Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/g8QMbPHk3cQ0IuaIDovS7BbgfLM.roa
File: g8QMbPHk3cQ0IuaIDovS7BbgfLM.roa (raw, json)
Hash identifier: r7rgxV5S3uJHCJgSEYQLgdFso9WX5Phptv0DQ4VwNOI=
Subject key identifier: 83:C4:0C:6C:F1:E4:DD:C4:34:22:E6:88:0E:8B:D2:EC:16:E0:7C:B3
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01856ED4BB53EC327B2E750FE11693AF9B97
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/g8QMbPHk3cQ0IuaIDovS7BbgfLM.roa
Signing time: Sun 01 Jan 2023 19:35:13 +0000
ROA not before: Sun 01 Jan 2023 19:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12129
IP address blocks: 37.221.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:bb:53:ec:32:7b:2e:75:0f:e1:16:93:af:9b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jan 1 19:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83c40c6cf1e4ddc43422e6880e8bd2ec16e07cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9e:7f:1b:86:ee:e4:81:32:bb:35:91:8c:89:
78:b4:30:a4:f3:f5:ed:1a:24:98:dd:74:4f:b3:f1:
59:89:ea:db:ff:87:33:66:19:c3:bd:8f:21:96:3d:
54:71:48:04:10:79:bd:13:ef:bb:f0:ec:26:7b:25:
78:b7:ed:e7:75:a4:98:02:32:50:84:a1:d5:b1:ff:
5b:0c:b1:f9:3b:8d:95:e4:f6:fc:27:26:47:54:d6:
66:92:78:39:df:1e:f8:80:05:97:f5:fb:a7:c5:e8:
b7:e4:ee:29:55:d0:fb:20:0b:c4:24:5f:e4:ec:78:
56:54:42:13:fa:a7:35:0c:a4:28:d1:4b:78:b7:55:
7c:66:dd:d3:0c:52:47:6f:7d:7f:ac:30:bc:1e:a2:
8b:8c:fb:38:c9:05:c0:18:cb:50:b2:7f:ce:f6:66:
2b:66:e2:96:c6:83:27:5a:0d:93:75:9b:7f:c2:6a:
ca:de:18:92:f2:0a:66:18:9f:c0:9d:0c:c2:93:fa:
86:0c:6a:3f:23:e1:14:2b:1b:7e:a0:e7:0c:a3:bd:
3d:ae:58:53:ba:47:86:b4:2a:e4:f1:51:5e:c8:ad:
d5:24:73:db:26:ab:b4:4a:ac:69:8e:a9:85:bc:7c:
18:9f:6e:8e:f4:52:45:0a:b5:c2:7b:8e:0f:8f:65:
e9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C4:0C:6C:F1:E4:DD:C4:34:22:E6:88:0E:8B:D2:EC:16:E0:7C:B3
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/g8QMbPHk3cQ0IuaIDovS7BbgfLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.109.0/24
Signature Algorithm: sha256WithRSAEncryption
68:eb:7b:da:b4:2f:1d:26:e0:b3:11:a6:96:e2:20:6b:59:39:
c2:b9:18:83:51:ab:62:0d:c2:f1:82:4d:82:b1:55:29:04:4b:
f8:e1:25:83:96:5e:3a:35:94:20:2f:bb:16:a0:7e:6d:9f:d6:
4d:6f:a0:f6:5a:87:21:55:12:91:9f:ba:eb:6d:51:f5:f9:70:
e8:bd:4d:2b:49:1e:8c:26:a6:f0:77:5f:ae:e0:35:22:d0:a2:
9a:f9:09:59:c9:0f:18:dd:d4:df:39:9e:f7:1c:d0:33:16:b6:
38:a3:6d:62:a0:44:30:4a:d4:af:bd:4d:6f:17:b1:a9:5d:81:
0e:be:97:61:79:bc:bb:27:0c:9c:d7:a5:94:c1:7d:59:cd:c6:
9a:b0:3a:ee:23:d9:27:4c:de:c6:cb:fb:63:37:fa:ba:1c:42:
fa:02:be:a5:80:45:7e:d9:c7:f9:0d:aa:c0:56:7f:81:a5:13:
a5:3c:99:ad:36:09:21:ae:38:8a:2c:18:a5:1b:d6:bf:df:1c:
b2:88:24:8b:48:96:b9:82:66:bc:d1:49:5f:28:5c:fe:86:8e:
93:56:30:dd:4b:8f:c5:00:86:1d:3d:b6:79:8b:67:ad:8d:af:
7e:ca:60:75:07:04:a3:ee:4c:18:35:c1:95:dc:48:c4:74:d5:
c7:63:06:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1LtT7DJ7LnUP4RaTr5uXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjMwMTAxMTkzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2M0MGM2Y2YxZTRkZGM0MzQyMmU2ODgwZThiZDJlYzE2ZTA3Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Z5/G4bu5IEyuzWRjIl4tDCk8/Xt
GiSY3XRPs/FZierb/4czZhnDvY8hlj1UcUgEEHm9E++78OwmeyV4t+3ndaSYAjJQ
hKHVsf9bDLH5O42V5Pb8JyZHVNZmkng53x74gAWX9funxei35O4pVdD7IAvEJF/k
7HhWVEIT+qc1DKQo0Ut4t1V8Zt3TDFJHb31/rDC8HqKLjPs4yQXAGMtQsn/O9mYr
ZuKWxoMnWg2TdZt/wmrK3hiS8gpmGJ/AnQzCk/qGDGo/I+EUKxt+oOcMo709rlhT
ukeGtCrk8VFeyK3VJHPbJqu0SqxpjqmFvHwYn26O9FJFCrXCe44Pj2XpqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIPEDGzx5N3ENCLmiA6L0uwW4HyzMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvZzhRTWJQSGszY1EwSXVhSURvdlM3QmJnZkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJd1tMA0G
CSqGSIb3DQEBCwUAA4IBAQBo63vatC8dJuCzEaaW4iBrWTnCuRiDUatiDcLxgk2C
sVUpBEv44SWDll46NZQgL7sWoH5tn9ZNb6D2WochVRKRn7rrbVH1+XDovU0rSR6M
Jqbwd1+u4DUi0KKa+QlZyQ8Y3dTfOZ73HNAzFrY4o21ioEQwStSvvU1vF7GpXYEO
vpdheby7Jwyc16WUwX1ZzcaasDruI9knTN7Gy/tjN/q6HEL6Ar6lgEV+2cf5DarA
Vn+BpROlPJmtNgkhrjiKLBilG9a/3xyyiCSLSJa5gma80UlfKFz+ho6TVjDdS4/F
AIYdPbZ5i2etja9+ymB1BwSj7kwYNcGV3EjEdNXHYwat
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:00 2024 by rpki-client on console-fra.rpki-client.org