Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/43a486-ddb0-4ced-a0c2-ab771e104e85/1/IypSG7trOQ30yyvIWzOnE1f-4a0.roa
File: IypSG7trOQ30yyvIWzOnE1f-4a0.roa (raw, json)
Hash identifier: kDUObFC7p2OhQSw9v20YR2iTg1FpyyOZ+qXcjl5bLn0=
Subject key identifier: 23:2A:52:1B:BB:6B:39:0D:F4:CB:2B:C8:5B:33:A7:13:57:FE:E1:AD
Certificate issuer: /CN=088612d4d36d62b09686d9eb8aab0527d4bbf741
Certificate serial: 01857230F2D74511E85CD01DF7824B9A2DB3
Authority key identifier: 08:86:12:D4:D3:6D:62:B0:96:86:D9:EB:8A:AB:05:27:D4:BB:F7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIYS1NNtYrCWhtnriqsFJ9S790E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/43a486-ddb0-4ced-a0c2-ab771e104e85/1/IypSG7trOQ30yyvIWzOnE1f-4a0.roa
Signing time: Mon 02 Jan 2023 11:14:48 +0000
ROA not before: Mon 02 Jan 2023 11:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 185.213.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:f2:d7:45:11:e8:5c:d0:1d:f7:82:4b:9a:2d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088612d4d36d62b09686d9eb8aab0527d4bbf741
Validity
Not Before: Jan 2 11:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=232a521bbb6b390df4cb2bc85b33a71357fee1ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:55:e2:0a:9c:5e:70:b0:c5:50:f7:e8:50:6f:
b6:e6:3b:3a:e9:33:8f:d2:c2:ea:3d:6f:40:54:3a:
d7:ac:18:f9:60:72:81:f2:41:d4:1d:e1:48:8a:44:
d5:85:ce:32:21:6e:fd:ca:bf:d0:e7:f6:e0:fe:92:
2c:bb:bb:bd:47:5c:7a:f1:8f:98:70:f3:54:20:24:
2c:6f:d8:4c:12:2d:1a:e5:b4:0a:6f:a1:31:59:b8:
78:c2:9e:f2:62:ec:83:fc:b2:14:4d:f0:06:00:9b:
03:0b:c4:a3:a3:9e:2f:8f:0b:c5:bd:b9:bb:2f:1f:
72:b7:15:ae:d6:fb:c9:6e:c2:b2:6b:75:b9:64:ad:
36:94:94:a9:5d:06:6f:b5:b9:57:68:2c:de:9f:e4:
9a:5f:9b:14:43:f7:0f:9b:b8:92:46:81:e9:cc:43:
e8:a7:34:97:40:86:a5:25:ad:95:e6:ad:22:ec:15:
62:27:bc:66:2b:bb:f3:cb:f9:d4:a0:29:2d:54:c1:
6a:ea:0d:40:fd:9f:25:32:aa:f5:ec:1c:30:7d:8c:
f0:58:e8:28:de:85:83:5d:58:5a:1b:12:a8:c9:f7:
9e:52:b7:b0:66:1e:b0:3e:78:3d:ab:4c:2b:26:d2:
f6:2c:b9:f9:d8:44:26:e4:44:06:f8:c3:4b:c2:d5:
d3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2A:52:1B:BB:6B:39:0D:F4:CB:2B:C8:5B:33:A7:13:57:FE:E1:AD
X509v3 Authority Key Identifier:
keyid:08:86:12:D4:D3:6D:62:B0:96:86:D9:EB:8A:AB:05:27:D4:BB:F7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIYS1NNtYrCWhtnriqsFJ9S790E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/43a486-ddb0-4ced-a0c2-ab771e104e85/1/IypSG7trOQ30yyvIWzOnE1f-4a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/43a486-ddb0-4ced-a0c2-ab771e104e85/1/CIYS1NNtYrCWhtnriqsFJ9S790E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.194.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:92:fc:cb:e0:87:12:5c:df:28:26:51:43:98:c0:47:48:8a:
cf:28:79:27:d3:02:7e:93:06:64:b0:22:b2:72:23:b3:70:9f:
74:f3:34:9d:b0:59:c1:e6:ab:cf:6d:71:b0:12:25:9b:e3:cd:
bd:de:04:6e:4c:88:cd:b6:9e:a7:83:61:71:8a:58:4c:9e:e9:
17:9b:ad:e5:18:65:76:a2:0f:76:b4:c3:f6:2e:13:3e:45:69:
90:10:c2:18:cf:1f:be:94:cc:e0:ce:90:94:62:6f:f8:94:1e:
b6:8e:a3:72:12:03:38:33:c6:7e:a6:9f:d5:bb:6f:38:8f:9a:
4b:6d:50:84:99:92:26:3e:bb:9a:9d:34:14:61:01:c3:ca:cc:
55:49:d0:5c:cc:ea:c5:3e:cb:79:e6:a4:72:cd:5d:b3:50:1e:
bb:a7:b8:6a:c2:a3:1e:ae:7b:2b:59:03:74:be:6a:31:a8:4f:
ca:6e:f8:7b:78:d4:53:98:4c:40:59:02:b2:5c:1f:fd:2f:d0:
30:63:e3:bf:bf:c6:be:29:c5:c8:56:51:24:f2:44:48:cb:00:
08:f8:02:b8:39:5c:50:4e:21:a5:c5:3e:7d:79:6a:8c:37:90:
13:26:bc:be:56:01:bb:fa:43:5c:64:12:f7:99:a7:2c:75:3f:
28:b3:7e:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMPLXRRHoXNAd94JLmi2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODYxMmQ0ZDM2ZDYyYjA5Njg2ZDllYjhhYWIwNTI3ZDRi
YmY3NDEwHhcNMjMwMTAyMTExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJhNTIxYmJiNmIzOTBkZjRjYjJiYzg1YjMzYTcxMzU3ZmVlMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FXiCpxecLDFUPfoUG+25js66TOP
0sLqPW9AVDrXrBj5YHKB8kHUHeFIikTVhc4yIW79yr/Q5/bg/pIsu7u9R1x68Y+Y
cPNUICQsb9hMEi0a5bQKb6ExWbh4wp7yYuyD/LIUTfAGAJsDC8Sjo54vjwvFvbm7
Lx9ytxWu1vvJbsKya3W5ZK02lJSpXQZvtblXaCzen+SaX5sUQ/cPm7iSRoHpzEPo
pzSXQIalJa2V5q0i7BViJ7xmK7vzy/nUoCktVMFq6g1A/Z8lMqr17BwwfYzwWOgo
3oWDXVhaGxKoyfeeUrewZh6wPng9q0wrJtL2LLn52EQm5EQG+MNLwtXTnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMqUhu7azkN9MsryFszpxNX/uGtMB8GA1UdIwQY
MBaAFAiGEtTTbWKwlobZ64qrBSfUu/dBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lZUzFOTnRZckNXaHRucmlxc0ZKOVM3OTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80M2E0ODYtZGRiMC00Y2VkLWEwYzIt
YWI3NzFlMTA0ZTg1LzEvSXlwU0c3dHJPUTMweXl2SVd6T25FMWYtNGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80M2E0ODYtZGRiMC00Y2VkLWEwYzItYWI3NzFlMTA0ZTg1
LzEvQ0lZUzFOTnRZckNXaHRucmlxc0ZKOVM3OTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudXCMA0G
CSqGSIb3DQEBCwUAA4IBAQCckvzL4IcSXN8oJlFDmMBHSIrPKHkn0wJ+kwZksCKy
ciOzcJ908zSdsFnB5qvPbXGwEiWb48293gRuTIjNtp6ng2FxilhMnukXm63lGGV2
og92tMP2LhM+RWmQEMIYzx++lMzgzpCUYm/4lB62jqNyEgM4M8Z+pp/Vu284j5pL
bVCEmZImPruanTQUYQHDysxVSdBczOrFPst55qRyzV2zUB67p7hqwqMernsrWQN0
vmoxqE/Kbvh7eNRTmExAWQKyXB/9L9AwY+O/v8a+KcXIVlEk8kRIywAI+AK4OVxQ
TiGlxT59eWqMN5ATJry+VgG7+kNcZBL3macsdT8os34E
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:23 2024 by rpki-client on console-ams.rpki-client.org