Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/uCpzlZRT91F0DFR9qDG5pUcHEl8.roa
File: uCpzlZRT91F0DFR9qDG5pUcHEl8.roa (raw, json)
Hash identifier: kk0mxNk2+BHzRqYX5y2v6DXqx59Qlh0aViq+lTud4Ko=
Subject key identifier: B8:2A:73:95:94:53:F7:51:74:0C:54:7D:A8:31:B9:A5:47:07:12:5F
Certificate issuer: /CN=4dd5017171cb486228461ca078591bacac24b6cd
Certificate serial: 01856D6F6CE36DAA47D3167AAAAF8920B68C
Authority key identifier: 4D:D5:01:71:71:CB:48:62:28:46:1C:A0:78:59:1B:AC:AC:24:B6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdUBcXHLSGIoRhygeFkbrKwkts0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/uCpzlZRT91F0DFR9qDG5pUcHEl8.roa
Signing time: Sun 01 Jan 2023 13:04:56 +0000
ROA not before: Sun 01 Jan 2023 13:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212667
IP address blocks: 195.96.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:6c:e3:6d:aa:47:d3:16:7a:aa:af:89:20:b6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd5017171cb486228461ca078591bacac24b6cd
Validity
Not Before: Jan 1 13:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b82a73959453f751740c547da831b9a54707125f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fc:16:4f:b6:6c:de:23:ab:99:6e:a0:b6:e7:
0d:6f:8c:82:a5:b4:11:aa:b6:69:f6:76:dc:c3:e4:
7c:dd:09:1f:4d:d0:d8:8b:ff:e6:40:ec:57:e2:7d:
6d:c2:6e:cb:2f:5d:a8:f9:cd:ec:6b:17:ba:2d:14:
61:71:7e:75:ea:f1:f7:00:c6:9c:23:8b:bd:a8:76:
00:7d:40:9f:93:66:35:68:d6:43:26:88:c2:3f:86:
8a:93:be:0e:5a:1e:1a:6f:4e:55:c0:e0:93:b4:03:
b7:3d:3a:98:1d:3b:9c:3f:58:6d:67:db:cd:cb:0e:
7a:f7:1b:db:2d:93:15:17:93:3b:97:a5:cb:f6:6a:
fb:de:87:51:19:15:5c:50:b1:fc:31:42:aa:64:9c:
86:30:e1:0a:00:ad:61:1d:78:be:9c:eb:99:b6:6b:
85:09:13:21:d6:05:cb:fb:c8:83:6a:d7:f4:eb:7b:
cb:03:7e:87:f2:bc:8a:c9:b8:fc:59:ff:7c:b8:81:
b8:8b:37:6f:75:df:c6:63:61:95:1f:c3:6e:36:4e:
0e:3f:1a:5b:c4:7f:69:ac:9c:15:d3:9d:6f:64:2c:
43:31:57:64:31:d1:f4:29:18:0f:0b:e7:7b:dc:50:
7c:6f:38:d1:35:e7:fe:e2:bd:ae:9b:c6:d9:18:ac:
9f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2A:73:95:94:53:F7:51:74:0C:54:7D:A8:31:B9:A5:47:07:12:5F
X509v3 Authority Key Identifier:
keyid:4D:D5:01:71:71:CB:48:62:28:46:1C:A0:78:59:1B:AC:AC:24:B6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdUBcXHLSGIoRhygeFkbrKwkts0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/uCpzlZRT91F0DFR9qDG5pUcHEl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/fa17f3-2d73-4584-afac-1e2273f5eb19/1/TdUBcXHLSGIoRhygeFkbrKwkts0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.150.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:1d:8d:e4:db:00:47:ad:43:15:97:35:5d:7e:94:60:95:10:
97:d1:7e:f4:7d:df:52:11:b8:4f:e5:68:00:d0:c3:50:13:d8:
2a:c0:4b:49:95:55:a7:c9:b0:55:79:4a:23:46:03:83:5d:de:
16:33:21:e4:26:34:02:ed:59:00:0b:15:dd:8b:71:d1:92:39:
e0:22:38:14:1f:bb:12:75:52:e3:8b:73:27:77:28:36:50:f3:
a1:a6:cc:e0:1c:47:e2:3d:bc:f0:37:c3:93:e6:3b:ee:f2:6c:
f4:3d:43:97:91:4b:a3:75:1f:6c:62:bf:15:5f:ab:f9:1a:dc:
ef:7e:03:e6:89:14:16:6b:d1:8f:cc:6f:ad:02:76:22:9c:57:
3f:f4:f4:7f:af:b8:94:73:76:21:25:ba:74:b2:05:a5:27:2e:
b9:92:01:95:d0:65:13:fe:c8:55:12:eb:70:a1:99:2a:b4:89:
cd:ac:25:88:54:c6:85:d5:ab:7e:c3:04:f4:f7:1c:93:3f:ad:
02:25:65:06:b8:b4:5e:98:67:8a:86:2e:58:52:ac:37:b3:01:
83:59:86:d9:4c:44:d6:72:d7:24:89:54:84:38:cc:58:bc:d8:
d1:45:58:f7:ea:04:0c:ae:c9:ed:d0:15:a4:d0:b2:bb:99:1c:
fc:28:98:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb2zjbapH0xZ6qq+JILaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDUwMTcxNzFjYjQ4NjIyODQ2MWNhMDc4NTkxYmFjYWMy
NGI2Y2QwHhcNMjMwMTAxMTMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODJhNzM5NTk0NTNmNzUxNzQwYzU0N2RhODMxYjlhNTQ3MDcxMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/wWT7Zs3iOrmW6gtucNb4yCpbQR
qrZp9nbcw+R83QkfTdDYi//mQOxX4n1twm7LL12o+c3saxe6LRRhcX516vH3AMac
I4u9qHYAfUCfk2Y1aNZDJojCP4aKk74OWh4ab05VwOCTtAO3PTqYHTucP1htZ9vN
yw569xvbLZMVF5M7l6XL9mr73odRGRVcULH8MUKqZJyGMOEKAK1hHXi+nOuZtmuF
CRMh1gXL+8iDatf063vLA36H8ryKybj8Wf98uIG4izdvdd/GY2GVH8NuNk4OPxpb
xH9prJwV051vZCxDMVdkMdH0KRgPC+d73FB8bzjRNef+4r2um8bZGKyfswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgqc5WUU/dRdAxUfagxuaVHBxJfMB8GA1UdIwQY
MBaAFE3VAXFxy0hiKEYcoHhZG6ysJLbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRVQmNYSExTR0lvUmh5Z2VGa2JyS3drdHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9mYTE3ZjMtMmQ3My00NTg0LWFmYWMt
MWUyMjczZjVlYjE5LzEvdUNwemxaUlQ5MUYwREZSOXFERzVwVWNIRWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9mYTE3ZjMtMmQ3My00NTg0LWFmYWMtMWUyMjczZjVlYjE5
LzEvVGRVQmNYSExTR0lvUmh5Z2VGa2JyS3drdHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CWMA0G
CSqGSIb3DQEBCwUAA4IBAQBsHY3k2wBHrUMVlzVdfpRglRCX0X70fd9SEbhP5WgA
0MNQE9gqwEtJlVWnybBVeUojRgODXd4WMyHkJjQC7VkACxXdi3HRkjngIjgUH7sS
dVLji3Mndyg2UPOhpszgHEfiPbzwN8OT5jvu8mz0PUOXkUujdR9sYr8VX6v5Gtzv
fgPmiRQWa9GPzG+tAnYinFc/9PR/r7iUc3YhJbp0sgWlJy65kgGV0GUT/shVEutw
oZkqtInNrCWIVMaF1at+wwT09xyTP60CJWUGuLRemGeKhi5YUqw3swGDWYbZTETW
ctckiVSEOMxYvNjRRVj36gQMrsnt0BWk0LK7mRz8KJiz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:18 2024 by rpki-client on console-fra.rpki-client.org