Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/C0M38EBMx-pNnQyGORpEaiqVTXE.roa
File: C0M38EBMx-pNnQyGORpEaiqVTXE.roa (raw, json)
Hash identifier: X+OpyZYR1RP/S0aVWIFISO4XfwPjLaNGk0hyx28aQYQ=
Subject key identifier: 0B:43:37:F0:40:4C:C7:EA:4D:9D:0C:86:39:1A:44:6A:2A:95:4D:71
Certificate issuer: /CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Certificate serial: 018D8433AC3D161013E30715DE09C703B9A7
Authority key identifier: D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/C0M38EBMx-pNnQyGORpEaiqVTXE.roa
Signing time: Wed 07 Feb 2024 15:33:15 +0000
ROA not before: Wed 07 Feb 2024 15:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 152.89.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:33:ac:3d:16:10:13:e3:07:15:de:09:c7:03:b9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Validity
Not Before: Feb 7 15:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b4337f0404cc7ea4d9d0c86391a446a2a954d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:00:09:67:dc:a8:1c:34:f3:1b:a4:79:36:25:
8b:54:dd:2c:06:1c:d2:a6:36:13:d0:c4:7c:f5:3e:
c6:28:61:73:be:3c:cf:b7:ce:35:a9:51:ea:70:2d:
e7:cb:fc:ac:03:7b:53:c1:86:06:30:20:c3:07:4c:
8a:e6:51:e4:d9:40:38:be:49:db:e4:41:04:1e:9e:
42:51:b5:24:fe:55:05:06:85:0f:fb:e1:cf:0a:60:
4f:f0:b9:27:04:6f:0b:e2:ed:df:82:f9:dc:28:28:
ee:98:fd:91:ae:90:14:2e:a9:ba:cf:d8:ec:d0:40:
80:62:42:04:97:17:fa:c8:37:01:af:cb:6c:77:4c:
98:4d:2c:ad:5d:d2:ba:f7:a6:f5:80:7e:d6:5b:1a:
f5:5a:cf:89:1f:a3:ca:a9:3b:7f:6d:ae:e0:71:f6:
a6:f2:ea:c8:09:46:e0:8e:8c:4e:fa:4c:fd:93:9a:
27:cf:6a:56:f6:29:1a:12:1e:9d:da:87:b9:74:f8:
38:c5:9d:e3:01:57:ed:ca:3d:f6:f8:3c:62:52:08:
43:13:8a:44:07:4d:24:aa:8d:54:8b:a1:4a:91:9d:
97:8c:a8:06:52:52:bd:2e:e2:47:65:f7:a7:e1:ce:
0b:ec:59:53:c6:e8:cc:67:34:59:67:db:70:1b:0b:
9d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:43:37:F0:40:4C:C7:EA:4D:9D:0C:86:39:1A:44:6A:2A:95:4D:71
X509v3 Authority Key Identifier:
keyid:D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/C0M38EBMx-pNnQyGORpEaiqVTXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/2AYuTMJvLfdu8wjOem48g0TJ0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.199.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:b7:00:67:66:0c:bc:a5:f1:74:f2:c1:71:21:27:7d:73:af:
37:96:f2:02:1c:e1:a0:2c:35:4c:41:d9:10:e6:ab:de:a8:5f:
2f:5d:31:77:38:f4:68:d9:28:5e:a2:05:ca:db:05:37:05:3b:
37:ae:31:da:b5:2f:c5:8d:3c:25:5f:6a:44:51:24:8d:10:bb:
b4:21:59:a8:3b:bd:1d:eb:7c:96:09:51:79:53:1d:7d:37:7c:
8c:b3:b6:ba:52:bf:1f:73:14:84:55:2f:a2:e4:f6:56:a2:1e:
a4:45:b8:d4:c2:82:1c:6e:0e:20:4b:04:81:61:a4:07:2f:cc:
ea:da:79:67:61:3d:7e:e4:ca:0f:f4:a8:9b:07:09:72:c6:35:
ec:70:36:64:70:12:3e:bc:76:88:f4:71:64:6b:87:4d:86:47:
f9:76:fd:83:6a:3b:6f:43:21:cf:f8:02:d2:dd:b9:9c:a7:8b:
0d:34:af:00:07:89:a1:b5:78:8e:79:92:2f:93:39:40:aa:ee:
69:ba:aa:5b:b1:51:08:37:55:4a:5e:c7:96:4f:cd:72:d6:1e:
b5:56:4f:4e:6a:99:96:a3:33:21:f6:ba:49:e3:7c:79:ea:0b:
49:22:ba:d9:66:b5:c7:ef:02:c4:47:a6:27:6b:2d:f1:ff:e8:
9b:a1:11:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2EM6w9FhAT4wcV3gnHA7mnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDYyZTRjYzI2ZjJkZjc2ZWYzMDhjZTdhNmUzYzgzNDRj
OWQwMzEwHhcNMjQwMjA3MTUzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQzMzdmMDQwNGNjN2VhNGQ5ZDBjODYzOTFhNDQ2YTJhOTU0ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQAJZ9yoHDTzG6R5NiWLVN0sBhzS
pjYT0MR89T7GKGFzvjzPt841qVHqcC3ny/ysA3tTwYYGMCDDB0yK5lHk2UA4vknb
5EEEHp5CUbUk/lUFBoUP++HPCmBP8LknBG8L4u3fgvncKCjumP2RrpAULqm6z9js
0ECAYkIElxf6yDcBr8tsd0yYTSytXdK696b1gH7WWxr1Ws+JH6PKqTt/ba7gcfam
8urICUbgjoxO+kz9k5onz2pW9ikaEh6d2oe5dPg4xZ3jAVftyj32+DxiUghDE4pE
B00kqo1Ui6FKkZ2XjKgGUlK9LuJHZfen4c4L7FlTxujMZzRZZ9twGwudjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtDN/BATMfqTZ0MhjkaRGoqlU1xMB8GA1UdIwQY
MBaAFNgGLkzCby33bvMIznpuPINEydAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAt
NGUyNjVkODk2NWVhLzEvQzBNMzhFQk14LXBOblF5R09ScEVhaXFWVFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAtNGUyNjVkODk2NWVh
LzEvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnHMA0G
CSqGSIb3DQEBCwUAA4IBAQBPtwBnZgy8pfF08sFxISd9c683lvICHOGgLDVMQdkQ
5qveqF8vXTF3OPRo2SheogXK2wU3BTs3rjHatS/FjTwlX2pEUSSNELu0IVmoO70d
63yWCVF5Ux19N3yMs7a6Ur8fcxSEVS+i5PZWoh6kRbjUwoIcbg4gSwSBYaQHL8zq
2nlnYT1+5MoP9KibBwlyxjXscDZkcBI+vHaI9HFka4dNhkf5dv2DajtvQyHP+ALS
3bmcp4sNNK8AB4mhtXiOeZIvkzlAqu5puqpbsVEIN1VKXseWT81y1h61Vk9OapmW
ozMh9rpJ43x56gtJIrrZZrXH7wLER6Ynay3x/+iboRFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org