Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7fa12f-20f7-4b41-ae58-e95349b1d349/1/aa8MNgO1jazwxlFMw5dRMScUoqc.roa
File: aa8MNgO1jazwxlFMw5dRMScUoqc.roa (raw, json)
Hash identifier: KOHRLkRZwGgp4jsVt1shjM8g6S82+IHUKfXMQkIgtIE=
Subject key identifier: 69:AF:0C:36:03:B5:8D:AC:F0:C6:51:4C:C3:97:51:31:27:14:A2:A7
Certificate issuer: /CN=b97a7611654a2f64c4b367b70dc964b63a0bfa52
Certificate serial: 0185723A20633D6E734A9BBA9F6730A3CB79
Authority key identifier: B9:7A:76:11:65:4A:2F:64:C4:B3:67:B7:0D:C9:64:B6:3A:0B:FA:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXp2EWVKL2TEs2e3DclktjoL-lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7fa12f-20f7-4b41-ae58-e95349b1d349/1/aa8MNgO1jazwxlFMw5dRMScUoqc.roa
Signing time: Mon 02 Jan 2023 11:24:50 +0000
ROA not before: Mon 02 Jan 2023 11:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48574
IP address blocks: 185.248.176.0/22 maxlen: 24
217.30.64.0/20 maxlen: 24
109.238.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:20:63:3d:6e:73:4a:9b:ba:9f:67:30:a3:cb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97a7611654a2f64c4b367b70dc964b63a0bfa52
Validity
Not Before: Jan 2 11:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69af0c3603b58dacf0c6514cc39751312714a2a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:f0:cc:63:12:14:0b:28:0c:86:5d:c3:85:
bb:b9:9e:50:40:1a:42:ae:87:19:ea:3f:a7:ab:a0:
72:7e:6e:52:c9:fb:7f:f2:ae:30:18:b1:77:72:7f:
08:e2:1f:49:5a:a0:63:ad:32:a2:09:5d:fc:ce:d5:
cd:f4:b5:b2:24:a0:e3:51:ff:f8:e4:96:17:26:66:
2e:28:b9:5a:b1:76:b6:cf:c8:f6:04:c2:ce:fa:cd:
8c:9e:54:dc:5c:d2:d1:01:43:1d:85:18:1d:dd:ff:
22:f4:45:a5:f9:f6:48:d0:46:da:c9:77:72:d7:1e:
a1:de:40:29:e9:b7:c0:f5:01:18:c2:d6:bd:c7:38:
e8:a1:1a:c4:8d:fe:c7:47:27:05:9f:39:36:71:77:
9f:90:1a:f6:ba:57:82:a4:40:e1:25:53:d8:5a:d6:
c0:22:62:2f:68:ec:8d:d4:b4:af:e4:c3:de:df:a9:
70:d5:db:f8:98:66:c1:be:d9:21:7c:56:31:e7:39:
da:9f:86:ba:ff:3c:8e:d4:db:b3:2f:c3:08:16:29:
af:ea:0b:43:e5:c2:0e:9d:de:21:83:ca:7f:5c:17:
d0:b5:3d:30:9d:0d:06:0b:ca:ca:70:c6:b5:de:f4:
39:d7:5e:64:87:d1:81:38:22:28:2b:28:d8:09:71:
82:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AF:0C:36:03:B5:8D:AC:F0:C6:51:4C:C3:97:51:31:27:14:A2:A7
X509v3 Authority Key Identifier:
keyid:B9:7A:76:11:65:4A:2F:64:C4:B3:67:B7:0D:C9:64:B6:3A:0B:FA:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXp2EWVKL2TEs2e3DclktjoL-lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7fa12f-20f7-4b41-ae58-e95349b1d349/1/aa8MNgO1jazwxlFMw5dRMScUoqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7fa12f-20f7-4b41-ae58-e95349b1d349/1/uXp2EWVKL2TEs2e3DclktjoL-lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.238.208.0/20
185.248.176.0/22
217.30.64.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:51:03:41:45:1d:11:df:90:cd:f8:88:ac:28:a7:1b:03:7d:
fd:f7:44:d3:96:85:bd:96:0c:d1:d2:ea:4e:f8:c9:e5:4e:70:
82:21:c8:d7:db:ef:ff:60:8c:a6:81:48:0e:ab:f0:dc:6b:cc:
b2:ee:c7:82:a8:9d:5f:ba:63:7c:24:ae:99:94:6d:44:d0:0a:
d9:88:f2:d1:17:de:82:98:2b:fe:03:2c:06:3c:cf:8c:21:4c:
16:9f:47:7f:27:87:40:7d:87:b8:e3:0a:e0:50:f2:9e:17:41:
c6:47:29:7c:75:23:ff:b8:b3:fa:dd:79:0a:44:f1:95:da:a0:
ad:e7:97:8f:6b:fb:c9:f7:b4:14:1d:0e:d5:0e:1e:a7:7e:b6:
99:24:13:26:cb:cc:31:bd:e7:0d:4f:b7:90:84:58:10:c8:ac:
95:2e:76:7c:05:27:98:40:82:0a:8b:6b:4d:37:69:78:e3:df:
46:8e:74:21:76:b1:26:b9:88:dd:fa:45:c0:eb:42:e1:be:d1:
50:cc:a2:ec:ae:1d:e6:b9:18:f5:a5:ed:96:69:d4:af:44:72:
4b:49:64:ce:e5:a1:a3:85:79:f0:5a:e3:23:75:24:99:a3:bc:
72:df:d1:70:01:5e:40:ff:46:38:2b:f3:5d:06:48:64:6e:7a:
bf:ee:d7:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyOiBjPW5zSpu6n2cwo8t5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5N2E3NjExNjU0YTJmNjRjNGIzNjdiNzBkYzk2NGI2M2Ew
YmZhNTIwHhcNMjMwMTAyMTEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFmMGMzNjAzYjU4ZGFjZjBjNjUxNGNjMzk3NTEzMTI3MTRhMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGXwzGMSFAsoDIZdw4W7uZ5QQBpC
rocZ6j+nq6Byfm5Syft/8q4wGLF3cn8I4h9JWqBjrTKiCV38ztXN9LWyJKDjUf/4
5JYXJmYuKLlasXa2z8j2BMLO+s2MnlTcXNLRAUMdhRgd3f8i9EWl+fZI0EbayXdy
1x6h3kAp6bfA9QEYwta9xzjooRrEjf7HRycFnzk2cXefkBr2uleCpEDhJVPYWtbA
ImIvaOyN1LSv5MPe36lw1dv4mGbBvtkhfFYx5znan4a6/zyO1NuzL8MIFimv6gtD
5cIOnd4hg8p/XBfQtT0wnQ0GC8rKcMa13vQ5115kh9GBOCIoKyjYCXGCHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGmvDDYDtY2s8MZRTMOXUTEnFKKnMB8GA1UdIwQY
MBaAFLl6dhFlSi9kxLNntw3JZLY6C/pSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhwMkVXVktMMlRFczJlM0RjbGt0am9MLWxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83ZmExMmYtMjBmNy00YjQxLWFlNTgt
ZTk1MzQ5YjFkMzQ5LzEvYWE4TU5nTzFqYXp3eGxGTXc1ZFJNU2NVb3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83ZmExMmYtMjBmNy00YjQxLWFlNTgtZTk1MzQ5YjFkMzQ5
LzEvdVhwMkVXVktMMlRFczJlM0RjbGt0am9MLWxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEbe7QAwQC
ufiwAwQE2R5AMA0GCSqGSIb3DQEBCwUAA4IBAQCbUQNBRR0R35DN+IisKKcbA339
90TTloW9lgzR0upO+MnlTnCCIcjX2+//YIymgUgOq/Dca8yy7seCqJ1fumN8JK6Z
lG1E0ArZiPLRF96CmCv+AywGPM+MIUwWn0d/J4dAfYe44wrgUPKeF0HGRyl8dSP/
uLP63XkKRPGV2qCt55ePa/vJ97QUHQ7VDh6nfraZJBMmy8wxvecNT7eQhFgQyKyV
LnZ8BSeYQIIKi2tNN2l4499GjnQhdrEmuYjd+kXA60LhvtFQzKLsrh3muRj1pe2W
adSvRHJLSWTO5aGjhXnwWuMjdSSZo7xy39FwAV5A/0Y4K/NdBkhkbnq/7tfN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:08 2024 by rpki-client on console-ams.rpki-client.org