Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/K8gDmRzIts_AjhbHGV7h18MseNI.roa
File: K8gDmRzIts_AjhbHGV7h18MseNI.roa (raw, json)
Hash identifier: 3I0pqMyK3m3aiWk7M+UzLmbutifXfGoKNr2Iljm8uL0=
Subject key identifier: 2B:C8:03:99:1C:C8:B6:CF:C0:8E:16:C7:19:5E:E1:D7:C3:2C:78:D2
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 0183FE3CAAC1743E65769E286CA16A6411C6
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/K8gDmRzIts_AjhbHGV7h18MseNI.roa
Signing time: Sat 22 Oct 2022 05:48:52 +0000
ROA not before: Sat 22 Oct 2022 05:48:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 192.166.83.0/24 maxlen: 24
176.105.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:3c:aa:c1:74:3e:65:76:9e:28:6c:a1:6a:64:11:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Oct 22 05:48:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bc803991cc8b6cfc08e16c7195ee1d7c32c78d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:45:5b:57:c6:42:b6:7e:97:6f:51:cd:26:54:
d8:20:3c:7c:3e:3f:2d:b7:21:a2:9f:f3:57:d9:99:
be:58:f6:02:fd:57:cc:8f:4a:49:bb:71:72:98:3b:
6c:b3:0e:f6:71:5e:46:ea:0f:9c:5d:77:3e:ff:d7:
ee:5c:82:8c:b9:f6:0b:45:a3:47:1c:d4:2a:da:21:
6b:10:af:76:b9:ce:d1:68:fc:f7:2c:15:07:e3:e9:
9a:eb:a6:77:58:cc:02:68:ad:8c:db:b3:35:42:07:
6b:fc:b8:c4:72:0a:d4:ab:35:47:04:e3:df:34:28:
18:97:a0:f0:34:8c:31:ed:04:54:f0:ff:63:ac:73:
a1:3c:88:d6:ae:2e:26:f5:5c:0b:3d:39:e6:53:3c:
17:c6:17:4a:67:bd:79:77:51:13:b9:11:e3:6d:46:
8d:2e:52:bb:ae:02:d6:b3:90:71:c4:33:e9:a4:c5:
ce:ab:08:88:a2:97:a6:70:f1:bf:b7:02:3c:d4:da:
ca:52:51:2f:8f:42:24:b0:48:75:59:62:46:49:80:
2f:7f:f7:8f:53:b2:5c:f2:37:56:9d:e9:1e:ca:18:
3a:ca:0b:b5:42:81:4b:80:14:ff:fe:1e:46:6f:48:
db:d4:a9:c8:b3:d6:a7:91:68:fc:db:2b:9f:2f:26:
2e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C8:03:99:1C:C8:B6:CF:C0:8E:16:C7:19:5E:E1:D7:C3:2C:78:D2
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/K8gDmRzIts_AjhbHGV7h18MseNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.224.0/24
192.166.83.0/24
Signature Algorithm: sha256WithRSAEncryption
65:12:fc:70:a5:5e:31:6b:56:f1:4b:c0:f7:91:9d:95:0d:2a:
7c:25:7e:df:0e:79:0b:d5:2a:53:41:6a:e3:6c:27:ff:59:0a:
a4:13:5c:35:db:77:db:90:7a:92:b2:3d:5b:c6:45:44:d2:bf:
60:ab:b8:df:f0:c9:b0:19:c4:64:09:65:ad:4d:07:04:b9:ab:
95:47:15:8e:b1:de:93:c2:17:e2:c3:29:c1:86:c2:87:3d:11:
1a:d4:d9:af:f5:0e:35:fe:b8:3c:fe:5f:5b:8d:16:52:e3:f3:
88:af:a6:ab:fd:2e:73:d2:ac:e1:52:b4:19:b4:da:b1:b5:35:
4f:ea:cb:3e:da:0c:f0:fb:5a:28:1c:77:6e:84:6c:6c:fb:cd:
49:ba:09:d3:05:aa:02:11:05:e9:03:ff:ed:da:86:0d:2d:84:
99:1f:d4:97:f8:2a:3e:3a:8b:26:bf:bc:d2:48:16:db:77:91:
9b:33:7f:5e:77:a2:0a:d0:b6:a7:bf:7b:dd:66:ad:c4:2e:eb:
1b:fb:7a:9b:0a:b1:29:02:c7:f4:ea:7f:35:cc:84:62:64:72:
d8:37:61:86:65:ed:47:8d:35:cc:38:e8:e0:4f:3e:c9:da:ac:
d5:0a:4f:a9:24:e2:7c:69:42:cd:94:49:32:23:11:7a:2b:78:
ba:2b:8f:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP+PKrBdD5ldp4obKFqZBHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMDIyMDU0ODUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM4MDM5OTFjYzhiNmNmYzA4ZTE2YzcxOTVlZTFkN2MzMmM3OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUVbV8ZCtn6Xb1HNJlTYIDx8Pj8t
tyGin/NX2Zm+WPYC/VfMj0pJu3FymDtssw72cV5G6g+cXXc+/9fuXIKMufYLRaNH
HNQq2iFrEK92uc7RaPz3LBUH4+ma66Z3WMwCaK2M27M1Qgdr/LjEcgrUqzVHBOPf
NCgYl6DwNIwx7QRU8P9jrHOhPIjWri4m9VwLPTnmUzwXxhdKZ715d1ETuRHjbUaN
LlK7rgLWs5BxxDPppMXOqwiIopemcPG/twI81NrKUlEvj0IksEh1WWJGSYAvf/eP
U7Jc8jdWnekeyhg6ygu1QoFLgBT//h5Gb0jb1KnIs9ankWj82yufLyYupwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCvIA5kcyLbPwI4Wxxle4dfDLHjSMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvSzhnRG1Sekl0c19BamhiSEdWN2gxOE1zZU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsGngAwQA
wKZTMA0GCSqGSIb3DQEBCwUAA4IBAQBlEvxwpV4xa1bxS8D3kZ2VDSp8JX7fDnkL
1SpTQWrjbCf/WQqkE1w123fbkHqSsj1bxkVE0r9gq7jf8MmwGcRkCWWtTQcEuauV
RxWOsd6TwhfiwynBhsKHPREa1Nmv9Q41/rg8/l9bjRZS4/OIr6ar/S5z0qzhUrQZ
tNqxtTVP6ss+2gzw+1ooHHduhGxs+81JugnTBaoCEQXpA//t2oYNLYSZH9SX+Co+
Oosmv7zSSBbbd5GbM39ed6IK0Lanv3vdZq3ELusb+3qbCrEpAsf06n81zIRiZHLY
N2GGZe1HjTXMOOjgTz7J2qzVCk+pJOJ8aULNlEkyIxF6K3i6K49+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-fra.rpki-client.org