Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/41c170-eb39-4750-bed3-f9c749dd4b48/1/wB4weCL5mIpyiw9RJF0vsFNO3H8.roa
File: wB4weCL5mIpyiw9RJF0vsFNO3H8.roa (raw, json)
Hash identifier: f1karvrdDEMqWUUmo2OFosuwNOpLHKLCr4oxtAWiZ3w=
Subject key identifier: C0:1E:30:78:22:F9:98:8A:72:8B:0F:51:24:5D:2F:B0:53:4E:DC:7F
Certificate issuer: /CN=6ecf2d3d727f4affac30faa6d0572294ad42cc9b
Certificate serial: 018379789622BA5DCF82D4E5CFE73AD1B8B5
Authority key identifier: 6E:CF:2D:3D:72:7F:4A:FF:AC:30:FA:A6:D0:57:22:94:AD:42:CC:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bs8tPXJ_Sv-sMPqm0FcilK1CzJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/41c170-eb39-4750-bed3-f9c749dd4b48/1/wB4weCL5mIpyiw9RJF0vsFNO3H8.roa
Signing time: Mon 26 Sep 2022 11:04:49 +0000
ROA not before: Mon 26 Sep 2022 11:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50129
IP address blocks: 185.209.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:79:78:96:22:ba:5d:cf:82:d4:e5:cf:e7:3a:d1:b8:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecf2d3d727f4affac30faa6d0572294ad42cc9b
Validity
Not Before: Sep 26 11:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c01e307822f9988a728b0f51245d2fb0534edc7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f1:7b:0a:09:c7:b3:12:c9:1b:ca:75:26:34:
93:2a:cf:0b:c5:ee:e3:60:50:22:67:a7:c6:de:b1:
2e:da:f7:a7:59:e7:1e:b1:9f:e7:88:f7:e5:3e:05:
26:29:9d:25:32:87:e8:8b:74:5d:05:b5:c6:6e:4f:
90:45:9a:59:32:7a:14:6e:42:cd:64:21:58:65:cf:
c8:39:e4:17:0b:be:51:ea:36:51:88:3d:dd:3f:83:
d5:2a:61:16:f4:90:07:0c:f9:a4:a1:fa:06:7f:ec:
e5:e7:ab:0a:0b:be:ab:f1:e1:46:b6:ec:87:88:18:
cf:69:97:b4:85:04:03:a4:2a:e3:0e:3c:ff:7d:8c:
e5:b7:49:59:b5:fe:d9:db:83:a0:60:2c:5d:1b:59:
17:64:a8:c9:b9:8c:94:0c:4e:ce:d4:e0:59:c4:2e:
19:90:99:3c:b8:27:6e:2d:d4:12:e3:2e:5a:fc:aa:
25:76:1e:09:a9:d0:69:1c:a2:47:d1:24:ec:78:8f:
1b:40:5e:e3:93:b0:1b:34:a1:49:91:2b:ab:d7:01:
96:e5:74:de:8b:40:3e:d3:6a:83:fc:92:29:e8:89:
60:f9:4d:7c:02:e8:18:2a:77:3b:c0:f1:4b:ef:f4:
47:3f:9c:0b:45:63:a6:27:d8:47:ec:ba:93:d8:dc:
cd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:1E:30:78:22:F9:98:8A:72:8B:0F:51:24:5D:2F:B0:53:4E:DC:7F
X509v3 Authority Key Identifier:
keyid:6E:CF:2D:3D:72:7F:4A:FF:AC:30:FA:A6:D0:57:22:94:AD:42:CC:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bs8tPXJ_Sv-sMPqm0FcilK1CzJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/41c170-eb39-4750-bed3-f9c749dd4b48/1/wB4weCL5mIpyiw9RJF0vsFNO3H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/41c170-eb39-4750-bed3-f9c749dd4b48/1/bs8tPXJ_Sv-sMPqm0FcilK1CzJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.8.0/22
Signature Algorithm: sha256WithRSAEncryption
02:d1:a2:03:1d:6d:7c:f9:5b:e0:3f:8b:24:a5:11:9d:9b:60:
35:46:66:93:dd:30:d3:17:65:08:8c:02:80:cc:ca:00:5f:c2:
5d:de:9f:5e:27:16:37:e9:09:b1:27:63:94:f5:46:5d:f2:d8:
2f:7e:cf:e2:6e:df:1a:d7:22:72:78:d9:68:6b:97:d1:e8:ab:
68:17:95:d8:65:20:f5:7e:8f:75:74:ef:6e:f3:cc:d6:e0:d0:
24:f3:6f:31:52:73:7c:aa:ce:0f:b4:c3:a1:2b:68:bf:44:b4:
ee:1a:80:06:2a:4f:77:38:8b:0a:41:11:82:49:49:f8:a4:6e:
0b:83:f9:e5:63:35:c6:83:1b:44:38:5f:d0:10:d6:71:90:e9:
d0:de:f1:ac:c9:87:1f:34:98:ae:19:a6:9b:fb:4f:fb:de:5b:
43:a9:98:a5:cb:42:0f:6d:e3:34:b4:1d:d1:3a:17:2a:73:73:
8b:67:05:14:d8:14:1b:be:c8:55:57:a7:81:a6:01:32:9a:43:
39:a7:31:66:5c:b0:9d:c8:97:61:7f:32:fc:b9:80:ae:b1:df:
a0:4a:a2:48:d9:7c:3d:7a:f8:27:f9:e8:58:af:0a:69:37:fe:
21:14:17:27:ad:98:83:ae:b5:b9:c0:dd:07:e5:99:83:81:d7:
a9:9d:cf:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN5eJYiul3PgtTlz+c60bi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlY2YyZDNkNzI3ZjRhZmZhYzMwZmFhNmQwNTcyMjk0YWQ0
MmNjOWIwHhcNMjIwOTI2MTEwNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDFlMzA3ODIyZjk5ODhhNzI4YjBmNTEyNDVkMmZiMDUzNGVkYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fF7CgnHsxLJG8p1JjSTKs8Lxe7j
YFAiZ6fG3rEu2venWecesZ/niPflPgUmKZ0lMofoi3RdBbXGbk+QRZpZMnoUbkLN
ZCFYZc/IOeQXC75R6jZRiD3dP4PVKmEW9JAHDPmkofoGf+zl56sKC76r8eFGtuyH
iBjPaZe0hQQDpCrjDjz/fYzlt0lZtf7Z24OgYCxdG1kXZKjJuYyUDE7O1OBZxC4Z
kJk8uCduLdQS4y5a/Koldh4JqdBpHKJH0STseI8bQF7jk7AbNKFJkSur1wGW5XTe
i0A+02qD/JIp6Ilg+U18AugYKnc7wPFL7/RHP5wLRWOmJ9hH7LqT2NzNmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMAeMHgi+ZiKcosPUSRdL7BTTtx/MB8GA1UdIwQY
MBaAFG7PLT1yf0r/rDD6ptBXIpStQsybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnM4dFBYSl9Tdi1zTVBxbTBGY2lsSzFDekpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80MWMxNzAtZWIzOS00NzUwLWJlZDMt
ZjljNzQ5ZGQ0YjQ4LzEvd0I0d2VDTDVtSXB5aXc5UkpGMHZzRk5PM0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80MWMxNzAtZWIzOS00NzUwLWJlZDMtZjljNzQ5ZGQ0YjQ4
LzEvYnM4dFBYSl9Tdi1zTVBxbTBGY2lsSzFDekpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudEIMA0G
CSqGSIb3DQEBCwUAA4IBAQAC0aIDHW18+VvgP4skpRGdm2A1RmaT3TDTF2UIjAKA
zMoAX8Jd3p9eJxY36QmxJ2OU9UZd8tgvfs/ibt8a1yJyeNloa5fR6KtoF5XYZSD1
fo91dO9u88zW4NAk828xUnN8qs4PtMOhK2i/RLTuGoAGKk93OIsKQRGCSUn4pG4L
g/nlYzXGgxtEOF/QENZxkOnQ3vGsyYcfNJiuGaab+0/73ltDqZily0IPbeM0tB3R
Ohcqc3OLZwUU2BQbvshVV6eBpgEymkM5pzFmXLCdyJdhfzL8uYCusd+gSqJI2Xw9
evgn+ehYrwppN/4hFBcnrZiDrrW5wN0H5ZmDgdepnc9s
-----END CERTIFICATE-----