Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/7rFpR9b-09t-iobWm7i12dMzRsc.roa
File: 7rFpR9b-09t-iobWm7i12dMzRsc.roa (raw, json)
Hash identifier: VDp8ej9HIxrrMtKeIsGYNupVbMvu8lhTsHxexjMupXA=
Subject key identifier: EE:B1:69:47:D6:FE:D3:DB:7E:8A:86:D6:9B:B8:B5:D9:D3:33:46:C7
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 018831CD8C70A0A8C3F165DFD05A1E7465AA
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/7rFpR9b-09t-iobWm7i12dMzRsc.roa
Signing time: Fri 19 May 2023 02:18:54 +0000
ROA not before: Fri 19 May 2023 02:18:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 328867
IP address blocks: 45.156.220.0/24 maxlen: 24
194.62.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:31:cd:8c:70:a0:a8:c3:f1:65:df:d0:5a:1e:74:65:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: May 19 02:18:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eeb16947d6fed3db7e8a86d69bb8b5d9d33346c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5a:7e:4c:5f:de:56:1c:8d:55:c5:52:77:90:
75:bc:4b:ad:d9:f7:f8:4e:57:7b:03:9d:4e:87:15:
30:92:cd:2e:81:77:a7:34:d1:e7:0b:93:41:39:78:
cc:75:24:22:32:86:bf:b6:6a:78:90:b6:a8:5b:96:
10:17:23:c5:5f:39:88:d4:51:2d:65:dc:fc:21:50:
cb:db:74:a9:ca:c0:09:33:59:54:53:04:b8:db:8b:
61:12:4c:c9:09:8e:26:bc:7b:31:7a:44:0f:11:70:
46:ca:20:b6:a7:f8:ea:82:f2:4e:fa:51:79:5d:ce:
52:27:61:9f:8f:61:0f:ea:65:60:6c:43:cc:28:b7:
a2:9f:0b:36:65:c1:2d:72:d5:ed:1d:e7:77:4f:a1:
05:fa:ad:17:e5:07:38:3f:ca:97:3a:fb:0c:b2:2a:
49:43:ce:49:96:e0:97:a5:fb:70:1c:7e:e1:c2:fd:
2c:8f:52:32:52:e7:77:fb:24:74:17:7e:ad:40:b7:
d6:5f:e3:c1:ca:42:46:0f:58:93:9c:0f:9b:fe:3d:
23:58:d5:d7:d7:8a:4e:5d:e9:a3:34:32:da:93:65:
cb:fd:ba:6b:9d:be:4d:3f:9a:2c:2d:ee:cf:be:f9:
bc:e2:44:15:43:22:0d:c2:e0:50:7d:a8:7b:82:3e:
92:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B1:69:47:D6:FE:D3:DB:7E:8A:86:D6:9B:B8:B5:D9:D3:33:46:C7
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/7rFpR9b-09t-iobWm7i12dMzRsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.220.0/24
194.62.214.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:82:f4:ac:6d:81:41:68:fc:91:f9:5a:a5:02:80:c7:b4:33:
7a:b0:d5:ff:56:2d:af:24:22:20:53:95:03:bd:3e:1a:2a:b1:
fe:df:b2:9d:3f:4f:4d:a0:3f:10:c2:33:ed:13:e2:85:e4:91:
f3:84:a4:b3:16:d0:1e:17:17:ea:2e:37:65:b0:f8:64:20:58:
bd:eb:88:d2:5a:e3:27:a4:cd:09:d3:d2:5b:83:89:6f:45:4e:
c0:8b:be:fe:54:58:8f:27:03:54:4a:64:3d:2c:43:52:ed:10:
d2:6a:63:1e:63:fb:45:30:af:bc:17:1b:b9:a0:7c:7b:51:e5:
83:b4:89:12:cc:c8:a7:89:98:6c:5b:21:5e:67:10:de:95:f0:
77:35:eb:44:b7:83:66:e3:5e:3d:a6:30:79:a6:03:61:99:21:
b8:12:4f:ae:d8:d2:4f:6c:71:6c:2f:3f:e9:17:56:df:9c:7b:
56:7a:46:00:ec:e2:23:0f:d9:9c:d7:ca:c2:d7:84:96:79:09:
06:17:9f:da:fd:9f:16:5e:d5:dc:36:93:d7:55:3c:40:6a:6f:
2b:e4:5b:37:aa:17:61:0f:37:0d:59:7c:0b:78:d4:f7:2e:1a:
50:7a:bb:16:80:17:e9:a8:fc:31:9d:9d:b0:93:e3:03:bd:e6:
f1:e3:7f:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgxzYxwoKjD8WXf0FoedGWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjMwNTE5MDIxODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWIxNjk0N2Q2ZmVkM2RiN2U4YTg2ZDY5YmI4YjVkOWQzMzM0NmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFp+TF/eVhyNVcVSd5B1vEut2ff4
Tld7A51OhxUwks0ugXenNNHnC5NBOXjMdSQiMoa/tmp4kLaoW5YQFyPFXzmI1FEt
Zdz8IVDL23SpysAJM1lUUwS424thEkzJCY4mvHsxekQPEXBGyiC2p/jqgvJO+lF5
Xc5SJ2Gfj2EP6mVgbEPMKLeinws2ZcEtctXtHed3T6EF+q0X5Qc4P8qXOvsMsipJ
Q85JluCXpftwHH7hwv0sj1IyUud3+yR0F36tQLfWX+PBykJGD1iTnA+b/j0jWNXX
14pOXemjNDLak2XL/bprnb5NP5osLe7Pvvm84kQVQyINwuBQfah7gj6SlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6xaUfW/tPbfoqG1pu4tdnTM0bHMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvN3JGcFI5Yi0wOXQtaW9iV203aTEyZE16UnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZzcAwQA
wj7WMA0GCSqGSIb3DQEBCwUAA4IBAQAagvSsbYFBaPyR+VqlAoDHtDN6sNX/Vi2v
JCIgU5UDvT4aKrH+37KdP09NoD8QwjPtE+KF5JHzhKSzFtAeFxfqLjdlsPhkIFi9
64jSWuMnpM0J09Jbg4lvRU7Ai77+VFiPJwNUSmQ9LENS7RDSamMeY/tFMK+8Fxu5
oHx7UeWDtIkSzMiniZhsWyFeZxDelfB3NetEt4Nm4149pjB5pgNhmSG4Ek+u2NJP
bHFsLz/pF1bfnHtWekYA7OIjD9mc18rC14SWeQkGF5/a/Z8WXtXcNpPXVTxAam8r
5Fs3qhdhDzcNWXwLeNT3LhpQersWgBfpqPwxnZ2wk+MDvebx438A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org