Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/9U2jPJiJrtpzlSvtGFBOwvwGalY.roa
File: 9U2jPJiJrtpzlSvtGFBOwvwGalY.roa (raw, json)
Hash identifier: SUPyfrhMxbkSCZRQIGj2uJa1LRZdd5L3vhbt817xJMw=
Subject key identifier: F5:4D:A3:3C:98:89:AE:DA:73:95:2B:ED:18:50:4E:C2:FC:06:6A:56
Certificate issuer: /CN=3b3fff71e59f35063f809fc5eb3af4c419f7bf33
Certificate serial: 01865FD283A4D6164F49D1F129EA3997096D
Authority key identifier: 3B:3F:FF:71:E5:9F:35:06:3F:80:9F:C5:EB:3A:F4:C4:19:F7:BF:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/9U2jPJiJrtpzlSvtGFBOwvwGalY.roa
Signing time: Fri 17 Feb 2023 14:41:17 +0000
ROA not before: Fri 17 Feb 2023 14:41:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135752
IP address blocks: 185.137.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:d2:83:a4:d6:16:4f:49:d1:f1:29:ea:39:97:09:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3fff71e59f35063f809fc5eb3af4c419f7bf33
Validity
Not Before: Feb 17 14:41:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f54da33c9889aeda73952bed18504ec2fc066a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:c6:93:94:b4:1a:99:f8:5c:4a:21:f0:5f:
81:54:e1:78:e6:4a:b9:c3:ea:8a:e8:56:bd:b7:74:
0b:8e:8c:b1:ad:1e:d0:66:c0:8b:38:f9:fd:a3:59:
e1:e5:f6:ee:4f:ad:1b:0a:02:e8:f5:1a:c4:28:50:
13:9c:39:7d:4c:a7:10:f1:ae:30:97:70:c5:03:4a:
df:7f:ad:06:e3:33:cc:a4:ed:35:48:50:2f:f4:5a:
df:99:83:94:27:7f:09:1d:6f:c7:a1:66:d7:ab:fc:
b3:cb:8a:09:f0:80:1f:52:25:eb:85:11:47:19:64:
2e:5c:f8:8c:4c:8b:57:3c:4a:9d:6d:a1:fb:61:3b:
d2:cb:38:5a:6a:05:ed:c2:6b:8e:20:d0:3e:b1:b4:
47:ab:b4:c4:24:8a:69:61:26:a7:fb:5e:6a:b2:a2:
ec:84:bf:a0:3b:f2:cd:a7:aa:12:42:e3:a3:c5:af:
3e:00:9e:77:f3:a6:13:2d:56:14:27:71:f1:4b:34:
5a:ea:37:30:f5:7f:fa:65:2c:7c:7b:1b:83:2c:54:
27:2f:77:80:5d:30:25:1d:b8:b3:df:97:e3:6e:5a:
50:28:6d:0b:3c:c5:df:37:d3:75:94:db:82:70:75:
3d:de:af:49:74:53:4f:ba:24:d6:b2:ff:8d:43:89:
ec:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:4D:A3:3C:98:89:AE:DA:73:95:2B:ED:18:50:4E:C2:FC:06:6A:56
X509v3 Authority Key Identifier:
keyid:3B:3F:FF:71:E5:9F:35:06:3F:80:9F:C5:EB:3A:F4:C4:19:F7:BF:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/9U2jPJiJrtpzlSvtGFBOwvwGalY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/02c0cf-489d-4fda-9e39-10133232e759/1/Oz__ceWfNQY_gJ_F6zr0xBn3vzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.164.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:08:dd:70:57:16:0b:29:79:b8:12:5e:9f:25:9c:53:b0:71:
c9:c4:dd:9f:2b:ba:3e:db:41:4b:4a:fd:91:26:8f:eb:8f:4f:
b7:83:2a:b5:f4:63:20:43:6b:db:70:1a:83:39:72:44:98:0c:
6c:e1:da:29:56:77:37:7d:88:ff:cb:f3:07:f9:c8:0f:36:4d:
41:2a:fa:7e:81:2d:7c:f5:45:97:55:f3:3d:ac:c1:c7:d1:8d:
6b:e7:19:fc:f6:5a:82:34:00:f1:19:8c:17:50:77:84:c9:61:
76:be:55:8d:b1:94:55:e0:15:80:b8:77:1d:f6:11:69:ee:0b:
c0:dd:b2:50:4c:17:94:1d:5e:a9:1a:1a:07:b2:2d:b5:07:a1:
4f:a7:d7:fc:d7:d1:a6:38:17:52:42:5e:9b:79:75:54:7a:52:
d0:4c:97:62:ac:a8:75:78:e3:e8:73:4c:be:71:2e:e2:2a:b7:
b7:dd:d1:5b:20:76:a1:b3:ae:d7:53:a4:03:cd:db:7e:8c:a2:
47:42:60:f1:70:d6:cb:24:d8:68:bb:eb:a7:d2:e8:e7:a2:0f:
1d:cc:1b:32:96:54:41:1b:15:ea:45:16:17:1a:7c:aa:04:dd:
0d:1b:0e:bd:5b:a4:41:c7:e3:ee:59:c6:a4:16:56:c7:19:ca:
9f:77:39:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZf0oOk1hZPSdHxKeo5lwltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2ZmZjcxZTU5ZjM1MDYzZjgwOWZjNWViM2FmNGM0MTlm
N2JmMzMwHhcNMjMwMjE3MTQ0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTRkYTMzYzk4ODlhZWRhNzM5NTJiZWQxODUwNGVjMmZjMDY2YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMDGk5S0Gpn4XEoh8F+BVOF45kq5
w+qK6Fa9t3QLjoyxrR7QZsCLOPn9o1nh5fbuT60bCgLo9RrEKFATnDl9TKcQ8a4w
l3DFA0rff60G4zPMpO01SFAv9FrfmYOUJ38JHW/HoWbXq/yzy4oJ8IAfUiXrhRFH
GWQuXPiMTItXPEqdbaH7YTvSyzhaagXtwmuOINA+sbRHq7TEJIppYSan+15qsqLs
hL+gO/LNp6oSQuOjxa8+AJ5386YTLVYUJ3HxSzRa6jcw9X/6ZSx8exuDLFQnL3eA
XTAlHbiz35fjblpQKG0LPMXfN9N1lNuCcHU93q9JdFNPuiTWsv+NQ4nsswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVNozyYia7ac5Ur7RhQTsL8BmpWMB8GA1UdIwQY
MBaAFDs//3HlnzUGP4Cfxes69MQZ978zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3pfX2NlV2ZOUVlfZ0pfRjZ6cjB4Qm4zdnpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wMmMwY2YtNDg5ZC00ZmRhLTllMzkt
MTAxMzMyMzJlNzU5LzEvOVUyalBKaUpydHB6bFN2dEdGQk93dndHYWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wMmMwY2YtNDg5ZC00ZmRhLTllMzktMTAxMzMyMzJlNzU5
LzEvT3pfX2NlV2ZOUVlfZ0pfRjZ6cjB4Qm4zdnpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYmkMA0G
CSqGSIb3DQEBCwUAA4IBAQCNCN1wVxYLKXm4El6fJZxTsHHJxN2fK7o+20FLSv2R
Jo/rj0+3gyq19GMgQ2vbcBqDOXJEmAxs4dopVnc3fYj/y/MH+cgPNk1BKvp+gS18
9UWXVfM9rMHH0Y1r5xn89lqCNADxGYwXUHeEyWF2vlWNsZRV4BWAuHcd9hFp7gvA
3bJQTBeUHV6pGhoHsi21B6FPp9f819GmOBdSQl6beXVUelLQTJdirKh1eOPoc0y+
cS7iKre33dFbIHahs67XU6QDzdt+jKJHQmDxcNbLJNhou+un0ujnog8dzBsyllRB
GxXqRRYXGnyqBN0NGw69W6RBx+PuWcakFlbHGcqfdzn4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:41 2023 by rpki-client on console-fra.rpki-client.org