Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/7WNJRc9psAmO7L5CBvtRjZSCi-s.roa
File: 7WNJRc9psAmO7L5CBvtRjZSCi-s.roa (raw, json)
Hash identifier: e6yPTOvxIkLItwz7mgxeszFfLLoJ+znOWB/QWEHjHMc=
Subject key identifier: ED:63:49:45:CF:69:B0:09:8E:EC:BE:42:06:FB:51:8D:94:82:8B:EB
Certificate issuer: /CN=3d4709d8bd7573ab1df2233b741def2f84c94fee
Certificate serial: 01866019027C5086EC979E8813B56E2D795F
Authority key identifier: 3D:47:09:D8:BD:75:73:AB:1D:F2:23:3B:74:1D:EF:2F:84:C9:4F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUcJ2L11c6sd8iM7dB3vL4TJT-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/7WNJRc9psAmO7L5CBvtRjZSCi-s.roa
Signing time: Fri 17 Feb 2023 15:58:17 +0000
ROA not before: Fri 17 Feb 2023 15:58:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32097
IP address blocks: 87.236.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:60:19:02:7c:50:86:ec:97:9e:88:13:b5:6e:2d:79:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d4709d8bd7573ab1df2233b741def2f84c94fee
Validity
Not Before: Feb 17 15:58:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed634945cf69b0098eecbe4206fb518d94828beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:da:40:52:ab:30:d7:08:63:ba:64:0f:4a:52:
89:4b:75:02:fa:ad:03:02:f5:b8:d0:17:6b:69:fb:
ff:1d:38:ae:40:5f:da:07:bd:f2:29:ed:81:82:d0:
cc:02:1a:c3:ac:23:55:12:ef:cf:33:2d:0b:35:23:
3f:53:80:3f:5e:b7:c0:56:00:5a:c7:bd:39:5e:5a:
8a:aa:0f:19:62:b6:73:e7:86:e8:6e:14:88:d2:ae:
37:4b:74:17:64:f1:c9:80:b4:1a:3b:01:23:4d:2b:
8b:b5:65:c9:b9:6a:9d:7e:cd:3d:35:79:50:ee:9c:
fe:fd:93:08:2e:de:7c:05:5f:7b:27:32:06:52:2b:
77:6b:58:87:c9:41:91:6a:d8:94:21:21:ad:96:fc:
96:c4:b8:57:2d:c1:a4:bd:9a:36:56:85:4c:f1:36:
e1:1e:12:b7:8e:0a:4f:39:76:bf:a9:e2:1a:34:48:
62:48:9d:fb:74:76:93:64:e9:b1:94:88:79:97:e4:
75:1f:03:32:52:22:6a:f1:ba:06:06:16:78:f9:0e:
fd:29:e0:0d:57:9e:ca:ba:a9:1d:7a:15:42:2b:3c:
ee:00:3d:ed:22:ec:9e:9c:85:8e:8f:10:83:3d:d6:
a3:88:41:9c:a6:52:81:04:a1:70:9c:10:a0:28:67:
c1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:63:49:45:CF:69:B0:09:8E:EC:BE:42:06:FB:51:8D:94:82:8B:EB
X509v3 Authority Key Identifier:
keyid:3D:47:09:D8:BD:75:73:AB:1D:F2:23:3B:74:1D:EF:2F:84:C9:4F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUcJ2L11c6sd8iM7dB3vL4TJT-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/7WNJRc9psAmO7L5CBvtRjZSCi-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/PUcJ2L11c6sd8iM7dB3vL4TJT-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.148.0/24
Signature Algorithm: sha256WithRSAEncryption
51:60:ca:15:21:96:44:b6:75:9d:44:2d:53:03:de:d4:6e:94:
06:40:b1:2f:36:70:6d:ba:39:a1:f0:fd:a0:74:32:58:a5:45:
04:d6:14:5d:19:70:35:9b:f9:3e:9d:7f:59:6e:b9:3a:93:ac:
3c:d1:75:89:d2:77:47:a4:62:a7:6e:b6:2b:ab:16:d7:f7:c8:
82:db:21:51:1c:32:dc:d8:55:22:c0:fb:c1:b2:77:a2:06:ee:
9f:2b:cb:a4:2c:11:a0:40:d5:d0:46:76:96:80:87:66:18:d8:
4a:c1:c1:fd:21:92:fd:a7:b8:aa:80:4d:a6:8c:25:93:23:f4:
a0:d3:b6:c9:ca:dc:b1:da:a3:2f:59:b3:65:07:72:57:63:91:
0e:02:d5:67:0c:11:ed:13:8f:3a:4a:d2:44:b4:c7:20:1a:42:
0c:d6:7d:4a:6c:fa:76:8a:a5:bf:41:83:83:ad:38:55:04:e2:
56:57:de:e7:da:33:f5:e5:e9:fa:4f:ca:b8:5c:e4:76:2a:6e:
54:86:b0:dc:09:42:ef:1e:11:ef:85:38:ca:be:33:71:97:a6:
1f:d0:10:3c:e7:d0:d6:83:83:e7:f2:7b:99:da:00:b6:c5:4a:
e1:dc:0b:9b:9b:84:12:ab:2a:82:a4:fd:3f:80:b3:f2:50:b8:
d0:2a:8a:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZgGQJ8UIbsl56IE7VuLXlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDcwOWQ4YmQ3NTczYWIxZGYyMjMzYjc0MWRlZjJmODRj
OTRmZWUwHhcNMjMwMjE3MTU1ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDYzNDk0NWNmNjliMDA5OGVlY2JlNDIwNmZiNTE4ZDk0ODI4YmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitpAUqsw1whjumQPSlKJS3UC+q0D
AvW40Bdrafv/HTiuQF/aB73yKe2BgtDMAhrDrCNVEu/PMy0LNSM/U4A/XrfAVgBa
x705XlqKqg8ZYrZz54bobhSI0q43S3QXZPHJgLQaOwEjTSuLtWXJuWqdfs09NXlQ
7pz+/ZMILt58BV97JzIGUit3a1iHyUGRatiUISGtlvyWxLhXLcGkvZo2VoVM8Tbh
HhK3jgpPOXa/qeIaNEhiSJ37dHaTZOmxlIh5l+R1HwMyUiJq8boGBhZ4+Q79KeAN
V57KuqkdehVCKzzuAD3tIuyenIWOjxCDPdajiEGcplKBBKFwnBCgKGfB0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1jSUXPabAJjuy+Qgb7UY2UgovrMB8GA1UdIwQY
MBaAFD1HCdi9dXOrHfIjO3Qd7y+EyU/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVjSjJMMTFjNnNkOGlNN2RCM3ZMNFRKVC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yMzhjNmEtYzY3MS00YTM0LTkzNGEt
NTA1ZDY4MWQ2MTcyLzEvN1dOSlJjOXBzQW1PN0w1Q0J2dFJqWlNDaS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yMzhjNmEtYzY3MS00YTM0LTkzNGEtNTA1ZDY4MWQ2MTcy
LzEvUFVjSjJMMTFjNnNkOGlNN2RCM3ZMNFRKVC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+yUMA0G
CSqGSIb3DQEBCwUAA4IBAQBRYMoVIZZEtnWdRC1TA97UbpQGQLEvNnBtujmh8P2g
dDJYpUUE1hRdGXA1m/k+nX9Zbrk6k6w80XWJ0ndHpGKnbrYrqxbX98iC2yFRHDLc
2FUiwPvBsneiBu6fK8ukLBGgQNXQRnaWgIdmGNhKwcH9IZL9p7iqgE2mjCWTI/Sg
07bJytyx2qMvWbNlB3JXY5EOAtVnDBHtE486StJEtMcgGkIM1n1KbPp2iqW/QYOD
rThVBOJWV97n2jP15en6T8q4XOR2Km5UhrDcCULvHhHvhTjKvjNxl6Yf0BA859DW
g4Pn8nuZ2gC2xUrh3Aubm4QSqyqCpP0/gLPyULjQKorH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:31 2025 by rpki-client