Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/2njOcV1Cmv4R1mJvrWN7awegq-k.roa
File: 2njOcV1Cmv4R1mJvrWN7awegq-k.roa (raw, json)
Hash identifier: RAhr+1dpMb8l03Ve1RTJLSW99gi6VduOYelD9GTCTho=
Subject key identifier: DA:78:CE:71:5D:42:9A:FE:11:D6:62:6F:AD:63:7B:6B:07:A0:AB:E9
Certificate issuer: /CN=72ca456cad238830b38ecd4d267cacfa5cd5f1f1
Certificate serial: 018CC94C14B00D794B6DF34CF78AF1FAA467
Authority key identifier: 72:CA:45:6C:AD:23:88:30:B3:8E:CD:4D:26:7C:AC:FA:5C:D5:F1:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cspFbK0jiDCzjs1NJnys-lzV8fE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/2njOcV1Cmv4R1mJvrWN7awegq-k.roa
Signing time: Tue 02 Jan 2024 08:30:55 +0000
ROA not before: Tue 02 Jan 2024 08:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39146
IP address blocks: 194.26.79.0/24 maxlen: 24
194.26.76.0/24 maxlen: 24
194.26.77.0/24 maxlen: 24
194.26.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:14:b0:0d:79:4b:6d:f3:4c:f7:8a:f1:fa:a4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ca456cad238830b38ecd4d267cacfa5cd5f1f1
Validity
Not Before: Jan 2 08:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da78ce715d429afe11d6626fad637b6b07a0abe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7f:80:c5:d2:6f:4c:ab:7b:fb:5c:e0:f5:b9:
fe:fa:e3:4f:e5:70:e7:66:ff:61:d8:eb:56:02:1c:
d3:9b:25:c3:2a:e0:cf:c8:e7:e3:42:66:78:ed:6d:
b5:9c:d5:b5:50:28:98:52:06:cd:22:26:53:b6:57:
9e:c0:89:fb:0f:3b:5d:d6:fd:b2:80:2e:9f:7e:98:
b1:dc:21:7a:d9:b2:16:9d:3d:af:bf:bc:b9:5a:da:
f1:b3:06:3d:6e:04:f5:a6:d3:db:77:33:27:21:ad:
79:6d:65:12:13:a0:80:4f:1f:32:70:eb:79:ca:60:
68:3c:5d:3c:bd:6a:a2:be:37:d3:83:76:42:81:93:
9a:40:ed:a2:b2:4d:87:39:c5:6e:56:01:58:77:76:
2d:e2:c7:9d:cd:ff:ee:8c:a7:6e:f6:17:95:cf:97:
db:42:b3:a3:40:8f:ea:7b:db:ae:17:02:25:09:43:
ba:9f:c1:ef:71:b3:1d:eb:63:9a:ae:bf:9c:cf:68:
b0:de:96:32:3b:5d:d6:da:e2:88:4c:a3:4b:1c:df:
20:e7:26:d1:be:79:b4:70:01:c6:96:2c:22:1a:f6:
5b:79:8c:db:02:31:34:38:38:59:b9:35:9e:8a:31:
f9:28:93:c9:fd:91:2b:bf:3b:06:f7:42:8f:8d:e9:
6a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:78:CE:71:5D:42:9A:FE:11:D6:62:6F:AD:63:7B:6B:07:A0:AB:E9
X509v3 Authority Key Identifier:
keyid:72:CA:45:6C:AD:23:88:30:B3:8E:CD:4D:26:7C:AC:FA:5C:D5:F1:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cspFbK0jiDCzjs1NJnys-lzV8fE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/2njOcV1Cmv4R1mJvrWN7awegq-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5731f3-b180-4054-8acb-2ca13dd1db63/1/cspFbK0jiDCzjs1NJnys-lzV8fE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.76.0/22
Signature Algorithm: sha256WithRSAEncryption
57:cc:f1:ec:a1:c1:f4:da:28:4f:e0:9f:76:b3:bf:95:79:6c:
1c:02:91:11:ee:52:02:d9:15:bc:02:be:54:24:2a:10:08:22:
5e:ed:0d:33:d3:9d:d0:57:c6:66:2d:e3:48:23:64:91:60:9d:
56:51:7d:17:90:58:c0:6f:01:23:1c:45:21:75:4d:80:38:40:
1c:3b:66:20:bf:43:5b:2e:bf:65:43:4f:9a:d3:d4:d3:30:0b:
12:90:78:6d:b2:25:bc:1d:b2:d8:7d:2b:ab:36:eb:9e:a9:05:
8f:95:18:44:6d:31:b2:3b:d0:31:b1:5b:46:c5:4f:30:56:64:
e2:e4:53:26:b0:6e:45:62:b9:72:8c:20:9a:7c:1e:5b:54:a5:
f7:53:7c:ba:6b:72:1a:3b:7c:62:a0:9d:7d:6d:6b:16:1f:54:
e1:9c:0e:14:ad:66:ae:85:8f:57:50:ac:6b:ef:d3:bb:d8:c7:
e5:18:3d:c0:01:bc:6d:88:e4:69:02:ed:fb:f5:48:86:c8:04:
db:05:9c:71:8a:e0:9b:ef:47:45:d6:2b:ee:4a:28:16:aa:f3:
6e:3b:b7:0b:29:fe:cf:45:28:ca:08:8e:ac:af:15:dc:b1:9d:
a3:27:f1:a9:05:e7:84:48:89:5d:56:6a:9f:5d:8d:dc:bf:9f:
78:ae:02:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTBSwDXlLbfNM94rx+qRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2E0NTZjYWQyMzg4MzBiMzhlY2Q0ZDI2N2NhY2ZhNWNk
NWYxZjEwHhcNMjQwMTAyMDgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTc4Y2U3MTVkNDI5YWZlMTFkNjYyNmZhZDYzN2I2YjA3YTBhYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3+AxdJvTKt7+1zg9bn++uNP5XDn
Zv9h2OtWAhzTmyXDKuDPyOfjQmZ47W21nNW1UCiYUgbNIiZTtleewIn7Dztd1v2y
gC6ffpix3CF62bIWnT2vv7y5WtrxswY9bgT1ptPbdzMnIa15bWUSE6CATx8ycOt5
ymBoPF08vWqivjfTg3ZCgZOaQO2isk2HOcVuVgFYd3Yt4sedzf/ujKdu9heVz5fb
QrOjQI/qe9uuFwIlCUO6n8HvcbMd62Oarr+cz2iw3pYyO13W2uKITKNLHN8g5ybR
vnm0cAHGliwiGvZbeYzbAjE0ODhZuTWeijH5KJPJ/ZErvzsG90KPjelqtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNp4znFdQpr+EdZib61je2sHoKvpMB8GA1UdIwQY
MBaAFHLKRWytI4gws47NTSZ8rPpc1fHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NwRmJLMGppREN6anMxTkpueXMtbHpWOGZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81NzMxZjMtYjE4MC00MDU0LThhY2It
MmNhMTNkZDFkYjYzLzEvMm5qT2NWMUNtdjRSMW1KdnJXTjdhd2VncS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81NzMxZjMtYjE4MC00MDU0LThhY2ItMmNhMTNkZDFkYjYz
LzEvY3NwRmJLMGppREN6anMxTkpueXMtbHpWOGZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhpMMA0G
CSqGSIb3DQEBCwUAA4IBAQBXzPHsocH02ihP4J92s7+VeWwcApER7lIC2RW8Ar5U
JCoQCCJe7Q0z053QV8ZmLeNII2SRYJ1WUX0XkFjAbwEjHEUhdU2AOEAcO2Ygv0Nb
Lr9lQ0+a09TTMAsSkHhtsiW8HbLYfSurNuueqQWPlRhEbTGyO9AxsVtGxU8wVmTi
5FMmsG5FYrlyjCCafB5bVKX3U3y6a3IaO3xioJ19bWsWH1ThnA4UrWauhY9XUKxr
79O72MflGD3AAbxtiORpAu379UiGyATbBZxxiuCb70dF1ivuSigWqvNuO7cLKf7P
RSjKCI6srxXcsZ2jJ/GpBeeESIldVmqfXY3cv594rgIG
-----END CERTIFICATE-----