Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/8gw6oLMwn3uNxHV_SPdrhMKQq-Q.roa
File: 8gw6oLMwn3uNxHV_SPdrhMKQq-Q.roa (raw, json)
Hash identifier: jXsufuOou1VWRZafaglod+QiGJwemW5Ea2AntwzHPkU=
Subject key identifier: F2:0C:3A:A0:B3:30:9F:7B:8D:C4:75:7F:48:F7:6B:84:C2:90:AB:E4
Certificate issuer: /CN=17be827a580de61538ddefa28239468c4e901b40
Certificate serial: 01856CC169C298CF89BE11C1D86225A8D370
Authority key identifier: 17:BE:82:7A:58:0D:E6:15:38:DD:EF:A2:82:39:46:8C:4E:90:1B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F76CelgN5hU43e-igjlGjE6QG0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/8gw6oLMwn3uNxHV_SPdrhMKQq-Q.roa
Signing time: Sun 01 Jan 2023 09:54:52 +0000
ROA not before: Sun 01 Jan 2023 09:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49824
IP address blocks: 176.120.97.0/24 maxlen: 24
176.120.105.0/24 maxlen: 24
176.120.103.0/24 maxlen: 24
176.120.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:69:c2:98:cf:89:be:11:c1:d8:62:25:a8:d3:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17be827a580de61538ddefa28239468c4e901b40
Validity
Not Before: Jan 1 09:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f20c3aa0b3309f7b8dc4757f48f76b84c290abe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:53:9d:a5:83:c7:04:f7:fd:68:f9:6b:af:c5:
c1:d0:31:76:3c:47:34:e6:33:80:69:91:bc:88:f8:
d6:f6:7b:1c:e7:df:63:e5:15:50:a2:ff:9e:8d:c9:
09:32:7f:83:c2:47:a1:43:48:9d:50:24:02:f0:78:
15:65:29:3c:40:32:15:63:63:9b:1c:96:89:a3:47:
cb:04:5c:f0:d5:cf:5d:2e:aa:2b:0c:53:a4:4c:3b:
15:c5:2b:37:60:2b:81:db:f0:e0:20:d1:46:05:6f:
5a:68:6a:4d:98:62:bf:a1:fc:74:c3:a3:68:9f:82:
38:3e:eb:ac:65:32:43:30:49:f4:22:59:31:21:11:
77:f7:df:62:6b:83:2a:64:31:a5:0a:7f:14:72:79:
e0:62:b8:df:15:63:41:e2:60:d5:a8:44:3f:1a:25:
bc:7e:18:a3:ba:d9:7f:5a:3f:0c:05:c1:fa:db:b4:
72:c3:35:8f:54:19:97:39:fb:aa:5e:01:77:07:c5:
6f:e4:7f:5f:90:98:e4:3d:d7:2f:38:75:5c:62:5c:
4a:df:15:ae:78:97:9e:6c:f2:2d:96:cd:12:a4:6a:
1b:c5:48:81:fc:d3:68:56:84:a7:3a:df:f2:e0:b3:
6f:79:4b:38:1e:b1:36:b4:27:96:6e:e6:0b:47:34:
7d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0C:3A:A0:B3:30:9F:7B:8D:C4:75:7F:48:F7:6B:84:C2:90:AB:E4
X509v3 Authority Key Identifier:
keyid:17:BE:82:7A:58:0D:E6:15:38:DD:EF:A2:82:39:46:8C:4E:90:1B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F76CelgN5hU43e-igjlGjE6QG0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/8gw6oLMwn3uNxHV_SPdrhMKQq-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/F76CelgN5hU43e-igjlGjE6QG0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.120.97.0/24
176.120.103.0/24
176.120.105.0-176.120.106.255
Signature Algorithm: sha256WithRSAEncryption
a6:27:ac:8a:b1:ca:dc:5a:f2:8d:5d:fe:74:4d:98:df:fe:6b:
bf:23:95:56:02:4c:15:69:3e:ba:84:31:b6:5f:2e:fe:33:ba:
dd:ea:c1:47:31:c4:bd:38:aa:00:07:b9:38:63:bd:dd:35:a2:
cf:4e:e6:6e:67:3d:1e:36:ce:e3:0b:e5:36:18:9a:82:e7:33:
1b:e1:a7:5e:16:91:7c:77:96:90:37:2d:e0:37:71:e9:90:0d:
2e:6c:dd:87:e2:70:b0:0b:cf:ff:0f:db:d8:d0:9d:00:c6:ac:
81:63:f6:52:a6:ab:73:9a:04:01:df:24:1d:83:23:5b:0d:22:
5b:bb:64:77:bc:7d:20:25:5e:34:38:ee:c2:05:48:ff:54:66:
37:b8:ec:27:4b:30:ad:71:11:5e:18:3b:b2:60:0b:e2:10:6b:
bd:cf:12:00:d3:c1:94:22:40:5f:54:80:9d:bb:c7:8d:9a:79:
6f:01:40:ce:12:da:5e:41:55:74:56:f5:63:d6:f5:d2:59:6f:
61:7a:af:11:73:4a:5c:dc:20:c1:a2:12:76:8a:7c:1b:6d:d4:
5a:e9:3b:13:4d:bd:f4:44:b4:a8:f9:d1:0c:af:58:ed:8d:bc:
cd:94:29:fe:3f:1b:e7:7d:80:fa:e9:6e:d1:53:ca:a9:fc:e5:
c6:18:5f:f5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVswWnCmM+JvhHB2GIlqNNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YmU4MjdhNTgwZGU2MTUzOGRkZWZhMjgyMzk0NjhjNGU5
MDFiNDAwHhcNMjMwMTAxMDk1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjBjM2FhMGIzMzA5ZjdiOGRjNDc1N2Y0OGY3NmI4NGMyOTBhYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilOdpYPHBPf9aPlrr8XB0DF2PEc0
5jOAaZG8iPjW9nsc599j5RVQov+ejckJMn+DwkehQ0idUCQC8HgVZSk8QDIVY2Ob
HJaJo0fLBFzw1c9dLqorDFOkTDsVxSs3YCuB2/DgINFGBW9aaGpNmGK/ofx0w6No
n4I4PuusZTJDMEn0IlkxIRF3999ia4MqZDGlCn8UcnngYrjfFWNB4mDVqEQ/GiW8
fhijutl/Wj8MBcH627RywzWPVBmXOfuqXgF3B8Vv5H9fkJjkPdcvOHVcYlxK3xWu
eJeebPItls0SpGobxUiB/NNoVoSnOt/y4LNveUs4HrE2tCeWbuYLRzR94QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPIMOqCzMJ97jcR1f0j3a4TCkKvkMB8GA1UdIwQY
MBaAFBe+gnpYDeYVON3vooI5RoxOkBtAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjc2Q2VsZ041aFU0M2UtaWdqbEdqRTZRRzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80OTBlMDEtY2FmOS00ZDQ0LThmNTct
YTFkOWQwZjg4NjI5LzEvOGd3Nm9MTXduM3VOeEhWX1NQZHJoTUtRcS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80OTBlMDEtY2FmOS00ZDQ0LThmNTctYTFkOWQwZjg4NjI5
LzEvRjc2Q2VsZ041aFU0M2UtaWdqbEdqRTZRRzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAsHhhAwQA
sHhnMAwDBACweGkDBACweGowDQYJKoZIhvcNAQELBQADggEBAKYnrIqxytxa8o1d
/nRNmN/+a78jlVYCTBVpPrqEMbZfLv4zut3qwUcxxL04qgAHuThjvd01os9O5m5n
PR42zuML5TYYmoLnMxvhp14WkXx3lpA3LeA3cemQDS5s3YficLALz/8P29jQnQDG
rIFj9lKmq3OaBAHfJB2DI1sNIlu7ZHe8fSAlXjQ47sIFSP9UZje47CdLMK1xEV4Y
O7JgC+IQa73PEgDTwZQiQF9UgJ27x42aeW8BQM4S2l5BVXRW9WPW9dJZb2F6rxFz
SlzcIMGiEnaKfBtt1FrpOxNNvfREtKj50QyvWO2NvM2UKf4/G+d9gPrpbtFTyqn8
5cYYX/U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:37 2024 by rpki-client on console-fra.rpki-client.org