Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/Ors38Jp_a8DJx8B4cxqLHY4d-9Y.roa
File: Ors38Jp_a8DJx8B4cxqLHY4d-9Y.roa (raw, json)
Hash identifier: HR9n1lDRLAF8ZoSjTWQ1YCtX9JLd0ctO+2lnC5EsYWg=
Subject key identifier: 3A:BB:37:F0:9A:7F:6B:C0:C9:C7:C0:78:73:1A:8B:1D:8E:1D:FB:D6
Certificate issuer: /CN=5fdb8a17efa4654923a35e06b2d05fc7c20d5ef2
Certificate serial: 01856D9D50E8D227083CA1EB4FAE21304D8B
Authority key identifier: 5F:DB:8A:17:EF:A4:65:49:23:A3:5E:06:B2:D0:5F:C7:C2:0D:5E:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X9uKF--kZUkjo14GstBfx8INXvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/Ors38Jp_a8DJx8B4cxqLHY4d-9Y.roa
Signing time: Sun 01 Jan 2023 13:55:04 +0000
ROA not before: Sun 01 Jan 2023 13:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 212.23.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:50:e8:d2:27:08:3c:a1:eb:4f:ae:21:30:4d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fdb8a17efa4654923a35e06b2d05fc7c20d5ef2
Validity
Not Before: Jan 1 13:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3abb37f09a7f6bc0c9c7c078731a8b1d8e1dfbd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:41:f8:b8:16:33:4e:cb:ac:66:05:9c:a8:30:
c7:38:03:2d:55:cb:50:e6:bf:1c:80:ed:d1:b0:b3:
b7:7c:6d:d3:24:3f:93:f5:0f:6b:30:0d:0e:58:72:
0d:bd:b4:63:bc:59:99:9b:ef:bc:14:6f:c2:2c:42:
eb:95:a5:cf:ff:d2:8d:cc:b8:04:4e:f5:50:6c:19:
fd:f5:00:be:87:0a:36:49:95:03:94:43:8f:49:1e:
3f:37:b6:51:f1:d1:c1:e0:b5:f1:e5:26:24:ac:b0:
6f:0a:55:ee:6a:18:eb:f6:ee:c5:42:69:4e:c3:c5:
e5:68:3d:b5:44:ae:b4:6c:a9:02:a9:0a:22:b0:e1:
a4:8e:b8:2c:09:16:06:36:e0:87:87:c5:02:70:cd:
ef:f7:10:a8:a8:b3:cb:b3:9f:ae:a3:d6:e0:7a:09:
7d:b8:d3:0d:95:3b:bb:ad:9d:3d:fc:83:f1:32:2b:
16:84:bc:0a:c7:11:af:ea:d5:08:97:6f:8c:d8:bb:
f5:9d:9e:fd:fa:4d:bc:87:28:b5:ad:4d:72:00:10:
ef:3c:d8:4b:a8:ce:e4:35:47:c9:99:cd:ce:51:70:
b9:e1:5c:f7:35:06:8e:2c:7c:e0:ce:bc:c1:18:92:
5e:7f:f4:a7:73:d1:72:5f:59:8a:d6:22:04:e6:ea:
e9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BB:37:F0:9A:7F:6B:C0:C9:C7:C0:78:73:1A:8B:1D:8E:1D:FB:D6
X509v3 Authority Key Identifier:
keyid:5F:DB:8A:17:EF:A4:65:49:23:A3:5E:06:B2:D0:5F:C7:C2:0D:5E:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X9uKF--kZUkjo14GstBfx8INXvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/Ors38Jp_a8DJx8B4cxqLHY4d-9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/X9uKF--kZUkjo14GstBfx8INXvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.208.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:4f:47:5f:66:56:c7:f9:59:cf:74:8b:fa:30:dd:1f:53:71:
a6:6e:91:f6:d6:30:d7:8f:56:45:b8:ce:c0:07:5d:a9:0d:6f:
54:8e:3b:73:eb:69:f5:18:98:6d:5c:e4:c8:ac:1e:18:dd:80:
9c:b5:ea:8b:e6:4a:72:48:da:06:a0:7a:d1:fa:e0:b0:5c:9b:
3a:18:38:c8:08:6e:c1:47:e5:88:0a:b3:b1:4d:fe:87:e1:24:
0d:30:c3:cd:0a:41:cd:1c:3c:8d:10:78:94:27:b5:46:fe:eb:
5e:a1:8f:ae:aa:b4:01:a7:a0:41:ee:1a:ba:2a:70:d2:82:32:
7c:84:5d:a8:0b:50:5f:c1:d7:6f:e7:57:19:e1:be:d0:e4:28:
fe:9d:eb:e9:36:36:25:a3:8b:69:55:36:fe:34:c6:5c:6a:f9:
c3:86:5c:b3:08:2f:dd:b7:e0:71:6f:71:df:4a:a6:94:f2:bd:
64:d3:c2:eb:99:51:cd:c5:9b:76:f4:22:4c:11:db:83:4c:e6:
83:47:12:75:8a:53:79:e5:2d:8a:f6:9f:7d:0c:d0:f9:c0:d5:
7d:66:24:a0:3d:e6:c2:d8:d5:63:53:3d:a1:99:ac:37:2c:e5:
33:28:31:fc:03:f8:b8:c5:bf:83:fd:0d:79:4f:7c:01:12:77:
b1:2f:f6:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnVDo0icIPKHrT64hME2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZGI4YTE3ZWZhNDY1NDkyM2EzNWUwNmIyZDA1ZmM3YzIw
ZDVlZjIwHhcNMjMwMTAxMTM1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWJiMzdmMDlhN2Y2YmMwYzljN2MwNzg3MzFhOGIxZDhlMWRmYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikH4uBYzTsusZgWcqDDHOAMtVctQ
5r8cgO3RsLO3fG3TJD+T9Q9rMA0OWHINvbRjvFmZm++8FG/CLELrlaXP/9KNzLgE
TvVQbBn99QC+hwo2SZUDlEOPSR4/N7ZR8dHB4LXx5SYkrLBvClXuahjr9u7FQmlO
w8XlaD21RK60bKkCqQoisOGkjrgsCRYGNuCHh8UCcM3v9xCoqLPLs5+uo9bgegl9
uNMNlTu7rZ09/IPxMisWhLwKxxGv6tUIl2+M2Lv1nZ79+k28hyi1rU1yABDvPNhL
qM7kNUfJmc3OUXC54Vz3NQaOLHzgzrzBGJJef/Snc9FyX1mK1iIE5urpRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq7N/Caf2vAycfAeHMaix2OHfvWMB8GA1UdIwQY
MBaAFF/bihfvpGVJI6NeBrLQX8fCDV7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDl1S0YtLWtaVWtqbzE0R3N0QmZ4OElOWHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84MjFiYmYtYTAyNC00NTdmLTliOTMt
MDkxMDhmM2JmMjA0LzEvT3JzMzhKcF9hOERKeDhCNGN4cUxIWTRkLTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84MjFiYmYtYTAyNC00NTdmLTliOTMtMDkxMDhmM2JmMjA0
LzEvWDl1S0YtLWtaVWtqbzE0R3N0QmZ4OElOWHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfQMA0G
CSqGSIb3DQEBCwUAA4IBAQCLT0dfZlbH+VnPdIv6MN0fU3GmbpH21jDXj1ZFuM7A
B12pDW9Ujjtz62n1GJhtXOTIrB4Y3YCcteqL5kpySNoGoHrR+uCwXJs6GDjICG7B
R+WICrOxTf6H4SQNMMPNCkHNHDyNEHiUJ7VG/uteoY+uqrQBp6BB7hq6KnDSgjJ8
hF2oC1Bfwddv51cZ4b7Q5Cj+nevpNjYlo4tpVTb+NMZcavnDhlyzCC/dt+Bxb3Hf
SqaU8r1k08LrmVHNxZt29CJMEduDTOaDRxJ1ilN55S2K9p99DND5wNV9ZiSgPebC
2NVjUz2hmaw3LOUzKDH8A/i4xb+D/Q15T3wBEnexL/Yb
-----END CERTIFICATE-----
Generated at Mon Nov 20 09:20:31 2023 by rpki-client on console-fra.rpki-client.org