Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/afd92f-0307-4099-86d4-5653a5976704/1/IaHwikw7fxANXGgYTOlIyIL2rIQ.roa
File: IaHwikw7fxANXGgYTOlIyIL2rIQ.roa (raw, json)
Hash identifier: MV3IU4AALjHerQMR12nYgbXazTXRZVyEU1rAj3QrkYU=
Subject key identifier: 21:A1:F0:8A:4C:3B:7F:10:0D:5C:68:18:4C:E9:48:C8:82:F6:AC:84
Certificate issuer: /CN=ef591ea44ca854404aee22824b3d395edd3c4c0d
Certificate serial: 0185711E7995B81288FC288FF5F62F93E075
Authority key identifier: EF:59:1E:A4:4C:A8:54:40:4A:EE:22:82:4B:3D:39:5E:DD:3C:4C:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71kepEyoVEBK7iKCSz05Xt08TA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/afd92f-0307-4099-86d4-5653a5976704/1/IaHwikw7fxANXGgYTOlIyIL2rIQ.roa
Signing time: Mon 02 Jan 2023 06:15:00 +0000
ROA not before: Mon 02 Jan 2023 06:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 87.236.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:79:95:b8:12:88:fc:28:8f:f5:f6:2f:93:e0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef591ea44ca854404aee22824b3d395edd3c4c0d
Validity
Not Before: Jan 2 06:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21a1f08a4c3b7f100d5c68184ce948c882f6ac84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a4:da:6a:ac:09:fb:39:ab:ed:cb:70:b8:1f:
05:04:59:e1:8f:81:48:2c:4f:e1:84:46:2f:25:8b:
e6:96:89:95:b8:f0:67:55:3f:b0:a3:80:ee:76:67:
80:a7:f2:6c:7a:0f:7a:4c:4c:cd:21:39:e2:95:91:
c6:28:1c:9e:e8:00:95:19:77:3f:38:11:4a:39:0f:
16:6c:bb:67:45:ef:49:1c:fd:94:21:a6:fc:bf:66:
96:03:01:cd:72:fc:26:f2:23:1f:4a:b0:02:d6:97:
77:64:a6:9e:63:30:ef:a8:94:8b:5f:2e:d1:13:50:
2f:e0:a7:09:41:dd:88:f0:01:94:22:57:ea:1a:99:
54:7a:7d:69:15:9a:8e:2b:28:22:15:b8:20:7e:ac:
b7:2b:fc:13:ad:9a:fb:d2:d5:c3:c7:ea:7b:cb:65:
13:00:aa:70:01:c2:8a:08:fa:17:11:a1:63:ee:af:
e8:79:e6:38:86:4c:74:b0:c3:00:6a:6f:c9:db:64:
3c:af:57:98:76:6f:60:95:7c:40:c1:25:33:f3:47:
42:02:7c:8c:c3:56:f8:55:2f:d2:46:73:c4:e1:9e:
3b:69:36:a2:23:9f:16:d2:98:d1:31:56:a1:f3:ee:
07:14:b8:92:51:d5:1f:dc:5c:21:ce:4b:60:f7:4b:
dd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A1:F0:8A:4C:3B:7F:10:0D:5C:68:18:4C:E9:48:C8:82:F6:AC:84
X509v3 Authority Key Identifier:
keyid:EF:59:1E:A4:4C:A8:54:40:4A:EE:22:82:4B:3D:39:5E:DD:3C:4C:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71kepEyoVEBK7iKCSz05Xt08TA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/afd92f-0307-4099-86d4-5653a5976704/1/IaHwikw7fxANXGgYTOlIyIL2rIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/afd92f-0307-4099-86d4-5653a5976704/1/71kepEyoVEBK7iKCSz05Xt08TA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.167.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:40:c9:0f:d5:44:af:e7:a3:02:cb:04:38:87:e5:3f:39:d0:
49:52:1e:c2:25:9d:2e:0f:84:d6:a2:90:32:d0:4a:9b:6e:27:
b0:d5:ba:90:77:9c:e9:44:3e:e6:3b:01:c0:cb:fe:9c:b6:2f:
7c:bc:42:e8:3d:c9:20:5b:1a:3e:fd:ee:df:28:7e:1d:72:22:
94:c4:eb:95:0b:82:ff:e9:3d:e1:c4:b2:76:55:b3:da:66:46:
13:66:0b:4e:90:cb:06:c5:af:27:0b:c2:ac:20:0d:2a:22:19:
90:da:bb:a3:72:1b:8b:66:a6:f6:a6:5e:5f:fe:81:4d:a6:61:
e5:42:72:6f:d0:9b:c7:c4:56:85:b6:a2:3f:80:8a:a5:6c:f4:
9e:38:b6:da:48:f9:4a:20:30:76:75:23:8f:a0:49:b2:b5:13:
0d:dc:1a:56:69:e6:e8:ac:b2:98:11:7e:1c:73:46:f8:e3:3e:
3f:f8:ae:47:b3:42:17:16:4e:99:70:3d:a9:b8:be:3b:a8:4a:
2e:54:4a:f2:e7:ab:7a:0d:e1:a4:6a:9a:bc:82:7d:f8:f0:aa:
3e:e5:8f:1c:f8:59:00:63:2c:b8:5b:07:f7:ea:08:87:1d:dd:
fd:8f:5a:36:89:e6:f8:21:92:6f:57:e1:e4:a7:a8:8d:15:e8:
ed:6a:9d:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHnmVuBKI/CiP9fYvk+B1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTkxZWE0NGNhODU0NDA0YWVlMjI4MjRiM2QzOTVlZGQz
YzRjMGQwHhcNMjMwMTAyMDYxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWExZjA4YTRjM2I3ZjEwMGQ1YzY4MTg0Y2U5NDhjODgyZjZhYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqTaaqwJ+zmr7ctwuB8FBFnhj4FI
LE/hhEYvJYvmlomVuPBnVT+wo4DudmeAp/Jseg96TEzNITnilZHGKBye6ACVGXc/
OBFKOQ8WbLtnRe9JHP2UIab8v2aWAwHNcvwm8iMfSrAC1pd3ZKaeYzDvqJSLXy7R
E1Av4KcJQd2I8AGUIlfqGplUen1pFZqOKygiFbggfqy3K/wTrZr70tXDx+p7y2UT
AKpwAcKKCPoXEaFj7q/oeeY4hkx0sMMAam/J22Q8r1eYdm9glXxAwSUz80dCAnyM
w1b4VS/SRnPE4Z47aTaiI58W0pjRMVah8+4HFLiSUdUf3Fwhzktg90vdzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGh8IpMO38QDVxoGEzpSMiC9qyEMB8GA1UdIwQY
MBaAFO9ZHqRMqFRASu4igks9OV7dPEwNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFrZXBFeW9WRUJLN2lLQ1N6MDVYdDA4VEEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hZmQ5MmYtMDMwNy00MDk5LTg2ZDQt
NTY1M2E1OTc2NzA0LzEvSWFId2lrdzdmeEFOWEdnWVRPbEl5SUwycklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hZmQ5MmYtMDMwNy00MDk5LTg2ZDQtNTY1M2E1OTc2NzA0
LzEvNzFrZXBFeW9WRUJLN2lLQ1N6MDVYdDA4VEEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+ynMA0G
CSqGSIb3DQEBCwUAA4IBAQB7QMkP1USv56MCywQ4h+U/OdBJUh7CJZ0uD4TWopAy
0Eqbbiew1bqQd5zpRD7mOwHAy/6cti98vELoPckgWxo+/e7fKH4dciKUxOuVC4L/
6T3hxLJ2VbPaZkYTZgtOkMsGxa8nC8KsIA0qIhmQ2rujchuLZqb2pl5f/oFNpmHl
QnJv0JvHxFaFtqI/gIqlbPSeOLbaSPlKIDB2dSOPoEmytRMN3BpWaeborLKYEX4c
c0b44z4/+K5Hs0IXFk6ZcD2puL47qEouVEry56t6DeGkapq8gn348Ko+5Y8c+FkA
Yyy4Wwf36giHHd39j1o2ieb4IZJvV+Hkp6iNFejtap1u
-----END CERTIFICATE-----
Generated at Thu Aug 24 08:51:20 2023 by rpki-client on console-fra.rpki-client.org