Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/on8z1kqCnPJWUGEN7kehTxV3e5A.roa
File: on8z1kqCnPJWUGEN7kehTxV3e5A.roa (raw, json)
Hash identifier: fJ6zC2aHuddnecPH3/Q6FFLsBrctdHcOwuwgDrC7CNc=
Subject key identifier: A2:7F:33:D6:4A:82:9C:F2:56:50:61:0D:EE:47:A1:4F:15:77:7B:90
Certificate issuer: /CN=71f6cf046dc0060cc53f39a94f62557ef00a8993
Certificate serial: 018340CE27DD802C1841EB54DA3C355AC7F0
Authority key identifier: 71:F6:CF:04:6D:C0:06:0C:C5:3F:39:A9:4F:62:55:7E:F0:0A:89:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cfbPBG3ABgzFPzmpT2JVfvAKiZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/on8z1kqCnPJWUGEN7kehTxV3e5A.roa
Signing time: Thu 15 Sep 2022 10:59:55 +0000
ROA not before: Thu 15 Sep 2022 10:59:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 147.78.103.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:ce:27:dd:80:2c:18:41:eb:54:da:3c:35:5a:c7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71f6cf046dc0060cc53f39a94f62557ef00a8993
Validity
Not Before: Sep 15 10:59:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a27f33d64a829cf25650610dee47a14f15777b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:0b:68:99:dd:3d:8c:88:11:1d:e7:c3:a0:
13:fe:05:84:27:06:91:32:02:a0:49:b9:f7:8b:dc:
a3:5c:6f:49:9f:8a:af:a9:58:62:c6:33:27:1c:74:
f3:cf:9b:0a:61:26:46:0d:79:d4:f4:91:64:80:f4:
b9:39:cd:b6:d4:85:bf:54:f5:41:40:7c:45:c2:d5:
9f:0e:a3:7a:a4:3f:d8:1c:08:9a:9c:30:f0:3f:16:
71:26:7b:3f:72:b0:2f:0d:7a:71:cb:4a:ff:2e:77:
29:97:87:8f:2f:62:b6:8d:97:d5:f0:6c:07:22:3f:
e4:c7:f3:3b:3a:d7:9b:63:9e:07:b6:83:de:23:0f:
d7:67:6d:ea:9d:dd:fe:24:53:86:36:d4:42:91:ce:
60:41:73:95:2a:f7:9e:3b:4e:39:43:a4:db:8a:02:
eb:c0:40:fd:2f:85:af:7e:23:d2:93:0e:eb:2b:e5:
8b:86:12:3c:61:69:c4:a2:74:83:61:49:7d:21:39:
ba:4c:3c:36:0a:3f:93:41:15:52:3a:f1:7e:c2:8d:
91:35:82:4e:f1:d3:31:13:79:51:fc:ab:b9:34:2c:
47:58:11:74:90:7a:24:0a:16:e4:ea:44:fb:c2:e6:
8d:cb:22:85:e2:05:70:3c:1e:7b:a7:b4:54:d0:16:
35:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7F:33:D6:4A:82:9C:F2:56:50:61:0D:EE:47:A1:4F:15:77:7B:90
X509v3 Authority Key Identifier:
keyid:71:F6:CF:04:6D:C0:06:0C:C5:3F:39:A9:4F:62:55:7E:F0:0A:89:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfbPBG3ABgzFPzmpT2JVfvAKiZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/on8z1kqCnPJWUGEN7kehTxV3e5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c7a255-16a5-4d4c-a737-692f6a89839a/1/cfbPBG3ABgzFPzmpT2JVfvAKiZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.100.0/22
Signature Algorithm: sha256WithRSAEncryption
85:3c:cc:f1:cc:f0:26:b8:30:56:02:20:40:5e:fe:2d:2b:8e:
42:94:ae:f1:4c:9f:ea:65:46:58:ac:10:d7:38:16:8a:ef:0f:
89:9c:1a:aa:76:53:99:db:17:f4:e5:99:bf:45:80:9e:1d:89:
3e:9b:54:2c:08:a9:f5:1d:47:81:22:2a:41:a8:9d:83:16:13:
bd:5c:5d:75:d8:da:af:fc:bd:a8:b9:70:5e:2b:52:ed:f6:79:
4f:bf:bd:e0:aa:d2:64:96:d1:18:42:56:fa:bd:00:97:3d:76:
29:be:90:fb:3b:77:be:b5:ff:13:d6:01:de:ee:6c:17:2f:93:
f0:0c:07:9f:7f:12:55:33:c5:b0:50:eb:84:c3:9a:6e:61:7c:
69:26:0e:05:2a:de:5a:8f:11:ef:30:46:6e:b3:57:51:86:88:
3d:aa:61:c7:4e:f2:86:f9:4d:3a:21:51:b3:30:33:16:53:8e:
58:49:63:f0:6d:82:0b:05:61:37:d6:9b:ef:bc:22:64:12:a8:
16:a3:fa:f8:80:00:04:61:c9:52:09:34:51:0f:d9:09:37:36:
36:11:2a:3f:6b:c0:d1:4a:ef:27:bb:8b:3e:ba:57:c1:bd:11:
e5:26:01:99:0e:35:9d:50:4c:91:a2:a9:60:a8:34:ae:28:7e:
5f:83:7c:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNAzifdgCwYQetU2jw1WsfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZjZjZjA0NmRjMDA2MGNjNTNmMzlhOTRmNjI1NTdlZjAw
YTg5OTMwHhcNMjIwOTE1MTA1OTU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdmMzNkNjRhODI5Y2YyNTY1MDYxMGRlZTQ3YTE0ZjE1Nzc3YjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn24LaJndPYyIER3nw6AT/gWEJwaR
MgKgSbn3i9yjXG9Jn4qvqVhixjMnHHTzz5sKYSZGDXnU9JFkgPS5Oc221IW/VPVB
QHxFwtWfDqN6pD/YHAianDDwPxZxJns/crAvDXpxy0r/Lncpl4ePL2K2jZfV8GwH
Ij/kx/M7OtebY54HtoPeIw/XZ23qnd3+JFOGNtRCkc5gQXOVKveeO045Q6TbigLr
wED9L4WvfiPSkw7rK+WLhhI8YWnEonSDYUl9ITm6TDw2Cj+TQRVSOvF+wo2RNYJO
8dMxE3lR/Ku5NCxHWBF0kHokChbk6kT7wuaNyyKF4gVwPB57p7RU0BY1WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJ/M9ZKgpzyVlBhDe5HoU8Vd3uQMB8GA1UdIwQY
MBaAFHH2zwRtwAYMxT85qU9iVX7wComTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ZiUEJHM0FCZ3pGUHptcFQySlZmdkFLaVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jN2EyNTUtMTZhNS00ZDRjLWE3Mzct
NjkyZjZhODk4MzlhLzEvb244ejFrcUNuUEpXVUdFTjdrZWhUeFYzZTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jN2EyNTUtMTZhNS00ZDRjLWE3MzctNjkyZjZhODk4Mzlh
LzEvY2ZiUEJHM0FCZ3pGUHptcFQySlZmdkFLaVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk05kMA0G
CSqGSIb3DQEBCwUAA4IBAQCFPMzxzPAmuDBWAiBAXv4tK45ClK7xTJ/qZUZYrBDX
OBaK7w+JnBqqdlOZ2xf05Zm/RYCeHYk+m1QsCKn1HUeBIipBqJ2DFhO9XF112Nqv
/L2ouXBeK1Lt9nlPv73gqtJkltEYQlb6vQCXPXYpvpD7O3e+tf8T1gHe7mwXL5Pw
DAeffxJVM8WwUOuEw5puYXxpJg4FKt5ajxHvMEZus1dRhog9qmHHTvKG+U06IVGz
MDMWU45YSWPwbYILBWE31pvvvCJkEqgWo/r4gAAEYclSCTRRD9kJNzY2ESo/a8DR
Su8nu4s+ulfBvRHlJgGZDjWdUEyRoqlgqDSuKH5fg3wZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:52 2024 by rpki-client on console-ams.rpki-client.org