Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/UpQJYohn1lWhna7NGP9QHnUwhck.roa
File: UpQJYohn1lWhna7NGP9QHnUwhck.roa (raw, json)
Hash identifier: 0Zi2crVmbJ1OkInY8A8Gm6BaPZ3OE1QfaAL3Csbjg5k=
Subject key identifier: 52:94:09:62:88:67:D6:55:A1:9D:AE:CD:18:FF:50:1E:75:30:85:C9
Certificate issuer: /CN=3e87c976373fa3d8ad905e534c4ffc2380420e1a
Certificate serial: 068F6BFA
Authority key identifier: 3E:87:C9:76:37:3F:A3:D8:AD:90:5E:53:4C:4F:FC:23:80:42:0E:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PofJdjc_o9itkF5TTE_8I4BCDho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/UpQJYohn1lWhna7NGP9QHnUwhck.roa
Signing time: Sat 01 Jan 2022 12:58:32 +0000
ROA not before: Sat 01 Jan 2022 12:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42926
IP address blocks: 2.56.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110062586 (0x68f6bfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e87c976373fa3d8ad905e534c4ffc2380420e1a
Validity
Not Before: Jan 1 12:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=529409628867d655a19daecd18ff501e753085c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:0c:0b:74:36:aa:70:ea:c9:ac:d9:9e:e4:
af:bc:4c:41:28:b2:bc:cf:53:a9:ec:1a:a3:25:09:
c6:75:d8:c2:5d:34:45:96:34:34:b1:32:3a:0e:ce:
68:c1:45:aa:70:b3:63:13:ec:d0:b3:d4:a7:6d:50:
b6:69:ee:0b:6b:1d:7f:3f:22:25:ed:f8:05:6a:fc:
6b:61:36:46:b3:f3:26:5f:df:7b:75:95:8b:90:52:
8e:cd:5d:24:14:32:af:a6:ec:30:2b:a8:d5:32:1c:
19:f8:3a:69:f4:d2:e7:c9:9b:fd:22:49:cb:1d:2b:
35:71:9b:ea:58:41:19:b3:3b:2d:c8:b2:90:ae:ff:
54:91:92:aa:0b:39:e1:d4:9c:87:bd:de:b1:ce:a6:
ee:cc:b8:2d:53:50:1b:bf:ae:3a:39:f7:81:ba:c0:
43:11:f1:b2:f9:42:ba:23:ff:6d:3a:f5:db:45:74:
53:33:b5:fe:8a:91:a8:b0:82:9c:e4:5d:23:d3:ad:
81:3a:f9:fc:04:16:82:95:4b:3a:cd:8d:e5:ac:cd:
28:30:09:9e:c2:a3:66:6d:14:f2:b3:2c:51:5d:85:
25:d1:e1:95:c0:e7:ae:35:24:b2:82:80:1c:3c:32:
89:a6:a7:8b:f4:f5:50:b4:7e:50:67:8a:b4:75:6b:
02:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:94:09:62:88:67:D6:55:A1:9D:AE:CD:18:FF:50:1E:75:30:85:C9
X509v3 Authority Key Identifier:
keyid:3E:87:C9:76:37:3F:A3:D8:AD:90:5E:53:4C:4F:FC:23:80:42:0E:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PofJdjc_o9itkF5TTE_8I4BCDho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/UpQJYohn1lWhna7NGP9QHnUwhck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/509d27-a91e-45bf-bea2-256d250eac76/1/PofJdjc_o9itkF5TTE_8I4BCDho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ec:0c:34:d2:c6:23:88:04:c5:85:48:39:81:e4:82:88:d0:
c5:4f:ed:4b:d4:66:66:36:a6:86:2b:ff:dc:15:f4:fc:4d:77:
66:8e:ed:1d:db:b0:cc:65:26:0e:85:1d:56:d8:13:8a:af:93:
b2:9d:d8:f8:96:ad:af:2c:a4:ec:e4:42:ee:63:df:f6:ab:2b:
b8:0b:b7:4b:93:b5:4f:bf:05:e8:58:ed:dc:c5:15:12:23:da:
ad:40:43:80:75:99:5a:eb:da:b8:6a:1b:eb:7e:5b:71:30:6d:
c4:5e:98:e4:07:3e:c0:4e:95:3e:44:5d:81:91:c4:84:ae:bd:
ac:96:8d:f2:f4:08:92:37:69:b3:bb:6a:00:7e:f8:94:73:a4:
f9:a9:d3:a9:4f:95:c7:01:de:e6:a3:f5:2b:13:99:34:b0:4f:
da:54:72:16:5e:8e:31:aa:76:74:2c:4f:c4:c6:6d:36:ba:18:
aa:ce:aa:f0:43:38:0d:25:ce:b2:1c:d1:59:ae:9b:12:05:ce:
61:12:cd:60:d1:e4:65:84:18:aa:5b:8c:69:28:09:b2:b9:4f:
37:6f:a6:e2:0c:e6:f3:93:66:00:fb:d9:cc:d4:17:58:9b:12:
6a:2d:bd:54:63:97:99:cd:67:35:d6:71:7f:73:9a:5c:d9:d6:
38:d5:ec:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBo9r+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTg3Yzk3NjM3M2ZhM2Q4YWQ5MDVlNTM0YzRmZmMyMzgwNDIwZTFhMB4XDTIyMDEw
MTEyNTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI5NDA5NjI4ODY3
ZDY1NWExOWRhZWNkMThmZjUwMWU3NTMwODVjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzyDAt0Nqpw6sms2Z7kr7xMQSiyvM9TqewaoyUJxnXYwl00
RZY0NLEyOg7OaMFFqnCzYxPs0LPUp21QtmnuC2sdfz8iJe34BWr8a2E2RrPzJl/f
e3WVi5BSjs1dJBQyr6bsMCuo1TIcGfg6afTS58mb/SJJyx0rNXGb6lhBGbM7Lciy
kK7/VJGSqgs54dSch73esc6m7sy4LVNQG7+uOjn3gbrAQxHxsvlCuiP/bTr120V0
UzO1/oqRqLCCnORdI9OtgTr5/AQWgpVLOs2N5azNKDAJnsKjZm0U8rMsUV2FJdHh
lcDnrjUksoKAHDwyiaani/T1ULR+UGeKtHVrAmMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSlAliiGfWVaGdrs0Y/1AedTCFyTAfBgNVHSMEGDAWgBQ+h8l2Nz+j2K2Q
XlNMT/wjgEIOGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BvZkpkamNfbzlpdGtGNVRURV84STRCQ0Roby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvNTA5ZDI3LWE5MWUtNDViZi1iZWEyLTI1NmQyNTBlYWM3Ni8x
L1VwUUpZb2huMWxXaG5hN05HUDlRSG5Vd2hjay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
NTA5ZDI3LWE5MWUtNDViZi1iZWEyLTI1NmQyNTBlYWM3Ni8xL1BvZkpkamNfbzlp
dGtGNVRURV84STRCQ0Roby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4mDANBgkqhkiG9w0BAQsFAAOC
AQEAl+wMNNLGI4gExYVIOYHkgojQxU/tS9RmZjamhiv/3BX0/E13Zo7tHduwzGUm
DoUdVtgTiq+Tsp3Y+Jatryyk7ORC7mPf9qsruAu3S5O1T78F6Fjt3MUVEiParUBD
gHWZWuvauGob635bcTBtxF6Y5Ac+wE6VPkRdgZHEhK69rJaN8vQIkjdps7tqAH74
lHOk+anTqU+VxwHe5qP1KxOZNLBP2lRyFl6OMap2dCxPxMZtNroYqs6q8EM4DSXO
shzRWa6bEgXOYRLNYNHkZYQYqluMaSgJsrlPN2+m4gzm85NmAPvZzNQXWJsSai29
VGOXmc1nNdZxf3OaXNnWONXsXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:53 2024 by rpki-client on console-fra.rpki-client.org