e:9c:71:8e:
d0:4e:95:d3:6a:d0:5a:1d:95:c3:9d:75:64:f2:1a:
8a:40:13:d4:11:b2:89:04:a7:20:32:ce:91:e4:a8:
82:32:50:4a:0e:cf:ad:1d:f6:41:af:24:de:47:6c:
81:e7:4d:34:19:29:00:ab:40:5e:93:11:85:86:8d:
b6:56:20:03:82:53:fb:a3:28:2a:17:d7:59:a6:30:
38:59:a8:f0:be:3d:50:03:a9:cf:64:ce:ef:33:77:
90:ec:c1:76:0a:82:0a:d8:85:48:24:2b:63:29:ec:
99:f3:36:ef:cc:e9:fd:72:36:dd:d4:cd:b5:8d:fc:
8d:df:3f:83:1a:d8:b1:48:b0:59:4f:39:8e:6c:17:
75:14:5f:bd:14:61:de:99:08:5e:c3:23:c3:cd:d1:
7b:e2:cd:f5:6c:53:a6:24:e5:c3:68:eb:fd:e6:81:
ee:f3:11:e4:97:55:a6:4d:0c:49:74:db:37:97:d5:
16:89:ce:ee:51:5d:90:dc:2e:fa:8c:8f:26:03:40:
c0:9c:19:b9:12:86:de:3d:31:23:16:f5:16:f0:52:
14:e5:86:f9:3c:a2:0c:59:88:7d:5b:8e:ad:9a:6d:
ba:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C1:D2:4A:8B:BD:2F:1A:23:70:FA:31:50:90:C5:12:F3:61:C6:6B
X509v3 Authority Key Identifier:
keyid:AB:F6:0A:A9:94:A3:4C:D4:AD:3D:DB:A6:5B:9A:F4:D3:0A:A3:4C:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_YKqZSjTNStPdumW5r00wqjTOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/AMHSSou9LxojcPoxUJDFEvNhxms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/q_YKqZSjTNStPdumW5r00wqjTOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:ac:67:09:3f:c3:e6:5b:92:61:d0:48:cf:96:d4:a8:b5:58:
24:91:28:1a:9c:70:6c:cb:b3:ed:d1:95:d2:c1:e8:09:86:30:
79:c3:21:a5:88:73:19:28:aa:ce:6e:62:b4:b1:95:dd:da:ec:
7b:29:21:d7:58:f0:fe:69:3a:ef:af:4c:83:4b:48:a4:6b:e3:
d6:78:91:ff:b9:8d:54:a5:4b:9c:71:d1:30:d5:4f:8e:a0:d7:
90:be:2f:9b:f9:22:fa:bf:66:f4:b2:1a:e4:7f:90:f0:2d:3e:
1a:13:6d:df:80:ee:0d:bf:ea:8d:f3:ff:4a:c5:b7:ce:f3:fe:
78:b2:92:69:cb:b3:a5:06:f9:d5:67:08:0d:9c:7e:78:9a:fa:
4a:d4:d2:c1:a0:a5:e0:42:3e:0f:af:e9:c5:64:a6:df:16:47:
8f:55:3f:4e:45:54:9c:7b:f7:b3:7e:0b:41:09:4f:8c:a2:d2:
dc:6d:1b:25:8d:86:11:3e:49:a0:a3:11:4a:c0:a3:6d:b2:07:
16:2f:b2:08:86:a0:21:17:ae:e3:8c:a5:40:59:3d:8e:99:9f:
63:6f:78:b9:f3:99:c4:e7:fa:b7:94:94:58:e4:be:fd:47:65:
63:b5:21:ae:f1:88:9e:bc:0d:13:2c:a5:7e:7c:55:1e:d3:47:
ab:ab:01:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOceID0ImIxFaCBYUW7MoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZjYwYWE5OTRhMzRjZDRhZDNkZGJhNjViOWFmNGQzMGFh
MzRjZTcwHhcNMjMwMTAyMDY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGMxZDI0YThiYmQyZjFhMjM3MGZhMzE1MDkwYzUxMmYzNjFjNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz4jTn+iYhbCd1T2ocFOYZsQq21d
c9MHDB6ccY7QTpXTatBaHZXDnXVk8hqKQBPUEbKJBKcgMs6R5KiCMlBKDs+tHfZB
ryTeR2yB5000GSkAq0BekxGFho22ViADglP7oygqF9dZpjA4Wajwvj1QA6nPZM7v
M3eQ7MF2CoIK2IVIJCtjKeyZ8zbvzOn9cjbd1M21jfyN3z+DGtixSLBZTzmObBd1
FF+9FGHemQhewyPDzdF74s31bFOmJOXDaOv95oHu8xHkl1WmTQxJdNs3l9UWic7u
UV2Q3C76jI8mA0DAnBm5EobePTEjFvUW8FIU5Yb5PKIMWYh9W46tmm26tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADB0kqLvS8aI3D6MVCQxRLzYcZrMB8GA1UdIwQY
MBaAFKv2CqmUo0zUrT3bplua9NMKo0znMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV9ZS3FaU2pUTlN0UGR1bVc1cjAwd3FqVE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hMjI2NjAtMzhlZi00NzY4LWFmNDMt
ZTk0MTIyMDg3YjNmLzEvQU1IU1NvdTlMeG9qY1BveFVKREZFdk5oeG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hMjI2NjAtMzhlZi00NzY4LWFmNDMtZTk0MTIyMDg3YjNm
LzEvcV9ZS3FaU2pUTlN0UGR1bVc1cjAwd3FqVE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrWMA0G
CSqGSIb3DQEBCwUAA4IBAQArrGcJP8PmW5Jh0EjPltSotVgkkSganHBsy7Pt0ZXS
wegJhjB5wyGliHMZKKrObmK0sZXd2ux7KSHXWPD+aTrvr0yDS0ika+PWeJH/uY1U
pUuccdEw1U+OoNeQvi+b+SL6v2b0shrkf5DwLT4aE23fgO4Nv+qN8/9KxbfO8/54
spJpy7OlBvnVZwgNnH54mvpK1NLBoKXgQj4Pr+nFZKbfFkePVT9ORVSce/ezfgtB
CU+MotLcbRsljYYRPkmgoxFKwKNtsgcWL7IIhqAhF67jjKVAWT2OmZ9jb3i585nE
5/q3lJRY5L79R2VjtSGu8YievA0TLKV+fFUe00erqwHk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:46 2025 by rpki-client