Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/hrekWKUvbGehrognCfTiZLNvuuk.roa
File: hrekWKUvbGehrognCfTiZLNvuuk.roa (raw, json)
Hash identifier: Be9EjXZuUvLCt5vM6MyJUwxsMrMti1Xy1DvA7NExyz4=
Subject key identifier: 86:B7:A4:58:A5:2F:6C:67:A1:AE:88:27:09:F4:E2:64:B3:6F:BA:E9
Certificate issuer: /CN=690d8581c464c996bcf826bc25654a5504957f8d
Certificate serial: 01AD980D
Authority key identifier: 69:0D:85:81:C4:64:C9:96:BC:F8:26:BC:25:65:4A:55:04:95:7F:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQ2FgcRkyZa8-Ca8JWVKVQSVf40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/hrekWKUvbGehrognCfTiZLNvuuk.roa
Signing time: Sat 01 Jan 2022 10:04:40 +0000
ROA not before: Sat 01 Jan 2022 10:04:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48715
IP address blocks: 185.170.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28153869 (0x1ad980d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=690d8581c464c996bcf826bc25654a5504957f8d
Validity
Not Before: Jan 1 10:04:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86b7a458a52f6c67a1ae882709f4e264b36fbae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:54:a6:31:0a:44:f0:68:db:49:48:07:0b:0c:
db:1c:7f:8b:a8:c4:f0:87:16:5d:a1:cd:ff:7e:0a:
15:dc:f5:44:f8:10:b1:2c:83:35:51:63:fb:a4:0c:
02:ce:4a:b5:e5:ab:67:4a:6c:6b:7f:47:10:3b:6e:
82:51:42:60:1f:36:58:65:97:2c:f3:ad:b3:e2:78:
e4:36:a9:7d:1e:f5:ba:15:32:ac:2e:64:a0:a1:af:
86:0a:bc:05:81:d5:24:92:b0:40:8f:bf:c3:7d:c4:
c5:db:ba:1b:d5:36:b1:66:b9:6d:b8:1d:51:58:c7:
ef:3d:4d:56:5e:29:54:77:af:36:ff:21:b5:d4:32:
33:a3:4a:24:7e:1f:1d:20:5f:18:d7:0a:fc:fb:c1:
e0:35:38:d9:e9:df:a9:d3:43:f1:4f:9e:0a:54:b3:
c0:5f:21:fe:71:ac:f1:f3:e2:36:b7:66:29:60:51:
0f:c6:7e:74:80:e7:20:9e:58:e9:d7:91:73:a4:b1:
5d:cc:45:26:b1:b1:ba:ce:cf:80:cc:c6:ae:2e:c2:
a6:35:00:69:a5:e7:15:4a:b0:a8:26:6b:97:12:eb:
5b:3b:e1:9a:9c:dc:35:93:fc:eb:22:fc:2f:5a:c5:
a1:af:29:33:0b:90:5c:26:87:8b:70:00:3b:ff:07:
0a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B7:A4:58:A5:2F:6C:67:A1:AE:88:27:09:F4:E2:64:B3:6F:BA:E9
X509v3 Authority Key Identifier:
keyid:69:0D:85:81:C4:64:C9:96:BC:F8:26:BC:25:65:4A:55:04:95:7F:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQ2FgcRkyZa8-Ca8JWVKVQSVf40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/hrekWKUvbGehrognCfTiZLNvuuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/a792c2-f60b-4434-a1d1-d143d33d78d2/1/aQ2FgcRkyZa8-Ca8JWVKVQSVf40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.8.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:6d:38:79:86:8b:35:bf:c5:5a:04:10:c7:9e:4e:9a:17:9b:
14:be:b9:be:b0:11:6d:eb:2f:06:ea:e5:00:ef:12:23:4d:25:
0a:32:5d:b9:12:fc:37:95:40:0a:15:c9:47:b4:13:08:0c:55:
de:85:f1:15:53:c4:e0:a0:91:9f:16:e0:c5:d9:0f:76:09:b0:
32:ed:62:11:11:29:10:2b:97:52:94:30:ba:79:fc:45:0f:0e:
0d:de:e1:fd:e5:ec:47:81:f2:cf:02:96:c4:4d:19:6b:b9:36:
29:24:7d:cd:58:07:76:3f:f9:29:b9:15:60:f7:d7:2f:aa:7d:
a0:69:4f:2f:a5:84:ad:7b:5c:dd:0b:69:cf:2e:56:18:9b:4f:
31:ff:eb:41:ea:8d:7f:19:16:6b:4f:8f:7d:3f:f0:7e:cc:bd:
8b:e9:24:35:04:bd:28:37:39:52:b9:20:ee:3f:3f:3d:38:45:
c5:fe:be:e8:48:75:fe:4a:9d:f0:b9:59:6b:82:49:12:79:08:
72:4d:a8:c5:77:6c:67:ff:bf:a2:51:29:b8:b1:88:01:e0:4d:
c0:d8:8e:81:03:3d:ac:0d:eb:39:d9:0b:22:9b:2c:84:d1:05:
2d:9f:33:e5:81:db:85:89:92:08:f0:64:80:30:b3:82:20:70:
89:33:de:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAa2YDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OTBkODU4MWM0NjRjOTk2YmNmODI2YmMyNTY1NGE1NTA0OTU3ZjhkMB4XDTIyMDEw
MTEwMDQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZiN2E0NThhNTJm
NmM2N2ExYWU4ODI3MDlmNGUyNjRiMzZmYmFlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtUpjEKRPBo20lIBwsM2xx/i6jE8IcWXaHN/34KFdz1RPgQ
sSyDNVFj+6QMAs5KteWrZ0psa39HEDtuglFCYB82WGWXLPOts+J45DapfR71uhUy
rC5koKGvhgq8BYHVJJKwQI+/w33Exdu6G9U2sWa5bbgdUVjH7z1NVl4pVHevNv8h
tdQyM6NKJH4fHSBfGNcK/PvB4DU42enfqdND8U+eClSzwF8h/nGs8fPiNrdmKWBR
D8Z+dIDnIJ5Y6deRc6SxXcxFJrGxus7PgMzGri7CpjUAaaXnFUqwqCZrlxLrWzvh
mpzcNZP86yL8L1rFoa8pMwuQXCaHi3AAO/8HCl8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGt6RYpS9sZ6GuiCcJ9OJks2+66TAfBgNVHSMEGDAWgBRpDYWBxGTJlrz4
JrwlZUpVBJV/jTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FRMkZnY1JreVphOC1DYThKV1ZLVlFTVmY0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvYTc5MmMyLWY2MGItNDQzNC1hMWQxLWQxNDNkMzNkNzhkMi8x
L2hyZWtXS1V2YkdlaHJvZ25DZlRpWkxOdnV1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
YTc5MmMyLWY2MGItNDQzNC1hMWQxLWQxNDNkMzNkNzhkMi8xL2FRMkZnY1JreVph
OC1DYThKV1ZLVlFTVmY0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmqCDANBgkqhkiG9w0BAQsFAAOC
AQEALW04eYaLNb/FWgQQx55OmhebFL65vrARbesvBurlAO8SI00lCjJduRL8N5VA
ChXJR7QTCAxV3oXxFVPE4KCRnxbgxdkPdgmwMu1iEREpECuXUpQwunn8RQ8ODd7h
/eXsR4HyzwKWxE0Za7k2KSR9zVgHdj/5KbkVYPfXL6p9oGlPL6WErXtc3Qtpzy5W
GJtPMf/rQeqNfxkWa0+PfT/wfsy9i+kkNQS9KDc5Urkg7j8/PThFxf6+6Eh1/kqd
8LlZa4JJEnkIck2oxXdsZ/+/olEpuLGIAeBNwNiOgQM9rA3rOdkLIpsshNEFLZ8z
5YHbhYmSCPBkgDCzgiBwiTPeow==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:50 2023 by rpki-client on console-ams.rpki-client.org