Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/jI6-by4JtpPtSX3kg7RfWsi483U.roa
File: jI6-by4JtpPtSX3kg7RfWsi483U.roa (raw, json)
Hash identifier: A/2toVuKWvorj8LEeg4Vunknd60Pp9xiBMzFwjkQWmE=
Subject key identifier: 8C:8E:BE:6F:2E:09:B6:93:ED:49:7D:E4:83:B4:5F:5A:C8:B8:F3:75
Certificate issuer: /CN=ba25763dd7f2965b46f81dc89fb84557c8a69a73
Certificate serial: 018CC4251218FFE192285B6413483FAF8CC8
Authority key identifier: BA:25:76:3D:D7:F2:96:5B:46:F8:1D:C8:9F:B8:45:57:C8:A6:9A:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uiV2PdfylltG-B3In7hFV8immnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/jI6-by4JtpPtSX3kg7RfWsi483U.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 193.23.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:12:18:ff:e1:92:28:5b:64:13:48:3f:af:8c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba25763dd7f2965b46f81dc89fb84557c8a69a73
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c8ebe6f2e09b693ed497de483b45f5ac8b8f375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ba:92:44:00:c1:ae:60:53:8e:bc:01:c7:b4:
9f:c6:37:ea:58:f0:03:39:72:dc:b5:ec:73:f0:1c:
ca:5a:05:93:5a:f1:4f:eb:ca:68:75:fa:cc:bb:7b:
0e:5e:f4:e2:7e:13:b1:ce:a6:27:ab:73:c9:ed:93:
88:4c:b2:a9:c2:9e:de:ad:67:21:31:c2:da:b3:3a:
ed:81:83:61:77:8f:90:94:ca:8f:6b:6a:e2:59:f2:
49:21:61:f4:6c:10:53:1a:6e:04:2f:19:ec:8f:d4:
1f:d9:10:60:6d:01:0b:15:32:09:e5:59:a2:6a:2c:
12:90:16:33:c8:b6:09:6b:ea:d8:24:f6:eb:27:da:
47:93:30:ba:79:a6:46:1a:41:68:9d:84:de:f7:f5:
bd:f6:ef:05:0a:d9:dd:7b:50:28:13:21:db:79:e0:
71:9c:d3:7a:7a:c0:22:08:82:80:bd:84:72:95:23:
fb:d7:1c:b6:a6:dc:89:bd:b1:ed:4e:06:8b:fa:b8:
d9:2f:f3:d4:1e:18:85:ea:f0:7b:c5:6e:bc:04:23:
2c:b7:2f:41:13:1f:8d:d7:46:db:e1:ac:57:03:cc:
48:be:45:37:0b:89:24:33:4c:ff:33:09:4e:e5:46:
00:c2:77:e6:39:7a:a2:d3:d2:da:15:e1:90:17:77:
d7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8E:BE:6F:2E:09:B6:93:ED:49:7D:E4:83:B4:5F:5A:C8:B8:F3:75
X509v3 Authority Key Identifier:
keyid:BA:25:76:3D:D7:F2:96:5B:46:F8:1D:C8:9F:B8:45:57:C8:A6:9A:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uiV2PdfylltG-B3In7hFV8immnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/jI6-by4JtpPtSX3kg7RfWsi483U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/fb147f-04ee-48f0-807d-fe3db5253eb0/1/uiV2PdfylltG-B3In7hFV8immnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.152.0/22
Signature Algorithm: sha256WithRSAEncryption
19:3d:17:a0:46:06:41:51:77:11:c0:a1:36:57:ec:62:bf:f9:
1d:6c:0b:db:61:00:01:e8:89:63:c3:61:91:d5:9c:82:23:54:
06:f9:7a:55:05:db:93:74:40:74:9d:11:26:21:0a:f7:0b:f0:
30:3c:16:26:3c:ee:30:e8:ee:d5:6a:ca:82:d5:de:13:93:26:
20:43:e7:5e:e9:30:0f:91:05:26:69:c7:7f:ad:bf:b7:25:d2:
a6:cb:a8:e5:e3:9b:95:a5:72:90:61:c0:1d:7d:fe:66:28:aa:
62:be:f2:93:49:e1:79:b6:a0:49:64:b4:09:42:1f:a1:f8:d6:
df:ad:0c:29:70:69:8d:9d:23:8c:11:9f:91:b5:61:6c:05:80:
f6:75:b6:3b:ed:41:91:3e:a5:7c:e8:39:09:09:6a:a4:5a:8e:
ec:c6:94:69:3a:07:a3:2d:c2:54:c1:1a:95:a1:b7:c0:75:cd:
9f:1a:c0:36:d7:a2:da:1d:b0:67:8f:a1:67:2b:1d:68:66:84:
b0:d8:59:12:8c:66:18:36:60:4c:b7:9b:c5:df:0f:da:ab:12:
a9:b4:5e:bf:e8:c2:12:33:46:09:c8:07:0a:32:10:b9:5c:6f:
a7:57:45:fc:bd:4b:38:7d:fc:50:88:78:d6:b9:7e:c1:d2:c9:
21:e7:76:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJRIY/+GSKFtkE0g/r4zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMjU3NjNkZDdmMjk2NWI0NmY4MWRjODlmYjg0NTU3Yzhh
NjlhNzMwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhlYmU2ZjJlMDliNjkzZWQ0OTdkZTQ4M2I0NWY1YWM4YjhmMzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLqSRADBrmBTjrwBx7SfxjfqWPAD
OXLctexz8BzKWgWTWvFP68podfrMu3sOXvTifhOxzqYnq3PJ7ZOITLKpwp7erWch
McLaszrtgYNhd4+QlMqPa2riWfJJIWH0bBBTGm4ELxnsj9Qf2RBgbQELFTIJ5Vmi
aiwSkBYzyLYJa+rYJPbrJ9pHkzC6eaZGGkFonYTe9/W99u8FCtnde1AoEyHbeeBx
nNN6esAiCIKAvYRylSP71xy2ptyJvbHtTgaL+rjZL/PUHhiF6vB7xW68BCMsty9B
Ex+N10bb4axXA8xIvkU3C4kkM0z/MwlO5UYAwnfmOXqi09LaFeGQF3fX+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyOvm8uCbaT7Ul95IO0X1rIuPN1MB8GA1UdIwQY
MBaAFLoldj3X8pZbRvgdyJ+4RVfIpppzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWlWMlBkZnlsbHRHLUIzSW43aEZWOGltbW5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mYjE0N2YtMDRlZS00OGYwLTgwN2Qt
ZmUzZGI1MjUzZWIwLzEvakk2LWJ5NEp0cFB0U1gza2c3UmZXc2k0ODNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mYjE0N2YtMDRlZS00OGYwLTgwN2QtZmUzZGI1MjUzZWIw
LzEvdWlWMlBkZnlsbHRHLUIzSW43aEZWOGltbW5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwReYMA0G
CSqGSIb3DQEBCwUAA4IBAQAZPRegRgZBUXcRwKE2V+xiv/kdbAvbYQAB6Iljw2GR
1ZyCI1QG+XpVBduTdEB0nREmIQr3C/AwPBYmPO4w6O7VasqC1d4TkyYgQ+de6TAP
kQUmacd/rb+3JdKmy6jl45uVpXKQYcAdff5mKKpivvKTSeF5tqBJZLQJQh+h+Nbf
rQwpcGmNnSOMEZ+RtWFsBYD2dbY77UGRPqV86DkJCWqkWo7sxpRpOgejLcJUwRqV
obfAdc2fGsA216LaHbBnj6FnKx1oZoSw2FkSjGYYNmBMt5vF3w/aqxKptF6/6MIS
M0YJyAcKMhC5XG+nV0X8vUs4ffxQiHjWuX7B0skh53at
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:19 2025 by rpki-client