Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/UdgbSFiZ8NqwsTmBwdSluAPAzE0.roa
File: UdgbSFiZ8NqwsTmBwdSluAPAzE0.roa (raw, json)
Hash identifier: HG5DlJ1u1afpdjp5V3ffmW00K7ifBxQAEI8Vmte5/mI=
Subject key identifier: 51:D8:1B:48:58:99:F0:DA:B0:B1:39:81:C1:D4:A5:B8:03:C0:CC:4D
Certificate issuer: /CN=f0e206ce6d53f04908a36463d89e9b21a70c438e
Certificate serial: 018570028081B9DD7EF5FA49AA39739C8794
Authority key identifier: F0:E2:06:CE:6D:53:F0:49:08:A3:64:63:D8:9E:9B:21:A7:0C:43:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8OIGzm1T8EkIo2Rj2J6bIacMQ44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/UdgbSFiZ8NqwsTmBwdSluAPAzE0.roa
Signing time: Mon 02 Jan 2023 01:04:50 +0000
ROA not before: Mon 02 Jan 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201942
IP address blocks: 212.23.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:80:81:b9:dd:7e:f5:fa:49:aa:39:73:9c:87:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0e206ce6d53f04908a36463d89e9b21a70c438e
Validity
Not Before: Jan 2 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51d81b485899f0dab0b13981c1d4a5b803c0cc4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e1:98:d6:a8:0a:0e:ac:84:94:8c:67:0f:e7:
0a:11:5b:6d:5c:94:a2:5a:19:a2:35:b7:cf:49:62:
47:4f:57:aa:12:67:c3:11:86:bb:3f:b8:21:c0:c9:
2f:ed:05:a9:e4:56:2f:f7:81:0e:ca:61:df:85:24:
c5:86:21:35:d3:c3:21:19:d0:ef:9f:8d:db:cd:31:
97:78:f7:df:dc:3e:88:36:8a:3f:5f:24:69:fc:36:
29:91:7c:36:82:a3:9d:5b:30:b6:90:37:49:ec:3b:
bb:2b:89:02:20:05:80:cf:fe:c3:31:9f:15:1d:fe:
e8:d9:3e:7e:82:96:b9:c4:8b:db:99:19:45:b4:f0:
2b:35:f7:1c:f6:b4:b2:1c:e3:cb:9e:75:d3:5f:ef:
8d:e9:30:dd:46:67:95:99:16:e4:80:a9:ad:b0:dc:
ec:ec:57:f2:7b:6f:b4:b7:7c:71:9a:ed:1f:67:08:
7b:5a:89:29:cf:e6:12:bd:43:68:04:e8:aa:1d:a3:
36:c6:cd:76:15:7e:c3:6e:f5:e2:19:3a:d9:cf:ed:
af:4a:51:38:3b:f0:d1:22:a2:71:f3:61:dd:b9:26:
42:6d:85:e5:30:7d:81:b1:8c:be:21:eb:02:05:47:
a2:04:70:6a:7b:b0:69:00:62:44:82:84:1a:da:e2:
97:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D8:1B:48:58:99:F0:DA:B0:B1:39:81:C1:D4:A5:B8:03:C0:CC:4D
X509v3 Authority Key Identifier:
keyid:F0:E2:06:CE:6D:53:F0:49:08:A3:64:63:D8:9E:9B:21:A7:0C:43:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8OIGzm1T8EkIo2Rj2J6bIacMQ44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/UdgbSFiZ8NqwsTmBwdSluAPAzE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/8OIGzm1T8EkIo2Rj2J6bIacMQ44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.223.0/24
Signature Algorithm: sha256WithRSAEncryption
09:e1:7a:5b:94:59:9c:84:16:f2:5d:b2:14:52:86:35:ea:ff:
32:c5:a8:2d:a3:02:ef:4f:7f:19:e6:a6:8c:00:bc:73:31:0d:
20:78:29:ef:39:9b:d1:7d:53:3c:59:fa:d2:4a:1c:05:58:90:
db:b2:94:ef:1d:db:f5:1b:49:2b:6f:cb:59:a9:c3:4b:0f:3f:
2e:54:1e:d1:f8:00:be:9d:86:ee:36:11:c8:16:c6:c7:16:5f:
de:46:72:35:a1:f0:65:ab:81:82:a2:d6:58:db:38:b3:26:cf:
5c:d3:70:8c:5f:f5:a5:51:3a:8c:a3:98:e2:eb:26:9a:d8:99:
7b:b7:ca:ea:01:b7:c4:d9:5e:80:bb:fa:31:ce:25:31:2a:34:
90:76:18:1b:82:d9:c6:32:81:13:c2:cf:02:8b:d6:9d:ca:1f:
ef:6f:49:39:63:bf:c2:f3:1c:93:e2:d8:3c:dd:02:a7:83:ec:
f5:e6:0c:b0:0c:be:06:e6:8b:cb:b9:8a:90:a1:ba:f1:c3:92:
f7:40:8b:70:a6:29:c2:b0:aa:48:b1:ad:cb:b5:2f:93:48:8c:
c8:c4:e3:e7:2c:a1:fe:d9:19:2c:8d:80:5a:a8:cd:4a:ca:0a:
d2:76:72:34:64:31:76:bf:17:31:79:08:c4:d0:56:ae:60:83:
63:bb:bc:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoCBud1+9fpJqjlznIeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZTIwNmNlNmQ1M2YwNDkwOGEzNjQ2M2Q4OWU5YjIxYTcw
YzQzOGUwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQ4MWI0ODU4OTlmMGRhYjBiMTM5ODFjMWQ0YTViODAzYzBjYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+GY1qgKDqyElIxnD+cKEVttXJSi
WhmiNbfPSWJHT1eqEmfDEYa7P7ghwMkv7QWp5FYv94EOymHfhSTFhiE108MhGdDv
n43bzTGXePff3D6INoo/XyRp/DYpkXw2gqOdWzC2kDdJ7Du7K4kCIAWAz/7DMZ8V
Hf7o2T5+gpa5xIvbmRlFtPArNfcc9rSyHOPLnnXTX++N6TDdRmeVmRbkgKmtsNzs
7Ffye2+0t3xxmu0fZwh7Wokpz+YSvUNoBOiqHaM2xs12FX7DbvXiGTrZz+2vSlE4
O/DRIqJx82HduSZCbYXlMH2BsYy+IesCBUeiBHBqe7BpAGJEgoQa2uKX1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFHYG0hYmfDasLE5gcHUpbgDwMxNMB8GA1UdIwQY
MBaAFPDiBs5tU/BJCKNkY9iemyGnDEOOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE9JR3ptMVQ4RWtJbzJSajJKNmJJYWNNUTQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85ZGY4ZmUtZTY4ZS00OWM5LTgzNzEt
ZTQ1NmNiNjBmYmU2LzEvVWRnYlNGaVo4TnF3c1RtQndkU2x1QVBBekUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85ZGY4ZmUtZTY4ZS00OWM5LTgzNzEtZTQ1NmNiNjBmYmU2
LzEvOE9JR3ptMVQ4RWtJbzJSajJKNmJJYWNNUTQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BffMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ4XpblFmchBbyXbIUUoY16v8yxagtowLvT38Z5qaM
ALxzMQ0geCnvOZvRfVM8WfrSShwFWJDbspTvHdv1G0krb8tZqcNLDz8uVB7R+AC+
nYbuNhHIFsbHFl/eRnI1ofBlq4GCotZY2zizJs9c03CMX/WlUTqMo5ji6yaa2Jl7
t8rqAbfE2V6Au/oxziUxKjSQdhgbgtnGMoETws8Ci9adyh/vb0k5Y7/C8xyT4tg8
3QKng+z15gywDL4G5ovLuYqQobrxw5L3QItwpinCsKpIsa3LtS+TSIzIxOPnLKH+
2RksjYBaqM1KygrSdnI0ZDF2vxcxeQjE0FauYINju7zG
-----END CERTIFICATE-----
Generated at Mon Nov 6 09:34:20 2023 by rpki-client on console-fra.rpki-client.org