Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/9ef8a0-2618-4699-b952-a400f76a6084/1/LmMa3djEysU60Qxk-gLnjEIAKXc.roa
File: LmMa3djEysU60Qxk-gLnjEIAKXc.roa (raw, json)
Hash identifier: 1M7+1VoeBC5l/zIjr3B1w2bjAC5bMcmDJHkxbiGRkQc=
Subject key identifier: 2E:63:1A:DD:D8:C4:CA:C5:3A:D1:0C:64:FA:02:E7:8C:42:00:29:77
Certificate issuer: /CN=3fefca05a3212ead586e09722375dbd8ded968a4
Certificate serial: 01856D4ACB3AF59E8E753E91A1F2B2C9A7AE
Authority key identifier: 3F:EF:CA:05:A3:21:2E:AD:58:6E:09:72:23:75:DB:D8:DE:D9:68:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-_KBaMhLq1YbglyI3Xb2N7ZaKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/9ef8a0-2618-4699-b952-a400f76a6084/1/LmMa3djEysU60Qxk-gLnjEIAKXc.roa
Signing time: Sun 01 Jan 2023 12:24:56 +0000
ROA not before: Sun 01 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63473
IP address blocks: 185.223.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:cb:3a:f5:9e:8e:75:3e:91:a1:f2:b2:c9:a7:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fefca05a3212ead586e09722375dbd8ded968a4
Validity
Not Before: Jan 1 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e631addd8c4cac53ad10c64fa02e78c42002977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cb:23:ec:69:26:b0:66:19:af:09:32:2d:fb:
cc:0f:c7:a9:30:af:1b:4a:47:1b:c5:62:76:4d:7b:
41:6d:7a:14:11:5f:d2:dc:32:94:c6:13:4e:8c:c1:
b8:18:d2:d0:ea:04:86:4e:17:2e:8d:6b:fd:a2:16:
e6:8a:8f:11:0a:b5:42:95:ee:e9:ff:fb:da:f9:05:
e1:20:5f:c3:ff:0b:b2:70:52:aa:ac:1a:fb:03:4f:
65:f9:0e:cd:f5:7a:8d:6a:9c:3b:31:b4:12:c6:11:
56:a3:a5:8f:57:0b:42:29:2f:82:25:8c:05:d8:3d:
00:10:be:4c:27:8b:8b:02:92:3b:77:cf:04:44:22:
84:65:d9:af:c7:e6:11:12:bc:5f:c6:33:0c:f2:ff:
84:09:29:cc:2e:82:62:29:28:38:97:b7:d9:d5:57:
a9:12:65:3a:bd:ef:50:be:55:b5:27:59:2d:58:96:
2a:1e:e5:12:e9:92:df:0c:3a:16:66:08:85:c2:d0:
61:01:8e:25:79:6d:0f:c2:8d:59:41:c3:74:2c:6c:
16:b1:cb:4b:bc:ce:d0:8e:a8:2f:be:64:39:60:c9:
bd:8f:50:a4:3c:a5:fd:cb:d6:7e:a4:d4:76:a8:f8:
a8:f7:8b:f7:f1:55:d6:8c:ec:3b:8b:6c:62:ca:29:
c9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:63:1A:DD:D8:C4:CA:C5:3A:D1:0C:64:FA:02:E7:8C:42:00:29:77
X509v3 Authority Key Identifier:
keyid:3F:EF:CA:05:A3:21:2E:AD:58:6E:09:72:23:75:DB:D8:DE:D9:68:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-_KBaMhLq1YbglyI3Xb2N7ZaKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9ef8a0-2618-4699-b952-a400f76a6084/1/LmMa3djEysU60Qxk-gLnjEIAKXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9ef8a0-2618-4699-b952-a400f76a6084/1/P-_KBaMhLq1YbglyI3Xb2N7ZaKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.207.0/24
Signature Algorithm: sha256WithRSAEncryption
08:a6:ee:4b:cd:f4:5f:cb:cb:2b:02:3c:d9:01:02:65:29:11:
9f:a0:bd:ed:1c:91:40:50:19:4f:2c:a7:7f:ba:bc:31:ff:10:
14:97:b7:cc:31:55:80:aa:74:bf:18:93:88:c8:85:13:ef:b4:
61:a9:75:ba:14:c9:41:0e:5b:bc:32:6b:67:ca:27:04:cb:a7:
76:f7:00:49:94:f0:4b:66:77:fa:28:28:a3:13:82:fa:53:8b:
c4:3a:e5:8e:f5:7f:12:18:41:8a:f8:41:63:a8:c1:0a:d1:1b:
f1:a5:71:c4:51:fe:14:18:26:ec:70:c4:d3:cd:40:49:07:56:
5d:1c:02:41:d1:40:06:3d:2f:91:48:0b:4b:d5:76:69:2b:8e:
ad:d6:59:fc:57:95:eb:06:e7:cd:f3:da:df:5f:91:f7:ca:8f:
67:81:a3:f1:c4:2d:a9:7d:8c:e0:18:20:77:57:3d:8c:f6:d6:
a4:f9:05:20:b0:78:9b:40:87:42:fc:ba:c5:9b:6e:94:79:e7:
bb:94:80:9f:b8:88:f2:a3:e9:ab:22:e7:75:4f:1e:41:47:51:
34:9e:30:82:d3:9f:ea:da:7f:a6:c2:d7:06:37:ab:32:5a:43:
aa:fe:52:fa:aa:e7:b1:ce:b2:e8:1f:21:70:a2:c7:d1:4b:45:
e3:ed:f8:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSss69Z6OdT6RofKyyaeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWZjYTA1YTMyMTJlYWQ1ODZlMDk3MjIzNzVkYmQ4ZGVk
OTY4YTQwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYzMWFkZGQ4YzRjYWM1M2FkMTBjNjRmYTAyZTc4YzQyMDAyOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8sj7GkmsGYZrwkyLfvMD8epMK8b
SkcbxWJ2TXtBbXoUEV/S3DKUxhNOjMG4GNLQ6gSGThcujWv9ohbmio8RCrVCle7p
//va+QXhIF/D/wuycFKqrBr7A09l+Q7N9XqNapw7MbQSxhFWo6WPVwtCKS+CJYwF
2D0AEL5MJ4uLApI7d88ERCKEZdmvx+YRErxfxjMM8v+ECSnMLoJiKSg4l7fZ1Vep
EmU6ve9QvlW1J1ktWJYqHuUS6ZLfDDoWZgiFwtBhAY4leW0Pwo1ZQcN0LGwWsctL
vM7QjqgvvmQ5YMm9j1CkPKX9y9Z+pNR2qPio94v38VXWjOw7i2xiyinJ1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5jGt3YxMrFOtEMZPoC54xCACl3MB8GA1UdIwQY
MBaAFD/vygWjIS6tWG4JciN129je2WikMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1fS0JhTWhMcTFZYmdseUkzWGIyTjdaYUtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC85ZWY4YTAtMjYxOC00Njk5LWI5NTIt
YTQwMGY3NmE2MDg0LzEvTG1NYTNkakV5c1U2MFF4ay1nTG5qRUlBS1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC85ZWY4YTAtMjYxOC00Njk5LWI5NTItYTQwMGY3NmE2MDg0
LzEvUC1fS0JhTWhMcTFZYmdseUkzWGIyTjdaYUtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud/PMA0G
CSqGSIb3DQEBCwUAA4IBAQAIpu5LzfRfy8srAjzZAQJlKRGfoL3tHJFAUBlPLKd/
urwx/xAUl7fMMVWAqnS/GJOIyIUT77RhqXW6FMlBDlu8MmtnyicEy6d29wBJlPBL
Znf6KCijE4L6U4vEOuWO9X8SGEGK+EFjqMEK0RvxpXHEUf4UGCbscMTTzUBJB1Zd
HAJB0UAGPS+RSAtL1XZpK46t1ln8V5XrBufN89rfX5H3yo9ngaPxxC2pfYzgGCB3
Vz2M9tak+QUgsHibQIdC/LrFm26Ueee7lICfuIjyo+mrIud1Tx5BR1E0njCC05/q
2n+mwtcGN6syWkOq/lL6quexzrLoHyFwosfRS0Xj7fjQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:38 2023 by rpki-client on console-ams.rpki-client.org