Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c7bd5a-422b-44aa-8715-2103f4191930/1/iKVSHb9ITBug4Bw3uElJbKGd6zE.roa
File: iKVSHb9ITBug4Bw3uElJbKGd6zE.roa (raw, json)
Hash identifier: /NHLNYIIqk5d3xQUlqsublj4gz7ojBwg8qdgTBpNtCI=
Subject key identifier: 88:A5:52:1D:BF:48:4C:1B:A0:E0:1C:37:B8:49:49:6C:A1:9D:EB:31
Certificate issuer: /CN=9f8de721e3aa46c02a386bab94e34d8a5800583a
Certificate serial: 018CCA2B1B501460B848F75B6CA7619FF00B
Authority key identifier: 9F:8D:E7:21:E3:AA:46:C0:2A:38:6B:AB:94:E3:4D:8A:58:00:58:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n43nIeOqRsAqOGurlONNilgAWDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c7bd5a-422b-44aa-8715-2103f4191930/1/iKVSHb9ITBug4Bw3uElJbKGd6zE.roa
Signing time: Tue 02 Jan 2024 12:34:31 +0000
ROA not before: Tue 02 Jan 2024 12:34:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394540
IP address blocks: 91.205.112.0/24 maxlen: 24
91.205.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:1b:50:14:60:b8:48:f7:5b:6c:a7:61:9f:f0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f8de721e3aa46c02a386bab94e34d8a5800583a
Validity
Not Before: Jan 2 12:34:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88a5521dbf484c1ba0e01c37b849496ca19deb31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b2:7d:7a:a9:52:c5:fc:0e:09:69:50:c7:2d:
27:52:fd:55:14:8e:b9:df:10:f8:29:d9:87:ae:51:
f0:51:3b:f1:b3:7e:7d:97:4c:60:32:6c:96:77:46:
98:46:5c:29:5f:07:1a:33:79:62:d4:c8:23:bb:3a:
0f:74:ed:39:73:cf:16:8e:b4:3b:96:d6:4d:2d:56:
94:58:95:8a:8b:3c:eb:5d:77:a6:63:e8:dd:3b:9a:
16:e7:b2:ba:29:d4:9c:ac:ef:ea:c7:c3:4f:d6:e0:
b7:30:9b:c0:14:d9:a9:1d:f2:e9:ff:d0:ed:a7:ca:
45:79:43:a5:a5:16:d6:32:5f:15:e6:55:74:19:34:
f9:4b:b0:76:9f:fc:35:9c:da:66:b7:85:a1:e5:9a:
0f:10:16:27:41:0e:b9:02:5d:c9:e7:5b:09:0a:83:
d7:55:d9:ab:55:f8:c7:a7:6b:89:97:f4:08:85:11:
82:10:2f:4f:23:fd:e6:07:57:b9:fd:e5:0e:60:f5:
3f:3a:73:26:46:92:fc:08:f9:88:4d:8f:6d:e5:9b:
15:aa:6a:b7:b0:0f:f4:0d:ad:f2:62:ec:90:e3:78:
24:6c:32:47:f5:f2:f0:84:b6:8e:e0:e4:0b:ee:8e:
be:22:a0:9c:08:3a:e5:2f:9e:44:ff:f1:31:63:6a:
fb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A5:52:1D:BF:48:4C:1B:A0:E0:1C:37:B8:49:49:6C:A1:9D:EB:31
X509v3 Authority Key Identifier:
keyid:9F:8D:E7:21:E3:AA:46:C0:2A:38:6B:AB:94:E3:4D:8A:58:00:58:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n43nIeOqRsAqOGurlONNilgAWDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c7bd5a-422b-44aa-8715-2103f4191930/1/iKVSHb9ITBug4Bw3uElJbKGd6zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c7bd5a-422b-44aa-8715-2103f4191930/1/n43nIeOqRsAqOGurlONNilgAWDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.112.0/23
Signature Algorithm: sha256WithRSAEncryption
94:9c:fa:4b:31:7a:62:aa:8c:ef:c2:0d:72:47:0f:05:1b:33:
81:05:83:24:6a:dd:d2:bc:6d:6c:f0:10:1c:70:7e:7c:08:02:
b5:d7:8b:8d:90:b8:2b:d1:a7:bd:25:de:b3:47:b1:bf:46:7a:
0b:d9:d5:69:f9:1d:de:b5:18:66:63:8e:fe:09:ca:32:ab:ac:
64:fc:31:e4:b1:0b:4d:7a:99:3f:54:83:64:a9:fa:a3:d9:41:
bb:43:f2:36:b4:92:a5:2b:8c:ee:2a:0d:33:cb:1f:7d:f4:27:
f1:f3:69:f2:e6:9e:24:88:d5:e1:e8:03:b1:e1:a5:b3:2e:95:
27:09:30:24:ce:ce:9c:f7:fc:ff:3f:84:23:c6:ea:4d:95:45:
b0:0a:df:6e:ec:c0:97:c0:c2:83:50:b5:84:25:f7:07:1a:c1:
69:35:02:a7:10:3f:e3:df:62:18:52:48:da:f8:0f:fb:c7:d1:
58:14:5f:34:b6:69:06:30:dc:8e:aa:dc:67:84:40:92:ef:2b:
ba:1b:af:00:82:27:f2:c4:6c:e7:fa:e5:18:7e:1a:b3:2b:88:
3c:99:cd:54:e7:d1:43:a3:64:39:b5:78:6a:a1:8f:65:99:c9:
09:ec:ea:00:60:11:7d:09:b2:62:00:d2:69:0c:a8:b9:f2:29:
84:65:0c:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKxtQFGC4SPdbbKdhn/ALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmOGRlNzIxZTNhYTQ2YzAyYTM4NmJhYjk0ZTM0ZDhhNTgw
MDU4M2EwHhcNMjQwMTAyMTIzNDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE1NTIxZGJmNDg0YzFiYTBlMDFjMzdiODQ5NDk2Y2ExOWRlYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7J9eqlSxfwOCWlQxy0nUv1VFI65
3xD4KdmHrlHwUTvxs359l0xgMmyWd0aYRlwpXwcaM3li1MgjuzoPdO05c88WjrQ7
ltZNLVaUWJWKizzrXXemY+jdO5oW57K6KdScrO/qx8NP1uC3MJvAFNmpHfLp/9Dt
p8pFeUOlpRbWMl8V5lV0GTT5S7B2n/w1nNpmt4Wh5ZoPEBYnQQ65Al3J51sJCoPX
VdmrVfjHp2uJl/QIhRGCEC9PI/3mB1e5/eUOYPU/OnMmRpL8CPmITY9t5ZsVqmq3
sA/0Da3yYuyQ43gkbDJH9fLwhLaO4OQL7o6+IqCcCDrlL55E//ExY2r7AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIilUh2/SEwboOAcN7hJSWyhnesxMB8GA1UdIwQY
MBaAFJ+N5yHjqkbAKjhrq5TjTYpYAFg6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjQzbkllT3FSc0FxT0d1cmxPTk5pbGdBV0RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jN2JkNWEtNDIyYi00NGFhLTg3MTUt
MjEwM2Y0MTkxOTMwLzEvaUtWU0hiOUlUQnVnNEJ3M3VFbEpiS0dkNnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jN2JkNWEtNDIyYi00NGFhLTg3MTUtMjEwM2Y0MTkxOTMw
LzEvbjQzbkllT3FSc0FxT0d1cmxPTk5pbGdBV0RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW81wMA0G
CSqGSIb3DQEBCwUAA4IBAQCUnPpLMXpiqozvwg1yRw8FGzOBBYMkat3SvG1s8BAc
cH58CAK114uNkLgr0ae9Jd6zR7G/RnoL2dVp+R3etRhmY47+Ccoyq6xk/DHksQtN
epk/VINkqfqj2UG7Q/I2tJKlK4zuKg0zyx999Cfx82ny5p4kiNXh6AOx4aWzLpUn
CTAkzs6c9/z/P4QjxupNlUWwCt9u7MCXwMKDULWEJfcHGsFpNQKnED/j32IYUkja
+A/7x9FYFF80tmkGMNyOqtxnhECS7yu6G68AgifyxGzn+uUYfhqzK4g8mc1U59FD
o2Q5tXhqoY9lmckJ7OoAYBF9CbJiANJpDKi58imEZQwj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org