Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/6d9bd3-f0d4-4505-96f8-e40ea991404b/1/PflcZQe0ekggivGYJBmQcKj7zkU.roa
File: PflcZQe0ekggivGYJBmQcKj7zkU.roa (raw, json)
Hash identifier: /+oIWUzijR0LSUK1rm2GHL9PPxbnDw2KPbs095k/y9k=
Subject key identifier: 3D:F9:5C:65:07:B4:7A:48:20:8A:F1:98:24:19:90:70:A8:FB:CE:45
Certificate issuer: /CN=330716efa7392a523160c1723b3190b8fca868d2
Certificate serial: 018CC6B8B427F98E4313CA9C92CE3FAC74DB
Authority key identifier: 33:07:16:EF:A7:39:2A:52:31:60:C1:72:3B:31:90:B8:FC:A8:68:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MwcW76c5KlIxYMFyOzGQuPyoaNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/6d9bd3-f0d4-4505-96f8-e40ea991404b/1/PflcZQe0ekggivGYJBmQcKj7zkU.roa
Signing time: Mon 01 Jan 2024 20:30:42 +0000
ROA not before: Mon 01 Jan 2024 20:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209235
IP address blocks: 62.68.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:b4:27:f9:8e:43:13:ca:9c:92:ce:3f:ac:74:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330716efa7392a523160c1723b3190b8fca868d2
Validity
Not Before: Jan 1 20:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3df95c6507b47a48208af19824199070a8fbce45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9e:79:5a:67:d2:f6:bb:2a:52:5b:95:27:a4:
ab:06:5f:77:8f:a2:2b:19:db:76:d4:71:b5:67:ea:
a8:8c:85:10:c5:3f:96:80:02:1d:11:af:55:4c:30:
27:19:11:ac:93:63:18:49:ef:8e:b8:d0:32:0e:4f:
5b:55:44:ec:18:10:99:1a:27:cc:f4:f8:d8:3a:57:
71:c5:b7:75:66:eb:f8:98:b5:84:51:17:d5:be:2b:
d7:f2:91:7d:10:a8:9e:ec:30:86:0a:dc:fe:a6:b0:
26:26:3a:82:bf:27:2a:9b:53:26:d4:04:14:47:95:
36:26:79:42:cc:74:01:9b:d2:d0:d8:46:fc:97:ec:
6b:17:44:42:12:ae:4c:98:91:87:a9:1c:e5:5c:ec:
91:92:e0:65:d1:5f:51:a2:2f:34:57:df:64:e4:e1:
d2:b0:37:71:e7:4f:ca:29:ad:2c:d4:18:a3:f6:5f:
9c:65:87:7d:a2:72:38:0c:75:fa:c4:8a:5e:9a:2c:
76:c1:e3:98:30:98:4a:fc:69:16:16:f9:64:d3:aa:
27:c1:f9:7e:2b:98:8f:90:c3:f6:64:25:73:ec:d8:
e9:e2:f9:50:74:05:64:20:a8:57:24:c9:b4:86:e3:
ea:e4:1e:17:46:52:41:01:4c:4b:af:06:44:fc:15:
3c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F9:5C:65:07:B4:7A:48:20:8A:F1:98:24:19:90:70:A8:FB:CE:45
X509v3 Authority Key Identifier:
keyid:33:07:16:EF:A7:39:2A:52:31:60:C1:72:3B:31:90:B8:FC:A8:68:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MwcW76c5KlIxYMFyOzGQuPyoaNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/6d9bd3-f0d4-4505-96f8-e40ea991404b/1/PflcZQe0ekggivGYJBmQcKj7zkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/6d9bd3-f0d4-4505-96f8-e40ea991404b/1/MwcW76c5KlIxYMFyOzGQuPyoaNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.78.0/24
Signature Algorithm: sha256WithRSAEncryption
89:35:29:49:5a:1f:7d:83:68:ba:fa:a2:9e:6b:6a:12:0a:c1:
d0:9e:2f:55:8c:88:63:b0:8b:d5:3b:20:a6:92:85:ec:34:65:
83:e8:99:23:c3:34:12:da:93:7b:5c:8b:29:49:9e:80:21:f3:
69:8e:0e:24:4e:a7:24:a0:87:68:47:36:33:3d:2d:6c:36:50:
57:ce:1a:54:21:1a:66:a0:5a:8c:2e:03:56:7e:d3:08:f5:b7:
79:a8:86:d8:e7:a4:e6:6b:83:ad:e1:87:9f:f1:b1:ca:e7:39:
9f:39:ff:5e:17:3b:c4:06:3e:4f:83:ae:b5:72:f3:bb:1e:17:
e3:26:c5:0d:e7:da:a1:72:24:a6:b3:b3:1a:49:b6:2f:84:6e:
36:95:f6:60:0a:b1:98:9c:4f:88:61:73:a4:bd:1c:c8:f5:f2:
b0:92:0b:5e:98:28:3a:76:84:5c:da:8b:e6:97:3a:46:0a:61:
fe:b4:ef:05:b9:39:fc:e5:02:65:0e:b0:63:40:c5:17:16:64:
de:d5:0e:37:49:b5:6c:65:c7:36:08:d7:81:f7:80:b5:ba:47:
34:29:ea:1c:4f:14:5f:0c:cd:ae:6e:42:b7:70:87:76:d0:af:
02:49:a2:75:2b:16:8b:b2:80:47:6b:b4:3f:f7:25:a0:70:8c:
39:82:47:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuLQn+Y5DE8qcks4/rHTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMDcxNmVmYTczOTJhNTIzMTYwYzE3MjNiMzE5MGI4ZmNh
ODY4ZDIwHhcNMjQwMTAxMjAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY5NWM2NTA3YjQ3YTQ4MjA4YWYxOTgyNDE5OTA3MGE4ZmJjZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZ55WmfS9rsqUluVJ6SrBl93j6Ir
Gdt21HG1Z+qojIUQxT+WgAIdEa9VTDAnGRGsk2MYSe+OuNAyDk9bVUTsGBCZGifM
9PjYOldxxbd1Zuv4mLWEURfVvivX8pF9EKie7DCGCtz+prAmJjqCvycqm1Mm1AQU
R5U2JnlCzHQBm9LQ2Eb8l+xrF0RCEq5MmJGHqRzlXOyRkuBl0V9Roi80V99k5OHS
sDdx50/KKa0s1Bij9l+cZYd9onI4DHX6xIpemix2weOYMJhK/GkWFvlk06onwfl+
K5iPkMP2ZCVz7Njp4vlQdAVkIKhXJMm0huPq5B4XRlJBAUxLrwZE/BU8wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD35XGUHtHpIIIrxmCQZkHCo+85FMB8GA1UdIwQY
MBaAFDMHFu+nOSpSMWDBcjsxkLj8qGjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXdjVzc2YzVLbEl4WU1GeU96R1F1UHlvYU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS82ZDliZDMtZjBkNC00NTA1LTk2Zjgt
ZTQwZWE5OTE0MDRiLzEvUGZsY1pRZTBla2dnaXZHWUpCbVFjS2o3emtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS82ZDliZDMtZjBkNC00NTA1LTk2ZjgtZTQwZWE5OTE0MDRi
LzEvTXdjVzc2YzVLbEl4WU1GeU96R1F1UHlvYU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkROMA0G
CSqGSIb3DQEBCwUAA4IBAQCJNSlJWh99g2i6+qKea2oSCsHQni9VjIhjsIvVOyCm
koXsNGWD6JkjwzQS2pN7XIspSZ6AIfNpjg4kTqckoIdoRzYzPS1sNlBXzhpUIRpm
oFqMLgNWftMI9bd5qIbY56Tma4Ot4Yef8bHK5zmfOf9eFzvEBj5Pg661cvO7Hhfj
JsUN59qhciSms7MaSbYvhG42lfZgCrGYnE+IYXOkvRzI9fKwkgtemCg6doRc2ovm
lzpGCmH+tO8FuTn85QJlDrBjQMUXFmTe1Q43SbVsZcc2CNeB94C1ukc0KeocTxRf
DM2ubkK3cId20K8CSaJ1KxaLsoBHa7Q/9yWgcIw5gkeR
-----END CERTIFICATE-----
Generated at Wed Oct 9 10:56:24 2024 by rpki-client on console-ams.rpki-client.org