Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/pLXazm9hpz15HpxNbq0Kj-k7hGo.roa
File: pLXazm9hpz15HpxNbq0Kj-k7hGo.roa (raw, json)
Hash identifier: 1lbx4Cs3fTO2mNJ10SglRBT+yKqvVOQRqQLDY7HWqbs=
Subject key identifier: A4:B5:DA:CE:6F:61:A7:3D:79:1E:9C:4D:6E:AD:0A:8F:E9:3B:84:6A
Certificate issuer: /CN=5fdb8a17efa4654923a35e06b2d05fc7c20d5ef2
Certificate serial: 01856D9D52DD964F1ECC41DD0F5F54D80328
Authority key identifier: 5F:DB:8A:17:EF:A4:65:49:23:A3:5E:06:B2:D0:5F:C7:C2:0D:5E:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X9uKF--kZUkjo14GstBfx8INXvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/pLXazm9hpz15HpxNbq0Kj-k7hGo.roa
Signing time: Sun 01 Jan 2023 13:55:04 +0000
ROA not before: Sun 01 Jan 2023 13:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136944
IP address blocks: 212.23.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:52:dd:96:4f:1e:cc:41:dd:0f:5f:54:d8:03:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fdb8a17efa4654923a35e06b2d05fc7c20d5ef2
Validity
Not Before: Jan 1 13:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4b5dace6f61a73d791e9c4d6ead0a8fe93b846a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:a5:4a:28:b8:df:ef:ef:0e:96:4c:a5:55:41:
83:4c:a6:1a:85:1e:ce:2d:fe:32:33:51:e0:83:ad:
1c:98:24:70:4d:9c:32:5d:aa:37:8c:42:d4:ee:41:
5e:a3:ee:4a:86:ae:fb:6a:82:f9:1d:30:c0:ce:52:
b4:37:6d:4c:47:36:12:d9:0a:a8:9f:c0:36:b1:32:
e2:2d:b1:0d:25:ea:f5:94:18:3d:ad:d2:24:f6:59:
2b:22:ee:3f:20:95:9a:9d:65:b2:ad:cd:fd:3f:4c:
d5:97:1e:d0:17:6f:73:41:7c:86:75:f5:72:69:9b:
78:07:93:08:70:31:00:8b:21:15:09:85:63:a0:97:
44:36:de:af:6e:85:34:88:9d:43:4c:cc:46:c7:9a:
22:02:84:dc:94:ad:af:16:d8:c7:61:f3:99:ce:25:
d9:72:4e:57:12:f2:c8:53:27:0a:e9:d7:ca:89:a9:
8f:c1:00:43:01:80:a6:de:00:9f:57:f1:c7:6f:f6:
4e:1d:ce:69:f6:69:10:bc:bd:9e:61:66:df:5f:a7:
ba:1e:7c:49:3d:35:5e:f8:7f:18:58:13:69:d5:01:
e3:00:0d:6b:a1:52:e9:10:f2:6f:df:30:eb:3c:4c:
d6:6d:3e:8c:2b:2a:f1:36:c8:1c:3d:37:ee:8c:72:
f9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B5:DA:CE:6F:61:A7:3D:79:1E:9C:4D:6E:AD:0A:8F:E9:3B:84:6A
X509v3 Authority Key Identifier:
keyid:5F:DB:8A:17:EF:A4:65:49:23:A3:5E:06:B2:D0:5F:C7:C2:0D:5E:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X9uKF--kZUkjo14GstBfx8INXvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/pLXazm9hpz15HpxNbq0Kj-k7hGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/821bbf-a024-457f-9b93-09108f3bf204/1/X9uKF--kZUkjo14GstBfx8INXvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.208.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:34:df:97:83:13:44:68:b2:80:7c:a0:b3:b4:16:28:eb:ef:
50:17:1a:a2:94:f8:28:25:e1:3f:a4:69:a4:31:eb:66:1f:53:
55:b0:02:65:35:a9:dc:ae:f1:22:a2:08:9c:6a:28:34:6a:cd:
30:10:ee:0c:af:43:47:5f:49:23:a7:4d:3c:82:d7:d4:82:20:
4b:44:6e:eb:14:c5:fe:e0:37:63:82:75:4e:d5:6d:3b:b3:57:
3b:44:66:71:de:37:4f:3e:dc:18:c6:ee:36:b1:c7:a8:67:57:
1d:e1:dd:32:9d:cc:33:84:63:44:70:bd:c1:ec:3a:7c:f5:2e:
40:43:4b:9f:00:00:0d:83:0d:a1:da:77:f8:1b:37:c8:a4:ee:
4a:d4:b5:11:e1:76:d3:54:61:30:89:68:7d:28:3e:da:cb:0a:
32:da:1e:ff:d5:83:61:03:94:11:65:d0:e8:39:9c:e3:1e:e8:
02:05:62:39:40:36:42:29:ef:e6:07:24:ad:45:2b:14:5d:1a:
80:dd:09:66:03:22:46:39:5c:96:c9:bd:3b:c7:f5:84:57:57:
c0:21:1b:12:6e:d7:78:43:35:9d:73:0e:2e:52:62:6b:e2:3a:
0b:9c:b2:ec:f4:70:98:d9:01:1a:05:50:0e:74:dc:77:a4:76:
be:18:fd:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnVLdlk8ezEHdD19U2AMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZGI4YTE3ZWZhNDY1NDkyM2EzNWUwNmIyZDA1ZmM3YzIw
ZDVlZjIwHhcNMjMwMTAxMTM1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGI1ZGFjZTZmNjFhNzNkNzkxZTljNGQ2ZWFkMGE4ZmU5M2I4NDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+aVKKLjf7+8OlkylVUGDTKYahR7O
Lf4yM1Hgg60cmCRwTZwyXao3jELU7kFeo+5Khq77aoL5HTDAzlK0N21MRzYS2Qqo
n8A2sTLiLbENJer1lBg9rdIk9lkrIu4/IJWanWWyrc39P0zVlx7QF29zQXyGdfVy
aZt4B5MIcDEAiyEVCYVjoJdENt6vboU0iJ1DTMxGx5oiAoTclK2vFtjHYfOZziXZ
ck5XEvLIUycK6dfKiamPwQBDAYCm3gCfV/HHb/ZOHc5p9mkQvL2eYWbfX6e6HnxJ
PTVe+H8YWBNp1QHjAA1roVLpEPJv3zDrPEzWbT6MKyrxNsgcPTfujHL5hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKS12s5vYac9eR6cTW6tCo/pO4RqMB8GA1UdIwQY
MBaAFF/bihfvpGVJI6NeBrLQX8fCDV7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDl1S0YtLWtaVWtqbzE0R3N0QmZ4OElOWHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84MjFiYmYtYTAyNC00NTdmLTliOTMt
MDkxMDhmM2JmMjA0LzEvcExYYXptOWhwejE1SHB4TmJxMEtqLWs3aEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84MjFiYmYtYTAyNC00NTdmLTliOTMtMDkxMDhmM2JmMjA0
LzEvWDl1S0YtLWtaVWtqbzE0R3N0QmZ4OElOWHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfQMA0G
CSqGSIb3DQEBCwUAA4IBAQB6NN+XgxNEaLKAfKCztBYo6+9QFxqilPgoJeE/pGmk
MetmH1NVsAJlNancrvEiogicaig0as0wEO4Mr0NHX0kjp008gtfUgiBLRG7rFMX+
4DdjgnVO1W07s1c7RGZx3jdPPtwYxu42sceoZ1cd4d0yncwzhGNEcL3B7Dp89S5A
Q0ufAAANgw2h2nf4GzfIpO5K1LUR4XbTVGEwiWh9KD7aywoy2h7/1YNhA5QRZdDo
OZzjHugCBWI5QDZCKe/mByStRSsUXRqA3QlmAyJGOVyWyb07x/WEV1fAIRsSbtd4
QzWdcw4uUmJr4joLnLLs9HCY2QEaBVAOdNx3pHa+GP2G
-----END CERTIFICATE-----
Generated at Mon Nov 20 09:20:31 2023 by rpki-client on console-fra.rpki-client.org