Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/533596-2176-47d8-bbda-48a70d3f72f8/1/AfbFyHafFf61Ypbdue3yqvrkzHE.roa
File: AfbFyHafFf61Ypbdue3yqvrkzHE.roa (raw, json)
Hash identifier: etdTMmoOoXP01PpYBWhK8efDs3zLNKMc6jDdKfTZ5TU=
Subject key identifier: 01:F6:C5:C8:76:9F:15:FE:B5:62:96:DD:B9:ED:F2:AA:FA:E4:CC:71
Certificate issuer: /CN=a53e46ed04730d15c9d74eac410dde9cdc363cf0
Certificate serial: 01856F021CB03674BBB5867433CAC3C4C7BD
Authority key identifier: A5:3E:46:ED:04:73:0D:15:C9:D7:4E:AC:41:0D:DE:9C:DC:36:3C:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pT5G7QRzDRXJ106sQQ3enNw2PPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/533596-2176-47d8-bbda-48a70d3f72f8/1/AfbFyHafFf61Ypbdue3yqvrkzHE.roa
Signing time: Sun 01 Jan 2023 20:24:47 +0000
ROA not before: Sun 01 Jan 2023 20:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203641
IP address blocks: 193.111.170.0/23 maxlen: 24
193.111.196.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:1c:b0:36:74:bb:b5:86:74:33:ca:c3:c4:c7:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a53e46ed04730d15c9d74eac410dde9cdc363cf0
Validity
Not Before: Jan 1 20:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01f6c5c8769f15feb56296ddb9edf2aafae4cc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:fe:50:d7:48:6a:9f:ec:f4:b9:ca:00:0c:
e8:44:df:4a:01:52:8f:5c:c6:46:db:96:94:26:c4:
e7:89:90:17:d8:4d:e9:00:43:d0:12:f9:99:b8:78:
d8:79:1a:3c:e7:37:5f:57:76:f8:1c:0d:dd:7d:71:
b4:4f:16:26:b1:be:0a:bc:fd:5c:ea:de:2a:7a:8c:
12:43:2d:0f:17:48:ad:0d:92:19:d5:12:3f:d8:14:
47:00:a6:03:1a:84:13:a9:85:a2:d1:a1:e4:56:19:
29:13:af:76:b6:df:cc:b1:8e:75:e9:5f:3f:8c:39:
76:56:80:6f:a0:40:6b:da:4a:32:46:0d:03:09:0a:
02:79:89:f7:a6:35:dd:60:0e:51:14:46:d0:00:b6:
e9:fc:e5:a4:d5:d5:18:f5:64:2b:43:0d:00:d3:3e:
21:29:64:ad:88:6f:4f:fa:c0:6e:88:64:de:ef:62:
78:4b:e3:d1:e0:39:d8:3e:7d:93:0b:22:2c:f0:a3:
5a:98:67:72:14:ce:b0:15:bf:9d:3d:37:09:09:cd:
41:d3:e9:a8:06:5f:27:ad:7c:62:c8:f7:fb:73:99:
ad:8f:68:ce:71:b1:1f:1d:c8:ba:9e:33:b8:76:3c:
e5:7a:c7:e1:10:21:70:c2:c4:8f:15:b1:eb:a4:0e:
be:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F6:C5:C8:76:9F:15:FE:B5:62:96:DD:B9:ED:F2:AA:FA:E4:CC:71
X509v3 Authority Key Identifier:
keyid:A5:3E:46:ED:04:73:0D:15:C9:D7:4E:AC:41:0D:DE:9C:DC:36:3C:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pT5G7QRzDRXJ106sQQ3enNw2PPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/533596-2176-47d8-bbda-48a70d3f72f8/1/AfbFyHafFf61Ypbdue3yqvrkzHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/533596-2176-47d8-bbda-48a70d3f72f8/1/pT5G7QRzDRXJ106sQQ3enNw2PPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.170.0/23
193.111.196.0/23
Signature Algorithm: sha256WithRSAEncryption
63:ff:34:af:51:0d:a9:e7:7f:b3:5c:0f:7e:49:38:7e:75:c9:
12:f3:35:9d:e7:e8:6b:f6:9a:47:13:62:5e:4a:68:2a:28:c0:
a8:62:b0:71:4b:33:93:fb:7e:98:62:ef:3f:8b:ca:ef:ff:cf:
02:1d:f5:47:21:3b:94:c3:2a:fe:3c:d5:67:4f:55:7f:6a:d2:
ec:31:9e:7a:34:b4:25:54:c8:0e:cb:98:2a:d6:2e:92:91:b6:
a5:fa:bc:3e:09:b7:3b:c3:9f:76:15:dd:a7:ec:6f:50:c0:f3:
10:8c:53:00:c0:1c:35:f1:5a:fd:e2:34:b2:bd:e4:4a:af:90:
dd:1c:f7:c3:39:45:b3:31:9d:fe:00:7c:25:86:9b:31:2f:7c:
1a:05:6f:4b:b7:fd:b7:c3:93:76:d0:a4:58:42:b6:a2:73:6a:
88:19:aa:6c:d4:ea:d2:03:84:56:fe:31:52:a8:ca:53:6d:86:
39:13:b1:16:2d:b8:4f:b7:54:39:08:d3:92:0f:72:cc:7b:c7:
00:39:ca:af:97:5d:86:ba:e6:2d:1d:b0:c0:a0:f8:54:3e:ba:
c1:7b:92:6c:21:ce:4e:d1:eb:02:47:b9:1a:08:ab:92:f2:3d:
49:e3:6a:99:ed:0c:7d:73:53:96:22:cb:ef:6a:30:1f:86:14:
57:30:1e:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvAhywNnS7tYZ0M8rDxMe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1M2U0NmVkMDQ3MzBkMTVjOWQ3NGVhYzQxMGRkZTljZGMz
NjNjZjAwHhcNMjMwMTAxMjAyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY2YzVjODc2OWYxNWZlYjU2Mjk2ZGRiOWVkZjJhYWZhZTRjYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZT+UNdIap/s9LnKAAzoRN9KAVKP
XMZG25aUJsTniZAX2E3pAEPQEvmZuHjYeRo85zdfV3b4HA3dfXG0TxYmsb4KvP1c
6t4qeowSQy0PF0itDZIZ1RI/2BRHAKYDGoQTqYWi0aHkVhkpE692tt/MsY516V8/
jDl2VoBvoEBr2koyRg0DCQoCeYn3pjXdYA5RFEbQALbp/OWk1dUY9WQrQw0A0z4h
KWStiG9P+sBuiGTe72J4S+PR4DnYPn2TCyIs8KNamGdyFM6wFb+dPTcJCc1B0+mo
Bl8nrXxiyPf7c5mtj2jOcbEfHci6njO4djzlesfhECFwwsSPFbHrpA6+tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAH2xch2nxX+tWKW3bnt8qr65MxxMB8GA1UdIwQY
MBaAFKU+Ru0Ecw0VyddOrEEN3pzcNjzwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFQ1RzdRUnpEUlhKMTA2c1FRM2VuTncyUFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi81MzM1OTYtMjE3Ni00N2Q4LWJiZGEt
NDhhNzBkM2Y3MmY4LzEvQWZiRnlIYWZGZjYxWXBiZHVlM3lxdnJrekhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi81MzM1OTYtMjE3Ni00N2Q4LWJiZGEtNDhhNzBkM2Y3MmY4
LzEvcFQ1RzdRUnpEUlhKMTA2c1FRM2VuTncyUFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwW+qAwQB
wW/EMA0GCSqGSIb3DQEBCwUAA4IBAQBj/zSvUQ2p53+zXA9+STh+dckS8zWd5+hr
9ppHE2JeSmgqKMCoYrBxSzOT+36YYu8/i8rv/88CHfVHITuUwyr+PNVnT1V/atLs
MZ56NLQlVMgOy5gq1i6Skbal+rw+Cbc7w592Fd2n7G9QwPMQjFMAwBw18Vr94jSy
veRKr5DdHPfDOUWzMZ3+AHwlhpsxL3waBW9Lt/23w5N20KRYQraic2qIGaps1OrS
A4RW/jFSqMpTbYY5E7EWLbhPt1Q5CNOSD3LMe8cAOcqvl12GuuYtHbDAoPhUPrrB
e5JsIc5O0esCR7kaCKuS8j1J42qZ7Qx9c1OWIsvvajAfhhRXMB47
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:37 2025 by rpki-client