Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/oCHbNkscz5_ePnRHovlklfCTD5E.roa
File: oCHbNkscz5_ePnRHovlklfCTD5E.roa (raw, json)
Hash identifier: PBYKro/9PRMTYURs/ZPTdRWMYktaknVAeqrEkGUE3es=
Subject key identifier: A0:21:DB:36:4B:1C:CF:9F:DE:3E:74:47:A2:F9:64:95:F0:93:0F:91
Certificate issuer: /CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Certificate serial: 018205CDCE6BF198E5D69C4D15DBFBD9276D
Authority key identifier: 21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/oCHbNkscz5_ePnRHovlklfCTD5E.roa
Signing time: Sat 16 Jul 2022 06:59:10 +0000
ROA not before: Sat 16 Jul 2022 06:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 212.2.236.0/22 maxlen: 24
141.98.74.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:05:cd:ce:6b:f1:98:e5:d6:9c:4d:15:db:fb:d9:27:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21814cf2ca3e1799349ccd4c7e6a76d63f834a3d
Validity
Not Before: Jul 16 06:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a021db364b1ccf9fde3e7447a2f96495f0930f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c9:05:43:99:a3:93:5e:bb:d6:3a:85:92:1d:
fd:cf:d0:d9:44:e9:a3:ec:70:a5:1d:a3:4c:e7:7b:
c0:b2:45:7e:f8:6c:92:85:e8:33:6e:ee:16:cb:25:
78:8d:28:91:2e:ab:bf:34:5c:4d:c2:f4:05:b9:9e:
6e:9e:5e:4a:36:27:a0:3e:21:5d:99:27:c6:e2:02:
e7:14:54:b5:74:c8:65:d4:84:63:1a:43:c9:66:a8:
e2:f0:0e:72:dd:d3:92:19:ab:6d:80:92:36:29:08:
54:67:74:e8:58:75:3b:7c:31:94:70:00:dd:7f:5a:
9b:13:7c:79:67:51:ab:f0:46:b6:72:97:4e:0c:8f:
5f:d8:06:a7:56:fa:01:26:ac:19:bd:6a:68:eb:eb:
16:ac:2b:79:4c:34:81:14:ae:b6:f2:e6:90:92:d2:
8a:e3:e7:b8:5f:94:bc:39:ba:75:14:12:67:da:8c:
83:53:b2:c1:42:55:00:3a:a8:72:0c:b8:e7:94:a8:
d8:8e:d3:a7:45:a5:39:5b:a0:c9:20:fb:15:5e:5e:
bb:e4:ea:5b:6f:d9:d1:25:2b:da:5d:b3:01:9f:55:
23:70:8c:4e:bc:73:e6:be:7b:6f:4e:e8:0c:5e:4a:
53:b2:80:80:15:2d:bf:70:ca:50:e1:8a:e9:04:7a:
6c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:21:DB:36:4B:1C:CF:9F:DE:3E:74:47:A2:F9:64:95:F0:93:0F:91
X509v3 Authority Key Identifier:
keyid:21:81:4C:F2:CA:3E:17:99:34:9C:CD:4C:7E:6A:76:D6:3F:83:4A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYFM8so-F5k0nM1Mfmp21j-DSj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/oCHbNkscz5_ePnRHovlklfCTD5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/01f853-d445-4ace-a8d8-22701b4bb407/1/IYFM8so-F5k0nM1Mfmp21j-DSj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.74.0/23
212.2.236.0/22
Signature Algorithm: sha256WithRSAEncryption
59:9e:f7:dd:d2:54:34:4b:61:e6:6b:08:e4:c8:4a:e3:6b:8a:
3e:6a:db:f2:e1:a2:66:72:6b:75:51:0c:c7:55:20:d2:49:d0:
5c:b2:5a:fe:98:95:5f:67:34:be:b0:bf:43:51:fe:d9:c6:77:
5a:bf:0e:1c:6d:9e:25:65:3e:6e:19:4c:c5:a6:f4:b3:d4:d0:
d2:d3:d6:64:81:68:67:45:75:61:43:d4:33:e6:05:7f:e9:c5:
da:28:1d:a5:4d:52:70:ef:db:60:62:c7:9e:a8:ad:40:f8:e3:
e2:cf:18:9e:49:47:0e:64:29:28:90:aa:3c:73:db:e5:13:51:
72:a6:29:8e:77:24:57:f0:f5:96:ef:40:c8:b9:e8:f4:37:d7:
ef:86:3d:1d:16:bc:54:a5:48:08:3c:c6:c3:06:69:8c:26:9e:
d2:08:d8:40:47:3a:34:33:0d:12:30:ff:1a:95:92:28:be:da:
f3:83:f2:6b:f6:c1:9f:37:79:f7:29:75:a7:a7:4c:d6:3b:03:
9a:64:ed:3f:33:aa:8e:fb:f7:f5:6b:d4:b9:58:aa:0f:76:b0:
7d:1f:31:78:50:e2:78:11:a0:64:8f:cf:01:23:62:39:5c:92:
22:34:67:61:f7:8d:66:b1:d0:d4:18:ef:13:20:1a:12:b0:59:
67:5f:68:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIFzc5r8Zjl1pxNFdv72SdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODE0Y2YyY2EzZTE3OTkzNDljY2Q0YzdlNmE3NmQ2M2Y4
MzRhM2QwHhcNMjIwNzE2MDY1OTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIxZGIzNjRiMWNjZjlmZGUzZTc0NDdhMmY5NjQ5NWYwOTMwZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlckFQ5mjk1671jqFkh39z9DZROmj
7HClHaNM53vAskV++GyShegzbu4WyyV4jSiRLqu/NFxNwvQFuZ5unl5KNiegPiFd
mSfG4gLnFFS1dMhl1IRjGkPJZqji8A5y3dOSGattgJI2KQhUZ3ToWHU7fDGUcADd
f1qbE3x5Z1Gr8Ea2cpdODI9f2AanVvoBJqwZvWpo6+sWrCt5TDSBFK628uaQktKK
4+e4X5S8Obp1FBJn2oyDU7LBQlUAOqhyDLjnlKjYjtOnRaU5W6DJIPsVXl675Opb
b9nRJSvaXbMBn1UjcIxOvHPmvntvTugMXkpTsoCAFS2/cMpQ4YrpBHpsAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAh2zZLHM+f3j50R6L5ZJXwkw+RMB8GA1UdIwQY
MBaAFCGBTPLKPheZNJzNTH5qdtY/g0o9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgt
MjI3MDFiNGJiNDA3LzEvb0NIYk5rc2N6NV9lUG5SSG92bGtsZkNURDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wMWY4NTMtZDQ0NS00YWNlLWE4ZDgtMjI3MDFiNGJiNDA3
LzEvSVlGTThzby1GNWswbk0xTWZtcDIxai1EU2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBjWJKAwQC
1ALsMA0GCSqGSIb3DQEBCwUAA4IBAQBZnvfd0lQ0S2HmawjkyErja4o+atvy4aJm
cmt1UQzHVSDSSdBcslr+mJVfZzS+sL9DUf7Zxndavw4cbZ4lZT5uGUzFpvSz1NDS
09ZkgWhnRXVhQ9Qz5gV/6cXaKB2lTVJw79tgYseeqK1A+OPizxieSUcOZCkokKo8
c9vlE1FypimOdyRX8PWW70DIuej0N9fvhj0dFrxUpUgIPMbDBmmMJp7SCNhARzo0
Mw0SMP8alZIovtrzg/Jr9sGfN3n3KXWnp0zWOwOaZO0/M6qO+/f1a9S5WKoPdrB9
HzF4UOJ4EaBkj88BI2I5XJIiNGdh941msdDUGO8TIBoSsFlnX2gi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:50 2024 by rpki-client on console-fra.rpki-client.org