Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/1f618f-0353-4d07-a10c-e12c4881fcb2/1/oLiRuSkb1m63omuSfizAAVBnDV8.roa
File: oLiRuSkb1m63omuSfizAAVBnDV8.roa (raw, json)
Hash identifier: B6p+oy45bpfijRLGzTeJQr9McNM9fbOvTzyk5L5Ok64=
Subject key identifier: A0:B8:91:B9:29:1B:D6:6E:B7:A2:6B:92:7E:2C:C0:01:50:67:0D:5F
Certificate issuer: /CN=70bd1c0ea7dc0e68b98cebc07d7fbf807efe9d1a
Certificate serial: 018573683C1B5D3B32453310E03ABE5B4688
Authority key identifier: 70:BD:1C:0E:A7:DC:0E:68:B9:8C:EB:C0:7D:7F:BF:80:7E:FE:9D:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL0cDqfcDmi5jOvAfX-_gH7-nRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/1f618f-0353-4d07-a10c-e12c4881fcb2/1/oLiRuSkb1m63omuSfizAAVBnDV8.roa
Signing time: Mon 02 Jan 2023 16:54:48 +0000
ROA not before: Mon 02 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21245
IP address blocks: 185.155.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:3c:1b:5d:3b:32:45:33:10:e0:3a:be:5b:46:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bd1c0ea7dc0e68b98cebc07d7fbf807efe9d1a
Validity
Not Before: Jan 2 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0b891b9291bd66eb7a26b927e2cc00150670d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:89:d8:45:83:14:b8:66:5a:db:7d:be:64:19:
d1:85:5c:ba:11:dc:73:2d:7d:4c:bc:d1:36:6a:47:
90:1c:0e:2a:9b:c6:58:23:75:d9:38:fa:ed:98:b4:
8a:03:ef:a9:3d:90:86:57:92:b4:5e:0e:a2:a7:ae:
96:1c:2e:cd:56:28:ba:ab:1f:d5:e0:70:c5:6e:01:
45:32:b3:67:3f:d3:0b:c9:b2:cd:a5:a2:75:d8:42:
ca:aa:4a:c4:25:36:d3:72:b9:bb:c7:39:0f:01:45:
dc:e7:c4:6d:3f:f4:fc:e9:a1:6f:db:d0:dc:53:cc:
94:1b:4d:85:58:dd:e1:e6:ea:4a:a2:6d:07:d3:9b:
3d:24:07:73:3a:24:f7:fe:3a:49:60:8e:9b:3b:bc:
2b:2b:c4:37:13:90:ba:5f:57:e0:56:4f:91:5a:06:
e7:df:97:5e:ba:4e:7c:39:c4:2f:d1:8b:ad:b3:3e:
88:a5:5d:20:81:6c:b7:15:e9:62:d8:bc:a0:f8:16:
8c:3f:bc:e2:f6:e2:3e:e9:c5:0a:d9:64:54:4d:52:
49:f9:35:cd:56:a2:db:f2:74:27:43:d7:8a:44:f8:
6f:26:da:2f:5c:5b:2a:f6:14:c3:35:f6:31:56:20:
3a:ad:fd:c1:92:c7:3c:74:01:52:ee:c6:f8:64:f1:
d0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B8:91:B9:29:1B:D6:6E:B7:A2:6B:92:7E:2C:C0:01:50:67:0D:5F
X509v3 Authority Key Identifier:
keyid:70:BD:1C:0E:A7:DC:0E:68:B9:8C:EB:C0:7D:7F:BF:80:7E:FE:9D:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL0cDqfcDmi5jOvAfX-_gH7-nRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1f618f-0353-4d07-a10c-e12c4881fcb2/1/oLiRuSkb1m63omuSfizAAVBnDV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/1f618f-0353-4d07-a10c-e12c4881fcb2/1/cL0cDqfcDmi5jOvAfX-_gH7-nRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.102.0/24
Signature Algorithm: sha256WithRSAEncryption
04:9b:c8:8c:60:23:a7:ab:58:a4:bb:c3:f6:6d:ee:10:0d:5a:
fc:9c:c9:93:ec:df:b4:9e:2b:0d:34:bd:29:fc:d3:9d:97:4a:
ce:22:56:ed:6a:ed:ba:5c:67:69:e1:fb:a2:74:d5:05:f0:c6:
a5:19:14:13:7b:28:74:c3:61:2c:a8:39:73:45:75:4d:56:81:
94:e8:b7:a8:29:5e:b7:1e:f1:fd:50:80:5e:46:c9:8c:aa:56:
a0:a2:51:87:bf:a1:22:bb:05:04:12:fc:6d:89:09:f0:2a:dd:
a3:b9:e3:8d:58:59:83:1a:8d:9b:33:d5:e4:21:4c:9e:11:40:
3d:a9:b9:82:51:a2:88:3c:9e:ae:13:34:e6:f4:70:46:1a:0c:
e4:bb:19:fb:18:ee:68:2f:df:c4:7f:70:49:e8:14:09:db:43:
ce:6e:80:06:39:61:84:3d:04:85:b6:a6:d8:e6:59:0b:2c:54:
c1:6c:43:1b:16:ee:4c:56:db:1e:cc:05:9f:d6:87:0a:63:44:
1d:33:cc:92:ad:33:b9:21:f8:ba:00:cc:e4:52:9b:9e:da:82:
c2:b4:1d:db:63:01:30:d5:1b:32:3d:3d:94:be:7b:0e:b4:9a:
79:15:45:ee:99:5f:09:ca:30:c5:c5:c9:f8:c2:62:6e:58:ff:
d7:df:7a:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzaDwbXTsyRTMQ4Dq+W0aIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmQxYzBlYTdkYzBlNjhiOThjZWJjMDdkN2ZiZjgwN2Vm
ZTlkMWEwHhcNMjMwMTAyMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI4OTFiOTI5MWJkNjZlYjdhMjZiOTI3ZTJjYzAwMTUwNjcwZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgInYRYMUuGZa232+ZBnRhVy6Edxz
LX1MvNE2akeQHA4qm8ZYI3XZOPrtmLSKA++pPZCGV5K0Xg6ip66WHC7NVii6qx/V
4HDFbgFFMrNnP9MLybLNpaJ12ELKqkrEJTbTcrm7xzkPAUXc58RtP/T86aFv29Dc
U8yUG02FWN3h5upKom0H05s9JAdzOiT3/jpJYI6bO7wrK8Q3E5C6X1fgVk+RWgbn
35deuk58OcQv0Yutsz6IpV0ggWy3Feli2Lyg+BaMP7zi9uI+6cUK2WRUTVJJ+TXN
VqLb8nQnQ9eKRPhvJtovXFsq9hTDNfYxViA6rf3Bksc8dAFS7sb4ZPHQlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKC4kbkpG9Zut6Jrkn4swAFQZw1fMB8GA1UdIwQY
MBaAFHC9HA6n3A5ouYzrwH1/v4B+/p0aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0wwY0RxZmNEbWk1ak92QWZYLV9nSDctblJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8xZjYxOGYtMDM1My00ZDA3LWExMGMt
ZTEyYzQ4ODFmY2IyLzEvb0xpUnVTa2IxbTYzb211U2ZpekFBVkJuRFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8xZjYxOGYtMDM1My00ZDA3LWExMGMtZTEyYzQ4ODFmY2Iy
LzEvY0wwY0RxZmNEbWk1ak92QWZYLV9nSDctblJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZtmMA0G
CSqGSIb3DQEBCwUAA4IBAQAEm8iMYCOnq1iku8P2be4QDVr8nMmT7N+0nisNNL0p
/NOdl0rOIlbtau26XGdp4fuidNUF8MalGRQTeyh0w2EsqDlzRXVNVoGU6LeoKV63
HvH9UIBeRsmMqlagolGHv6EiuwUEEvxtiQnwKt2jueONWFmDGo2bM9XkIUyeEUA9
qbmCUaKIPJ6uEzTm9HBGGgzkuxn7GO5oL9/Ef3BJ6BQJ20POboAGOWGEPQSFtqbY
5lkLLFTBbEMbFu5MVtsezAWf1ocKY0QdM8ySrTO5Ifi6AMzkUpue2oLCtB3bYwEw
1RsyPT2UvnsOtJp5FUXumV8JyjDFxcn4wmJuWP/X33qf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:01 2025 by rpki-client