Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/iVMFJ6mZbVV-sc4fA6ffqIwKPT0.roa
File: iVMFJ6mZbVV-sc4fA6ffqIwKPT0.roa (raw, json)
Hash identifier: z43gPKGcxdxQrjef29vA0RCLn2AYtEtJDTBLsSmM/As=
Subject key identifier: 89:53:05:27:A9:99:6D:55:7E:B1:CE:1F:03:A7:DF:A8:8C:0A:3D:3D
Certificate issuer: /CN=60d3ac4825dca7eec97005dba3b0bff27904f58a
Certificate serial: 01856D6F89977EF25E332C49C2D26A7CC570
Authority key identifier: 60:D3:AC:48:25:DC:A7:EE:C9:70:05:DB:A3:B0:BF:F2:79:04:F5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YNOsSCXcp-7JcAXbo7C_8nkE9Yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/iVMFJ6mZbVV-sc4fA6ffqIwKPT0.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1221
IP address blocks: 185.144.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:89:97:7e:f2:5e:33:2c:49:c2:d2:6a:7c:c5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60d3ac4825dca7eec97005dba3b0bff27904f58a
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89530527a9996d557eb1ce1f03a7dfa88c0a3d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:23:08:7e:e3:9b:e4:68:cc:ad:a3:9c:7f:5f:
92:02:c5:5e:93:dc:c3:ba:24:fa:a9:96:29:19:08:
d8:82:76:64:a9:33:4f:9f:b5:03:38:74:4c:44:e9:
ec:84:b5:c2:b5:70:c0:bf:89:85:91:05:31:68:5e:
87:e1:5f:44:f2:05:72:20:d3:c8:18:74:a0:d8:53:
e3:c4:2f:1e:1c:96:0f:99:42:41:06:6d:e7:71:8c:
b0:e7:69:33:74:16:2e:94:af:cc:ac:c9:60:1f:41:
91:e2:43:47:96:53:1d:14:24:8c:2e:e4:48:ae:e5:
c0:ab:69:0a:ba:fa:ff:6f:9a:cd:d8:aa:98:68:86:
64:76:85:99:0b:c5:8f:7a:11:bf:62:1e:cb:fc:17:
8a:f0:7b:72:c5:9c:46:7e:39:d7:5e:e2:f0:1d:ac:
c4:34:92:ca:e5:47:ba:80:30:8b:6a:00:78:44:73:
80:e4:ec:ad:46:da:34:9e:35:fe:ce:37:23:9e:af:
6f:c5:94:02:c2:3a:c5:2e:7f:28:d0:0f:a5:4b:47:
3d:44:9d:ad:a0:96:b4:68:b9:0e:68:fc:d4:49:ff:
57:a8:2b:ae:da:13:60:59:16:d3:1a:9f:77:79:b7:
e0:ee:11:93:b2:12:af:b1:e3:bf:bc:b2:63:04:13:
62:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:53:05:27:A9:99:6D:55:7E:B1:CE:1F:03:A7:DF:A8:8C:0A:3D:3D
X509v3 Authority Key Identifier:
keyid:60:D3:AC:48:25:DC:A7:EE:C9:70:05:DB:A3:B0:BF:F2:79:04:F5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YNOsSCXcp-7JcAXbo7C_8nkE9Yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/iVMFJ6mZbVV-sc4fA6ffqIwKPT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b4765f-a60f-4356-982a-1afd2649b299/1/YNOsSCXcp-7JcAXbo7C_8nkE9Yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.111.0/24
Signature Algorithm: sha256WithRSAEncryption
94:43:9c:26:ac:d7:0d:75:47:01:2a:11:44:aa:4f:87:19:2b:
7f:bc:1a:16:36:31:13:fd:62:a3:49:ff:bb:9a:98:a3:33:f3:
c7:51:68:0d:09:23:98:9c:49:23:60:f7:a7:77:0d:59:c3:a1:
ad:9e:05:3a:b7:58:08:ce:aa:d4:c7:e8:8a:16:87:db:6f:d8:
c1:30:12:ba:46:e1:ad:e0:c0:1c:9b:5c:77:51:4c:25:cd:7b:
81:3d:e0:65:93:a7:91:58:6f:1b:9e:db:4c:e7:ac:bb:6c:e3:
2b:82:b2:91:bc:8b:34:f8:74:1c:3b:53:c6:fb:ee:b2:c3:95:
aa:ad:6a:09:5d:20:fd:3a:a6:63:2a:14:fc:83:f8:0b:42:0b:
02:4a:f2:ef:b0:e8:a0:51:2d:96:5e:cd:1b:f5:c3:bc:ba:9e:
ff:1e:c9:c1:0b:de:3c:13:da:2a:ea:35:fc:ad:d3:cd:65:8f:
5d:29:36:29:20:a4:3b:dd:92:04:a6:58:5b:ed:36:e6:08:57:
af:fd:80:81:c6:77:3f:97:fd:67:e0:1f:1a:39:30:f0:2a:87:
13:98:13:44:3c:11:7b:77:bf:e0:9f:3a:9e:03:fa:33:3b:6d:
23:58:7a:7b:10:52:41:dd:6b:9d:25:14:47:c0:e6:80:42:02:
a4:f2:f8:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb4mXfvJeMyxJwtJqfMVwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZDNhYzQ4MjVkY2E3ZWVjOTcwMDVkYmEzYjBiZmYyNzkw
NGY1OGEwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTUzMDUyN2E5OTk2ZDU1N2ViMWNlMWYwM2E3ZGZhODhjMGEzZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyMIfuOb5GjMraOcf1+SAsVek9zD
uiT6qZYpGQjYgnZkqTNPn7UDOHRMROnshLXCtXDAv4mFkQUxaF6H4V9E8gVyINPI
GHSg2FPjxC8eHJYPmUJBBm3ncYyw52kzdBYulK/MrMlgH0GR4kNHllMdFCSMLuRI
ruXAq2kKuvr/b5rN2KqYaIZkdoWZC8WPehG/Yh7L/BeK8HtyxZxGfjnXXuLwHazE
NJLK5Ue6gDCLagB4RHOA5OytRto0njX+zjcjnq9vxZQCwjrFLn8o0A+lS0c9RJ2t
oJa0aLkOaPzUSf9XqCuu2hNgWRbTGp93ebfg7hGTshKvseO/vLJjBBNiSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlTBSepmW1VfrHOHwOn36iMCj09MB8GA1UdIwQY
MBaAFGDTrEgl3KfuyXAF26Owv/J5BPWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU5Pc1NDWGNwLTdKY0FYYm83Q184bmtFOVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNDc2NWYtYTYwZi00MzU2LTk4MmEt
MWFmZDI2NDliMjk5LzEvaVZNRko2bVpiVlYtc2M0ZkE2ZmZxSXdLUFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNDc2NWYtYTYwZi00MzU2LTk4MmEtMWFmZDI2NDliMjk5
LzEvWU5Pc1NDWGNwLTdKY0FYYm83Q184bmtFOVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZBvMA0G
CSqGSIb3DQEBCwUAA4IBAQCUQ5wmrNcNdUcBKhFEqk+HGSt/vBoWNjET/WKjSf+7
mpijM/PHUWgNCSOYnEkjYPendw1Zw6GtngU6t1gIzqrUx+iKFofbb9jBMBK6RuGt
4MAcm1x3UUwlzXuBPeBlk6eRWG8bnttM56y7bOMrgrKRvIs0+HQcO1PG++6yw5Wq
rWoJXSD9OqZjKhT8g/gLQgsCSvLvsOigUS2WXs0b9cO8up7/HsnBC948E9oq6jX8
rdPNZY9dKTYpIKQ73ZIEplhb7TbmCFev/YCBxnc/l/1n4B8aOTDwKocTmBNEPBF7
d7/gnzqeA/ozO20jWHp7EFJB3WudJRRHwOaAQgKk8vjT
-----END CERTIFICATE-----
Generated at Thu Dec 21 16:30:57 2023 by rpki-client on console-fra.rpki-client.org