Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/SQGYj6cOh5xToE2tuCw2xISfF_I.roa
File: SQGYj6cOh5xToE2tuCw2xISfF_I.roa (raw, json)
Hash identifier: kL1xDZTjfH/d4gNZwrnZ7ddMR/E2s3Tkw+RN4Wx6zKo=
Subject key identifier: 49:01:98:8F:A7:0E:87:9C:53:A0:4D:AD:B8:2C:36:C4:84:9F:17:F2
Certificate issuer: /CN=3d4709d8bd7573ab1df2233b741def2f84c94fee
Certificate serial: 01856ED4B5A77EE12D902180BCCE4B581886
Authority key identifier: 3D:47:09:D8:BD:75:73:AB:1D:F2:23:3B:74:1D:EF:2F:84:C9:4F:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUcJ2L11c6sd8iM7dB3vL4TJT-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/SQGYj6cOh5xToE2tuCw2xISfF_I.roa
Signing time: Sun 01 Jan 2023 19:35:11 +0000
ROA not before: Sun 01 Jan 2023 19:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 87.236.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:b5:a7:7e:e1:2d:90:21:80:bc:ce:4b:58:18:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d4709d8bd7573ab1df2233b741def2f84c94fee
Validity
Not Before: Jan 1 19:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4901988fa70e879c53a04dadb82c36c4849f17f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:46:f4:d2:4f:95:cd:f7:53:fb:e3:3c:65:a5:
b5:c5:e8:be:ee:2c:67:a2:08:ef:cc:4f:25:eb:23:
14:fd:56:c1:7c:94:28:fe:65:31:53:3f:25:13:b1:
43:b3:16:61:82:c8:be:df:49:ae:9a:42:61:1b:46:
1e:82:17:10:58:9a:f5:63:7b:15:40:af:80:46:f3:
77:f7:f0:8f:9a:ac:0b:42:0b:4e:32:2b:9d:a3:08:
77:67:0f:d8:f1:26:17:b4:58:15:92:0d:94:31:a0:
aa:86:a7:c1:91:5b:26:bd:33:22:1a:06:f0:d3:bd:
7d:f9:6f:23:f3:62:69:94:3c:cc:27:60:75:23:4f:
49:63:86:95:ff:52:f8:d0:64:d0:37:57:28:fc:e7:
de:50:33:6e:29:bd:14:4a:0e:d8:ab:8f:1e:b7:44:
90:3c:3c:a3:d1:78:90:c6:6e:65:b6:96:80:d6:2f:
48:8f:b4:0f:0b:e6:c3:8a:64:0c:06:b5:98:c0:83:
95:5f:05:d0:69:c9:7a:d1:93:a1:0b:3d:f7:77:eb:
9f:1a:1b:11:0d:7d:c6:7e:ea:e1:09:dc:20:c7:c5:
05:d5:49:1b:d6:d0:e6:29:64:da:06:dd:1c:a1:41:
5d:38:68:20:c4:4d:7f:d2:fa:2d:f7:2b:7d:fe:72:
a2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:01:98:8F:A7:0E:87:9C:53:A0:4D:AD:B8:2C:36:C4:84:9F:17:F2
X509v3 Authority Key Identifier:
keyid:3D:47:09:D8:BD:75:73:AB:1D:F2:23:3B:74:1D:EF:2F:84:C9:4F:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUcJ2L11c6sd8iM7dB3vL4TJT-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/SQGYj6cOh5xToE2tuCw2xISfF_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/238c6a-c671-4a34-934a-505d681d6172/1/PUcJ2L11c6sd8iM7dB3vL4TJT-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.148.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:95:18:24:9e:33:31:a0:f6:51:d5:ff:11:53:94:a8:50:80:
53:b9:8d:f3:d9:bb:d1:1f:5c:15:e3:46:22:54:a5:0c:f5:ad:
1a:b4:a7:a5:29:1f:93:3f:77:36:5f:ef:4c:71:63:3e:42:1d:
57:bb:55:fa:c2:10:7e:b8:ac:d1:ff:aa:2f:21:97:6f:b2:dc:
f2:45:c9:a1:c0:09:c3:d4:aa:32:e0:2a:20:0f:05:c8:0d:26:
ec:6e:7c:77:76:16:85:f8:fd:25:f0:01:9f:be:8a:be:52:66:
1c:d6:34:e1:08:8b:c1:00:f0:ba:0d:8d:c1:26:de:3c:56:a6:
46:19:0b:fa:1b:f9:70:5b:ff:88:11:42:60:ed:c3:13:d1:c1:
84:64:0e:9c:62:92:a1:28:5e:a7:fd:a4:75:e2:b2:6f:de:29:
34:80:29:ec:63:7a:94:45:63:86:0e:0f:bb:cc:d5:79:6b:83:
03:7c:ba:95:a5:88:03:ad:d6:1c:48:63:19:55:8a:07:81:45:
d1:f4:26:ba:1f:08:a3:b5:ef:43:91:93:a6:3c:a0:ff:1c:54:
b8:21:ec:61:17:78:b9:ad:18:70:fb:03:47:8a:29:2d:34:46:
6a:a8:b2:8d:36:6d:a7:bb:05:f9:a9:9f:e1:b0:71:23:d7:e6:
7c:33:43:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1LWnfuEtkCGAvM5LWBiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDcwOWQ4YmQ3NTczYWIxZGYyMjMzYjc0MWRlZjJmODRj
OTRmZWUwHhcNMjMwMTAxMTkzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTAxOTg4ZmE3MGU4NzljNTNhMDRkYWRiODJjMzZjNDg0OWYxN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokb00k+VzfdT++M8ZaW1xei+7ixn
ogjvzE8l6yMU/VbBfJQo/mUxUz8lE7FDsxZhgsi+30mumkJhG0YeghcQWJr1Y3sV
QK+ARvN39/CPmqwLQgtOMiudowh3Zw/Y8SYXtFgVkg2UMaCqhqfBkVsmvTMiGgbw
0719+W8j82JplDzMJ2B1I09JY4aV/1L40GTQN1co/OfeUDNuKb0USg7Yq48et0SQ
PDyj0XiQxm5ltpaA1i9Ij7QPC+bDimQMBrWYwIOVXwXQacl60ZOhCz33d+ufGhsR
DX3GfurhCdwgx8UF1Ukb1tDmKWTaBt0coUFdOGggxE1/0vot9yt9/nKiMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkBmI+nDoecU6BNrbgsNsSEnxfyMB8GA1UdIwQY
MBaAFD1HCdi9dXOrHfIjO3Qd7y+EyU/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVjSjJMMTFjNnNkOGlNN2RCM3ZMNFRKVC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yMzhjNmEtYzY3MS00YTM0LTkzNGEt
NTA1ZDY4MWQ2MTcyLzEvU1FHWWo2Y09oNXhUb0UydHVDdzJ4SVNmRl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yMzhjNmEtYzY3MS00YTM0LTkzNGEtNTA1ZDY4MWQ2MTcy
LzEvUFVjSjJMMTFjNnNkOGlNN2RCM3ZMNFRKVC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+yUMA0G
CSqGSIb3DQEBCwUAA4IBAQBulRgknjMxoPZR1f8RU5SoUIBTuY3z2bvRH1wV40Yi
VKUM9a0atKelKR+TP3c2X+9McWM+Qh1Xu1X6whB+uKzR/6ovIZdvstzyRcmhwAnD
1Koy4CogDwXIDSbsbnx3dhaF+P0l8AGfvoq+UmYc1jThCIvBAPC6DY3BJt48VqZG
GQv6G/lwW/+IEUJg7cMT0cGEZA6cYpKhKF6n/aR14rJv3ik0gCnsY3qURWOGDg+7
zNV5a4MDfLqVpYgDrdYcSGMZVYoHgUXR9Ca6Hwijte9DkZOmPKD/HFS4IexhF3i5
rRhw+wNHiiktNEZqqLKNNm2nuwX5qZ/hsHEj1+Z8M0MU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:50 2024 by rpki-client on console-ams.rpki-client.org