Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/tUDzs3MK1VRAaE8edDFKgPBTiGo.roa
File: tUDzs3MK1VRAaE8edDFKgPBTiGo.roa (raw, json)
Hash identifier: 1U63926VsOXlzBm8eiJ8AZbrzS56G4it0wWXNYT0df4=
Subject key identifier: B5:40:F3:B3:73:0A:D5:54:40:68:4F:1E:74:31:4A:80:F0:53:88:6A
Certificate issuer: /CN=a4b668d23467f2c8f67426c9e68be49c4247ee79
Certificate serial: 018CC500F98C6DE29731197A6A7C29A50B3E
Authority key identifier: A4:B6:68:D2:34:67:F2:C8:F6:74:26:C9:E6:8B:E4:9C:42:47:EE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZo0jRn8sj2dCbJ5ovknEJH7nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/tUDzs3MK1VRAaE8edDFKgPBTiGo.roa
Signing time: Mon 01 Jan 2024 12:30:24 +0000
ROA not before: Mon 01 Jan 2024 12:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 178.211.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f9:8c:6d:e2:97:31:19:7a:6a:7c:29:a5:0b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b668d23467f2c8f67426c9e68be49c4247ee79
Validity
Not Before: Jan 1 12:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b540f3b3730ad55440684f1e74314a80f053886a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e8:77:b6:7e:fe:97:1d:31:cf:c5:7f:42:c9:
a8:4e:b3:e9:c5:18:19:a5:2e:f6:2e:34:90:cc:18:
42:92:cb:43:f9:99:40:9f:1d:05:3a:0f:5a:cd:56:
b0:be:19:7c:91:bb:62:ed:99:4d:2f:0b:e5:17:f7:
4e:bf:3f:1c:58:33:4a:82:5a:c2:8d:04:86:8a:18:
31:8f:ed:fa:6d:da:37:be:f1:d8:a6:fa:d6:4e:65:
32:c1:dd:d9:cc:75:60:4c:c5:8e:db:3b:b4:b4:d4:
f6:f2:1e:4a:70:8d:c0:42:e3:c8:ee:c0:a4:16:a7:
09:2c:50:c9:df:41:19:7a:88:75:d4:ce:ce:e4:5e:
b6:bd:77:bf:2e:53:81:2c:e0:91:43:9d:1f:49:b9:
7b:f3:54:97:4b:07:19:5d:16:62:5c:92:b0:42:87:
e0:2a:f8:3f:0a:90:eb:e6:79:12:6f:12:2f:ae:b5:
90:6e:7b:69:18:8c:5b:c9:cf:20:37:fa:e8:1b:17:
3e:3e:b9:0e:b5:dd:d8:d0:62:d0:d0:2a:12:85:8d:
61:90:72:05:af:22:6c:34:cc:64:5d:bd:98:d7:1b:
55:7e:61:ee:ed:96:98:e7:85:26:c4:9d:cd:38:6b:
9a:d4:d8:6f:25:46:42:e8:ba:67:50:29:99:53:5d:
bc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:40:F3:B3:73:0A:D5:54:40:68:4F:1E:74:31:4A:80:F0:53:88:6A
X509v3 Authority Key Identifier:
keyid:A4:B6:68:D2:34:67:F2:C8:F6:74:26:C9:E6:8B:E4:9C:42:47:EE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZo0jRn8sj2dCbJ5ovknEJH7nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/tUDzs3MK1VRAaE8edDFKgPBTiGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/2e28f5-8268-41e9-8bc7-146641f208bc/1/pLZo0jRn8sj2dCbJ5ovknEJH7nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.139.0/24
Signature Algorithm: sha256WithRSAEncryption
87:8c:42:b2:91:c6:db:61:2b:69:53:da:e5:7c:bf:45:86:36:
5f:b7:2e:40:14:57:26:5d:5a:05:fd:cf:d9:1f:a6:ba:a3:31:
f6:35:f5:8b:92:b4:8f:ac:9e:b7:74:70:7b:2b:86:77:d6:b7:
4e:c4:c6:50:04:2c:99:b8:32:a6:ce:52:c7:86:5f:2f:53:36:
5b:0a:f1:8f:55:f4:f5:b1:e0:7b:35:da:48:0c:d0:2c:70:ca:
ab:99:2d:1a:09:5e:71:e0:82:24:87:ec:0d:10:cb:0b:82:91:
aa:e8:5d:f3:e3:e1:62:d2:69:42:27:85:21:7b:7e:98:9c:e9:
c0:eb:36:b4:b3:23:b5:3f:b5:bc:d7:a0:0c:fa:2f:5d:af:ad:
f9:cf:73:8f:6c:b6:42:84:48:f0:81:06:dd:d3:4e:85:0b:8c:
43:55:1f:52:a7:17:2d:03:96:63:f5:7b:43:ec:17:5a:ff:fe:
47:6f:2b:e5:44:4f:24:e7:9f:8a:ab:e5:71:9c:d7:4c:39:af:
78:66:ad:b2:00:88:d6:31:6f:90:64:ec:a1:51:b3:d1:c3:ac:
2e:0f:49:ee:9d:4c:8f:8b:23:c2:c8:98:76:39:de:df:45:c2:
8b:b3:41:2e:00:ba:57:0d:44:c0:22:c5:78:71:2a:9c:fe:fe:
ec:91:22:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAPmMbeKXMRl6anwppQs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjY2OGQyMzQ2N2YyYzhmNjc0MjZjOWU2OGJlNDljNDI0
N2VlNzkwHhcNMjQwMTAxMTIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQwZjNiMzczMGFkNTU0NDA2ODRmMWU3NDMxNGE4MGYwNTM4ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOh3tn7+lx0xz8V/QsmoTrPpxRgZ
pS72LjSQzBhCkstD+ZlAnx0FOg9azVawvhl8kbti7ZlNLwvlF/dOvz8cWDNKglrC
jQSGihgxj+36bdo3vvHYpvrWTmUywd3ZzHVgTMWO2zu0tNT28h5KcI3AQuPI7sCk
FqcJLFDJ30EZeoh11M7O5F62vXe/LlOBLOCRQ50fSbl781SXSwcZXRZiXJKwQofg
Kvg/CpDr5nkSbxIvrrWQbntpGIxbyc8gN/roGxc+PrkOtd3Y0GLQ0CoShY1hkHIF
ryJsNMxkXb2Y1xtVfmHu7ZaY54UmxJ3NOGua1NhvJUZC6LpnUCmZU128bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVA87NzCtVUQGhPHnQxSoDwU4hqMB8GA1UdIwQY
MBaAFKS2aNI0Z/LI9nQmyeaL5JxCR+55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExabzBqUm44c2oyZENiSjVvdmtuRUpIN25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8yZTI4ZjUtODI2OC00MWU5LThiYzct
MTQ2NjQxZjIwOGJjLzEvdFVEenMzTUsxVlJBYUU4ZWRERktnUEJUaUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8yZTI4ZjUtODI2OC00MWU5LThiYzctMTQ2NjQxZjIwOGJj
LzEvcExabzBqUm44c2oyZENiSjVvdmtuRUpIN25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCHjEKykcbbYStpU9rlfL9FhjZfty5AFFcmXVoF/c/Z
H6a6ozH2NfWLkrSPrJ63dHB7K4Z31rdOxMZQBCyZuDKmzlLHhl8vUzZbCvGPVfT1
seB7NdpIDNAscMqrmS0aCV5x4IIkh+wNEMsLgpGq6F3z4+Fi0mlCJ4Uhe36YnOnA
6za0syO1P7W816AM+i9dr635z3OPbLZChEjwgQbd006FC4xDVR9SpxctA5Zj9XtD
7Bda//5HbyvlRE8k55+Kq+VxnNdMOa94Zq2yAIjWMW+QZOyhUbPRw6wuD0nunUyP
iyPCyJh2Od7fRcKLs0EuALpXDUTAIsV4cSqc/v7skSKT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:21 2024 by rpki-client on console-fra.rpki-client.org