Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/ripo2-X5lVnCwPz37hEzktdesuo.roa
File: ripo2-X5lVnCwPz37hEzktdesuo.roa (raw, json)
Hash identifier: Cwe2bMh9gwaSgW3vlLqSdjxTsCB7LUrQjMAloeL9Oh4=
Subject key identifier: AE:2A:68:DB:E5:F9:95:59:C2:C0:FC:F7:EE:11:33:92:D7:5E:B2:EA
Certificate issuer: /CN=00150b6aed6dd43d748d77033cfd01846136ef14
Certificate serial: 018CC64B3BC6AF3938E85F54B53483FA25B4
Authority key identifier: 00:15:0B:6A:ED:6D:D4:3D:74:8D:77:03:3C:FD:01:84:61:36:EF:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABULau1t1D10jXcDPP0BhGE27xQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/ripo2-X5lVnCwPz37hEzktdesuo.roa
Signing time: Mon 01 Jan 2024 18:31:08 +0000
ROA not before: Mon 01 Jan 2024 18:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200525
IP address blocks: 178.159.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3b:c6:af:39:38:e8:5f:54:b5:34:83:fa:25:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00150b6aed6dd43d748d77033cfd01846136ef14
Validity
Not Before: Jan 1 18:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae2a68dbe5f99559c2c0fcf7ee113392d75eb2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:12:f7:8f:2f:8a:d9:db:7d:2f:25:3f:06:69:
37:0a:5f:96:13:51:be:a8:5e:b1:f1:27:de:77:f2:
77:37:4b:9d:a7:e1:c0:f0:37:86:24:f0:ab:6c:67:
3c:89:87:09:27:e8:0a:56:4d:c0:44:43:6a:7d:31:
45:6a:7b:fb:cc:fa:5a:50:51:33:88:9c:87:5f:38:
a3:e2:5f:3d:0f:2a:f9:5c:55:06:47:0d:d8:b6:42:
35:a4:da:10:b2:e4:b1:d7:24:b3:e5:e4:77:7c:8f:
1a:c6:17:d0:5b:57:7a:85:6c:a6:f6:40:8b:eb:67:
5b:7e:c4:d8:8d:67:a0:4f:85:5f:01:5b:ee:26:0f:
6e:be:07:21:c6:4f:b5:9f:b3:5b:fb:76:97:43:d2:
51:9b:ee:bc:88:43:ba:ab:b1:62:40:f7:58:7c:72:
00:0b:58:cf:b8:e7:2f:2e:9b:e3:22:89:de:06:fa:
03:82:b1:4e:10:ef:5b:84:a2:bb:66:36:8c:71:5e:
cd:df:a7:26:23:b8:73:f7:d1:6e:c1:a2:2e:50:f3:
31:6d:5d:e9:b8:5c:52:8a:97:05:ca:eb:fb:43:43:
72:60:fb:08:0e:e7:9f:b2:b1:2d:65:75:8e:26:8b:
dc:aa:8b:d8:9e:2d:24:90:43:49:a7:ce:2b:b8:9c:
24:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2A:68:DB:E5:F9:95:59:C2:C0:FC:F7:EE:11:33:92:D7:5E:B2:EA
X509v3 Authority Key Identifier:
keyid:00:15:0B:6A:ED:6D:D4:3D:74:8D:77:03:3C:FD:01:84:61:36:EF:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABULau1t1D10jXcDPP0BhGE27xQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/ripo2-X5lVnCwPz37hEzktdesuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68badc-43a3-41d7-889d-a6d7ed4aa836/1/ABULau1t1D10jXcDPP0BhGE27xQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.159.34.0/24
Signature Algorithm: sha256WithRSAEncryption
73:5f:50:15:92:a2:1b:c0:7f:f9:a9:24:48:b9:28:c1:08:e9:
91:02:1e:f2:90:17:53:ca:a3:b6:16:64:e0:16:be:55:72:7f:
8c:a6:ba:7f:83:70:9a:36:ca:6f:45:14:f9:9d:77:22:c4:53:
6f:23:f0:9d:5c:26:47:4f:dc:a4:fe:a6:cf:66:6c:f6:42:78:
d5:06:50:70:7b:45:00:17:a1:00:0a:f1:42:63:c9:b4:09:2c:
66:53:33:01:a4:01:2d:cf:0d:97:46:5e:3b:19:8e:35:2b:9d:
a4:b1:ba:76:76:c6:96:c8:c4:b1:f5:a3:d9:92:f9:00:bd:df:
46:b3:53:76:44:c5:77:69:6d:3b:3d:bc:b8:28:3b:2e:31:7b:
d8:14:b9:3c:c6:ea:3a:05:ae:4f:d5:56:3e:61:e6:79:ad:16:
1b:06:39:98:e5:49:65:22:ff:84:5a:e6:57:b0:22:3f:40:a5:
c3:6a:ae:79:6a:ca:ab:cd:6c:57:dc:c3:05:5b:ab:07:4a:98:
a2:66:57:5a:e6:4f:b2:7f:50:a8:9b:0a:93:6c:27:86:5a:dd:
2c:06:e0:c0:f1:65:b7:7d:27:73:83:43:ce:98:3c:ca:10:cc:
b2:48:84:a6:f3:67:e5:ef:23:07:5c:1d:25:52:3a:5c:63:e2:
aa:62:d4:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSzvGrzk46F9UtTSD+iW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTUwYjZhZWQ2ZGQ0M2Q3NDhkNzcwMzNjZmQwMTg0NjEz
NmVmMTQwHhcNMjQwMTAxMTgzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTJhNjhkYmU1Zjk5NTU5YzJjMGZjZjdlZTExMzM5MmQ3NWViMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRL3jy+K2dt9LyU/Bmk3Cl+WE1G+
qF6x8Sfed/J3N0udp+HA8DeGJPCrbGc8iYcJJ+gKVk3ARENqfTFFanv7zPpaUFEz
iJyHXzij4l89Dyr5XFUGRw3YtkI1pNoQsuSx1ySz5eR3fI8axhfQW1d6hWym9kCL
62dbfsTYjWegT4VfAVvuJg9uvgchxk+1n7Nb+3aXQ9JRm+68iEO6q7FiQPdYfHIA
C1jPuOcvLpvjIoneBvoDgrFOEO9bhKK7ZjaMcV7N36cmI7hz99FuwaIuUPMxbV3p
uFxSipcFyuv7Q0NyYPsIDuefsrEtZXWOJovcqovYni0kkENJp84ruJwkwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4qaNvl+ZVZwsD89+4RM5LXXrLqMB8GA1UdIwQY
MBaAFAAVC2rtbdQ9dI13Azz9AYRhNu8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJVTGF1MXQxRDEwalhjRFBQMEJoR0UyN3hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82OGJhZGMtNDNhMy00MWQ3LTg4OWQt
YTZkN2VkNGFhODM2LzEvcmlwbzItWDVsVm5Dd1B6MzdoRXprdGRlc3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82OGJhZGMtNDNhMy00MWQ3LTg4OWQtYTZkN2VkNGFhODM2
LzEvQUJVTGF1MXQxRDEwalhjRFBQMEJoR0UyN3hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsp8iMA0G
CSqGSIb3DQEBCwUAA4IBAQBzX1AVkqIbwH/5qSRIuSjBCOmRAh7ykBdTyqO2FmTg
Fr5Vcn+Mprp/g3CaNspvRRT5nXcixFNvI/CdXCZHT9yk/qbPZmz2QnjVBlBwe0UA
F6EACvFCY8m0CSxmUzMBpAEtzw2XRl47GY41K52ksbp2dsaWyMSx9aPZkvkAvd9G
s1N2RMV3aW07Pby4KDsuMXvYFLk8xuo6Ba5P1VY+YeZ5rRYbBjmY5UllIv+EWuZX
sCI/QKXDaq55asqrzWxX3MMFW6sHSpiiZlda5k+yf1ComwqTbCeGWt0sBuDA8WW3
fSdzg0POmDzKEMyySISm82fl7yMHXB0lUjpcY+KqYtRg
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:48:15 2024 by rpki-client on console.sobornost.net