Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/8G6idKJmhD35NKPKp1rdloYmYxQ.roa
File: 8G6idKJmhD35NKPKp1rdloYmYxQ.roa (raw, json)
Hash identifier: aaXNLGe9OHPqUUM6G1RGBaPl1rz4jDr6AAekqq97mX0=
Subject key identifier: F0:6E:A2:74:A2:66:84:3D:F9:34:A3:CA:A7:5A:DD:96:86:26:63:14
Certificate issuer: /CN=530493a3dc3c0b7e30c7771e2be20f811ebc47e0
Certificate serial: 018570829CD004BEA5BEBBD31E121DC14C5C
Authority key identifier: 53:04:93:A3:DC:3C:0B:7E:30:C7:77:1E:2B:E2:0F:81:1E:BC:47:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UwSTo9w8C34wx3ceK-IPgR68R-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/8G6idKJmhD35NKPKp1rdloYmYxQ.roa
Signing time: Mon 02 Jan 2023 03:24:45 +0000
ROA not before: Mon 02 Jan 2023 03:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 213.109.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:9c:d0:04:be:a5:be:bb:d3:1e:12:1d:c1:4c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=530493a3dc3c0b7e30c7771e2be20f811ebc47e0
Validity
Not Before: Jan 2 03:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f06ea274a266843df934a3caa75add9686266314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cb:f5:68:07:8b:ea:c7:ee:1d:49:3a:70:e4:
68:92:bc:4e:74:45:ac:c6:c4:34:dc:53:dc:ed:35:
6c:29:0f:5d:64:00:1f:8e:96:2e:94:0e:d1:13:98:
73:83:a3:a4:de:15:de:42:c7:ae:d8:bc:b5:9d:fe:
ce:21:ab:c6:ea:c8:46:83:ba:7c:e3:67:01:38:18:
9d:9e:42:5e:a0:fd:24:c4:6e:40:23:3c:1d:36:05:
16:a9:b6:6d:e4:e8:42:cf:3d:b3:f6:d5:6b:e5:21:
0c:86:00:26:bb:17:cf:2a:42:03:2a:10:87:87:28:
b2:a8:d1:ea:83:3b:32:c8:02:f5:c7:84:90:0e:ef:
31:62:db:d3:fe:df:98:0e:6b:84:78:55:95:64:a4:
9a:47:b1:eb:a5:3e:d7:67:89:94:87:7c:a3:ee:2e:
e6:03:81:60:56:93:69:5a:40:b5:62:47:c3:09:77:
38:d7:b3:6d:25:f6:73:d0:40:c0:68:61:0d:aa:9f:
da:3a:7f:1a:3a:ae:13:18:68:7a:7d:09:73:c3:e8:
a2:86:e9:b5:b8:35:bf:7b:0b:a1:ac:54:52:94:1a:
70:f9:cd:4a:e3:9f:11:f3:a0:30:94:35:e0:fa:bd:
86:e9:9c:1c:b1:7b:e8:19:67:a6:e6:b8:35:68:e7:
eb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6E:A2:74:A2:66:84:3D:F9:34:A3:CA:A7:5A:DD:96:86:26:63:14
X509v3 Authority Key Identifier:
keyid:53:04:93:A3:DC:3C:0B:7E:30:C7:77:1E:2B:E2:0F:81:1E:BC:47:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UwSTo9w8C34wx3ceK-IPgR68R-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/8G6idKJmhD35NKPKp1rdloYmYxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/UwSTo9w8C34wx3ceK-IPgR68R-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.204.0/24
Signature Algorithm: sha256WithRSAEncryption
68:94:f9:67:38:a5:22:58:94:e0:dc:0e:fc:fe:8d:2f:36:0c:
9f:d4:97:99:9b:c8:d3:f4:f1:fd:68:a3:32:bf:fb:08:68:b2:
40:34:17:6a:08:33:eb:eb:1a:34:a3:ed:d2:6f:87:25:61:f5:
55:a8:18:51:21:fc:37:04:97:33:fc:55:de:2b:58:ea:28:4a:
e6:24:2d:e1:0c:3c:86:c2:87:eb:28:5d:e5:ea:ae:28:51:28:
74:b6:ab:eb:68:67:4e:3a:2c:52:e8:b8:c5:2a:43:ea:e8:19:
f4:fe:5c:33:f5:04:ed:aa:e7:25:19:6c:e6:f6:59:f4:bc:dd:
28:b1:d7:0b:02:4c:f4:67:61:a1:56:57:cb:a4:df:91:e4:92:
70:4f:3c:54:67:b1:00:7c:42:e3:51:95:88:ac:dd:ac:09:45:
c2:2d:1b:bc:47:05:ca:bc:69:7f:03:a5:07:2c:e0:11:e1:fa:
76:5f:db:70:c5:27:c2:30:e7:01:07:20:b6:f7:ed:44:26:7e:
76:25:ed:fa:ab:1f:61:b3:23:bf:e1:43:46:1c:6c:35:9f:b8:
c1:c0:91:64:ef:5f:8c:8a:eb:09:10:f2:ab:b5:66:82:49:c7:
db:72:43:7d:5e:08:af:32:de:9f:28:a6:d3:48:27:0f:f1:62:
21:6f:c2:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgpzQBL6lvrvTHhIdwUxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMDQ5M2EzZGMzYzBiN2UzMGM3NzcxZTJiZTIwZjgxMWVi
YzQ3ZTAwHhcNMjMwMTAyMDMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZlYTI3NGEyNjY4NDNkZjkzNGEzY2FhNzVhZGQ5Njg2MjY2MzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8v1aAeL6sfuHUk6cORokrxOdEWs
xsQ03FPc7TVsKQ9dZAAfjpYulA7RE5hzg6Ok3hXeQseu2Ly1nf7OIavG6shGg7p8
42cBOBidnkJeoP0kxG5AIzwdNgUWqbZt5OhCzz2z9tVr5SEMhgAmuxfPKkIDKhCH
hyiyqNHqgzsyyAL1x4SQDu8xYtvT/t+YDmuEeFWVZKSaR7HrpT7XZ4mUh3yj7i7m
A4FgVpNpWkC1YkfDCXc417NtJfZz0EDAaGENqp/aOn8aOq4TGGh6fQlzw+iihum1
uDW/ewuhrFRSlBpw+c1K458R86AwlDXg+r2G6ZwcsXvoGWem5rg1aOfrXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBuonSiZoQ9+TSjyqda3ZaGJmMUMB8GA1UdIwQY
MBaAFFMEk6PcPAt+MMd3HiviD4EevEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXdTVG85dzhDMzR3eDNjZUstSVBnUjY4Ui1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZGY5ZDktYjQyMC00MWRhLWIzYWEt
YWZkZWExMmZiOTY1LzEvOEc2aWRLSm1oRDM1TktQS3AxcmRsb1ltWXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZGY5ZDktYjQyMC00MWRhLWIzYWEtYWZkZWExMmZiOTY1
LzEvVXdTVG85dzhDMzR3eDNjZUstSVBnUjY4Ui1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W3MMA0G
CSqGSIb3DQEBCwUAA4IBAQBolPlnOKUiWJTg3A78/o0vNgyf1JeZm8jT9PH9aKMy
v/sIaLJANBdqCDPr6xo0o+3Sb4clYfVVqBhRIfw3BJcz/FXeK1jqKErmJC3hDDyG
wofrKF3l6q4oUSh0tqvraGdOOixS6LjFKkPq6Bn0/lwz9QTtquclGWzm9ln0vN0o
sdcLAkz0Z2GhVlfLpN+R5JJwTzxUZ7EAfELjUZWIrN2sCUXCLRu8RwXKvGl/A6UH
LOAR4fp2X9twxSfCMOcBByC29+1EJn52Je36qx9hsyO/4UNGHGw1n7jBwJFk71+M
iusJEPKrtWaCScfbckN9XgivMt6fKKbTSCcP8WIhb8IM
-----END CERTIFICATE-----
Generated at Tue Oct 17 10:46:35 2023 by rpki-client on console-fra.rpki-client.org