Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/iLKliSZv1epNLjfD6yC6mlPzHUw.roa
File: iLKliSZv1epNLjfD6yC6mlPzHUw.roa (raw, json)
Hash identifier: GMOc93c0bsba9SGlEc+M0jwwrUEeZnFEuh+eugB9vgo=
Subject key identifier: 88:B2:A5:89:26:6F:D5:EA:4D:2E:37:C3:EB:20:BA:9A:53:F3:1D:4C
Certificate issuer: /CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Certificate serial: 018B6DD38C4236D853001B644FF3A987BAEE
Authority key identifier: 43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/iLKliSZv1epNLjfD6yC6mlPzHUw.roa
Signing time: Thu 26 Oct 2023 21:11:02 +0000
ROA not before: Thu 26 Oct 2023 21:11:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15969
IP address blocks: 194.187.72.0/22 maxlen: 22
194.187.75.0/24 maxlen: 24
194.187.72.0/24 maxlen: 24
2a01:5e00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6d:d3:8c:42:36:d8:53:00:1b:64:4f:f3:a9:87:ba:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43b0105bccb9e6093120767354a8b8493cbe4cd6
Validity
Not Before: Oct 26 21:11:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88b2a589266fd5ea4d2e37c3eb20ba9a53f31d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d1:b4:9a:21:66:41:6b:2c:35:21:58:d7:54:
36:da:d1:36:e7:c4:ad:ba:4a:42:1e:81:79:9a:75:
b0:3f:a7:da:3d:65:05:f1:ce:5a:cc:bf:65:6a:42:
5d:5b:f4:01:d0:9f:3d:9d:11:d4:75:e6:3e:d3:7c:
6d:fe:74:9a:a9:de:50:e4:ce:56:96:28:40:45:24:
15:fe:06:b3:ad:7b:c8:8f:28:5a:a4:cd:ae:0e:30:
32:06:24:7c:1e:02:70:9c:14:0c:b9:21:43:5a:19:
e2:ae:36:5f:77:fc:db:bb:58:b8:11:f3:3c:c5:ea:
d3:b2:a7:d7:66:a1:6c:f7:50:1b:63:f6:e6:f8:3c:
01:13:b0:16:45:e9:07:a4:cc:47:80:00:38:00:b3:
7f:93:84:5e:ed:b9:23:ad:cf:6a:24:67:02:89:7e:
a6:c9:15:29:e8:ec:3e:8d:f4:89:7f:77:8e:85:c7:
b2:fb:4a:99:f4:14:ad:44:8f:cd:55:15:03:14:83:
43:a2:bd:28:ea:1c:ba:45:0d:d3:72:20:cf:8e:a7:
90:5e:8b:14:a3:86:bb:66:7d:14:6c:b0:82:ba:53:
7f:6b:56:6c:6e:89:ac:2e:fd:f9:ff:e9:6f:62:a6:
c3:9f:be:67:0d:15:cc:54:5f:8b:fe:e3:44:93:6f:
7e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B2:A5:89:26:6F:D5:EA:4D:2E:37:C3:EB:20:BA:9A:53:F3:1D:4C
X509v3 Authority Key Identifier:
keyid:43:B0:10:5B:CC:B9:E6:09:31:20:76:73:54:A8:B8:49:3C:BE:4C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q7AQW8y55gkxIHZzVKi4STy-TNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/iLKliSZv1epNLjfD6yC6mlPzHUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f75c65-885e-417d-8076-bf7d8fca46e1/1/Q7AQW8y55gkxIHZzVKi4STy-TNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.72.0/22
IPv6:
2a01:5e00::/29
Signature Algorithm: sha256WithRSAEncryption
48:a0:4d:8a:ab:fc:44:27:60:ff:b5:22:22:8d:05:65:4f:c7:
d3:5c:d0:f0:7d:df:53:f7:2c:91:54:12:cd:40:2e:f8:f6:0f:
e2:6e:c1:0d:4b:a2:ba:6a:e3:3c:ca:66:63:85:7c:cc:4b:c8:
91:63:da:37:aa:ed:f7:f4:7c:56:8b:37:3d:ac:d4:a4:d7:91:
44:02:89:ee:4f:81:67:ca:71:3e:9f:1e:22:7b:70:b0:e1:bc:
f4:97:da:49:49:d2:db:c7:ee:a4:83:b6:57:d9:96:51:d5:3f:
7d:96:ae:a3:f8:b8:52:19:2d:cd:e6:99:e1:aa:73:18:17:6c:
f9:12:c2:f8:7e:11:a2:09:63:f2:e6:6d:8b:56:df:98:be:b6:
61:94:be:d5:17:1b:fe:f5:0d:77:b3:63:fc:46:e4:07:44:e4:
42:e2:b3:b7:44:32:56:83:07:99:c7:cc:56:3a:c7:ad:57:28:
fc:61:df:b9:e4:c1:96:a2:7b:c5:e1:b7:0a:0e:e5:c0:30:eb:
69:bd:86:20:e9:1e:60:9b:74:0a:f7:3e:df:09:a4:15:33:ea:
b0:33:f2:e9:a6:92:0b:0e:86:45:d8:b0:71:ee:58:be:d1:4b:
7c:b9:d1:34:1b:f3:c6:63:ec:69:ec:50:6e:32:0e:ae:ad:66:
7c:16:a9:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtt04xCNthTABtkT/Oph7ruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYjAxMDViY2NiOWU2MDkzMTIwNzY3MzU0YThiODQ5M2Ni
ZTRjZDYwHhcNMjMxMDI2MjExMTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGIyYTU4OTI2NmZkNWVhNGQyZTM3YzNlYjIwYmE5YTUzZjMxZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtG0miFmQWssNSFY11Q22tE258St
ukpCHoF5mnWwP6faPWUF8c5azL9lakJdW/QB0J89nRHUdeY+03xt/nSaqd5Q5M5W
lihARSQV/gazrXvIjyhapM2uDjAyBiR8HgJwnBQMuSFDWhnirjZfd/zbu1i4EfM8
xerTsqfXZqFs91AbY/bm+DwBE7AWRekHpMxHgAA4ALN/k4Re7bkjrc9qJGcCiX6m
yRUp6Ow+jfSJf3eOhcey+0qZ9BStRI/NVRUDFINDor0o6hy6RQ3TciDPjqeQXosU
o4a7Zn0UbLCCulN/a1ZsbomsLv35/+lvYqbDn75nDRXMVF+L/uNEk29+SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIiypYkmb9XqTS43w+sguppT8x1MMB8GA1UdIwQY
MBaAFEOwEFvMueYJMSB2c1SouEk8vkzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYt
YmY3ZDhmY2E0NmUxLzEvaUxLbGlTWnYxZXBOTGpmRDZ5QzZtbFB6SFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mNzVjNjUtODg1ZS00MTdkLTgwNzYtYmY3ZDhmY2E0NmUx
LzEvUTdBUVc4eTU1Z2t4SUhaelZLaTRTVHktVE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwrtIMA0E
AgACMAcDBQMqAV4AMA0GCSqGSIb3DQEBCwUAA4IBAQBIoE2Kq/xEJ2D/tSIijQVl
T8fTXNDwfd9T9yyRVBLNQC749g/ibsENS6K6auM8ymZjhXzMS8iRY9o3qu339HxW
izc9rNSk15FEAonuT4FnynE+nx4ie3Cw4bz0l9pJSdLbx+6kg7ZX2ZZR1T99lq6j
+LhSGS3N5pnhqnMYF2z5EsL4fhGiCWPy5m2LVt+YvrZhlL7VFxv+9Q13s2P8RuQH
RORC4rO3RDJWgweZx8xWOsetVyj8Yd+55MGWonvF4bcKDuXAMOtpvYYg6R5gm3QK
9z7fCaQVM+qwM/LpppILDoZF2LBx7li+0Ut8udE0G/PGY+xp7FBuMg6urWZ8Fqn7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org