Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/492659-d3e5-4422-8c48-2ff1afe04b45/1/OSlRg2xomc85e2GmCDJmiHZXa-0.roa
File: OSlRg2xomc85e2GmCDJmiHZXa-0.roa (raw, json)
Hash identifier: CXRTMWTRUc/lWS5yebNjV0/OlpAluT7Uufc14yp0o8Q=
Subject key identifier: 39:29:51:83:6C:68:99:CF:39:7B:61:A6:08:32:66:88:76:57:6B:ED
Certificate issuer: /CN=0e2bc9932aa9ceab5f72b6d032b9faede0d68860
Certificate serial: 01856F8259870691030C71CCF2E9628B72F1
Authority key identifier: 0E:2B:C9:93:2A:A9:CE:AB:5F:72:B6:D0:32:B9:FA:ED:E0:D6:88:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DivJkyqpzqtfcrbQMrn67eDWiGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/492659-d3e5-4422-8c48-2ff1afe04b45/1/OSlRg2xomc85e2GmCDJmiHZXa-0.roa
Signing time: Sun 01 Jan 2023 22:44:51 +0000
ROA not before: Sun 01 Jan 2023 22:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62275
IP address blocks: 185.234.112.0/24 maxlen: 24
2a01:ab40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:59:87:06:91:03:0c:71:cc:f2:e9:62:8b:72:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e2bc9932aa9ceab5f72b6d032b9faede0d68860
Validity
Not Before: Jan 1 22:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=392951836c6899cf397b61a60832668876576bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:34:15:71:fb:41:34:0b:57:86:ba:8d:46:92:
ab:ea:5d:7b:91:8e:7c:23:b9:b0:17:e9:06:c1:48:
3b:e3:e8:1f:6a:36:c3:7a:a7:5e:48:12:eb:0c:7b:
0b:4e:78:8f:3e:fe:88:55:46:67:70:64:ac:95:3c:
3b:4a:49:6d:4d:87:4e:e4:b4:69:62:ce:e1:f4:fd:
86:e7:ca:29:0e:8e:16:4e:88:f2:37:58:7e:10:5a:
0a:59:f1:26:c5:79:02:35:42:fc:08:95:f4:da:6d:
a9:09:40:18:5c:ab:05:f8:85:09:a5:14:83:da:f0:
cb:11:bf:40:3e:69:e1:a8:db:63:a5:a6:2a:63:2f:
af:f9:ec:d7:80:ad:c1:3f:6a:7e:83:0c:5f:08:e9:
f5:3b:d1:ec:20:f2:6e:4f:6b:32:f8:6b:2f:c4:3a:
e3:ed:a0:ad:7a:b4:dd:5b:75:43:c4:80:da:8d:01:
0d:9c:03:f6:6b:d5:1b:2d:da:d3:a7:a0:e5:61:8c:
ca:dd:69:6b:71:fb:24:33:91:89:1a:2e:9e:1d:47:
fc:91:c0:78:96:3a:dc:2a:ea:49:10:9b:2d:10:89:
1c:03:8d:4b:c3:a6:0e:e0:5c:30:bc:2e:a2:a4:e0:
75:15:8b:8c:93:12:d5:8e:a4:81:f4:92:33:11:b6:
67:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:29:51:83:6C:68:99:CF:39:7B:61:A6:08:32:66:88:76:57:6B:ED
X509v3 Authority Key Identifier:
keyid:0E:2B:C9:93:2A:A9:CE:AB:5F:72:B6:D0:32:B9:FA:ED:E0:D6:88:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DivJkyqpzqtfcrbQMrn67eDWiGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/492659-d3e5-4422-8c48-2ff1afe04b45/1/OSlRg2xomc85e2GmCDJmiHZXa-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/492659-d3e5-4422-8c48-2ff1afe04b45/1/DivJkyqpzqtfcrbQMrn67eDWiGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.112.0/24
IPv6:
2a01:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
54:10:2f:ce:0b:7e:79:d7:15:ee:fb:15:49:6b:77:67:40:f6:
a5:5c:46:20:fd:6e:bf:7f:07:9f:49:93:1e:69:27:de:12:a4:
3f:33:40:dc:31:c5:9f:66:db:ba:ca:e0:47:1b:86:90:fa:5a:
bf:f1:7e:91:cd:df:83:89:ef:9a:9b:78:8a:d6:8a:23:c3:4c:
ed:7d:4d:52:c4:0d:e4:d7:67:db:9a:8e:8e:6c:d4:08:9c:53:
95:e2:24:8b:ad:01:9e:0f:97:e3:63:cb:ca:d7:dd:a6:b0:91:
aa:57:42:c4:46:ea:f5:f4:1c:ef:d6:08:b7:ec:02:1d:70:66:
a7:3c:06:a5:b3:68:3f:7d:1f:93:62:d8:02:b0:2f:0e:4b:20:
96:fe:6f:b0:2a:b4:c4:17:71:68:ce:3e:8c:35:c8:76:95:59:
a1:c5:3b:03:a1:91:6f:a0:bd:7c:2a:04:a8:05:38:9a:66:3c:
fb:f9:0e:d6:8c:42:92:70:da:31:30:eb:4b:5e:47:74:62:f4:
3b:c7:6a:e1:03:12:87:de:09:76:92:7d:62:91:18:90:2c:39:
c4:de:a5:5c:43:79:9c:65:26:c6:5a:1b:5d:cc:07:d2:ea:46:
7f:d3:bb:3a:3f:2a:bd:dd:eb:6c:70:af:98:1f:40:a8:75:38:
09:f5:0b:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvglmHBpEDDHHM8ulii3LxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMmJjOTkzMmFhOWNlYWI1ZjcyYjZkMDMyYjlmYWVkZTBk
Njg4NjAwHhcNMjMwMTAxMjI0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTI5NTE4MzZjNjg5OWNmMzk3YjYxYTYwODMyNjY4ODc2NTc2YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujQVcftBNAtXhrqNRpKr6l17kY58
I7mwF+kGwUg74+gfajbDeqdeSBLrDHsLTniPPv6IVUZncGSslTw7SkltTYdO5LRp
Ys7h9P2G58opDo4WTojyN1h+EFoKWfEmxXkCNUL8CJX02m2pCUAYXKsF+IUJpRSD
2vDLEb9APmnhqNtjpaYqYy+v+ezXgK3BP2p+gwxfCOn1O9HsIPJuT2sy+GsvxDrj
7aCterTdW3VDxIDajQENnAP2a9UbLdrTp6DlYYzK3WlrcfskM5GJGi6eHUf8kcB4
ljrcKupJEJstEIkcA41Lw6YO4FwwvC6ipOB1FYuMkxLVjqSB9JIzEbZnmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDkpUYNsaJnPOXthpggyZoh2V2vtMB8GA1UdIwQY
MBaAFA4ryZMqqc6rX3K20DK5+u3g1ohgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGl2Smt5cXB6cXRmY3JiUU1ybjY3ZURXaUdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS80OTI2NTktZDNlNS00NDIyLThjNDgt
MmZmMWFmZTA0YjQ1LzEvT1NsUmcyeG9tYzg1ZTJHbUNESm1pSFpYYS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS80OTI2NTktZDNlNS00NDIyLThjNDgtMmZmMWFmZTA0YjQ1
LzEvRGl2Smt5cXB6cXRmY3JiUU1ybjY3ZURXaUdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuepwMA0E
AgACMAcDBQMqAatAMA0GCSqGSIb3DQEBCwUAA4IBAQBUEC/OC3551xXu+xVJa3dn
QPalXEYg/W6/fwefSZMeaSfeEqQ/M0DcMcWfZtu6yuBHG4aQ+lq/8X6Rzd+Die+a
m3iK1oojw0ztfU1SxA3k12fbmo6ObNQInFOV4iSLrQGeD5fjY8vK192msJGqV0LE
Rur19Bzv1gi37AIdcGanPAals2g/fR+TYtgCsC8OSyCW/m+wKrTEF3Fozj6MNch2
lVmhxTsDoZFvoL18KgSoBTiaZjz7+Q7WjEKScNoxMOtLXkd0YvQ7x2rhAxKH3gl2
kn1ikRiQLDnE3qVcQ3mcZSbGWhtdzAfS6kZ/07s6Pyq93etscK+YH0CodTgJ9QtX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:48 2024 by rpki-client on console-fra.rpki-client.org