Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/944a87-a607-4552-9537-788b443b939f/1/xj_5YqCQbPB2R7DcxL-xfqt524s.roa
File: xj_5YqCQbPB2R7DcxL-xfqt524s.roa (raw, json)
Hash identifier: f0NKv3y7F1PTau8KcZ5AZspR+sPj5nSYAJ8L4zAS0IY=
Subject key identifier: C6:3F:F9:62:A0:90:6C:F0:76:47:B0:DC:C4:BF:B1:7E:AB:79:DB:8B
Certificate issuer: /CN=196509a881e59ffafaa31cf48bf5e2761bb822ed
Certificate serial: 01866F43C2C1700C1C056F61B7697BD6FC43
Authority key identifier: 19:65:09:A8:81:E5:9F:FA:FA:A3:1C:F4:8B:F5:E2:76:1B:B8:22:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWUJqIHln_r6oxz0i_Xidhu4Iu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/944a87-a607-4552-9537-788b443b939f/1/xj_5YqCQbPB2R7DcxL-xfqt524s.roa
Signing time: Mon 20 Feb 2023 14:39:17 +0000
ROA not before: Mon 20 Feb 2023 14:39:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205320
IP address blocks: 185.149.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:43:c2:c1:70:0c:1c:05:6f:61:b7:69:7b:d6:fc:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=196509a881e59ffafaa31cf48bf5e2761bb822ed
Validity
Not Before: Feb 20 14:39:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c63ff962a0906cf07647b0dcc4bfb17eab79db8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ca:b9:9d:97:e9:d7:ab:d4:8c:2c:43:e4:dd:
e5:6f:59:c6:73:fb:34:a6:e4:48:a2:5b:96:a6:82:
29:4b:fd:47:03:7a:8f:19:81:ca:f8:26:32:ef:3c:
65:b9:9b:c5:2c:b8:4e:98:b6:0d:cd:9e:f1:05:40:
b6:2e:62:13:5e:e0:fa:bc:91:af:cc:0d:26:8a:df:
ec:8a:41:83:ff:27:28:bb:c2:81:55:d5:df:13:7a:
55:b6:dd:21:da:72:60:5c:31:23:88:28:77:b3:15:
54:71:dc:d0:87:01:f6:75:b1:e8:20:33:74:bd:c3:
4b:ff:4c:15:19:68:ea:2f:fd:d7:88:77:0e:7b:27:
44:d7:8e:de:96:1f:97:27:c1:83:f0:e2:5f:1d:ae:
94:c4:a5:cc:2d:40:0e:9d:72:f6:e1:8f:8a:5e:ce:
4f:a4:e0:bf:c0:89:81:97:4f:ff:a0:df:ff:64:69:
7d:0d:9d:b3:fb:ef:f1:aa:77:55:28:5d:dc:a5:37:
39:29:b8:95:0d:41:99:f9:bb:3f:25:d3:5f:a6:c0:
b3:79:cf:8e:cd:25:c1:2c:02:3e:97:57:03:c2:49:
9a:81:da:4c:35:87:ae:28:37:d2:71:2c:52:b6:0f:
e2:f5:87:27:a0:2d:d6:fb:33:e3:d1:5f:7a:ae:96:
52:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3F:F9:62:A0:90:6C:F0:76:47:B0:DC:C4:BF:B1:7E:AB:79:DB:8B
X509v3 Authority Key Identifier:
keyid:19:65:09:A8:81:E5:9F:FA:FA:A3:1C:F4:8B:F5:E2:76:1B:B8:22:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWUJqIHln_r6oxz0i_Xidhu4Iu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/944a87-a607-4552-9537-788b443b939f/1/xj_5YqCQbPB2R7DcxL-xfqt524s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/944a87-a607-4552-9537-788b443b939f/1/GWUJqIHln_r6oxz0i_Xidhu4Iu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.151.0/24
Signature Algorithm: sha256WithRSAEncryption
40:48:6d:82:f4:24:a6:48:78:1d:7f:84:1f:e7:2d:57:c1:97:
4f:a2:9f:0a:37:b1:74:34:d6:dd:1b:c1:c4:22:64:24:f7:92:
78:bc:1b:e6:f5:e8:cb:5e:c8:d4:a3:85:3c:05:55:48:79:8c:
34:8d:dc:ae:32:7f:d7:18:ef:de:37:38:d8:1d:9a:08:50:30:
0a:9e:6c:8e:05:d8:5a:76:7a:80:22:b0:15:7c:e6:1b:fe:88:
02:9b:6b:c6:3f:73:10:c1:b6:d8:73:af:99:b8:43:d5:d2:70:
d8:65:fe:31:f4:c9:6d:fd:d8:47:5c:b9:2e:98:04:ff:34:31:
53:12:22:f2:aa:b6:b8:a6:49:ad:87:b3:95:6c:f0:ab:8d:10:
2f:24:4b:da:7a:96:85:71:3b:6d:b8:54:a1:0b:ca:81:cf:d3:
6d:12:1c:6e:9f:e9:91:a8:9b:d8:c0:1a:70:74:63:ae:aa:4b:
ba:02:3a:fb:33:5d:60:37:64:f5:dd:e5:40:57:6e:c8:81:f6:
17:df:c1:83:8a:20:c9:c6:c0:fe:b4:19:2e:91:cf:ba:d0:d8:
6b:d1:95:6f:90:f0:40:a1:32:40:0d:68:30:68:f9:fb:ca:48:
0d:f1:06:0a:21:6f:b6:7a:45:ad:c5:e0:26:0b:9d:d1:49:e9:
03:57:e9:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZvQ8LBcAwcBW9ht2l71vxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjUwOWE4ODFlNTlmZmFmYWEzMWNmNDhiZjVlMjc2MWJi
ODIyZWQwHhcNMjMwMjIwMTQzOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNmZjk2MmEwOTA2Y2YwNzY0N2IwZGNjNGJmYjE3ZWFiNzlkYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicq5nZfp16vUjCxD5N3lb1nGc/s0
puRIoluWpoIpS/1HA3qPGYHK+CYy7zxluZvFLLhOmLYNzZ7xBUC2LmITXuD6vJGv
zA0mit/sikGD/ycou8KBVdXfE3pVtt0h2nJgXDEjiCh3sxVUcdzQhwH2dbHoIDN0
vcNL/0wVGWjqL/3XiHcOeydE147elh+XJ8GD8OJfHa6UxKXMLUAOnXL24Y+KXs5P
pOC/wImBl0//oN//ZGl9DZ2z++/xqndVKF3cpTc5KbiVDUGZ+bs/JdNfpsCzec+O
zSXBLAI+l1cDwkmagdpMNYeuKDfScSxStg/i9YcnoC3W+zPj0V96rpZSDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMY/+WKgkGzwdkew3MS/sX6reduLMB8GA1UdIwQY
MBaAFBllCaiB5Z/6+qMc9Iv14nYbuCLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dVSnFJSGxuX3I2b3h6MGlfWGlkaHU0SXUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85NDRhODctYTYwNy00NTUyLTk1Mzct
Nzg4YjQ0M2I5MzlmLzEveGpfNVlxQ1FiUEIyUjdEY3hMLXhmcXQ1MjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85NDRhODctYTYwNy00NTUyLTk1MzctNzg4YjQ0M2I5Mzlm
LzEvR1dVSnFJSGxuX3I2b3h6MGlfWGlkaHU0SXUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZWXMA0G
CSqGSIb3DQEBCwUAA4IBAQBASG2C9CSmSHgdf4Qf5y1XwZdPop8KN7F0NNbdG8HE
ImQk95J4vBvm9ejLXsjUo4U8BVVIeYw0jdyuMn/XGO/eNzjYHZoIUDAKnmyOBdha
dnqAIrAVfOYb/ogCm2vGP3MQwbbYc6+ZuEPV0nDYZf4x9Mlt/dhHXLkumAT/NDFT
EiLyqra4pkmth7OVbPCrjRAvJEvaepaFcTttuFShC8qBz9NtEhxun+mRqJvYwBpw
dGOuqku6Ajr7M11gN2T13eVAV27IgfYX38GDiiDJxsD+tBkukc+60Nhr0ZVvkPBA
oTJADWgwaPn7ykgN8QYKIW+2ekWtxeAmC53RSekDV+k4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:48 2023 by rpki-client on console-ams.rpki-client.org