Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/drukh86JnoXDGjasfcR8xocPudE.roa
File: drukh86JnoXDGjasfcR8xocPudE.roa (raw, json)
Hash identifier: gUiIeQWeFIuVS1WKfLaP/AxQtx/CCH8i2N6+LDCrdUE=
Subject key identifier: 76:BB:A4:87:CE:89:9E:85:C3:1A:36:AC:7D:C4:7C:C6:87:0F:B9:D1
Certificate issuer: /CN=d997d06eda361d935588e427f3d9833f8f7d1d20
Certificate serial: 01856C0A42258B1E3A06ABD1EADA45F56C65
Authority key identifier: D9:97:D0:6E:DA:36:1D:93:55:88:E4:27:F3:D9:83:3F:8F:7D:1D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZfQbto2HZNViOQn89mDP499HSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/drukh86JnoXDGjasfcR8xocPudE.roa
Signing time: Sun 01 Jan 2023 06:34:49 +0000
ROA not before: Sun 01 Jan 2023 06:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 194.147.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:42:25:8b:1e:3a:06:ab:d1:ea:da:45:f5:6c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d997d06eda361d935588e427f3d9833f8f7d1d20
Validity
Not Before: Jan 1 06:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76bba487ce899e85c31a36ac7dc47cc6870fb9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a1:b7:ea:cb:e3:09:03:73:03:b0:e2:aa:f5:
71:19:d4:c9:ba:47:d2:54:da:e2:2a:a9:6d:bc:f5:
ab:46:cb:2e:16:c3:2a:6e:f0:ef:6d:50:7d:ac:b1:
84:25:ee:76:c5:37:f6:b8:04:13:61:8b:b6:99:9a:
47:aa:5b:5a:6e:f2:e0:e3:21:0f:ef:24:10:4d:f0:
44:cf:6d:17:39:2a:57:5b:f9:b8:8a:27:e2:24:2e:
21:62:87:05:ae:ed:50:4f:91:e2:5f:d9:b6:ae:25:
56:f4:b7:fd:62:08:d8:36:bc:56:1d:f7:82:7d:75:
2f:1a:6f:0c:b0:46:2c:0d:6e:6e:f7:66:67:e9:93:
95:a8:51:60:c1:99:de:f7:c6:9b:d5:2e:59:f2:14:
7c:a1:97:ad:8a:8f:d9:eb:d1:35:b3:17:a3:0a:2f:
c7:d5:69:2f:9b:91:84:37:52:13:2e:47:5a:a7:5d:
ee:d6:55:88:d8:15:8b:70:52:70:43:a5:8a:c8:30:
ce:e0:fc:7f:c4:02:4d:e9:45:50:f7:60:cb:3a:eb:
f8:4c:3c:ab:21:c0:71:9e:79:bc:6d:dd:c4:77:d0:
55:87:74:e8:64:3f:9f:ee:ee:a6:32:ad:50:b9:66:
96:4b:57:75:ac:c6:e8:21:d1:e4:45:58:ba:db:9a:
84:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BB:A4:87:CE:89:9E:85:C3:1A:36:AC:7D:C4:7C:C6:87:0F:B9:D1
X509v3 Authority Key Identifier:
keyid:D9:97:D0:6E:DA:36:1D:93:55:88:E4:27:F3:D9:83:3F:8F:7D:1D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZfQbto2HZNViOQn89mDP499HSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/drukh86JnoXDGjasfcR8xocPudE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/2ZfQbto2HZNViOQn89mDP499HSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.44.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:96:5b:d4:36:0c:21:75:51:ad:e4:31:18:b9:e4:d6:ad:0f:
da:9a:26:88:de:73:40:67:54:41:fa:a8:d2:9e:31:17:ce:b8:
c5:37:3b:9e:58:9f:3b:1b:d4:6b:13:3f:21:0f:35:97:2d:e9:
51:30:a9:de:fc:73:2f:c8:25:b6:cf:20:f5:6e:d7:ed:d0:3e:
0c:df:4d:b8:88:85:87:9d:14:06:68:a6:f4:86:44:b7:5f:9e:
e1:7f:1f:da:d5:56:1d:80:f1:8c:b6:f4:85:55:2d:7a:3a:b7:
d3:21:a2:19:94:c7:bb:f3:8c:57:a9:d8:06:21:b6:85:47:0e:
8d:bf:58:2f:4f:48:11:07:61:e5:a6:93:0d:32:07:7d:c0:5a:
f8:e6:6e:5d:b4:e0:44:12:32:69:aa:eb:e6:fb:c9:b4:fa:3b:
b1:e6:04:6b:7e:5e:0f:f8:c1:f2:b3:17:5c:81:8a:bf:e8:8d:
67:69:c1:33:8a:2f:12:00:70:8a:9b:ae:37:b0:8d:df:e2:9b:
89:ed:63:bd:84:fb:a9:20:52:37:6b:24:6b:a6:e4:d5:9a:d3:
c8:78:f1:4c:01:6c:62:cc:38:5a:56:ce:ed:ac:bb:7b:16:0d:
0b:a3:a7:f2:89:22:bb:b8:e1:29:cf:10:46:9c:3e:7d:5a:4d:
b8:28:1e:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCkIlix46BqvR6tpF9WxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTdkMDZlZGEzNjFkOTM1NTg4ZTQyN2YzZDk4MzNmOGY3
ZDFkMjAwHhcNMjMwMTAxMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmJiYTQ4N2NlODk5ZTg1YzMxYTM2YWM3ZGM0N2NjNjg3MGZiOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKG36svjCQNzA7DiqvVxGdTJukfS
VNriKqltvPWrRssuFsMqbvDvbVB9rLGEJe52xTf2uAQTYYu2mZpHqltabvLg4yEP
7yQQTfBEz20XOSpXW/m4iifiJC4hYocFru1QT5HiX9m2riVW9Lf9YgjYNrxWHfeC
fXUvGm8MsEYsDW5u92Zn6ZOVqFFgwZne98ab1S5Z8hR8oZetio/Z69E1sxejCi/H
1Wkvm5GEN1ITLkdap13u1lWI2BWLcFJwQ6WKyDDO4Px/xAJN6UVQ92DLOuv4TDyr
IcBxnnm8bd3Ed9BVh3ToZD+f7u6mMq1QuWaWS1d1rMboIdHkRVi625qEcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHa7pIfOiZ6Fwxo2rH3EfMaHD7nRMB8GA1UdIwQY
MBaAFNmX0G7aNh2TVYjkJ/PZgz+PfR0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpmUWJ0bzJIWk5WaU9Rbjg5bURQNDk5SFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83MDJkYTUtYzJjYi00YjY2LWIyOTkt
ZGM1ZTBjNDZlNzZjLzEvZHJ1a2g4Nkpub1hER2phc2ZjUjh4b2NQdWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83MDJkYTUtYzJjYi00YjY2LWIyOTktZGM1ZTBjNDZlNzZj
LzEvMlpmUWJ0bzJIWk5WaU9Rbjg5bURQNDk5SFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBOllvUNgwhdVGt5DEYueTWrQ/amiaI3nNAZ1RB+qjS
njEXzrjFNzueWJ87G9RrEz8hDzWXLelRMKne/HMvyCW2zyD1btft0D4M3024iIWH
nRQGaKb0hkS3X57hfx/a1VYdgPGMtvSFVS16OrfTIaIZlMe784xXqdgGIbaFRw6N
v1gvT0gRB2HlppMNMgd9wFr45m5dtOBEEjJpquvm+8m0+jux5gRrfl4P+MHysxdc
gYq/6I1nacEzii8SAHCKm643sI3f4puJ7WO9hPupIFI3ayRrpuTVmtPIePFMAWxi
zDhaVs7trLt7Fg0Lo6fyiSK7uOEpzxBGnD59Wk24KB7G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:35 2024 by rpki-client on console-fra.rpki-client.org