Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/KaCaK7H5tHbMx-uh8i1BbihVEn4.roa
File: KaCaK7H5tHbMx-uh8i1BbihVEn4.roa (raw, json)
Hash identifier: YW/vRbvVb5ehLSstfhsp2iJoiuIWAtOZTvdwO9vXBhw=
Subject key identifier: 29:A0:9A:2B:B1:F9:B4:76:CC:C7:EB:A1:F2:2D:41:6E:28:55:12:7E
Certificate issuer: /CN=532c801f4c8502937218368b4e65d0e463d7c9b9
Certificate serial: 01857102CAF3645489B76750D041518A3209
Authority key identifier: 53:2C:80:1F:4C:85:02:93:72:18:36:8B:4E:65:D0:E4:63:D7:C9:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyyAH0yFApNyGDaLTmXQ5GPXybk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/KaCaK7H5tHbMx-uh8i1BbihVEn4.roa
Signing time: Mon 02 Jan 2023 05:44:46 +0000
ROA not before: Mon 02 Jan 2023 05:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211439
IP address blocks: 193.238.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:ca:f3:64:54:89:b7:67:50:d0:41:51:8a:32:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=532c801f4c8502937218368b4e65d0e463d7c9b9
Validity
Not Before: Jan 2 05:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a09a2bb1f9b476ccc7eba1f22d416e2855127e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1c:24:84:15:20:81:18:12:4b:14:8c:cc:7b:
f5:c0:68:d9:bc:e1:a5:9f:88:d1:40:d9:2f:1a:a1:
04:7e:f8:4f:2c:c0:a1:64:2a:a5:8c:90:04:f6:7b:
3c:11:1a:ec:31:86:ab:6e:64:de:2e:b2:f8:fb:9b:
09:aa:25:dd:4b:ae:13:8d:22:3a:21:34:94:7e:08:
42:b0:82:a5:5a:30:69:fa:20:a4:6c:32:f3:de:ca:
d2:9c:62:f6:e7:22:f3:d9:d1:cf:7d:3a:2b:ba:04:
85:85:a3:f6:a7:8c:7e:20:0a:c4:c1:e4:f6:fe:57:
8a:84:b8:6f:ff:35:e7:0c:b6:f0:8e:d6:ac:a1:c4:
73:c9:03:c6:46:b1:cf:9b:c4:4b:23:1f:8e:1d:0f:
4e:cd:eb:8a:5c:7c:71:c4:d7:1c:37:ae:a9:3c:ef:
fe:c5:9c:b4:10:db:aa:63:25:0c:8c:c3:d8:c1:fd:
49:a2:17:00:8a:90:d3:52:79:07:a0:48:4d:2b:96:
5e:0f:9e:84:d2:fb:9e:d8:ab:dd:58:28:ce:f1:04:
c8:65:d9:8a:75:2b:0c:fa:7b:f3:fc:66:81:49:f9:
d1:69:9e:3f:90:e4:8b:17:b2:88:39:76:70:db:45:
3e:f8:5e:75:02:15:9b:64:5f:b4:13:ab:b1:a1:ef:
f0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A0:9A:2B:B1:F9:B4:76:CC:C7:EB:A1:F2:2D:41:6E:28:55:12:7E
X509v3 Authority Key Identifier:
keyid:53:2C:80:1F:4C:85:02:93:72:18:36:8B:4E:65:D0:E4:63:D7:C9:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyyAH0yFApNyGDaLTmXQ5GPXybk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/KaCaK7H5tHbMx-uh8i1BbihVEn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7b4ecd-10d3-46a7-a298-a93ee85cb782/1/UyyAH0yFApNyGDaLTmXQ5GPXybk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.238.85.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:4e:cd:ec:76:71:f8:11:7f:a0:9f:b5:c9:d1:99:c0:ab:e9:
f3:f9:04:42:22:83:a1:bc:64:f0:01:38:d3:78:49:05:ae:26:
46:ac:f3:7d:1c:88:a5:95:2c:9b:f2:dd:b9:95:97:0d:75:42:
8f:cb:ef:fc:6f:1d:ce:25:43:b5:66:c2:6c:4e:fd:1e:c4:f9:
91:e8:f2:96:7b:1e:cf:07:6d:f7:20:38:d3:d1:91:4d:3b:99:
0b:38:d7:c3:2d:de:3b:8a:55:1c:2f:33:b6:64:be:07:2a:dd:
52:fc:1b:88:a3:a0:3c:35:b9:74:ae:07:9e:e5:70:bc:a6:ed:
5b:e9:0d:3c:e6:25:3a:9a:64:6b:42:67:33:d7:73:45:2e:74:
24:59:8c:f7:81:32:4f:3d:7a:d0:44:7b:11:55:6f:6a:fd:b3:
3d:d7:4f:ab:25:c5:d9:9c:66:f2:d8:f1:13:db:e4:58:37:cf:
02:ac:e8:6f:d4:3f:f5:c5:3c:bf:79:92:7e:56:40:20:42:ac:
dc:43:02:b8:b4:4f:b8:d6:83:f8:39:6d:07:2d:b5:df:7c:d7:
9d:e5:d1:6d:20:c9:de:7b:2a:8f:17:21:03:28:54:3f:fb:8e:
f9:97:ee:4d:b3:60:00:95:3a:1f:7e:fc:96:bc:da:c6:0f:c5:
f7:fa:e8:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAsrzZFSJt2dQ0EFRijIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMmM4MDFmNGM4NTAyOTM3MjE4MzY4YjRlNjVkMGU0NjNk
N2M5YjkwHhcNMjMwMTAyMDU0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWEwOWEyYmIxZjliNDc2Y2NjN2ViYTFmMjJkNDE2ZTI4NTUxMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhwkhBUggRgSSxSMzHv1wGjZvOGl
n4jRQNkvGqEEfvhPLMChZCqljJAE9ns8ERrsMYarbmTeLrL4+5sJqiXdS64TjSI6
ITSUfghCsIKlWjBp+iCkbDLz3srSnGL25yLz2dHPfTorugSFhaP2p4x+IArEweT2
/leKhLhv/zXnDLbwjtasocRzyQPGRrHPm8RLIx+OHQ9OzeuKXHxxxNccN66pPO/+
xZy0ENuqYyUMjMPYwf1JohcAipDTUnkHoEhNK5ZeD56E0vue2KvdWCjO8QTIZdmK
dSsM+nvz/GaBSfnRaZ4/kOSLF7KIOXZw20U++F51AhWbZF+0E6uxoe/wSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmgmiux+bR2zMfrofItQW4oVRJ+MB8GA1UdIwQY
MBaAFFMsgB9MhQKTchg2i05l0ORj18m5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXl5QUgweUZBcE55R0RhTFRtWFE1R1BYeWJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83YjRlY2QtMTBkMy00NmE3LWEyOTgt
YTkzZWU4NWNiNzgyLzEvS2FDYUs3SDV0SGJNeC11aDhpMUJiaWhWRW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83YjRlY2QtMTBkMy00NmE3LWEyOTgtYTkzZWU4NWNiNzgy
LzEvVXl5QUgweUZBcE55R0RhTFRtWFE1R1BYeWJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe5VMA0G
CSqGSIb3DQEBCwUAA4IBAQAsTs3sdnH4EX+gn7XJ0ZnAq+nz+QRCIoOhvGTwATjT
eEkFriZGrPN9HIillSyb8t25lZcNdUKPy+/8bx3OJUO1ZsJsTv0exPmR6PKWex7P
B233IDjT0ZFNO5kLONfDLd47ilUcLzO2ZL4HKt1S/BuIo6A8Nbl0rgee5XC8pu1b
6Q085iU6mmRrQmcz13NFLnQkWYz3gTJPPXrQRHsRVW9q/bM910+rJcXZnGby2PET
2+RYN88CrOhv1D/1xTy/eZJ+VkAgQqzcQwK4tE+41oP4OW0HLbXffNed5dFtIMne
eyqPFyEDKFQ/+475l+5Ns2AAlToffvyWvNrGD8X3+uiH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:25 2024 by rpki-client on console-ams.rpki-client.org