Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/aCXkxtNFP8X5-MgiKxVMaBE2gmQ.roa
File: aCXkxtNFP8X5-MgiKxVMaBE2gmQ.roa (raw, json)
Hash identifier: Lb3rioPQWecZn6bmrNK3/eSVCTMywY3MtV/vEWiBzos=
Subject key identifier: 68:25:E4:C6:D3:45:3F:C5:F9:F8:C8:22:2B:15:4C:68:11:36:82:64
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 018755860744911BA9FCFDACB529EF63A04A
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/aCXkxtNFP8X5-MgiKxVMaBE2gmQ.roa
Signing time: Thu 06 Apr 2023 07:44:19 +0000
ROA not before: Thu 06 Apr 2023 07:44:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 152.89.192.0/24 maxlen: 24
152.89.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:86:07:44:91:1b:a9:fc:fd:ac:b5:29:ef:63:a0:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Apr 6 07:44:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6825e4c6d3453fc5f9f8c8222b154c6811368264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:04:e0:69:c7:fa:04:5a:f3:3e:eb:4c:80:dc:
df:15:e3:a7:93:0c:b6:5f:b6:47:f3:7c:e5:1c:36:
58:75:3b:7d:2d:84:97:58:b0:e3:f4:78:56:4e:99:
ba:af:fd:50:35:86:65:f9:da:d7:08:bf:b8:2a:17:
e6:7d:c0:b7:7f:cf:3b:5e:4e:a4:d5:39:a7:5e:86:
2c:c5:24:63:42:4f:83:c0:cd:ca:29:17:a3:bb:9b:
a7:61:2b:3e:b3:f9:9c:8d:16:dd:0f:31:f0:83:a2:
a7:09:aa:c8:4d:4d:98:9e:53:d2:b9:a8:5d:3a:07:
bd:c8:3f:b8:44:e6:f1:f2:0c:59:6a:3c:a9:29:81:
bc:da:41:83:94:25:c1:01:ba:35:ca:4f:fe:a0:fe:
5a:5c:3d:96:56:d2:20:88:3a:d6:62:dd:a5:8f:b5:
e6:be:38:07:e2:ac:e7:25:d8:86:1d:bd:9f:6c:9b:
95:c7:e0:7c:38:1d:d8:ec:29:55:58:ab:78:d2:80:
63:d7:51:bd:c6:e2:1e:f9:9b:e8:e4:dd:ee:16:73:
39:b4:8f:a6:c0:eb:df:84:4a:23:81:93:39:03:54:
91:9a:23:3e:01:7a:06:ff:78:0d:80:57:6c:47:63:
b4:1d:03:a5:b6:75:63:b7:70:e4:29:49:34:fd:b3:
cf:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:25:E4:C6:D3:45:3F:C5:F9:F8:C8:22:2B:15:4C:68:11:36:82:64
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/aCXkxtNFP8X5-MgiKxVMaBE2gmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.192.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:19:9b:b1:16:5d:56:8c:ea:ca:90:b9:b8:64:5e:61:53:00:
90:43:ef:53:c2:b8:47:f1:9b:e5:7f:72:9c:62:88:12:e7:0a:
87:40:70:46:79:6c:a2:9d:32:83:08:45:e8:89:0a:7d:44:78:
e2:d8:95:40:2b:5b:d8:b5:f5:1b:ae:a5:f5:87:05:ad:c4:8c:
e7:fb:9a:90:e1:fe:c7:47:68:3b:11:f7:0f:20:71:f4:4f:cc:
95:b2:b5:5f:ab:14:0b:a5:96:af:49:fd:6b:86:3e:5f:b5:96:
41:bf:5a:af:f4:e5:6c:08:05:f4:7a:3c:16:4b:e0:ef:2e:e8:
7b:03:1a:d7:05:06:03:39:3b:db:16:1b:84:01:b4:26:fb:ed:
fe:d1:ac:29:67:65:8a:82:95:a3:9c:5c:14:f7:a2:3d:14:54:
0d:0c:34:f6:37:af:36:2d:7f:41:38:74:ce:e0:84:fa:93:ec:
35:65:b8:e4:76:61:50:fd:8d:39:09:18:cf:bb:53:d4:1e:24:
49:b8:35:5c:c8:e6:58:a9:c1:f2:29:30:96:27:57:82:23:8c:
a9:7b:00:23:e4:bc:c2:21:5d:a6:f1:f1:33:07:9a:a9:4d:bf:
23:c5:90:c2:86:3e:ec:17:8f:4f:64:a8:73:81:57:05:56:0d:
37:09:e3:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdVhgdEkRup/P2stSnvY6BKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjMwNDA2MDc0NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI1ZTRjNmQzNDUzZmM1ZjlmOGM4MjIyYjE1NGM2ODExMzY4MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjATgacf6BFrzPutMgNzfFeOnkwy2
X7ZH83zlHDZYdTt9LYSXWLDj9HhWTpm6r/1QNYZl+drXCL+4KhfmfcC3f887Xk6k
1TmnXoYsxSRjQk+DwM3KKReju5unYSs+s/mcjRbdDzHwg6KnCarITU2YnlPSuahd
Oge9yD+4RObx8gxZajypKYG82kGDlCXBAbo1yk/+oP5aXD2WVtIgiDrWYt2lj7Xm
vjgH4qznJdiGHb2fbJuVx+B8OB3Y7ClVWKt40oBj11G9xuIe+Zvo5N3uFnM5tI+m
wOvfhEojgZM5A1SRmiM+AXoG/3gNgFdsR2O0HQOltnVjt3DkKUk0/bPPwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgl5MbTRT/F+fjIIisVTGgRNoJkMB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvYUNYa3h0TkZQOFg1LU1naUt4Vk1hQkUyZ21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFnAMA0G
CSqGSIb3DQEBCwUAA4IBAQAbGZuxFl1WjOrKkLm4ZF5hUwCQQ+9TwrhH8Zvlf3Kc
YogS5wqHQHBGeWyinTKDCEXoiQp9RHji2JVAK1vYtfUbrqX1hwWtxIzn+5qQ4f7H
R2g7EfcPIHH0T8yVsrVfqxQLpZavSf1rhj5ftZZBv1qv9OVsCAX0ejwWS+DvLuh7
AxrXBQYDOTvbFhuEAbQm++3+0awpZ2WKgpWjnFwU96I9FFQNDDT2N682LX9BOHTO
4IT6k+w1ZbjkdmFQ/Y05CRjPu1PUHiRJuDVcyOZYqcHyKTCWJ1eCI4ypewAj5LzC
IV2m8fEzB5qpTb8jxZDChj7sF49PZKhzgVcFVg03CePr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:29 2025 by rpki-client