Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/8oAqyk-zpU8h5dXTUWQeVihj2SA.roa
File: 8oAqyk-zpU8h5dXTUWQeVihj2SA.roa (raw, json)
Hash identifier: ONg35SUwO3VHIHhgfJQf9URMzy+6uZ9ZXYLtUp4qHKU=
Subject key identifier: F2:80:2A:CA:4F:B3:A5:4F:21:E5:D5:D3:51:64:1E:56:28:63:D9:20
Certificate issuer: /CN=05072a23730bbe1a31051f07e3bb2d39d6085527
Certificate serial: 018CC2DAB8872F02396F46CCD03C723389EC
Authority key identifier: 05:07:2A:23:73:0B:BE:1A:31:05:1F:07:E3:BB:2D:39:D6:08:55:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQcqI3MLvhoxBR8H47stOdYIVSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/8oAqyk-zpU8h5dXTUWQeVihj2SA.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3561
IP address blocks: 130.193.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b8:87:2f:02:39:6f:46:cc:d0:3c:72:33:89:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05072a23730bbe1a31051f07e3bb2d39d6085527
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2802aca4fb3a54f21e5d5d351641e562863d920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:27:bb:6d:83:68:e1:c5:45:31:22:d0:09:d8:
47:fe:9d:1f:80:01:8f:26:27:59:61:c6:47:33:3e:
98:7d:a7:41:94:02:a5:09:3b:08:ba:9e:9c:ea:3a:
1c:65:c5:a0:94:22:fe:9d:46:4e:d7:98:0d:b2:08:
8f:fb:37:93:4f:68:b2:62:1e:20:ce:53:50:fd:d7:
70:0a:0f:97:ab:cf:23:56:c6:39:03:4b:82:81:16:
5f:48:2a:75:c8:e1:e6:2d:d1:d0:03:26:46:ed:2f:
f4:a8:38:c8:db:b8:50:75:c5:d2:29:90:1f:d7:01:
07:e7:79:b2:d8:40:fe:04:95:ae:77:f0:25:d5:7b:
ae:d6:29:1b:12:b1:19:96:25:36:b2:14:d6:52:32:
8c:45:be:f2:8f:7b:2b:26:38:35:74:62:06:c8:a8:
61:21:d9:2e:de:45:7d:38:84:54:bc:27:c7:0b:fd:
77:e6:43:e2:cc:2d:ee:61:51:1d:5f:d6:7f:f8:20:
dd:d5:38:9c:2e:c5:1b:03:56:13:e9:04:42:a2:98:
d0:a9:d0:4c:a2:78:a7:97:1b:95:86:3a:c6:b7:66:
92:0a:bd:52:7f:f8:05:97:60:91:e5:d2:12:c0:9e:
29:b0:30:92:c2:08:72:a2:c6:d6:94:26:38:7c:d2:
bc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:80:2A:CA:4F:B3:A5:4F:21:E5:D5:D3:51:64:1E:56:28:63:D9:20
X509v3 Authority Key Identifier:
keyid:05:07:2A:23:73:0B:BE:1A:31:05:1F:07:E3:BB:2D:39:D6:08:55:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQcqI3MLvhoxBR8H47stOdYIVSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/8oAqyk-zpU8h5dXTUWQeVihj2SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/25df87-15ab-4b90-b760-52279153bbf4/1/BQcqI3MLvhoxBR8H47stOdYIVSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.193.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:bf:93:a5:a2:fe:85:6b:87:e9:4e:3c:b2:1a:64:aa:eb:79:
11:38:f5:22:e6:2f:b0:d9:c7:7d:3b:90:f9:13:16:ae:97:9e:
e6:d8:61:ef:14:f1:10:68:42:d1:3c:0c:d0:bf:3a:f1:17:a3:
03:f0:0a:8b:b8:c0:f2:54:11:27:af:d7:7b:fa:93:9f:6e:8c:
86:f8:72:67:6f:73:73:42:10:27:72:f9:23:9e:76:66:03:d9:
c6:a8:9c:aa:65:a7:4c:8e:ca:df:83:32:d2:c3:9a:bb:55:c0:
d8:71:4a:17:2e:80:a6:00:86:c3:15:cc:f7:f6:63:82:a9:ce:
fa:1d:16:ea:67:7a:8e:a3:68:27:31:f2:87:26:8b:41:02:bf:
f2:33:68:a7:e9:1f:39:86:d1:7d:05:93:8d:92:f9:ee:59:c8:
d6:36:a6:ac:dd:46:a8:0f:f4:cb:44:6f:98:84:24:32:cc:e1:
83:20:1e:6d:52:45:fb:f8:ed:61:d2:30:a2:8e:3a:7d:56:68:
a9:fc:37:c8:b0:01:2d:98:b3:56:ac:a1:9a:51:92:ad:33:98:
cd:ec:dd:09:e4:f3:67:68:95:35:78:fb:0c:f1:9b:96:50:81:
af:a7:35:ae:90:a3:27:53:61:3e:15:a1:54:23:07:c1:8a:97:
9e:57:bd:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2riHLwI5b0bM0DxyM4nsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDcyYTIzNzMwYmJlMWEzMTA1MWYwN2UzYmIyZDM5ZDYw
ODU1MjcwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjgwMmFjYTRmYjNhNTRmMjFlNWQ1ZDM1MTY0MWU1NjI4NjNkOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCe7bYNo4cVFMSLQCdhH/p0fgAGP
JidZYcZHMz6YfadBlAKlCTsIup6c6jocZcWglCL+nUZO15gNsgiP+zeTT2iyYh4g
zlNQ/ddwCg+Xq88jVsY5A0uCgRZfSCp1yOHmLdHQAyZG7S/0qDjI27hQdcXSKZAf
1wEH53my2ED+BJWud/Al1Xuu1ikbErEZliU2shTWUjKMRb7yj3srJjg1dGIGyKhh
Idku3kV9OIRUvCfHC/135kPizC3uYVEdX9Z/+CDd1TicLsUbA1YT6QRCopjQqdBM
oninlxuVhjrGt2aSCr1Sf/gFl2CR5dISwJ4psDCSwghyosbWlCY4fNK8TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKAKspPs6VPIeXV01FkHlYoY9kgMB8GA1UdIwQY
MBaAFAUHKiNzC74aMQUfB+O7LTnWCFUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFjcUkzTUx2aG94QlI4SDQ3c3RPZFlJVlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNWRmODctMTVhYi00YjkwLWI3NjAt
NTIyNzkxNTNiYmY0LzEvOG9BcXlrLXpwVThoNWRYVFVXUWVWaWhqMlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNWRmODctMTVhYi00YjkwLWI3NjAtNTIyNzkxNTNiYmY0
LzEvQlFjcUkzTUx2aG94QlI4SDQ3c3RPZFlJVlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsEDMA0G
CSqGSIb3DQEBCwUAA4IBAQAfv5Olov6Fa4fpTjyyGmSq63kROPUi5i+w2cd9O5D5
Exaul57m2GHvFPEQaELRPAzQvzrxF6MD8AqLuMDyVBEnr9d7+pOfboyG+HJnb3Nz
QhAncvkjnnZmA9nGqJyqZadMjsrfgzLSw5q7VcDYcUoXLoCmAIbDFcz39mOCqc76
HRbqZ3qOo2gnMfKHJotBAr/yM2in6R85htF9BZONkvnuWcjWNqas3UaoD/TLRG+Y
hCQyzOGDIB5tUkX7+O1h0jCijjp9Vmip/DfIsAEtmLNWrKGaUZKtM5jN7N0J5PNn
aJU1ePsM8ZuWUIGvpzWukKMnU2E+FaFUIwfBipeeV71v
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:56 2024 by rpki-client on console-ams.rpki-client.org