Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/G8VLymCl5ilU4nxlIpGQsf0T1sg.roa
File: G8VLymCl5ilU4nxlIpGQsf0T1sg.roa (raw, json)
Hash identifier: TlU8hwu8jp3ugOqpdoH+YuzMlJ7mU+pKlgCBtnf44MI=
Subject key identifier: 1B:C5:4B:CA:60:A5:E6:29:54:E2:7C:65:22:91:90:B1:FD:13:D6:C8
Certificate issuer: /CN=e8a905b0a4f1ba373d9e7892d2455bc5ea8bbf89
Certificate serial: 0185715E671C5BDE59E5A896C75088347975
Authority key identifier: E8:A9:05:B0:A4:F1:BA:37:3D:9E:78:92:D2:45:5B:C5:EA:8B:BF:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KkFsKTxujc9nniS0kVbxeqLv4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/G8VLymCl5ilU4nxlIpGQsf0T1sg.roa
Signing time: Mon 02 Jan 2023 07:24:50 +0000
ROA not before: Mon 02 Jan 2023 07:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 185.235.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:67:1c:5b:de:59:e5:a8:96:c7:50:88:34:79:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a905b0a4f1ba373d9e7892d2455bc5ea8bbf89
Validity
Not Before: Jan 2 07:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1bc54bca60a5e62954e27c65229190b1fd13d6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f7:81:78:5d:6f:3d:c7:5d:10:92:01:9a:74:
6f:c0:cb:88:1e:57:c4:5f:d4:5d:dd:68:c1:e2:9d:
81:69:16:1e:c1:8a:e4:de:51:c4:a5:3f:01:42:05:
24:91:6b:77:49:a0:f3:2e:51:9c:07:42:e3:f3:32:
46:0e:fc:f3:4b:6e:97:66:e7:b1:78:19:80:cd:1b:
cb:4c:6e:90:9e:85:ae:a8:6c:8b:2a:b6:2b:77:ef:
4e:ce:a0:be:3b:75:50:89:c6:3d:1d:50:7d:92:7f:
2a:60:cc:8b:c2:6d:6e:34:e6:55:b1:7f:46:97:a4:
a2:92:11:d2:15:ea:ef:91:f0:88:23:20:cb:03:79:
4a:e2:bf:8b:05:00:b1:21:6f:c3:97:dc:3b:cc:79:
01:4d:f3:8f:3d:88:cd:70:ed:bc:c6:a7:4f:13:c6:
69:b2:b3:b5:ec:21:1a:19:d4:f2:c2:d4:ae:df:c2:
7d:9f:96:4b:15:c6:5f:a8:7d:3c:d8:78:a8:cf:ce:
90:55:15:a5:30:7a:ce:81:2f:8f:a3:89:10:bd:75:
27:0e:9b:1f:1d:85:98:b6:f5:52:f1:4e:b1:da:de:
f6:98:0c:6e:70:ff:18:a5:c5:56:c4:47:9f:70:d7:
db:1d:72:a6:3c:44:5a:8f:fd:c2:ba:4e:06:d7:ef:
76:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C5:4B:CA:60:A5:E6:29:54:E2:7C:65:22:91:90:B1:FD:13:D6:C8
X509v3 Authority Key Identifier:
keyid:E8:A9:05:B0:A4:F1:BA:37:3D:9E:78:92:D2:45:5B:C5:EA:8B:BF:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KkFsKTxujc9nniS0kVbxeqLv4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/G8VLymCl5ilU4nxlIpGQsf0T1sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/bfb168-1b3d-48ae-9800-1744e7259b17/1/6KkFsKTxujc9nniS0kVbxeqLv4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.227.0/24
Signature Algorithm: sha256WithRSAEncryption
09:20:e6:76:0b:8a:70:30:d0:3b:36:12:7f:8a:71:97:a3:9b:
4d:f6:f1:37:04:eb:9a:63:b2:83:77:6e:a2:28:ec:09:3e:db:
0e:f0:b7:1e:2d:03:e6:f3:ca:b0:e1:42:2f:89:77:99:60:ff:
09:27:9a:80:30:ef:f0:66:0e:03:3c:28:39:0e:de:b5:1c:c8:
98:43:5f:92:83:b3:95:2b:55:85:40:0c:18:bb:65:0a:ca:b7:
33:51:dc:d1:40:ac:56:29:10:e7:9e:86:c0:7c:9b:b3:5f:3e:
3f:de:cd:4f:6f:a6:ca:2a:ff:48:db:42:ae:e3:2f:f4:bd:fd:
dd:eb:0d:88:be:55:f7:0e:45:d2:bb:8c:87:c4:c0:23:ea:65:
f4:d1:13:3d:8f:6a:da:0c:8b:ef:c5:9b:59:42:57:2e:9a:f7:
d4:41:e4:10:25:46:67:5f:57:84:df:41:da:60:5a:a1:7d:a2:
e8:ef:4f:a7:58:e1:fe:50:f6:a7:95:e9:82:f2:77:42:7c:63:
e4:1a:08:5b:a7:37:5c:11:b0:7d:35:7f:f4:37:94:b8:d7:8e:
90:f4:a0:38:21:69:c8:2b:8a:33:25:e8:1f:b9:c9:6f:04:23:
f9:3c:8e:97:f2:11:c1:fb:aa:28:d6:cf:e7:81:9c:d9:37:af:
ae:79:e7:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXmccW95Z5aiWx1CINHl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTkwNWIwYTRmMWJhMzczZDllNzg5MmQyNDU1YmM1ZWE4
YmJmODkwHhcNMjMwMTAyMDcyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM1NGJjYTYwYTVlNjI5NTRlMjdjNjUyMjkxOTBiMWZkMTNkNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoveBeF1vPcddEJIBmnRvwMuIHlfE
X9Rd3WjB4p2BaRYewYrk3lHEpT8BQgUkkWt3SaDzLlGcB0Lj8zJGDvzzS26XZuex
eBmAzRvLTG6QnoWuqGyLKrYrd+9OzqC+O3VQicY9HVB9kn8qYMyLwm1uNOZVsX9G
l6SikhHSFervkfCIIyDLA3lK4r+LBQCxIW/Dl9w7zHkBTfOPPYjNcO28xqdPE8Zp
srO17CEaGdTywtSu38J9n5ZLFcZfqH082Hioz86QVRWlMHrOgS+Po4kQvXUnDpsf
HYWYtvVS8U6x2t72mAxucP8YpcVWxEefcNfbHXKmPERaj/3Cuk4G1+92fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvFS8pgpeYpVOJ8ZSKRkLH9E9bIMB8GA1UdIwQY
MBaAFOipBbCk8bo3PZ54ktJFW8Xqi7+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktrRnNLVHh1amM5bm5pUzBrVmJ4ZXFMdjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iZmIxNjgtMWIzZC00OGFlLTk4MDAt
MTc0NGU3MjU5YjE3LzEvRzhWTHltQ2w1aWxVNG54bElwR1FzZjBUMXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iZmIxNjgtMWIzZC00OGFlLTk4MDAtMTc0NGU3MjU5YjE3
LzEvNktrRnNLVHh1amM5bm5pUzBrVmJ4ZXFMdjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuevjMA0G
CSqGSIb3DQEBCwUAA4IBAQAJIOZ2C4pwMNA7NhJ/inGXo5tN9vE3BOuaY7KDd26i
KOwJPtsO8LceLQPm88qw4UIviXeZYP8JJ5qAMO/wZg4DPCg5Dt61HMiYQ1+Sg7OV
K1WFQAwYu2UKyrczUdzRQKxWKRDnnobAfJuzXz4/3s1Pb6bKKv9I20Ku4y/0vf3d
6w2IvlX3DkXSu4yHxMAj6mX00RM9j2raDIvvxZtZQlcumvfUQeQQJUZnX1eE30Ha
YFqhfaLo70+nWOH+UPanlemC8ndCfGPkGghbpzdcEbB9NX/0N5S4146Q9KA4IWnI
K4ozJegfuclvBCP5PI6X8hHB+6oo1s/ngZzZN6+ueef8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:58 2024 by rpki-client on console-fra.rpki-client.org