Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/10f8e7-fec8-4171-98db-ac2830bed56b/1/nDXhWYs4EKdUQv8-JeZybipB-hQ.roa
File: nDXhWYs4EKdUQv8-JeZybipB-hQ.roa (raw, json)
Hash identifier: 5BUgCHGmETVEQNMkTHW+xnrjYNOgf3CBgNS5xxy+E9c=
Subject key identifier: 9C:35:E1:59:8B:38:10:A7:54:42:FF:3E:25:E6:72:6E:2A:41:FA:14
Certificate issuer: /CN=d89ae0014a1462705eaf7e22642ed9b9987f9131
Certificate serial: 018CC6B915809F74C7AEBD0C4FE9E14939DA
Authority key identifier: D8:9A:E0:01:4A:14:62:70:5E:AF:7E:22:64:2E:D9:B9:98:7F:91:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JrgAUoUYnBer34iZC7ZuZh_kTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/10f8e7-fec8-4171-98db-ac2830bed56b/1/nDXhWYs4EKdUQv8-JeZybipB-hQ.roa
Signing time: Mon 01 Jan 2024 20:31:07 +0000
ROA not before: Mon 01 Jan 2024 20:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 91.223.3.0/24 maxlen: 24
193.34.212.0/22 maxlen: 22
195.3.222.0/24 maxlen: 24
195.3.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:15:80:9f:74:c7:ae:bd:0c:4f:e9:e1:49:39:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89ae0014a1462705eaf7e22642ed9b9987f9131
Validity
Not Before: Jan 1 20:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c35e1598b3810a75442ff3e25e6726e2a41fa14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1e:45:1f:3d:03:6f:35:97:99:21:43:05:09:
be:8c:63:59:fd:74:f0:ea:ad:02:ff:39:28:36:37:
d8:42:30:bf:e8:f1:cc:48:11:e9:9d:d9:f7:f9:c4:
64:76:93:e3:fa:57:10:e9:c5:29:1c:f7:5d:a4:ba:
9e:47:1d:95:55:a3:7a:a2:a5:2f:4e:d0:4a:20:67:
34:17:b0:ab:e9:d9:04:eb:eb:0d:18:3b:09:5a:81:
3b:18:50:ae:27:a6:37:91:89:73:2e:1d:7b:84:ef:
b5:a2:65:f8:57:b8:01:30:2d:16:b7:79:ef:af:40:
18:27:3b:11:3c:6b:34:ed:fc:fd:88:b6:65:77:13:
d0:9a:0f:8a:31:b9:d5:7a:fa:a7:8c:d8:34:3c:17:
01:25:25:4c:b8:13:9d:cf:ca:b0:c2:76:dc:3a:0a:
24:e2:a5:f1:14:09:67:71:da:19:cc:c6:2d:d4:a7:
15:45:5a:a5:f0:ff:ea:d1:d2:24:b5:5e:95:e6:4f:
4e:cf:4c:58:06:b7:8b:43:b8:98:3c:d9:5f:a4:4a:
a5:2a:ac:3d:ef:f8:cb:85:29:5f:11:80:41:b0:11:
ff:db:76:04:99:25:5f:cd:92:0a:c3:d6:12:97:37:
4c:1b:45:7d:d4:c7:33:46:af:e0:a6:78:e5:3f:38:
b5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:35:E1:59:8B:38:10:A7:54:42:FF:3E:25:E6:72:6E:2A:41:FA:14
X509v3 Authority Key Identifier:
keyid:D8:9A:E0:01:4A:14:62:70:5E:AF:7E:22:64:2E:D9:B9:98:7F:91:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JrgAUoUYnBer34iZC7ZuZh_kTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/10f8e7-fec8-4171-98db-ac2830bed56b/1/nDXhWYs4EKdUQv8-JeZybipB-hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/10f8e7-fec8-4171-98db-ac2830bed56b/1/2JrgAUoUYnBer34iZC7ZuZh_kTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.3.0/24
193.34.212.0/22
195.3.220.0/22
Signature Algorithm: sha256WithRSAEncryption
76:dd:81:72:fc:c8:e0:79:a5:13:2d:cb:6e:3a:7e:8c:4e:29:
8e:c2:d9:ba:85:25:d7:91:ca:e3:1a:02:37:e0:4d:23:ec:51:
07:6f:25:3a:9b:4e:52:b9:a1:ce:52:5e:1d:19:19:9c:93:1e:
ef:ed:c7:06:0a:6f:cb:06:81:05:c0:56:81:37:65:99:4a:0a:
ca:6e:8d:95:da:e6:24:21:32:3a:f7:f7:4a:80:1a:0d:01:3a:
98:26:fb:60:56:8b:78:b7:d9:75:69:e8:82:46:3c:36:ac:51:
34:7f:af:79:dc:0d:e4:04:59:f3:55:74:1d:79:35:bb:8c:19:
2f:8e:ee:4d:0b:e1:60:51:41:d7:45:8e:64:ee:54:c2:09:1b:
88:23:01:50:c4:bb:33:7c:83:3b:5e:ed:3f:5f:91:d7:6f:55:
51:aa:f9:e4:90:14:08:47:00:ee:37:79:ae:58:21:b3:ad:ff:
1f:c3:77:85:4e:1f:81:b0:a3:af:ec:82:22:e9:49:7c:90:9a:
ec:85:4e:f8:10:c4:03:88:7f:01:9a:f5:de:38:41:0e:fe:de:
85:b4:99:76:c4:13:52:b8:1b:53:1b:3b:1d:62:bd:33:51:64:
95:72:0e:50:bf:37:13:8a:2e:4c:a0:52:b6:53:ae:6b:60:15:
60:78:84:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuRWAn3THrr0MT+nhSTnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWFlMDAxNGExNDYyNzA1ZWFmN2UyMjY0MmVkOWI5OTg3
ZjkxMzEwHhcNMjQwMTAxMjAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM1ZTE1OThiMzgxMGE3NTQ0MmZmM2UyNWU2NzI2ZTJhNDFmYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR5FHz0DbzWXmSFDBQm+jGNZ/XTw
6q0C/zkoNjfYQjC/6PHMSBHpndn3+cRkdpPj+lcQ6cUpHPddpLqeRx2VVaN6oqUv
TtBKIGc0F7Cr6dkE6+sNGDsJWoE7GFCuJ6Y3kYlzLh17hO+1omX4V7gBMC0Wt3nv
r0AYJzsRPGs07fz9iLZldxPQmg+KMbnVevqnjNg0PBcBJSVMuBOdz8qwwnbcOgok
4qXxFAlncdoZzMYt1KcVRVql8P/q0dIktV6V5k9Oz0xYBreLQ7iYPNlfpEqlKqw9
7/jLhSlfEYBBsBH/23YEmSVfzZIKw9YSlzdMG0V91MczRq/gpnjlPzi1/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJw14VmLOBCnVEL/PiXmcm4qQfoUMB8GA1UdIwQY
MBaAFNia4AFKFGJwXq9+ImQu2bmYf5ExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpyZ0FVb1VZbkJlcjM0aVpDN1p1Wmhfa1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xMGY4ZTctZmVjOC00MTcxLTk4ZGIt
YWMyODMwYmVkNTZiLzEvbkRYaFdZczRFS2RVUXY4LUplWnliaXBCLWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8xMGY4ZTctZmVjOC00MTcxLTk4ZGItYWMyODMwYmVkNTZi
LzEvMkpyZ0FVb1VZbkJlcjM0aVpDN1p1Wmhfa1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW98DAwQC
wSLUAwQCwwPcMA0GCSqGSIb3DQEBCwUAA4IBAQB23YFy/MjgeaUTLctuOn6MTimO
wtm6hSXXkcrjGgI34E0j7FEHbyU6m05SuaHOUl4dGRmckx7v7ccGCm/LBoEFwFaB
N2WZSgrKbo2V2uYkITI69/dKgBoNATqYJvtgVot4t9l1aeiCRjw2rFE0f6953A3k
BFnzVXQdeTW7jBkvju5NC+FgUUHXRY5k7lTCCRuIIwFQxLszfIM7Xu0/X5HXb1VR
qvnkkBQIRwDuN3muWCGzrf8fw3eFTh+BsKOv7IIi6Ul8kJrshU74EMQDiH8BmvXe
OEEO/t6FtJl2xBNSuBtTGzsdYr0zUWSVcg5QvzcTii5MoFK2U65rYBVgeISW
-----END CERTIFICATE-----
Generated at Wed Jan 24 19:02:21 2024 by rpki-client on console-fra.rpki-client.org