Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/o4GKTPQVyfNfezn8lpjRsLgZDYI.roa
File: o4GKTPQVyfNfezn8lpjRsLgZDYI.roa (raw, json)
Hash identifier: jUSbaXSci5g7RVauuMWevKQzbftBJXWLykmKU3/70rU=
Subject key identifier: A3:81:8A:4C:F4:15:C9:F3:5F:7B:39:FC:96:98:D1:B0:B8:19:0D:82
Certificate issuer: /CN=d5271a6f99eac12abe0856100a14a2d9663ce7bb
Certificate serial: 018571F9F7A8337D9DFF4B57E820A4D3A727
Authority key identifier: D5:27:1A:6F:99:EA:C1:2A:BE:08:56:10:0A:14:A2:D9:66:3C:E7:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Scab5nqwSq-CFYQChSi2WY857s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/o4GKTPQVyfNfezn8lpjRsLgZDYI.roa
Signing time: Mon 02 Jan 2023 10:14:45 +0000
ROA not before: Mon 02 Jan 2023 10:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39151
IP address blocks: 185.23.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f9:f7:a8:33:7d:9d:ff:4b:57:e8:20:a4:d3:a7:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5271a6f99eac12abe0856100a14a2d9663ce7bb
Validity
Not Before: Jan 2 10:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3818a4cf415c9f35f7b39fc9698d1b0b8190d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4d:f3:cf:91:30:07:2a:d4:3f:20:3c:f2:82:
87:b3:28:ed:aa:52:e3:6f:be:6d:f5:23:66:fd:2a:
c2:83:27:4c:2e:93:cf:6b:70:6a:8f:eb:2d:10:85:
d0:50:61:c9:b3:1b:ee:54:88:09:1a:28:ee:ae:8c:
98:ba:27:7b:98:d6:e9:0b:28:fa:5a:44:3b:7e:25:
b6:19:40:45:fc:4c:f3:d8:b4:44:52:b0:09:41:b2:
2e:0f:88:1c:7d:e4:42:d6:20:8d:08:de:00:dd:0c:
a2:2d:0c:d4:1e:54:03:bd:85:da:91:7f:35:29:78:
fe:c5:10:ef:42:c5:3a:8e:30:c9:86:4e:62:b0:dc:
63:b5:1a:2c:b4:ae:f4:28:a8:97:5d:fb:3f:b6:63:
e3:cd:6b:53:be:8a:f7:7c:63:ae:e8:d4:84:e1:32:
be:a3:9e:d9:b0:2e:d4:30:f2:5e:39:97:c3:4b:67:
14:0c:cb:1e:86:3b:fe:41:e2:eb:fb:f9:23:1d:5c:
5c:93:6a:71:2b:b2:5c:15:eb:90:79:5b:a8:42:fd:
b8:98:e4:e6:87:8a:7c:7b:20:e6:4e:a4:1b:fe:50:
c9:69:a7:47:62:49:1d:bb:0b:62:33:9d:f9:67:2b:
a9:9a:70:ff:b4:5c:ce:d7:36:57:09:6d:55:e9:18:
c5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:81:8A:4C:F4:15:C9:F3:5F:7B:39:FC:96:98:D1:B0:B8:19:0D:82
X509v3 Authority Key Identifier:
keyid:D5:27:1A:6F:99:EA:C1:2A:BE:08:56:10:0A:14:A2:D9:66:3C:E7:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Scab5nqwSq-CFYQChSi2WY857s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/o4GKTPQVyfNfezn8lpjRsLgZDYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/180996-c97a-48bc-b5ab-100862b96c4d/1/1Scab5nqwSq-CFYQChSi2WY857s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.243.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:a7:88:9a:c0:2e:00:a3:bb:75:1a:a5:6e:68:06:b2:14:db:
2b:b0:40:01:0e:82:73:7e:12:2d:ba:23:cf:3b:e5:15:4f:45:
be:46:21:dd:7e:c1:c5:f5:01:3f:4b:b0:1a:69:da:67:09:ef:
8a:4d:83:55:6e:ff:fb:81:e4:db:e2:7c:ac:ca:d3:ea:e7:e8:
c5:72:80:fb:9a:d5:17:64:21:1b:4f:82:d8:f0:51:01:aa:aa:
c5:06:27:66:75:1c:19:c5:74:9a:a0:34:fb:62:ae:1b:ce:db:
96:71:14:27:27:52:69:94:d3:9a:45:e5:fc:51:05:79:cc:50:
4f:0c:fc:ca:5b:47:65:94:a1:1b:2e:c8:72:1d:27:da:30:c0:
60:c5:f6:8d:3f:85:02:d8:83:1c:0c:a4:f0:1d:97:7a:80:37:
c1:3d:8f:0c:fb:17:78:42:51:c0:3a:38:70:0b:93:cd:84:0d:
6f:1f:fc:90:e1:a1:3a:cd:f1:8f:ec:4f:8b:bb:e7:ad:a7:88:
b8:c6:f6:9a:e7:b9:ad:04:d6:e7:db:db:0a:46:0a:d5:c7:15:
13:32:3e:f8:59:71:83:d9:71:0f:67:86:92:e6:f9:62:f9:c9:
9b:af:c8:15:1a:a9:e6:ad:c0:ef:86:71:3f:04:7b:7b:0d:2e:
4b:c7:14:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+feoM32d/0tX6CCk06cnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MjcxYTZmOTllYWMxMmFiZTA4NTYxMDBhMTRhMmQ5NjYz
Y2U3YmIwHhcNMjMwMTAyMTAxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzgxOGE0Y2Y0MTVjOWYzNWY3YjM5ZmM5Njk4ZDFiMGI4MTkwZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp03zz5EwByrUPyA88oKHsyjtqlLj
b75t9SNm/SrCgydMLpPPa3Bqj+stEIXQUGHJsxvuVIgJGijuroyYuid7mNbpCyj6
WkQ7fiW2GUBF/Ezz2LREUrAJQbIuD4gcfeRC1iCNCN4A3QyiLQzUHlQDvYXakX81
KXj+xRDvQsU6jjDJhk5isNxjtRostK70KKiXXfs/tmPjzWtTvor3fGOu6NSE4TK+
o57ZsC7UMPJeOZfDS2cUDMsehjv+QeLr+/kjHVxck2pxK7JcFeuQeVuoQv24mOTm
h4p8eyDmTqQb/lDJaadHYkkduwtiM535ZyupmnD/tFzO1zZXCW1V6RjFrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOBikz0FcnzX3s5/JaY0bC4GQ2CMB8GA1UdIwQY
MBaAFNUnGm+Z6sEqvghWEAoUotlmPOe7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVNjYWI1bnF3U3EtQ0ZZUUNoU2kyV1k4NTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xODA5OTYtYzk3YS00OGJjLWI1YWIt
MTAwODYyYjk2YzRkLzEvbzRHS1RQUVZ5Zk5mZXpuOGxwalJzTGdaRFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xODA5OTYtYzk3YS00OGJjLWI1YWItMTAwODYyYjk2YzRk
LzEvMVNjYWI1bnF3U3EtQ0ZZUUNoU2kyV1k4NTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRfzMA0G
CSqGSIb3DQEBCwUAA4IBAQBsp4iawC4Ao7t1GqVuaAayFNsrsEABDoJzfhItuiPP
O+UVT0W+RiHdfsHF9QE/S7AaadpnCe+KTYNVbv/7geTb4nysytPq5+jFcoD7mtUX
ZCEbT4LY8FEBqqrFBidmdRwZxXSaoDT7Yq4bztuWcRQnJ1JplNOaReX8UQV5zFBP
DPzKW0dllKEbLshyHSfaMMBgxfaNP4UC2IMcDKTwHZd6gDfBPY8M+xd4QlHAOjhw
C5PNhA1vH/yQ4aE6zfGP7E+Lu+etp4i4xvaa57mtBNbn29sKRgrVxxUTMj74WXGD
2XEPZ4aS5vli+cmbr8gVGqnmrcDvhnE/BHt7DS5LxxSP
-----END CERTIFICATE-----
Generated at Mon Aug 28 11:08:20 2023 by rpki-client on console-fra.rpki-client.org