Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/8vm-GsY8wzvdi-8D178nsB3NOkg.roa
File: 8vm-GsY8wzvdi-8D178nsB3NOkg.roa (raw, json)
Hash identifier: UTcAI2uMN1Tsr3rPGRTammYmbBkg2C6SK0Vyvqo/JuI=
Subject key identifier: F2:F9:BE:1A:C6:3C:C3:3B:DD:8B:EF:03:D7:BF:27:B0:1D:CD:3A:48
Certificate issuer: /CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Certificate serial: 0187234C2D7B35F9C02231373678B5784948
Authority key identifier: 43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/8vm-GsY8wzvdi-8D178nsB3NOkg.roa
Signing time: Mon 27 Mar 2023 13:40:07 +0000
ROA not before: Mon 27 Mar 2023 13:40:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34688
IP address blocks: 194.116.252.0/23 maxlen: 23
194.187.72.0/22 maxlen: 22
2a01:5e00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:4c:2d:7b:35:f9:c0:22:31:37:36:78:b5:78:49:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Validity
Not Before: Mar 27 13:40:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2f9be1ac63cc33bdd8bef03d7bf27b01dcd3a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c5:2d:20:66:5b:26:cf:07:77:8e:5c:61:aa:
ff:69:40:cc:62:88:eb:ea:c1:96:2c:25:9e:e8:63:
7a:a0:4c:0b:02:e5:43:8a:6d:b9:ce:cc:f1:3b:ef:
f7:ef:98:f1:be:fa:0d:be:a5:96:e7:9d:2d:51:df:
a1:2d:8a:73:7b:07:12:1c:8b:07:78:0f:07:18:de:
c1:c0:2a:ca:cd:a4:46:91:91:53:d0:e8:72:bf:9e:
cd:4b:ed:cb:e8:6c:76:72:bb:ca:87:61:1e:96:4e:
de:37:0b:c8:e8:e7:07:09:d8:c3:d2:ec:24:0f:3d:
25:0e:79:0b:b9:30:d4:19:77:15:a5:79:ad:4c:23:
bd:6b:5f:dc:dd:c5:8a:8b:ae:d8:ff:85:f3:7d:5b:
3e:ca:b6:d6:14:55:ba:73:8b:ff:b3:56:95:40:58:
07:d2:ce:9c:07:17:df:9a:5d:aa:9f:55:a3:39:20:
f3:8b:53:85:45:46:15:13:c6:4b:29:f1:17:c1:7b:
32:1e:6c:10:b7:91:e4:88:a4:f9:54:45:0f:5f:0f:
21:03:46:0c:40:e0:e1:4b:7a:f6:08:5b:5f:32:88:
dc:67:06:4f:f8:97:44:38:ed:7a:38:7b:64:79:a5:
9d:77:4d:34:a9:f3:42:c7:6e:35:8a:b9:1e:b1:44:
6f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F9:BE:1A:C6:3C:C3:3B:DD:8B:EF:03:D7:BF:27:B0:1D:CD:3A:48
X509v3 Authority Key Identifier:
keyid:43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/8vm-GsY8wzvdi-8D178nsB3NOkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/Q7AQW8y55gkxIHZzVKi4STy-TNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.252.0/23
194.187.72.0/22
IPv6:
2a01:5e00::/32
Signature Algorithm: sha256WithRSAEncryption
1c:54:29:8c:6b:7a:3d:fc:81:5f:34:ae:5e:43:1b:18:07:b4:
29:6e:44:09:dc:d2:f9:13:b7:15:67:22:02:ec:87:a7:aa:91:
cf:60:16:ef:0e:42:85:48:34:54:30:76:6c:ea:21:bc:8b:6a:
61:92:27:74:f0:14:5a:42:82:e5:b0:a0:d3:18:66:87:17:16:
1e:c6:cd:22:d5:c7:f4:d2:e8:51:c2:ef:9d:58:b3:52:bc:53:
ab:99:4c:b7:11:58:da:2d:7f:d9:f2:55:9b:e8:f1:07:b7:ae:
a5:c6:09:63:a4:a2:e1:b0:ce:b8:15:99:5f:6a:e3:66:10:27:
83:e8:4c:6b:c1:01:e1:4d:74:09:ac:98:92:75:a0:c0:fe:b1:
ed:fa:79:70:5f:18:d3:57:d6:b8:71:76:b7:b0:28:0e:4b:38:
ed:d8:99:dd:89:2e:e1:b1:b1:5a:ad:7a:9e:e3:2b:6a:6e:f3:
51:a0:ff:4d:ae:ad:fc:25:ee:26:41:6b:b1:7f:7a:01:c9:3f:
46:b9:cd:f7:96:dc:2d:52:48:01:ba:5f:4a:1b:30:aa:eb:35:
89:37:8e:7f:a2:82:ea:45:3f:c3:38:3d:31:12:13:73:62:04:
e0:a6:e3:5b:2d:5a:ed:55:42:ed:33:0d:7c:ec:f4:ee:77:15:
f6:06:5e:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcjTC17NfnAIjE3Nni1eElIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYjAxMDViY2NiOWU2MDkzMTIwNzY3MzU0YThiODQ5M2Ni
ZTRjZDYwHhcNMjMwMzI3MTM0MDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY5YmUxYWM2M2NjMzNiZGQ4YmVmMDNkN2JmMjdiMDFkY2QzYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcUtIGZbJs8Hd45cYar/aUDMYojr
6sGWLCWe6GN6oEwLAuVDim25zszxO+/375jxvvoNvqWW550tUd+hLYpzewcSHIsH
eA8HGN7BwCrKzaRGkZFT0Ohyv57NS+3L6Gx2crvKh2Eelk7eNwvI6OcHCdjD0uwk
Dz0lDnkLuTDUGXcVpXmtTCO9a1/c3cWKi67Y/4XzfVs+yrbWFFW6c4v/s1aVQFgH
0s6cBxffml2qn1WjOSDzi1OFRUYVE8ZLKfEXwXsyHmwQt5HkiKT5VEUPXw8hA0YM
QODhS3r2CFtfMojcZwZP+JdEOO16OHtkeaWdd000qfNCx241irkesURvtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPL5vhrGPMM73YvvA9e/J7AdzTpIMB8GA1UdIwQY
MBaAFEOwEFvMueYJMSB2c1SouEk8vkzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYt
YmY3ZDhmY2E0NmUxLzEvOHZtLUdzWTh3enZkaS04RDE3OG5zQjNOT2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYtYmY3ZDhmY2E0NmUx
LzEvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwnT8AwQC
wrtIMA0EAgACMAcDBQAqAV4AMA0GCSqGSIb3DQEBCwUAA4IBAQAcVCmMa3o9/IFf
NK5eQxsYB7QpbkQJ3NL5E7cVZyIC7IenqpHPYBbvDkKFSDRUMHZs6iG8i2phkid0
8BRaQoLlsKDTGGaHFxYexs0i1cf00uhRwu+dWLNSvFOrmUy3EVjaLX/Z8lWb6PEH
t66lxgljpKLhsM64FZlfauNmECeD6ExrwQHhTXQJrJiSdaDA/rHt+nlwXxjTV9a4
cXa3sCgOSzjt2JndiS7hsbFarXqe4ytqbvNRoP9Nrq38Je4mQWuxf3oByT9Guc33
ltwtUkgBul9KGzCq6zWJN45/ooLqRT/DOD0xEhNzYgTgpuNbLVrtVULtMw187PTu
dxX2Bl7h
-----END CERTIFICATE-----
Generated at Thu Dec 14 09:33:34 2023 by rpki-client on console-ams.rpki-client.org