Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/YUXvAUMLfDYEsO-mf2Fnfwekj78.roa
File: YUXvAUMLfDYEsO-mf2Fnfwekj78.roa (raw, json)
Hash identifier: FvbAM+pEUWANNyyoEcvfpEdYkrwJOKDGffRYmPOOtAI=
Subject key identifier: 61:45:EF:01:43:0B:7C:36:04:B0:EF:A6:7F:61:67:7F:07:A4:8F:BF
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 01856ED4C200AB77272B76AB269A063179CF
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/YUXvAUMLfDYEsO-mf2Fnfwekj78.roa
Signing time: Sun 01 Jan 2023 19:35:15 +0000
ROA not before: Sun 01 Jan 2023 19:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 152.89.194.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c2:00:ab:77:27:2b:76:ab:26:9a:06:31:79:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jan 1 19:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6145ef01430b7c3604b0efa67f61677f07a48fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:57:fd:44:a7:ae:cb:07:1c:09:6e:ea:f2:f1:
47:67:be:e5:c5:4f:80:bd:42:ae:19:a1:7e:ed:9e:
0e:cc:04:ce:13:90:28:ec:ca:d8:43:fd:aa:ac:8e:
05:d3:26:8e:65:19:30:db:3b:e3:35:50:46:62:ed:
0c:f1:f9:48:b2:8c:52:a5:b9:1e:9f:b1:1e:5a:6a:
65:fb:5c:66:2c:40:b4:c6:e1:50:fb:8e:89:34:32:
8e:44:22:33:24:25:b8:7a:d8:aa:9d:ab:69:4c:d9:
6c:b9:32:f9:92:c9:b7:45:19:88:9f:36:5d:d3:1c:
8c:b3:08:7c:fa:e9:9d:c6:d4:23:6a:b9:a9:c5:14:
da:a1:30:d2:74:af:0d:72:85:52:26:79:70:29:50:
d8:8e:03:a6:61:c8:6a:d9:cf:41:4a:53:73:f3:4e:
37:83:16:7f:34:aa:6e:e6:83:a6:ee:bd:fe:27:37:
a2:4a:ce:70:84:d7:13:14:cf:c7:88:a0:e9:7b:70:
8d:7a:8b:dc:12:05:cc:f4:01:e3:04:f0:ea:3d:86:
c4:e7:ef:fb:64:cc:9d:78:57:d4:ad:cd:ba:e0:da:
3d:d1:59:d2:1e:aa:b9:bc:92:e6:91:64:59:8d:cb:
39:f0:a3:f6:c1:fe:a9:ba:9f:2a:6f:84:3c:ec:a1:
2d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:45:EF:01:43:0B:7C:36:04:B0:EF:A6:7F:61:67:7F:07:A4:8F:BF
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/YUXvAUMLfDYEsO-mf2Fnfwekj78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:26:bd:f0:e1:eb:ae:82:b1:e4:79:9f:cf:72:13:4d:ee:23:
dc:6c:28:e5:c0:8f:e8:dd:ca:f5:88:bb:ce:fc:2c:4a:f0:93:
30:57:1c:f6:7b:08:c2:c3:49:6c:d2:e5:0f:f0:b9:11:7e:24:
ec:78:e1:b3:01:ab:c0:57:26:d7:f2:9d:76:b4:5f:13:bd:b0:
bc:dd:9a:fc:f2:66:a0:eb:28:12:ac:cd:c9:05:b8:90:8c:60:
90:0b:49:33:dd:4b:b3:13:08:e4:e1:a2:f3:f4:3b:16:48:b7:
bf:92:d5:2c:d2:43:42:9b:d2:61:20:e0:10:e5:33:5c:b1:eb:
b0:87:b4:39:ee:80:1b:63:5f:ba:e5:2a:91:22:46:ea:bd:ae:
d9:ca:f4:5b:f7:ff:71:68:e2:09:c4:7f:5b:5e:c9:bb:af:84:
05:c7:7f:41:61:f5:50:d0:9c:31:cb:6e:71:22:cb:68:b0:dd:
ff:d7:b0:b2:6e:35:25:b1:04:4c:f1:6f:fe:be:49:16:fe:02:
0f:ff:a7:e4:6e:8e:44:2f:3f:c0:b8:27:89:4d:3f:b5:45:de:
d6:42:68:34:3e:5a:c6:81:b8:f4:8b:31:29:8f:43:82:a2:cc:
59:4a:59:8e:4a:40:0d:57:42:ec:f0:ad:18:6d:23:05:81:06:
f7:9c:cd:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MIAq3cnK3arJpoGMXnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjMwMTAxMTkzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTQ1ZWYwMTQzMGI3YzM2MDRiMGVmYTY3ZjYxNjc3ZjA3YTQ4ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVf9RKeuywccCW7q8vFHZ77lxU+A
vUKuGaF+7Z4OzATOE5Ao7MrYQ/2qrI4F0yaOZRkw2zvjNVBGYu0M8flIsoxSpbke
n7EeWmpl+1xmLEC0xuFQ+46JNDKORCIzJCW4etiqnatpTNlsuTL5ksm3RRmInzZd
0xyMswh8+umdxtQjarmpxRTaoTDSdK8NcoVSJnlwKVDYjgOmYchq2c9BSlNz8043
gxZ/NKpu5oOm7r3+JzeiSs5whNcTFM/HiKDpe3CNeovcEgXM9AHjBPDqPYbE5+/7
ZMydeFfUrc264No90VnSHqq5vJLmkWRZjcs58KP2wf6pup8qb4Q87KEtAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGFF7wFDC3w2BLDvpn9hZ38HpI+/MB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvWVVYdkFVTUxmRFlFc08tbWYyRm5md2Vrajc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQAKJr3w4euugrHkeZ/PchNN7iPcbCjlwI/o3cr1iLvO
/CxK8JMwVxz2ewjCw0ls0uUP8LkRfiTseOGzAavAVybX8p12tF8TvbC83Zr88mag
6ygSrM3JBbiQjGCQC0kz3UuzEwjk4aLz9DsWSLe/ktUs0kNCm9JhIOAQ5TNcseuw
h7Q57oAbY1+65SqRIkbqva7ZyvRb9/9xaOIJxH9bXsm7r4QFx39BYfVQ0Jwxy25x
IstosN3/17CybjUlsQRM8W/+vkkW/gIP/6fkbo5ELz/AuCeJTT+1Rd7WQmg0PlrG
gbj0izEpj0OCosxZSlmOSkANV0Ls8K0YbSMFgQb3nM2a
-----END CERTIFICATE-----
Generated at Thu Jul 20 13:17:49 2023 by rpki-client on console-ams.rpki-client.org