Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/lXobpKbb_8yCcCTdgTcQhH1jimw.roa
File: lXobpKbb_8yCcCTdgTcQhH1jimw.roa (raw, json)
Hash identifier: nUIk93cqhV4hF3FKPgX+RIVOUgqscA8KjDf+1ZHzXA8=
Subject key identifier: 95:7A:1B:A4:A6:DB:FF:CC:82:70:24:DD:81:37:10:84:7D:63:8A:6C
Certificate issuer: /CN=abf60aa994a34cd4ad3ddba65b9af4d30aa34ce7
Certificate serial: 018CC4253F031013E3EA1642DD409F8EF724
Authority key identifier: AB:F6:0A:A9:94:A3:4C:D4:AD:3D:DB:A6:5B:9A:F4:D3:0A:A3:4C:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_YKqZSjTNStPdumW5r00wqjTOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/lXobpKbb_8yCcCTdgTcQhH1jimw.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60287
IP address blocks: 5.42.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3f:03:10:13:e3:ea:16:42:dd:40:9f:8e:f7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abf60aa994a34cd4ad3ddba65b9af4d30aa34ce7
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=957a1ba4a6dbffcc827024dd813710847d638a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:68:bb:4f:9b:f3:d8:97:78:72:4b:e0:4b:cf:
03:45:2d:07:9a:76:a7:ad:21:33:f9:e2:8a:cd:ae:
11:85:38:96:8e:31:0b:5e:83:8c:5a:76:49:ef:08:
2c:28:b5:ea:98:f4:31:4e:ad:c6:f5:4f:03:33:44:
7c:93:2b:05:64:6e:44:46:39:3f:7e:20:90:c2:1e:
2a:06:1f:65:8c:b2:50:8d:7e:22:e5:a4:c9:98:be:
45:62:0f:18:6a:76:56:45:69:6b:c0:55:1c:42:26:
d7:17:78:24:ef:1d:48:1a:9f:e3:41:d6:eb:96:c3:
f5:31:97:87:de:a5:b8:0a:bd:3d:c0:68:a2:95:1b:
9e:ba:7a:cf:fa:2f:7d:f0:d8:39:17:b2:0b:95:cd:
3f:f1:5d:31:56:f5:d1:7a:cd:d9:6c:4f:ce:35:2f:
bf:fd:4f:24:60:35:86:23:85:c4:66:9a:db:ba:e2:
17:05:70:9d:e9:6b:68:48:e0:1d:58:40:f4:2d:86:
c3:80:4d:a7:34:8e:c9:2a:a9:39:cc:44:3a:ba:09:
94:29:26:e4:e0:ad:cb:21:cd:d2:cc:e2:c2:4f:bb:
68:c0:33:7e:b2:c1:9c:2c:df:9d:ab:a3:ab:46:ef:
35:8c:e8:a6:5a:69:a0:ba:0f:c5:69:2c:d2:7a:b8:
23:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7A:1B:A4:A6:DB:FF:CC:82:70:24:DD:81:37:10:84:7D:63:8A:6C
X509v3 Authority Key Identifier:
keyid:AB:F6:0A:A9:94:A3:4C:D4:AD:3D:DB:A6:5B:9A:F4:D3:0A:A3:4C:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_YKqZSjTNStPdumW5r00wqjTOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/lXobpKbb_8yCcCTdgTcQhH1jimw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/q_YKqZSjTNStPdumW5r00wqjTOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.214.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a9:8e:58:51:94:17:aa:82:a8:1a:27:c5:78:2d:fe:24:8a:
82:c6:0d:81:e4:47:0a:03:3b:73:04:f3:2a:0f:48:fe:84:0d:
42:41:16:69:28:c2:2f:6f:a3:41:3c:b5:e2:33:ce:95:3f:fe:
14:d5:e2:81:8d:b9:d8:3c:c9:8f:0c:c7:44:ff:20:2f:41:fc:
a6:fd:c3:c3:44:ed:d9:cf:78:67:44:22:8a:12:86:87:95:8e:
52:7c:cf:f1:cd:af:dc:ab:cc:b7:2b:18:78:5d:e3:76:fd:b4:
92:76:0a:03:74:84:f5:d5:83:70:26:49:6a:29:ac:dd:a0:c0:
46:a5:de:c9:d4:b5:5b:c5:e6:9f:92:0e:d1:da:04:69:10:2b:
14:6d:73:cc:a9:05:3e:98:cb:0e:fb:b8:11:5f:45:1d:db:28:
c1:fd:2a:d9:f6:ed:72:79:33:cb:0c:6c:c6:4d:78:00:ad:e4:
88:f5:b0:e2:5d:ef:db:1b:87:5b:8e:46:e0:2e:71:7b:b4:9a:
70:85:d0:6a:40:30:c9:3d:15:f1:4e:72:4d:b3:28:0a:fb:64:
0d:77:ec:1f:de:87:6a:ac:a1:19:79:bd:23:64:88:e8:ce:27:
b3:69:1e:bc:3f:76:3f:61:09:70:09:19:4e:19:2b:8d:a9:fc:
14:90:d8:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJT8DEBPj6hZC3UCfjvckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZjYwYWE5OTRhMzRjZDRhZDNkZGJhNjViOWFmNGQzMGFh
MzRjZTcwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTdhMWJhNGE2ZGJmZmNjODI3MDI0ZGQ4MTM3MTA4NDdkNjM4YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWi7T5vz2Jd4ckvgS88DRS0Hmnan
rSEz+eKKza4RhTiWjjELXoOMWnZJ7wgsKLXqmPQxTq3G9U8DM0R8kysFZG5ERjk/
fiCQwh4qBh9ljLJQjX4i5aTJmL5FYg8YanZWRWlrwFUcQibXF3gk7x1IGp/jQdbr
lsP1MZeH3qW4Cr09wGiilRueunrP+i998Ng5F7ILlc0/8V0xVvXRes3ZbE/ONS+/
/U8kYDWGI4XEZprbuuIXBXCd6WtoSOAdWED0LYbDgE2nNI7JKqk5zEQ6ugmUKSbk
4K3LIc3SzOLCT7towDN+ssGcLN+dq6OrRu81jOimWmmgug/FaSzSergjnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJV6G6Sm2//MgnAk3YE3EIR9Y4psMB8GA1UdIwQY
MBaAFKv2CqmUo0zUrT3bplua9NMKo0znMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV9ZS3FaU2pUTlN0UGR1bVc1cjAwd3FqVE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hMjI2NjAtMzhlZi00NzY4LWFmNDMt
ZTk0MTIyMDg3YjNmLzEvbFhvYnBLYmJfOHlDY0NUZGdUY1FoSDFqaW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hMjI2NjAtMzhlZi00NzY4LWFmNDMtZTk0MTIyMDg3YjNm
LzEvcV9ZS3FaU2pUTlN0UGR1bVc1cjAwd3FqVE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrWMA0G
CSqGSIb3DQEBCwUAA4IBAQBqqY5YUZQXqoKoGifFeC3+JIqCxg2B5EcKAztzBPMq
D0j+hA1CQRZpKMIvb6NBPLXiM86VP/4U1eKBjbnYPMmPDMdE/yAvQfym/cPDRO3Z
z3hnRCKKEoaHlY5SfM/xza/cq8y3Kxh4XeN2/bSSdgoDdIT11YNwJklqKazdoMBG
pd7J1LVbxeafkg7R2gRpECsUbXPMqQU+mMsO+7gRX0Ud2yjB/SrZ9u1yeTPLDGzG
TXgAreSI9bDiXe/bG4dbjkbgLnF7tJpwhdBqQDDJPRXxTnJNsygK+2QNd+wf3odq
rKEZeb0jZIjoziezaR68P3Y/YQlwCRlOGSuNqfwUkNhI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:25 2024 by rpki-client on console-fra.rpki-client.org