Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/4b9a83-cea4-4399-859d-7d9a5bf6e1b1/1/CHfM8hdHCYaGB4Vd_s9tLpWHGjA.roa
File: CHfM8hdHCYaGB4Vd_s9tLpWHGjA.roa (raw, json)
Hash identifier: KQOqDSQqmLGtvk/O9ruPcAY2rcdqjUTKnBW3sU75iJw=
Subject key identifier: 08:77:CC:F2:17:47:09:86:86:07:85:5D:FE:CF:6D:2E:95:87:1A:30
Certificate issuer: /CN=a1be72d95f9374a94165b8ab6f7e499f2bd17a38
Certificate serial: 170D2D81
Authority key identifier: A1:BE:72:D9:5F:93:74:A9:41:65:B8:AB:6F:7E:49:9F:2B:D1:7A:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ob5y2V-TdKlBZbirb35JnyvRejg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/4b9a83-cea4-4399-859d-7d9a5bf6e1b1/1/CHfM8hdHCYaGB4Vd_s9tLpWHGjA.roa
Signing time: Sat 01 Jan 2022 00:54:25 +0000
ROA not before: Sat 01 Jan 2022 00:54:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12903
IP address blocks: 193.218.113.0/24 maxlen: 24
194.29.208.0/21 maxlen: 24
91.188.192.0/22 maxlen: 24
217.68.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 386739585 (0x170d2d81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1be72d95f9374a94165b8ab6f7e499f2bd17a38
Validity
Not Before: Jan 1 00:54:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0877ccf2174709868607855dfecf6d2e95871a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:5a:6b:b5:56:8e:3d:89:44:30:b4:3b:d5:
c9:fb:34:d6:a6:f8:00:e6:2b:db:61:91:2d:8b:b4:
16:ca:40:27:63:24:a8:be:55:16:1e:ec:7e:06:f2:
46:b6:f9:59:f3:04:43:e0:4f:04:42:75:c3:a2:50:
da:61:59:a7:79:ca:e2:8b:dc:1f:1f:6c:4b:46:0a:
d3:a3:c2:10:3e:4d:6f:b3:f8:f8:bd:e7:54:17:82:
5c:e3:ba:6f:85:0d:6b:91:d1:54:30:1f:06:6c:4e:
76:f2:30:62:d3:e4:9d:29:84:92:d2:e9:b8:ca:ff:
33:55:de:f7:dd:82:1a:da:bd:c5:66:5e:c9:98:6e:
9d:8c:d8:b9:c5:0b:1e:b5:03:67:d9:c3:7a:10:85:
75:94:ff:0b:51:0a:1f:8b:0f:86:bb:57:0f:65:2d:
31:42:d3:b8:ea:40:04:2a:bd:59:64:19:e0:7a:03:
e5:d8:d0:bb:e3:35:0e:e1:ca:78:a9:4b:1e:fc:87:
d9:60:a5:35:2c:9b:d6:f7:8a:44:15:09:aa:11:71:
7e:d1:81:74:a5:9f:92:cb:23:ff:15:d6:b0:0f:48:
67:1e:a6:04:fc:d2:23:e3:8e:9c:bd:9e:0e:d9:06:
43:b5:fb:01:99:ba:83:b0:15:e9:a5:45:7c:d8:0d:
7d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:77:CC:F2:17:47:09:86:86:07:85:5D:FE:CF:6D:2E:95:87:1A:30
X509v3 Authority Key Identifier:
keyid:A1:BE:72:D9:5F:93:74:A9:41:65:B8:AB:6F:7E:49:9F:2B:D1:7A:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ob5y2V-TdKlBZbirb35JnyvRejg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4b9a83-cea4-4399-859d-7d9a5bf6e1b1/1/CHfM8hdHCYaGB4Vd_s9tLpWHGjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/4b9a83-cea4-4399-859d-7d9a5bf6e1b1/1/ob5y2V-TdKlBZbirb35JnyvRejg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.192.0/22
193.218.113.0/24
194.29.208.0/21
217.68.208.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:05:d5:4c:8b:be:1f:2f:0e:18:90:d6:c3:bd:25:2d:50:c9:
ea:49:15:99:dc:24:21:6a:b6:8b:9a:87:94:6d:4d:d4:ea:bc:
ea:b2:71:7a:d1:a1:69:d3:e5:b2:d2:dc:76:29:1d:e2:16:70:
a3:15:f2:f0:68:b0:9a:d2:67:a3:05:0f:02:10:a8:47:71:71:
d4:13:01:da:e9:30:d2:db:87:25:65:53:68:81:c9:52:fc:91:
a3:ed:98:18:40:b7:5e:d6:3c:c9:1e:36:a9:b3:4f:8e:82:65:
be:f3:5a:f9:4b:ca:07:89:89:6d:e2:6c:e0:13:8c:be:c9:7d:
a3:00:c8:e0:1b:0b:1e:66:e6:e7:bf:f2:1d:ef:1c:62:d1:32:
23:84:25:63:cd:ff:5c:63:2e:59:11:b8:f2:f6:26:e7:16:ba:
75:64:a9:a2:fe:47:7d:29:c4:55:29:19:11:10:21:88:75:2a:
20:a7:f4:68:29:37:fd:c5:ca:64:c8:bc:e7:40:bc:0d:ec:8d:
f7:02:4d:d5:03:83:4e:82:b2:3e:00:63:ef:2f:a4:10:4f:9a:
d2:0c:5b:18:3c:85:87:f3:61:a5:d8:7c:09:6d:22:74:11:98:
64:2b:e3:d1:83:90:3f:07:6d:af:50:b8:33:25:3f:3a:be:18:
cc:80:de:52
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEFw0tgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MWJlNzJkOTVmOTM3NGE5NDE2NWI4YWI2ZjdlNDk5ZjJiZDE3YTM4MB4XDTIyMDEw
MTAwNTQyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg3N2NjZjIxNzQ3
MDk4Njg2MDc4NTVkZmVjZjZkMmU5NTg3MWEzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALS6Wmu1Vo49iUQwtDvVyfs01qb4AOYr22GRLYu0FspAJ2Mk
qL5VFh7sfgbyRrb5WfMEQ+BPBEJ1w6JQ2mFZp3nK4ovcHx9sS0YK06PCED5Nb7P4
+L3nVBeCXOO6b4UNa5HRVDAfBmxOdvIwYtPknSmEktLpuMr/M1Xe992CGtq9xWZe
yZhunYzYucULHrUDZ9nDehCFdZT/C1EKH4sPhrtXD2UtMULTuOpABCq9WWQZ4HoD
5djQu+M1DuHKeKlLHvyH2WClNSyb1veKRBUJqhFxftGBdKWfkssj/xXWsA9IZx6m
BPzSI+OOnL2eDtkGQ7X7AZm6g7AV6aVFfNgNfSECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQId8zyF0cJhoYHhV3+z20ulYcaMDAfBgNVHSMEGDAWgBShvnLZX5N0qUFl
uKtvfkmfK9F6ODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29iNXkyVi1UZEtsQlpiaXJiMzVKbnl2UmVqZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvNGI5YTgzLWNlYTQtNDM5OS04NTlkLTdkOWE1YmY2ZTFiMS8x
L0NIZk04aGRIQ1lhR0I0VmRfczl0THBXSEdqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
NGI5YTgzLWNlYTQtNDM5OS04NTlkLTdkOWE1YmY2ZTFiMS8xL29iNXkyVi1UZEts
QlpiaXJiMzVKbnl2UmVqZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlu8wAMEAMHacQMEA8Id0AMEBNlE
0DANBgkqhkiG9w0BAQsFAAOCAQEAGwXVTIu+Hy8OGJDWw70lLVDJ6kkVmdwkIWq2
i5qHlG1N1Oq86rJxetGhadPlstLcdikd4hZwoxXy8GiwmtJnowUPAhCoR3Fx1BMB
2ukw0tuHJWVTaIHJUvyRo+2YGEC3XtY8yR42qbNPjoJlvvNa+UvKB4mJbeJs4BOM
vsl9owDI4BsLHmbm57/yHe8cYtEyI4QlY83/XGMuWRG48vYm5xa6dWSpov5HfSnE
VSkZERAhiHUqIKf0aCk3/cXKZMi850C8DeyN9wJN1QODToKyPgBj7y+kEE+a0gxb
GDyFh/Nhpdh8CW0idBGYZCvj0YOQPwdtr1C4MyU/Or4YzIDeUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:47 2024 by rpki-client on console-fra.rpki-client.org