Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/stHeHwzSaWA59grm1emNBOfjons.roa
File: stHeHwzSaWA59grm1emNBOfjons.roa (raw, json)
Hash identifier: PxFStf/Yh0TIKKViUX2QEnG1Wk+LT+I4DJm7sDzhaDc=
Subject key identifier: B2:D1:DE:1F:0C:D2:69:60:39:F6:0A:E6:D5:E9:8D:04:E7:E3:A2:7B
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 0183E918FB4E0F33342D73E3A1B02316F53B
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/stHeHwzSaWA59grm1emNBOfjons.roa
Signing time: Tue 18 Oct 2022 03:17:52 +0000
ROA not before: Tue 18 Oct 2022 03:17:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 193.161.245.0/24 maxlen: 24
91.199.168.0/24 maxlen: 24
193.151.182.0/24 maxlen: 24
45.142.238.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e9:18:fb:4e:0f:33:34:2d:73:e3:a1:b0:23:16:f5:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Oct 18 03:17:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2d1de1f0cd2696039f60ae6d5e98d04e7e3a27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:95:e6:24:18:e5:dd:f8:97:75:d6:4f:18:f0:
38:00:ac:18:7f:67:77:2d:a5:b2:bd:ce:1f:0b:55:
be:95:62:20:85:b1:a4:5a:c6:a7:37:64:ae:d5:e8:
98:ee:bc:69:a1:a4:0b:0b:53:e9:6c:6c:59:d3:42:
8b:6d:2d:b8:46:5e:d1:b6:a8:01:c8:d3:0c:f3:7d:
39:64:ef:8c:bd:78:b5:ee:df:e4:13:eb:ad:d4:bd:
3c:c2:d4:4f:2e:03:52:77:c7:10:82:22:1c:1c:2f:
80:ee:a7:02:61:5d:b7:7c:34:6c:4c:bf:e8:e9:43:
72:f8:28:5c:a5:79:60:a2:2a:42:13:04:01:6a:53:
2e:9a:ed:18:f1:e0:72:8a:bf:0f:e8:2d:72:ce:7d:
48:04:8a:7a:6b:da:99:54:bf:b6:45:c5:78:72:37:
92:be:37:dd:9e:4c:99:ae:3c:ba:d0:01:98:e4:e5:
6d:2b:ba:2e:37:bb:a4:a1:45:cf:19:3c:00:9c:d7:
bd:e5:ef:04:72:0e:77:4a:32:28:16:9b:b8:49:0a:
ec:c0:41:cb:26:a7:01:5a:f0:05:d1:bb:09:d0:68:
03:7e:be:2e:c8:6e:38:11:d4:19:21:7e:d6:37:db:
30:cd:2d:1e:72:35:9d:57:8d:dc:67:5b:3a:1e:28:
a7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D1:DE:1F:0C:D2:69:60:39:F6:0A:E6:D5:E9:8D:04:E7:E3:A2:7B
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/stHeHwzSaWA59grm1emNBOfjons.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.238.0/23
91.199.168.0/24
193.151.182.0/24
193.161.245.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d5:9f:c8:3a:b8:71:a6:14:f1:b3:38:a2:c0:dd:a0:d1:7f:
31:2b:99:66:05:ff:3e:7c:38:a8:af:a9:60:26:38:9c:06:7e:
8d:bc:0b:ab:48:d6:8e:af:c3:15:ed:65:ee:fc:e8:3f:dd:7c:
11:56:10:f0:b7:dc:83:6d:10:5c:70:a6:00:36:6f:23:96:40:
0d:fd:82:d1:a5:bb:7c:b6:37:6e:c4:b6:34:e9:10:85:88:b6:
65:2a:43:b0:27:a6:08:e5:55:40:2b:ec:64:26:bb:69:63:bd:
60:2e:a1:80:09:5b:c9:f3:fe:ea:4b:80:26:a7:b2:90:e0:13:
b6:67:53:2b:c3:d5:a3:9f:85:df:61:35:8e:ce:a1:54:f2:5f:
54:63:fb:65:a4:9d:af:c1:ad:2f:81:14:39:02:0e:ab:c3:21:
96:7a:d9:f3:03:07:92:59:e6:fd:e7:08:a5:b6:9b:32:a6:3b:
e9:da:93:ef:6c:41:df:da:55:76:c3:e5:2a:ee:eb:53:71:7c:
59:a2:76:55:36:ff:2a:51:5a:e1:20:bf:78:3c:7a:47:00:df:
fc:7b:e1:1c:ba:cd:a6:18:2c:98:05:f4:84:93:63:f9:ee:23:
c7:e5:56:2d:d7:3c:f7:2f:dd:03:81:93:80:f5:a0:18:b1:a6:
3d:ae:6b:0c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPpGPtODzM0LXPjobAjFvU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMDE4MDMxNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQxZGUxZjBjZDI2OTYwMzlmNjBhZTZkNWU5OGQwNGU3ZTNhMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZXmJBjl3fiXddZPGPA4AKwYf2d3
LaWyvc4fC1W+lWIghbGkWsanN2Su1eiY7rxpoaQLC1PpbGxZ00KLbS24Rl7RtqgB
yNMM8305ZO+MvXi17t/kE+ut1L08wtRPLgNSd8cQgiIcHC+A7qcCYV23fDRsTL/o
6UNy+ChcpXlgoipCEwQBalMumu0Y8eByir8P6C1yzn1IBIp6a9qZVL+2RcV4cjeS
vjfdnkyZrjy60AGY5OVtK7ouN7ukoUXPGTwAnNe95e8Ecg53SjIoFpu4SQrswEHL
JqcBWvAF0bsJ0GgDfr4uyG44EdQZIX7WN9swzS0ecjWdV43cZ1s6Hiin3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLLR3h8M0mlgOfYK5tXpjQTn46J7MB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvc3RIZUh3elNhV0E1OWdybTFlbU5CT2Zqb25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLY7uAwQA
W8eoAwQAwZe2AwQAwaH1MA0GCSqGSIb3DQEBCwUAA4IBAQBU1Z/IOrhxphTxszii
wN2g0X8xK5lmBf8+fDior6lgJjicBn6NvAurSNaOr8MV7WXu/Og/3XwRVhDwt9yD
bRBccKYANm8jlkAN/YLRpbt8tjduxLY06RCFiLZlKkOwJ6YI5VVAK+xkJrtpY71g
LqGACVvJ8/7qS4Amp7KQ4BO2Z1Mrw9Wjn4XfYTWOzqFU8l9UY/tlpJ2vwa0vgRQ5
Ag6rwyGWetnzAweSWeb95wiltpsypjvp2pPvbEHf2lV2w+Uq7utTcXxZonZVNv8q
UVrhIL94PHpHAN/8e+Ecus2mGCyYBfSEk2P57iPH5VYt1zz3L90DgZOA9aAYsaY9
rmsM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:44 2023 by rpki-client on console-ams.rpki-client.org