Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/iZApycXNPz9vxgT5eEvKW98LDqg.roa
File: iZApycXNPz9vxgT5eEvKW98LDqg.roa (raw, json)
Hash identifier: ExUgP2Z7Z9IJtGwzJro9UmsLakOf/TAs087UopR5KzM=
Subject key identifier: 89:90:29:C9:C5:CD:3F:3F:6F:C6:04:F9:78:4B:CA:5B:DF:0B:0E:A8
Certificate issuer: /CN=3d5460f8567ee98f81c56fa4f8db03ce5cddad9c
Certificate serial: 018CC3B6D332E9A3D64606191E494540868C
Authority key identifier: 3D:54:60:F8:56:7E:E9:8F:81:C5:6F:A4:F8:DB:03:CE:5C:DD:AD:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PVRg-FZ-6Y-BxW-k-NsDzlzdrZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/iZApycXNPz9vxgT5eEvKW98LDqg.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44554
IP address blocks: 88.151.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d3:32:e9:a3:d6:46:06:19:1e:49:45:40:86:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d5460f8567ee98f81c56fa4f8db03ce5cddad9c
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=899029c9c5cd3f3f6fc604f9784bca5bdf0b0ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fb:1b:a1:31:cb:fe:a1:1b:5c:be:1e:09:16:
bb:f5:f7:fa:cb:34:dc:ce:f5:2c:24:e9:97:90:1f:
59:56:ed:e3:72:e9:af:98:ee:2b:10:91:cc:05:c1:
ce:0e:f4:c3:1b:75:9b:e6:11:cf:40:c2:91:99:de:
4a:59:84:df:2b:4f:a9:1c:68:b7:32:e2:5e:e8:c3:
49:42:a7:89:3f:b7:ee:5c:16:25:db:34:e4:61:12:
f3:50:20:33:46:e4:23:f2:a8:dc:28:07:36:cf:57:
3d:e5:22:54:1c:6e:94:a4:00:f1:f8:22:f3:c5:fd:
0f:6f:0b:27:19:6b:a2:0b:0d:0c:75:87:fe:62:62:
b6:c5:ab:28:e8:15:a5:3b:0e:de:50:f9:7f:6d:87:
47:5e:46:73:03:ac:e6:dd:07:45:50:0f:9f:cd:b3:
cc:59:db:39:d5:8d:a7:3f:81:0a:c2:62:bd:c7:ce:
6a:1b:24:84:e1:a7:6b:54:c0:04:6b:e9:34:b1:28:
a3:71:bc:ad:9a:9a:1e:9d:22:6a:86:06:5b:69:48:
29:7d:f4:cd:60:63:b9:39:8f:9f:af:51:fa:56:97:
80:1c:29:a2:e4:fa:e9:7d:87:19:3e:e1:b3:4c:f3:
8a:a5:e7:23:66:88:41:51:51:2d:75:42:3e:cc:77:
ff:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:90:29:C9:C5:CD:3F:3F:6F:C6:04:F9:78:4B:CA:5B:DF:0B:0E:A8
X509v3 Authority Key Identifier:
keyid:3D:54:60:F8:56:7E:E9:8F:81:C5:6F:A4:F8:DB:03:CE:5C:DD:AD:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PVRg-FZ-6Y-BxW-k-NsDzlzdrZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/iZApycXNPz9vxgT5eEvKW98LDqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/bda9d2-2228-4806-85d0-ee06b6612ce4/1/PVRg-FZ-6Y-BxW-k-NsDzlzdrZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.119.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:d9:87:f6:41:a2:60:8e:5c:97:df:cf:20:eb:73:19:7b:65:
78:c7:5d:cc:f7:ac:c7:71:c7:5b:52:40:a7:e0:51:51:07:2a:
b5:26:eb:f5:ff:56:79:7d:62:5e:04:16:db:86:36:70:21:e2:
96:56:47:fe:75:1c:6e:53:12:5e:0e:bb:1e:52:2b:57:a4:d9:
c8:90:fd:73:b7:08:86:07:db:ab:7d:be:59:bd:06:4c:38:99:
ae:8b:f2:eb:3f:2c:43:34:4c:9d:50:f5:77:3a:63:a8:fa:95:
49:de:13:dc:fc:29:72:f5:7e:31:c6:80:15:6b:a0:0c:f1:df:
59:07:c7:9e:33:df:53:24:98:98:0a:fa:0c:86:d7:a7:8f:1c:
91:73:32:04:40:73:f9:9c:a9:e3:5f:24:42:84:ee:aa:62:e2:
ae:0d:d8:ea:d4:80:8a:b1:ac:f0:b8:2c:d1:c3:15:17:8e:a7:
3a:ea:6c:f2:a1:3b:5d:7f:e8:a8:55:2a:ae:39:3d:ce:7c:df:
6d:4d:fb:57:dc:75:49:7b:2c:d3:4f:b1:5e:be:ac:42:6d:3b:
ee:a5:62:b7:f0:72:b3:cd:90:f5:76:16:62:c7:94:ff:64:d2:
d2:a0:82:cf:34:e5:80:4e:78:2f:48:a1:73:27:2a:56:dd:74:
22:1c:68:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDttMy6aPWRgYZHklFQIaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNTQ2MGY4NTY3ZWU5OGY4MWM1NmZhNGY4ZGIwM2NlNWNk
ZGFkOWMwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTkwMjljOWM1Y2QzZjNmNmZjNjA0Zjk3ODRiY2E1YmRmMGIwZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfsboTHL/qEbXL4eCRa79ff6yzTc
zvUsJOmXkB9ZVu3jcumvmO4rEJHMBcHODvTDG3Wb5hHPQMKRmd5KWYTfK0+pHGi3
MuJe6MNJQqeJP7fuXBYl2zTkYRLzUCAzRuQj8qjcKAc2z1c95SJUHG6UpADx+CLz
xf0PbwsnGWuiCw0MdYf+YmK2xaso6BWlOw7eUPl/bYdHXkZzA6zm3QdFUA+fzbPM
Wds51Y2nP4EKwmK9x85qGySE4adrVMAEa+k0sSijcbytmpoenSJqhgZbaUgpffTN
YGO5OY+fr1H6VpeAHCmi5PrpfYcZPuGzTPOKpecjZohBUVEtdUI+zHf/3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImQKcnFzT8/b8YE+XhLylvfCw6oMB8GA1UdIwQY
MBaAFD1UYPhWfumPgcVvpPjbA85c3a2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFZSZy1GWi02WS1CeFctay1Oc0R6bHpkclp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9iZGE5ZDItMjIyOC00ODA2LTg1ZDAt
ZWUwNmI2NjEyY2U0LzEvaVpBcHljWE5Qejl2eGdUNWVFdktXOThMRHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9iZGE5ZDItMjIyOC00ODA2LTg1ZDAtZWUwNmI2NjEyY2U0
LzEvUFZSZy1GWi02WS1CeFctay1Oc0R6bHpkclp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJd3MA0G
CSqGSIb3DQEBCwUAA4IBAQC22Yf2QaJgjlyX388g63MZe2V4x13M96zHccdbUkCn
4FFRByq1Juv1/1Z5fWJeBBbbhjZwIeKWVkf+dRxuUxJeDrseUitXpNnIkP1ztwiG
B9urfb5ZvQZMOJmui/LrPyxDNEydUPV3OmOo+pVJ3hPc/Cly9X4xxoAVa6AM8d9Z
B8eeM99TJJiYCvoMhtenjxyRczIEQHP5nKnjXyRChO6qYuKuDdjq1ICKsazwuCzR
wxUXjqc66mzyoTtdf+ioVSquOT3OfN9tTftX3HVJeyzTT7FevqxCbTvupWK38HKz
zZD1dhZix5T/ZNLSoILPNOWATngvSKFzJypW3XQiHGhr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:49 2024 by rpki-client on console-fra.rpki-client.org