Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/i_QRh6-F448BJBcMFY1qkXvBhxw.roa
File: i_QRh6-F448BJBcMFY1qkXvBhxw.roa (raw, json)
Hash identifier: qhH9wjMphCj2LMTNkKF1YLWWTNB/fsmPDmecDs1r2sg=
Subject key identifier: 8B:F4:11:87:AF:85:E3:8F:01:24:17:0C:15:8D:6A:91:7B:C1:87:1C
Certificate issuer: /CN=b6bb8d94f632a3ced75ec5d3f2eece9cf1605bd3
Certificate serial: 01856CF848F1A1B525975863E9A2F65EAC04
Authority key identifier: B6:BB:8D:94:F6:32:A3:CE:D7:5E:C5:D3:F2:EE:CE:9C:F1:60:5B:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/truNlPYyo87XXsXT8u7OnPFgW9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/i_QRh6-F448BJBcMFY1qkXvBhxw.roa
Signing time: Sun 01 Jan 2023 10:54:48 +0000
ROA not before: Sun 01 Jan 2023 10:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201553
IP address blocks: 185.208.64.0/24 maxlen: 24
185.208.65.0/24 maxlen: 24
185.208.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:48:f1:a1:b5:25:97:58:63:e9:a2:f6:5e:ac:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6bb8d94f632a3ced75ec5d3f2eece9cf1605bd3
Validity
Not Before: Jan 1 10:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bf41187af85e38f0124170c158d6a917bc1871c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f2:27:03:f6:e1:62:7b:d8:d7:8d:2b:2f:16:
3a:4c:06:7b:59:1e:02:2c:a6:bc:85:cb:98:92:38:
e1:0e:4d:8c:a0:57:66:ec:63:f1:df:54:77:fc:c6:
c8:ee:79:38:c4:b9:37:91:0e:12:6b:be:e9:f5:fb:
46:97:e1:7f:61:12:54:d7:9b:49:ed:dc:7d:9d:40:
5d:58:4a:92:7f:78:3f:d6:c6:53:69:c5:ca:b0:a0:
ee:30:d7:a4:35:a7:f4:a4:7e:71:a3:be:0a:bd:1e:
1a:2d:49:90:98:68:8c:e1:c9:fd:e6:08:72:ef:46:
a9:07:69:f5:7b:f9:03:fd:38:25:e5:92:e8:bd:17:
1b:ec:f4:a2:da:17:4d:87:6d:b0:17:80:e0:c7:d7:
52:23:75:b7:3b:f7:86:5f:d9:ab:86:f5:58:40:15:
98:f7:88:2f:2a:85:0b:e6:bd:35:8e:ac:bf:8c:b0:
bf:12:68:f2:94:b4:a8:59:1d:6b:a9:e7:51:20:2d:
97:d9:cb:24:8c:4e:f2:ae:a3:c5:d1:38:47:56:44:
3c:52:67:b4:b3:b6:82:d0:ef:df:fc:2f:3a:0d:21:
4e:03:9f:da:8b:7c:59:f9:41:f0:d7:11:23:b6:73:
f5:73:e7:6a:be:17:4b:04:d2:99:5c:40:21:ce:0c:
d4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F4:11:87:AF:85:E3:8F:01:24:17:0C:15:8D:6A:91:7B:C1:87:1C
X509v3 Authority Key Identifier:
keyid:B6:BB:8D:94:F6:32:A3:CE:D7:5E:C5:D3:F2:EE:CE:9C:F1:60:5B:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/truNlPYyo87XXsXT8u7OnPFgW9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/i_QRh6-F448BJBcMFY1qkXvBhxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e723d6-30fc-40b5-94c9-9599d3dc796d/1/truNlPYyo87XXsXT8u7OnPFgW9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.64.0/23
185.208.67.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f5:c5:1d:4f:63:d2:7e:65:5a:cb:93:fd:e1:48:6b:ed:3a:
cb:39:7c:11:77:1b:b5:e1:84:a2:75:04:50:83:d8:f0:78:c2:
90:02:5a:10:e4:dc:82:4e:32:43:7d:ac:d7:65:96:8f:e6:2e:
b6:16:db:a7:a2:7e:3a:fb:75:1a:b9:52:1e:36:03:9b:ab:2e:
e0:10:8a:93:8a:49:30:95:22:8a:87:2c:70:00:a2:d2:d2:15:
c6:18:4d:c7:a1:50:2e:0c:78:dc:5a:41:e1:41:77:34:74:37:
a9:e1:79:f7:cb:ea:f6:96:e1:95:16:d7:54:14:c5:b0:ec:a5:
02:a3:3f:1b:a5:7e:e5:be:b7:bf:c7:95:78:86:68:b3:99:71:
c3:cf:a4:b5:7d:be:55:fc:a1:5a:8f:3c:82:48:ce:8e:ff:86:
55:f8:59:53:d8:e6:4f:87:5a:5b:5a:5b:a1:31:37:7e:f6:0c:
ca:24:4e:d7:d5:b8:a7:6c:0a:6f:ea:87:56:b9:5b:71:14:af:
f1:f5:16:66:dd:6d:27:51:45:2c:17:bf:e0:35:7c:ea:bd:75:
05:33:2d:4a:37:44:92:8a:d2:be:2e:a4:65:08:4a:11:1b:2d:
2f:a8:72:41:91:4e:85:fe:5f:57:3e:9e:58:64:65:6f:0d:c6:
55:d6:91:64
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs+EjxobUll1hj6aL2XqwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YmI4ZDk0ZjYzMmEzY2VkNzVlYzVkM2YyZWVjZTljZjE2
MDViZDMwHhcNMjMwMTAxMTA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmY0MTE4N2FmODVlMzhmMDEyNDE3MGMxNThkNmE5MTdiYzE4NzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvInA/bhYnvY140rLxY6TAZ7WR4C
LKa8hcuYkjjhDk2MoFdm7GPx31R3/MbI7nk4xLk3kQ4Sa77p9ftGl+F/YRJU15tJ
7dx9nUBdWEqSf3g/1sZTacXKsKDuMNekNaf0pH5xo74KvR4aLUmQmGiM4cn95ghy
70apB2n1e/kD/Tgl5ZLovRcb7PSi2hdNh22wF4Dgx9dSI3W3O/eGX9mrhvVYQBWY
94gvKoUL5r01jqy/jLC/EmjylLSoWR1rqedRIC2X2cskjE7yrqPF0ThHVkQ8Ume0
s7aC0O/f/C86DSFOA5/ai3xZ+UHw1xEjtnP1c+dqvhdLBNKZXEAhzgzUIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIv0EYevheOPASQXDBWNapF7wYccMB8GA1UdIwQY
MBaAFLa7jZT2MqPO117F0/LuzpzxYFvTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHJ1TmxQWXlvODdYWHNYVDh1N09uUEZnVzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lNzIzZDYtMzBmYy00MGI1LTk0Yzkt
OTU5OWQzZGM3OTZkLzEvaV9RUmg2LUY0NDhCSkJjTUZZMXFrWHZCaHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lNzIzZDYtMzBmYy00MGI1LTk0YzktOTU5OWQzZGM3OTZk
LzEvdHJ1TmxQWXlvODdYWHNYVDh1N09uUEZnVzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudBAAwQA
udBDMA0GCSqGSIb3DQEBCwUAA4IBAQCS9cUdT2PSfmVay5P94Uhr7TrLOXwRdxu1
4YSidQRQg9jweMKQAloQ5NyCTjJDfazXZZaP5i62Ftunon46+3UauVIeNgObqy7g
EIqTikkwlSKKhyxwAKLS0hXGGE3HoVAuDHjcWkHhQXc0dDep4Xn3y+r2luGVFtdU
FMWw7KUCoz8bpX7lvre/x5V4hmizmXHDz6S1fb5V/KFajzyCSM6O/4ZV+FlT2OZP
h1pbWluhMTd+9gzKJE7X1binbApv6odWuVtxFK/x9RZm3W0nUUUsF7/gNXzqvXUF
My1KN0SSitK+LqRlCEoRGy0vqHJBkU6F/l9XPp5YZGVvDcZV1pFk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org