Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/oRc6fso9M7MB4muWt3OW9hOltx8.roa
File: oRc6fso9M7MB4muWt3OW9hOltx8.roa (raw, json)
Hash identifier: KZ9tllfStxHvx4bQQhB6YXTcWE2VjJ850ojjDG+6HQI=
Subject key identifier: A1:17:3A:7E:CA:3D:33:B3:01:E2:6B:96:B7:73:96:F6:13:A5:B7:1F
Certificate issuer: /CN=e188d5c34c4c1e1768fd8afc8d0659c710e1111b
Certificate serial: 01898954DA5C7421AAD5C28DFB0CCD323BE7
Authority key identifier: E1:88:D5:C3:4C:4C:1E:17:68:FD:8A:FC:8D:06:59:C7:10:E1:11:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4YjVw0xMHhdo_Yr8jQZZxxDhERs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/oRc6fso9M7MB4muWt3OW9hOltx8.roa
Signing time: Mon 24 Jul 2023 19:16:26 +0000
ROA not before: Mon 24 Jul 2023 19:16:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 80.68.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:89:54:da:5c:74:21:aa:d5:c2:8d:fb:0c:cd:32:3b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e188d5c34c4c1e1768fd8afc8d0659c710e1111b
Validity
Not Before: Jul 24 19:16:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1173a7eca3d33b301e26b96b77396f613a5b71f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cb:9e:34:63:88:cb:a6:de:80:97:49:f1:85:
ca:4d:a4:fa:09:5f:f3:21:98:b1:e7:d8:df:7f:9f:
31:08:ec:5e:4b:c3:3d:aa:39:26:31:2f:8e:75:98:
d2:51:a5:b8:f8:cd:3a:61:f1:dc:60:a6:f0:4f:4a:
4f:48:7c:31:d0:1a:da:8c:a5:5c:53:1d:b5:a0:9b:
f4:9d:e0:96:e7:20:2d:6c:ca:b0:f3:d1:37:73:c3:
d9:d7:88:35:1e:6f:c9:92:39:35:92:a7:fc:2d:99:
85:4f:66:b8:d3:68:c7:2b:f1:0d:30:85:a2:9a:e9:
46:50:15:32:72:3c:d1:a6:e7:a5:ac:5f:52:2c:7e:
4d:df:15:59:6d:3f:9b:fa:ac:03:7a:57:ab:ab:65:
d9:a8:92:05:3f:f7:f2:85:c3:bb:78:e1:c5:b0:7e:
fc:7f:44:c0:22:5e:64:79:fd:61:64:5f:8d:2d:8f:
77:66:b2:b2:19:e3:cf:dd:51:3a:9c:8a:58:44:d9:
a9:2e:fa:1b:de:fc:f0:ca:59:75:98:42:26:12:30:
64:8f:37:ea:3d:f4:ff:ff:f9:ac:ea:97:bc:ac:a7:
46:32:a5:b6:f2:27:a9:94:d4:63:0c:14:25:de:9d:
17:d8:f8:78:4d:ec:b8:9a:05:35:f9:64:40:ac:41:
a8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:17:3A:7E:CA:3D:33:B3:01:E2:6B:96:B7:73:96:F6:13:A5:B7:1F
X509v3 Authority Key Identifier:
keyid:E1:88:D5:C3:4C:4C:1E:17:68:FD:8A:FC:8D:06:59:C7:10:E1:11:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4YjVw0xMHhdo_Yr8jQZZxxDhERs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/oRc6fso9M7MB4muWt3OW9hOltx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/d45da9-7718-49b9-bc83-02b87221f1ef/1/4YjVw0xMHhdo_Yr8jQZZxxDhERs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.156.0/24
Signature Algorithm: sha256WithRSAEncryption
73:28:59:4c:92:af:f4:08:75:21:e0:fe:5c:10:58:dc:84:dd:
99:15:8a:64:f5:76:eb:15:1c:04:45:bd:2f:0a:0c:c5:f1:54:
d3:79:2b:e4:3f:11:c3:b6:f7:0a:a3:5b:d2:85:d6:29:ef:33:
7d:e2:ce:5d:21:23:48:fb:41:1e:3e:59:e8:57:06:39:b8:9e:
e4:50:8b:d7:b0:6b:73:55:e7:e7:f7:18:5e:74:ab:3d:73:ec:
f1:5b:17:3d:81:b7:95:d1:23:ff:d1:0e:6f:66:20:d5:53:23:
73:71:22:67:d8:34:74:99:6e:8e:14:c8:f9:39:d6:da:c9:b2:
48:50:30:ed:89:6c:8d:e7:05:c1:d7:aa:89:d7:e5:f1:18:13:
e0:9f:e3:83:ac:47:5d:ac:e7:2e:70:ec:8b:c4:3f:06:9c:36:
80:0d:b9:4d:34:71:5a:0a:95:f3:7c:c1:fe:2f:bb:be:bd:a5:
40:41:4b:43:b3:9e:63:69:55:48:36:07:dc:29:e0:c6:95:ef:
d0:99:27:e7:d1:4e:0f:b4:9e:4f:35:2a:41:0c:9a:49:29:00:
6a:b8:62:1b:ec:ee:f5:92:f9:07:7e:38:c2:92:94:58:60:d9:
f2:da:b3:22:7d:f4:93:f8:50:f8:c1:66:ea:b2:08:3c:41:15:
bf:d4:8e:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmJVNpcdCGq1cKN+wzNMjvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxODhkNWMzNGM0YzFlMTc2OGZkOGFmYzhkMDY1OWM3MTBl
MTExMWIwHhcNMjMwNzI0MTkxNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE3M2E3ZWNhM2QzM2IzMDFlMjZiOTZiNzczOTZmNjEzYTViNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMueNGOIy6begJdJ8YXKTaT6CV/z
IZix59jff58xCOxeS8M9qjkmMS+OdZjSUaW4+M06YfHcYKbwT0pPSHwx0BrajKVc
Ux21oJv0neCW5yAtbMqw89E3c8PZ14g1Hm/Jkjk1kqf8LZmFT2a402jHK/ENMIWi
mulGUBUycjzRpuelrF9SLH5N3xVZbT+b+qwDelerq2XZqJIFP/fyhcO7eOHFsH78
f0TAIl5kef1hZF+NLY93ZrKyGePP3VE6nIpYRNmpLvob3vzwyll1mEImEjBkjzfq
PfT///ms6pe8rKdGMqW28ieplNRjDBQl3p0X2Ph4Tey4mgU1+WRArEGoaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEXOn7KPTOzAeJrlrdzlvYTpbcfMB8GA1UdIwQY
MBaAFOGI1cNMTB4XaP2K/I0GWccQ4REbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFlqVncweE1IaGRvX1lyOGpRWlp4eERoRVJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kNDVkYTktNzcxOC00OWI5LWJjODMt
MDJiODcyMjFmMWVmLzEvb1JjNmZzbzlNN01CNG11V3QzT1c5aE9sdHg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kNDVkYTktNzcxOC00OWI5LWJjODMtMDJiODcyMjFmMWVm
LzEvNFlqVncweE1IaGRvX1lyOGpRWlp4eERoRVJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUEScMA0G
CSqGSIb3DQEBCwUAA4IBAQBzKFlMkq/0CHUh4P5cEFjchN2ZFYpk9XbrFRwERb0v
CgzF8VTTeSvkPxHDtvcKo1vShdYp7zN94s5dISNI+0EePlnoVwY5uJ7kUIvXsGtz
Vefn9xhedKs9c+zxWxc9gbeV0SP/0Q5vZiDVUyNzcSJn2DR0mW6OFMj5OdbaybJI
UDDtiWyN5wXB16qJ1+XxGBPgn+ODrEddrOcucOyLxD8GnDaADblNNHFaCpXzfMH+
L7u+vaVAQUtDs55jaVVINgfcKeDGle/QmSfn0U4PtJ5PNSpBDJpJKQBquGIb7O71
kvkHfjjCkpRYYNny2rMiffST+FD4wWbqsgg8QRW/1I6U
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:02 2024 by rpki-client on console-ams.rpki-client.org