Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/68raf_gVtqj6uQLO9_GskjeujnE.roa
File: 68raf_gVtqj6uQLO9_GskjeujnE.roa (raw, json)
Hash identifier: Ipetk9rM0W9fzUwtAPe6V5FHLvbqzoJmuxRKniXYn7A=
Subject key identifier: EB:CA:DA:7F:F8:15:B6:A8:FA:B9:02:CE:F7:F1:AC:92:37:AE:8E:71
Certificate issuer: /CN=c2c3b5e97c46a93bc3a35cc71055c4f0dfc6c451
Certificate serial: 01887603ABC4ABCA2A42FC950281C150382D
Authority key identifier: C2:C3:B5:E9:7C:46:A9:3B:C3:A3:5C:C7:10:55:C4:F0:DF:C6:C4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsO16XxGqTvDo1zHEFXE8N_GxFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/68raf_gVtqj6uQLO9_GskjeujnE.roa
Signing time: Thu 01 Jun 2023 08:12:12 +0000
ROA not before: Thu 01 Jun 2023 08:12:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.23.92.0/24 maxlen: 24
178.254.150.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.85.0/24 maxlen: 24
89.23.81.0/24 maxlen: 24
89.23.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:03:ab:c4:ab:ca:2a:42:fc:95:02:81:c1:50:38:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c3b5e97c46a93bc3a35cc71055c4f0dfc6c451
Validity
Not Before: Jun 1 08:12:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebcada7ff815b6a8fab902cef7f1ac9237ae8e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4d:45:a6:50:e5:0b:7a:67:c3:6b:de:7d:b2:
ad:c9:f5:4c:40:c9:e3:f4:6e:c6:31:72:56:dd:e6:
9e:24:f8:c2:97:fc:92:35:a5:ec:40:fa:8c:d6:0b:
22:d4:7c:f5:14:b0:40:8a:cf:16:f6:01:4f:93:92:
d3:42:b0:7d:db:f4:82:38:21:35:4b:58:3c:01:4b:
63:18:15:69:ea:2b:cf:5d:24:00:d3:a8:8c:87:43:
dd:c2:d0:79:25:75:10:c2:a6:b9:cf:3c:39:24:29:
ce:11:50:a7:35:9c:13:17:ea:8e:f4:53:2d:3a:55:
ff:94:91:e2:a7:6f:d4:66:1b:5b:3c:3d:fc:63:5b:
63:7b:cf:08:4f:82:2b:51:82:5b:6b:9c:3d:24:a2:
75:99:b0:6c:30:42:1a:07:60:0e:a8:15:38:05:08:
bc:ea:47:e2:95:cc:5f:59:51:e9:4d:ca:58:77:ce:
94:66:b9:68:65:d8:85:fd:25:1d:70:92:3b:5a:fe:
fd:ce:fd:9e:b0:2d:b3:b3:a8:c6:51:ff:42:03:ff:
8c:f1:66:ab:87:bc:ca:1d:61:40:3b:9d:c0:1d:fe:
84:0e:ef:65:7d:f8:7d:23:80:de:29:b4:fa:e6:27:
91:a4:c9:22:f0:5e:ae:89:85:fd:b0:39:c2:8a:f4:
30:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CA:DA:7F:F8:15:B6:A8:FA:B9:02:CE:F7:F1:AC:92:37:AE:8E:71
X509v3 Authority Key Identifier:
keyid:C2:C3:B5:E9:7C:46:A9:3B:C3:A3:5C:C7:10:55:C4:F0:DF:C6:C4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsO16XxGqTvDo1zHEFXE8N_GxFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/68raf_gVtqj6uQLO9_GskjeujnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/1651b5-cde5-4cdf-a29f-42b4fb834f15/1/wsO16XxGqTvDo1zHEFXE8N_GxFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.77.0/24
89.23.79.0/24
89.23.81.0/24
89.23.84.0/23
89.23.92.0/24
178.254.150.0/24
Signature Algorithm: sha256WithRSAEncryption
e8:85:11:e3:6d:6f:e9:99:27:30:e0:44:2d:6d:fc:23:45:75:
a0:c4:eb:86:24:03:55:9e:25:40:a0:dc:2e:03:cc:f7:79:a8:
71:e1:23:ac:70:78:82:9f:bc:6e:9e:bc:01:e0:1e:b4:26:d0:
a2:a0:04:2c:ce:68:c0:30:42:31:c0:c8:be:f1:68:c7:49:9f:
93:fb:2e:04:8b:62:94:56:23:40:7a:36:e5:9e:1a:9f:e5:6b:
45:d9:5b:82:ab:d2:18:ea:8e:cb:30:36:0a:11:8b:29:23:b5:
ed:6e:cf:46:72:4f:33:95:3f:16:e8:91:10:c2:5c:c8:3e:d2:
3b:66:1c:7d:ff:b4:09:ec:b1:97:81:99:b1:57:fa:75:3a:43:
37:e7:9b:d8:0c:9f:97:83:b3:b9:55:62:57:8f:cf:91:3e:05:
a4:66:95:60:23:2b:fb:57:42:75:fc:64:f9:5d:3a:35:2a:05:
12:48:60:30:27:23:ca:27:3a:18:a2:be:a6:32:fd:2b:c7:ba:
05:1a:4d:ff:fd:3f:fc:48:01:9a:2a:d6:b5:c8:68:f8:48:eb:
06:74:aa:63:a5:1e:a2:95:ed:9f:25:8a:07:cc:1a:6c:f7:a5:
23:7e:50:1a:6a:92:26:3b:62:bc:d8:18:73:e5:9c:83:13:70:
3e:30:f1:f2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYh2A6vEq8oqQvyVAoHBUDgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzNiNWU5N2M0NmE5M2JjM2EzNWNjNzEwNTVjNGYwZGZj
NmM0NTEwHhcNMjMwNjAxMDgxMjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmNhZGE3ZmY4MTViNmE4ZmFiOTAyY2VmN2YxYWM5MjM3YWU4ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA001FplDlC3pnw2vefbKtyfVMQMnj
9G7GMXJW3eaeJPjCl/ySNaXsQPqM1gsi1Hz1FLBAis8W9gFPk5LTQrB92/SCOCE1
S1g8AUtjGBVp6ivPXSQA06iMh0PdwtB5JXUQwqa5zzw5JCnOEVCnNZwTF+qO9FMt
OlX/lJHip2/UZhtbPD38Y1tje88IT4IrUYJba5w9JKJ1mbBsMEIaB2AOqBU4BQi8
6kfilcxfWVHpTcpYd86UZrloZdiF/SUdcJI7Wv79zv2esC2zs6jGUf9CA/+M8War
h7zKHWFAO53AHf6EDu9lffh9I4DeKbT65ieRpMki8F6uiYX9sDnCivQwBQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOvK2n/4Fbao+rkCzvfxrJI3ro5xMB8GA1UdIwQY
MBaAFMLDtel8Rqk7w6NcxxBVxPDfxsRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NPMTZYeEdxVHZEbzF6SEVGWEU4Tl9HeEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xNjUxYjUtY2RlNS00Y2RmLWEyOWYt
NDJiNGZiODM0ZjE1LzEvNjhyYWZfZ1Z0cWo2dVFMTzlfR3NramV1am5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xNjUxYjUtY2RlNS00Y2RmLWEyOWYtNDJiNGZiODM0ZjE1
LzEvd3NPMTZYeEdxVHZEbzF6SEVGWEU4Tl9HeEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWRdNAwQA
WRdPAwQAWRdRAwQBWRdUAwQAWRdcAwQAsv6WMA0GCSqGSIb3DQEBCwUAA4IBAQDo
hRHjbW/pmScw4EQtbfwjRXWgxOuGJANVniVAoNwuA8z3eahx4SOscHiCn7xunrwB
4B60JtCioAQszmjAMEIxwMi+8WjHSZ+T+y4Ei2KUViNAejblnhqf5WtF2VuCq9IY
6o7LMDYKEYspI7Xtbs9Gck8zlT8W6JEQwlzIPtI7Zhx9/7QJ7LGXgZmxV/p1OkM3
55vYDJ+Xg7O5VWJXj8+RPgWkZpVgIyv7V0J1/GT5XTo1KgUSSGAwJyPKJzoYor6m
Mv0rx7oFGk3//T/8SAGaKta1yGj4SOsGdKpjpR6ile2fJYoHzBps96UjflAaapIm
O2K82Bhz5ZyDE3A+MPHy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:11 2024 by rpki-client on console-ams.rpki-client.org