Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/58ce8a-8a04-4db2-ad05-08a6e1fd8b01/1/DOtsqXkjg2BZBFCWd4o1UNAAOJU.roa
File: DOtsqXkjg2BZBFCWd4o1UNAAOJU.roa (raw, json)
Hash identifier: bH9aKXQNsI0RHqc3huJ3lKvcjkvZBj4/usRQ4grBMOA=
Subject key identifier: 0C:EB:6C:A9:79:23:83:60:59:04:50:96:77:8A:35:50:D0:00:38:95
Certificate issuer: /CN=fc232f0e86c291eba6d63e8661ef3f09bc27a57e
Certificate serial: 018571699DD2293D6E87210A7B15B0453877
Authority key identifier: FC:23:2F:0E:86:C2:91:EB:A6:D6:3E:86:61:EF:3F:09:BC:27:A5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CMvDobCkeum1j6GYe8_CbwnpX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/58ce8a-8a04-4db2-ad05-08a6e1fd8b01/1/DOtsqXkjg2BZBFCWd4o1UNAAOJU.roa
Signing time: Mon 02 Jan 2023 07:37:05 +0000
ROA not before: Mon 02 Jan 2023 07:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208091
IP address blocks: 94.232.42.0/24 maxlen: 24
94.232.40.0/24 maxlen: 24
94.232.43.0/24 maxlen: 24
94.232.41.0/24 maxlen: 24
94.232.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:9d:d2:29:3d:6e:87:21:0a:7b:15:b0:45:38:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc232f0e86c291eba6d63e8661ef3f09bc27a57e
Validity
Not Before: Jan 2 07:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ceb6ca97923836059045096778a3550d0003895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c7:85:42:4a:5b:34:5b:1b:a7:c2:f7:e4:6d:
87:04:ce:d9:3e:df:9b:fa:cc:37:9d:6a:9c:12:a3:
bc:5f:77:29:d1:00:63:83:58:9f:cc:1f:0f:e0:d0:
90:8e:db:6c:ab:bd:0a:a7:c4:1b:87:97:2c:26:ed:
e0:30:c7:29:ef:df:06:b0:98:65:4f:a8:c0:02:54:
41:3c:42:1d:cd:c8:de:b4:9c:f5:fe:86:52:7c:a4:
6d:01:d5:a6:29:95:c0:7d:c9:3e:7e:0a:9b:34:90:
00:b6:cc:b8:dd:5f:14:fd:1a:82:59:b4:e6:3a:ea:
0b:c2:43:eb:47:5b:54:0d:8a:32:9d:56:d1:62:0b:
98:2a:29:54:07:87:59:39:a9:1f:f2:d8:43:83:fe:
5c:a9:9e:de:92:49:1a:79:2f:91:47:3d:cf:06:90:
a1:20:68:df:e1:ae:54:f9:d0:b8:94:9f:f5:ae:94:
96:3e:51:92:05:3a:f0:58:55:7a:69:2a:4e:b4:7d:
7d:8c:a5:f7:b0:e2:af:7c:0f:45:71:96:59:7e:3d:
cc:1f:4a:cd:92:75:93:0a:27:e1:c4:13:bd:78:eb:
22:9b:82:9c:fb:ab:36:c4:47:6a:f7:c3:3b:56:9a:
cf:bb:79:95:e2:9b:d8:5c:52:10:30:06:ad:05:3b:
fc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:EB:6C:A9:79:23:83:60:59:04:50:96:77:8A:35:50:D0:00:38:95
X509v3 Authority Key Identifier:
keyid:FC:23:2F:0E:86:C2:91:EB:A6:D6:3E:86:61:EF:3F:09:BC:27:A5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CMvDobCkeum1j6GYe8_CbwnpX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/58ce8a-8a04-4db2-ad05-08a6e1fd8b01/1/DOtsqXkjg2BZBFCWd4o1UNAAOJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/58ce8a-8a04-4db2-ad05-08a6e1fd8b01/1/_CMvDobCkeum1j6GYe8_CbwnpX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.40.0-94.232.44.255
Signature Algorithm: sha256WithRSAEncryption
11:8f:55:79:68:8d:9f:20:90:e1:95:95:62:88:70:fd:21:c5:
84:99:f9:a4:cb:55:7a:59:3b:cd:d9:58:47:e0:3f:d5:67:5f:
fd:bd:4a:2a:e6:35:48:45:ce:26:61:b5:de:5b:ab:af:47:32:
54:da:68:b6:5c:9d:da:99:59:ce:b7:2c:fa:07:7c:0d:e9:2f:
db:74:bc:77:5a:83:64:0d:af:d7:cb:04:87:64:62:49:32:10:
c9:5a:90:ec:96:d3:18:74:ce:a4:b4:74:a9:a1:7d:c7:db:27:
60:32:2a:1f:42:42:28:ea:13:7d:2c:17:06:57:34:9e:09:91:
8a:d7:66:3f:cd:2f:f0:23:d4:9b:f2:f5:ea:99:c5:b2:67:9e:
1e:f2:e6:3f:61:e4:0f:24:a7:01:fc:7b:d4:bf:fd:09:95:aa:
86:43:32:74:ad:50:d4:9e:6c:9a:80:1f:79:49:7f:7d:16:c7:
d8:11:81:30:f2:19:9c:fe:07:3b:c0:85:3c:55:e9:b0:df:12:
41:02:bc:fb:bc:82:b7:e7:94:7e:06:7b:bc:1c:f9:49:6f:ca:
d8:d8:20:de:d5:e1:96:e7:f7:1d:88:d2:27:9b:aa:5f:6d:a3:
e4:46:1f:14:75:6e:01:b3:7a:82:5b:c5:f9:d7:30:98:81:86:
5a:99:4a:5d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxaZ3SKT1uhyEKexWwRTh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjMyZjBlODZjMjkxZWJhNmQ2M2U4NjYxZWYzZjA5YmMy
N2E1N2UwHhcNMjMwMTAyMDczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2ViNmNhOTc5MjM4MzYwNTkwNDUwOTY3NzhhMzU1MGQwMDAzODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjceFQkpbNFsbp8L35G2HBM7ZPt+b
+sw3nWqcEqO8X3cp0QBjg1ifzB8P4NCQjttsq70Kp8Qbh5csJu3gMMcp798GsJhl
T6jAAlRBPEIdzcjetJz1/oZSfKRtAdWmKZXAfck+fgqbNJAAtsy43V8U/RqCWbTm
OuoLwkPrR1tUDYoynVbRYguYKilUB4dZOakf8thDg/5cqZ7ekkkaeS+RRz3PBpCh
IGjf4a5U+dC4lJ/1rpSWPlGSBTrwWFV6aSpOtH19jKX3sOKvfA9FcZZZfj3MH0rN
knWTCifhxBO9eOsim4Kc+6s2xEdq98M7VprPu3mV4pvYXFIQMAatBTv8SwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAzrbKl5I4NgWQRQlneKNVDQADiVMB8GA1UdIwQY
MBaAFPwjLw6GwpHrptY+hmHvPwm8J6V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NNdkRvYkNrZXVtMWo2R1llOF9DYnducFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81OGNlOGEtOGEwNC00ZGIyLWFkMDUt
MDhhNmUxZmQ4YjAxLzEvRE90c3FYa2pnMkJaQkZDV2Q0bzFVTkFBT0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81OGNlOGEtOGEwNC00ZGIyLWFkMDUtMDhhNmUxZmQ4YjAx
LzEvX0NNdkRvYkNrZXVtMWo2R1llOF9DYnducFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANe6CgD
BABe6CwwDQYJKoZIhvcNAQELBQADggEBABGPVXlojZ8gkOGVlWKIcP0hxYSZ+aTL
VXpZO83ZWEfgP9VnX/29SirmNUhFziZhtd5bq69HMlTaaLZcndqZWc63LPoHfA3p
L9t0vHdag2QNr9fLBIdkYkkyEMlakOyW0xh0zqS0dKmhfcfbJ2AyKh9CQijqE30s
FwZXNJ4JkYrXZj/NL/Aj1Jvy9eqZxbJnnh7y5j9h5A8kpwH8e9S//QmVqoZDMnSt
UNSebJqAH3lJf30Wx9gRgTDyGZz+BzvAhTxV6bDfEkECvPu8grfnlH4Ge7wc+Ulv
ytjYIN7V4Zbn9x2I0iebql9to+RGHxR1bgGzeoJbxfnXMJiBhlqZSl0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:01 2024 by rpki-client on console-fra.rpki-client.org