Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/aYlhUMAejY9mAxAIxGqZXTvoz2s.roa
File: aYlhUMAejY9mAxAIxGqZXTvoz2s.roa (raw, json)
Hash identifier: DcKGOlnMXYxqnULw3YmgpTGqRVzlW0xiSeUVq3JGvBQ=
Subject key identifier: 69:89:61:50:C0:1E:8D:8F:66:03:10:08:C4:6A:99:5D:3B:E8:CF:6B
Certificate issuer: /CN=f0e206ce6d53f04908a36463d89e9b21a70c438e
Certificate serial: 0185700281CB8C3DC466E071CA46FDDF2364
Authority key identifier: F0:E2:06:CE:6D:53:F0:49:08:A3:64:63:D8:9E:9B:21:A7:0C:43:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8OIGzm1T8EkIo2Rj2J6bIacMQ44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/aYlhUMAejY9mAxAIxGqZXTvoz2s.roa
Signing time: Mon 02 Jan 2023 01:04:50 +0000
ROA not before: Mon 02 Jan 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210876
IP address blocks: 212.23.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:81:cb:8c:3d:c4:66:e0:71:ca:46:fd:df:23:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0e206ce6d53f04908a36463d89e9b21a70c438e
Validity
Not Before: Jan 2 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69896150c01e8d8f66031008c46a995d3be8cf6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:50:ba:60:81:38:93:a2:43:7e:37:1c:bf:3f:
99:5d:6c:34:7a:06:93:52:30:64:ad:a7:de:a1:bc:
28:34:7a:f0:00:ac:69:c4:25:a4:69:53:5f:43:00:
0f:88:ad:a2:7f:d6:5b:e0:c5:30:2e:3b:5c:43:3e:
c3:4e:ff:c1:d0:82:75:a5:fe:52:04:d1:f3:8e:1b:
05:c1:81:64:d9:43:7a:96:17:4f:12:4a:98:f9:58:
ff:b0:58:44:da:76:85:40:0a:79:2a:61:6e:d2:94:
ff:df:a9:d7:20:42:15:4d:dd:ab:b0:c8:53:35:f7:
f7:48:1b:ae:34:10:03:58:bf:10:22:06:bb:9e:06:
31:6f:3b:5f:14:2d:06:68:f6:7f:66:5e:10:70:e6:
c6:e0:f9:6b:b3:bf:92:c1:18:d6:a8:e5:fa:fc:00:
e8:d6:15:12:3b:aa:58:e0:9d:bf:b1:db:34:de:88:
cd:49:8c:22:3c:05:19:80:fd:38:64:5c:b2:e5:5e:
2b:cd:f6:b2:12:17:01:d4:59:f1:4c:46:70:ff:df:
d0:11:c8:25:f7:27:b6:91:ce:a8:96:16:bc:3c:de:
77:78:95:1d:ad:bf:5b:2e:05:a9:ee:ca:27:51:e7:
48:9f:1f:ac:57:98:01:2d:25:1a:a2:51:f4:7a:09:
a0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:89:61:50:C0:1E:8D:8F:66:03:10:08:C4:6A:99:5D:3B:E8:CF:6B
X509v3 Authority Key Identifier:
keyid:F0:E2:06:CE:6D:53:F0:49:08:A3:64:63:D8:9E:9B:21:A7:0C:43:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8OIGzm1T8EkIo2Rj2J6bIacMQ44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/aYlhUMAejY9mAxAIxGqZXTvoz2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9df8fe-e68e-49c9-8371-e456cb60fbe6/1/8OIGzm1T8EkIo2Rj2J6bIacMQ44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.223.0/24
Signature Algorithm: sha256WithRSAEncryption
06:3a:0d:b5:61:3a:f8:1c:cc:bb:87:8b:19:0a:9f:6b:75:ad:
d4:fa:51:65:e4:1f:b6:d8:8b:63:7f:27:d9:70:0a:86:fe:d8:
9f:d9:89:ce:be:11:ac:e8:8d:80:f3:d4:9b:0e:11:d2:8d:51:
9e:5a:ea:19:45:b3:99:32:56:70:5b:40:1a:83:86:f7:6a:38:
8e:c1:fc:e0:6a:b0:ef:c4:e0:d2:1d:a8:2f:8e:ff:7f:fd:19:
80:11:4f:54:26:a1:03:5b:c2:33:75:c1:95:48:e9:2c:a1:ee:
65:42:9a:4c:a6:33:20:db:f9:cb:78:0c:64:95:23:3b:09:de:
7a:c3:12:8c:55:d5:ff:cf:be:57:03:de:27:a6:0a:d7:5c:9f:
b4:e7:b5:79:89:c9:7a:01:8b:b8:26:a4:50:67:e3:0d:15:a6:
ed:dd:61:b0:2f:2e:5c:17:29:53:3a:23:b4:26:56:2a:64:df:
37:0d:40:95:89:ac:fd:fe:64:24:e2:b0:42:8d:d6:3f:bf:45:
9d:9f:40:fe:5f:ba:ad:c0:e7:06:16:87:a5:08:80:8f:9a:d9:
14:c2:9d:99:ba:c2:55:d4:d7:10:60:f0:4b:94:ab:51:19:01:
c5:c4:b5:17:e8:69:64:6b:3b:1b:ca:e3:e4:09:2c:fa:40:ca:
23:c2:19:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoHLjD3EZuBxykb93yNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZTIwNmNlNmQ1M2YwNDkwOGEzNjQ2M2Q4OWU5YjIxYTcw
YzQzOGUwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTg5NjE1MGMwMWU4ZDhmNjYwMzEwMDhjNDZhOTk1ZDNiZThjZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFC6YIE4k6JDfjccvz+ZXWw0egaT
UjBkrafeobwoNHrwAKxpxCWkaVNfQwAPiK2if9Zb4MUwLjtcQz7DTv/B0IJ1pf5S
BNHzjhsFwYFk2UN6lhdPEkqY+Vj/sFhE2naFQAp5KmFu0pT/36nXIEIVTd2rsMhT
Nff3SBuuNBADWL8QIga7ngYxbztfFC0GaPZ/Zl4QcObG4Plrs7+SwRjWqOX6/ADo
1hUSO6pY4J2/sds03ojNSYwiPAUZgP04ZFyy5V4rzfayEhcB1FnxTEZw/9/QEcgl
9ye2kc6olha8PN53eJUdrb9bLgWp7sonUedInx+sV5gBLSUaolH0egmg4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmJYVDAHo2PZgMQCMRqmV076M9rMB8GA1UdIwQY
MBaAFPDiBs5tU/BJCKNkY9iemyGnDEOOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE9JR3ptMVQ4RWtJbzJSajJKNmJJYWNNUTQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85ZGY4ZmUtZTY4ZS00OWM5LTgzNzEt
ZTQ1NmNiNjBmYmU2LzEvYVlsaFVNQWVqWTltQXhBSXhHcVpYVHZvejJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85ZGY4ZmUtZTY4ZS00OWM5LTgzNzEtZTQ1NmNiNjBmYmU2
LzEvOE9JR3ptMVQ4RWtJbzJSajJKNmJJYWNNUTQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BffMA0G
CSqGSIb3DQEBCwUAA4IBAQAGOg21YTr4HMy7h4sZCp9rda3U+lFl5B+22ItjfyfZ
cAqG/tif2YnOvhGs6I2A89SbDhHSjVGeWuoZRbOZMlZwW0Aag4b3ajiOwfzgarDv
xODSHagvjv9//RmAEU9UJqEDW8IzdcGVSOksoe5lQppMpjMg2/nLeAxklSM7Cd56
wxKMVdX/z75XA94npgrXXJ+057V5icl6AYu4JqRQZ+MNFabt3WGwLy5cFylTOiO0
JlYqZN83DUCViaz9/mQk4rBCjdY/v0Wdn0D+X7qtwOcGFoelCICPmtkUwp2ZusJV
1NcQYPBLlKtRGQHFxLUX6GlkazsbyuPkCSz6QMojwhkd
-----END CERTIFICATE-----
Generated at Mon Nov 6 09:34:20 2023 by rpki-client on console-fra.rpki-client.org