Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/2391f1-d41f-4501-8fbd-6c8a371e8cec/1/1-8LWoSMqg2QvH-stDjR9lDoxLds.roa
File: 1-8LWoSMqg2QvH-stDjR9lDoxLds.roa (raw, json)
Hash identifier: iNGdcFKJMK+jaoj7BfekgOv+TVww85sE6Rl3rGHlhIM=
Subject key identifier: FB:C2:D6:A1:23:2A:83:64:2F:1F:EB:2D:0E:34:7D:94:3A:31:2D:DB
Certificate issuer: /CN=aee2ebc3fc30bc7db9d53760790c53a61df66735
Certificate serial: 018571CC242418D0841187FC6BAAC799947D
Authority key identifier: AE:E2:EB:C3:FC:30:BC:7D:B9:D5:37:60:79:0C:53:A6:1D:F6:67:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruLrw_wwvH251TdgeQxTph32ZzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/2391f1-d41f-4501-8fbd-6c8a371e8cec/1/1-8LWoSMqg2QvH-stDjR9lDoxLds.roa
Signing time: Mon 02 Jan 2023 09:24:42 +0000
ROA not before: Mon 02 Jan 2023 09:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211114
IP address blocks: 194.62.40.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:24:24:18:d0:84:11:87:fc:6b:aa:c7:99:94:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee2ebc3fc30bc7db9d53760790c53a61df66735
Validity
Not Before: Jan 2 09:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbc2d6a1232a83642f1feb2d0e347d943a312ddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:19:1e:3c:7a:66:41:54:ad:29:e5:2e:b7:26:
ac:ab:eb:f6:b2:b7:5e:06:70:0f:67:c8:40:e3:1c:
7c:77:08:60:00:ea:b2:de:70:60:53:a9:29:2c:c9:
9d:fa:74:83:c1:fa:7a:79:9e:d1:40:82:3f:06:71:
7c:46:f2:93:f4:65:7f:d3:6f:d0:76:95:61:44:69:
2d:77:45:82:9d:72:75:a3:82:d1:05:7f:c6:c0:63:
16:9d:fb:b0:03:df:b4:43:f7:09:76:ee:c4:0a:fd:
8d:16:3e:a2:de:bc:60:c0:99:bc:6f:fc:d1:0b:5d:
64:66:fe:38:ff:b7:62:d5:2e:1a:12:eb:de:c9:4c:
06:e2:f9:88:25:e3:a0:b2:1b:b5:e2:00:82:b7:04:
c6:8c:4c:93:6f:59:90:a6:94:6a:2f:a2:fe:6b:ce:
7b:4b:6d:fb:13:f0:7a:c7:d1:19:06:fd:f6:42:60:
3b:51:49:3d:0d:63:95:c8:0e:9b:b4:d2:19:5e:55:
f9:97:22:b5:e4:6b:75:7d:37:e4:87:35:6d:a1:ef:
45:d1:b8:4b:a8:3d:a6:53:85:4b:74:39:e2:c7:b5:
92:fd:eb:a6:68:e9:1f:02:91:11:8b:4f:eb:f8:ec:
2a:fc:04:4c:76:2b:e4:d9:07:d2:c3:55:b3:73:8b:
3e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C2:D6:A1:23:2A:83:64:2F:1F:EB:2D:0E:34:7D:94:3A:31:2D:DB
X509v3 Authority Key Identifier:
keyid:AE:E2:EB:C3:FC:30:BC:7D:B9:D5:37:60:79:0C:53:A6:1D:F6:67:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruLrw_wwvH251TdgeQxTph32ZzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/2391f1-d41f-4501-8fbd-6c8a371e8cec/1/1-8LWoSMqg2QvH-stDjR9lDoxLds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/2391f1-d41f-4501-8fbd-6c8a371e8cec/1/ruLrw_wwvH251TdgeQxTph32ZzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.40.0/24
Signature Algorithm: sha256WithRSAEncryption
98:3f:70:70:13:6b:a0:f3:ce:81:86:e2:9b:46:4d:7a:5d:99:
1d:69:0f:7b:93:69:31:d9:dc:86:15:43:e8:3d:0b:bd:50:de:
1c:5d:4f:e7:5f:94:6c:60:25:83:e2:7b:fe:65:05:ce:74:66:
c0:2b:06:11:69:af:fc:dc:83:3e:31:9b:6c:a4:cc:f5:f6:77:
47:d4:40:ea:bf:1e:89:e6:82:ce:b7:42:e6:a0:a2:55:82:18:
83:f7:bf:07:a4:90:91:87:fd:cb:85:91:42:99:86:3c:37:00:
94:0d:ff:78:15:34:5f:db:15:e1:07:af:a5:54:e7:33:66:ac:
05:70:d3:6e:91:13:3c:91:1a:0b:e0:05:2e:5a:f3:a6:94:58:
69:c4:6a:8d:37:1e:16:6c:e2:d4:5e:cd:b5:74:d8:ce:c5:c8:
b3:b8:41:30:1f:bb:4d:a0:01:a0:45:ff:d3:fe:1f:8a:62:f4:
e1:19:64:7f:5d:c5:13:0f:bd:83:8e:55:8b:36:68:9c:ee:42:
a6:fa:fb:bb:8d:8c:80:04:ec:5e:a1:df:d1:01:ec:e0:d1:32:
ce:6a:93:66:ce:6c:63:9f:a5:12:16:db:50:dc:7e:38:7a:bf:
78:68:b5:56:7a:fb:8b:60:cd:c3:83:b4:2b:55:9d:7f:a4:06:
1f:02:8a:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxzCQkGNCEEYf8a6rHmZR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTJlYmMzZmMzMGJjN2RiOWQ1Mzc2MDc5MGM1M2E2MWRm
NjY3MzUwHhcNMjMwMTAyMDkyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmMyZDZhMTIzMmE4MzY0MmYxZmViMmQwZTM0N2Q5NDNhMzEyZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxkePHpmQVStKeUutyasq+v2srde
BnAPZ8hA4xx8dwhgAOqy3nBgU6kpLMmd+nSDwfp6eZ7RQII/BnF8RvKT9GV/02/Q
dpVhRGktd0WCnXJ1o4LRBX/GwGMWnfuwA9+0Q/cJdu7ECv2NFj6i3rxgwJm8b/zR
C11kZv44/7di1S4aEuveyUwG4vmIJeOgshu14gCCtwTGjEyTb1mQppRqL6L+a857
S237E/B6x9EZBv32QmA7UUk9DWOVyA6btNIZXlX5lyK15Gt1fTfkhzVtoe9F0bhL
qD2mU4VLdDnix7WS/eumaOkfApERi0/r+Owq/ARMdivk2QfSw1Wzc4s+OQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvC1qEjKoNkLx/rLQ40fZQ6MS3bMB8GA1UdIwQY
MBaAFK7i68P8MLx9udU3YHkMU6Yd9mc1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVMcndfd3d2SDI1MVRkZ2VReFRwaDMyWnpVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMzkxZjEtZDQxZi00NTAxLThmYmQt
NmM4YTM3MWU4Y2VjLzEvMS04TFdvU01xZzJRdkgtc3REalI5bERveExkcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvMjM5MWYxLWQ0MWYtNDUwMS04ZmJkLTZjOGEzNzFlOGNl
Yy8xL3J1THJ3X3d3dkgyNTFUZGdlUXhUcGgzMlp6VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI+KDAN
BgkqhkiG9w0BAQsFAAOCAQEAmD9wcBNroPPOgYbim0ZNel2ZHWkPe5NpMdnchhVD
6D0LvVDeHF1P51+UbGAlg+J7/mUFznRmwCsGEWmv/NyDPjGbbKTM9fZ3R9RA6r8e
ieaCzrdC5qCiVYIYg/e/B6SQkYf9y4WRQpmGPDcAlA3/eBU0X9sV4QevpVTnM2as
BXDTbpETPJEaC+AFLlrzppRYacRqjTceFmzi1F7NtXTYzsXIs7hBMB+7TaABoEX/
0/4fimL04Rlkf13FEw+9g45VizZonO5Cpvr7u42MgATsXqHf0QHs4NEyzmqTZs5s
Y5+lEhbbUNx+OHq/eGi1Vnr7i2DNw4O0K1Wdf6QGHwKKdQ==
-----END CERTIFICATE-----
Generated at Fri Nov 24 14:06:52 2023 by rpki-client on console-fra.rpki-client.org