Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/P8WsF8PAtRYryi3MPUA4Cjhqb7c.roa
File: P8WsF8PAtRYryi3MPUA4Cjhqb7c.roa (raw, json)
Hash identifier: erwgFvSC5+cGeEFcW3LOfm41aFU1FK3g94x/B/js4ZM=
Subject key identifier: 3F:C5:AC:17:C3:C0:B5:16:2B:CA:2D:CC:3D:40:38:0A:38:6A:6F:B7
Certificate issuer: /CN=cbec2487e97a699b5451a429e7dddaf295b523f1
Certificate serial: 018570B099852E07B5154A76FBA0A7B509BD
Authority key identifier: CB:EC:24:87:E9:7A:69:9B:54:51:A4:29:E7:DD:DA:F2:95:B5:23:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-wkh-l6aZtUUaQp593a8pW1I_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/P8WsF8PAtRYryi3MPUA4Cjhqb7c.roa
Signing time: Mon 02 Jan 2023 04:14:59 +0000
ROA not before: Mon 02 Jan 2023 04:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 176.98.35.0/24 maxlen: 24
176.98.32.0/24 maxlen: 24
176.98.32.0/22 maxlen: 22
176.98.33.0/24 maxlen: 24
176.98.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:99:85:2e:07:b5:15:4a:76:fb:a0:a7:b5:09:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbec2487e97a699b5451a429e7dddaf295b523f1
Validity
Not Before: Jan 2 04:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fc5ac17c3c0b5162bca2dcc3d40380a386a6fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:86:8f:50:cf:2b:9b:9f:8a:99:e5:ae:4d:4f:
3d:a1:e2:e7:86:1b:61:c3:53:4b:12:9e:16:a2:98:
ce:d5:44:90:15:00:38:bb:6d:6a:bb:06:64:48:e6:
69:0a:f6:7d:6f:c2:c3:5a:9a:73:49:35:aa:fc:81:
19:14:06:8b:73:41:f8:b6:e2:81:2b:96:39:3d:34:
4d:71:74:30:3c:f9:9b:27:ba:fe:3b:b0:81:2e:7d:
35:43:04:05:de:c4:68:f0:81:22:85:aa:0e:ce:31:
da:1f:c4:01:fc:99:8e:a9:3d:0a:65:cc:72:dc:99:
a2:a2:d2:b2:6a:39:fe:94:32:1e:f6:82:b8:91:28:
c5:cd:bc:35:fe:45:8f:38:ce:dd:84:86:29:38:aa:
54:e1:51:8b:8f:a3:6a:2f:46:07:35:d0:94:6b:70:
f3:0a:6d:03:91:37:87:4a:93:8a:01:9a:05:b0:be:
9f:9a:d4:4a:99:33:34:5e:bd:69:e0:1b:66:60:d3:
1e:bd:cd:c1:9f:cd:c8:50:c7:29:ca:65:a8:93:e3:
52:de:9a:f0:13:72:98:9d:f5:2b:8c:7c:68:9c:27:
95:ba:b9:e9:fd:b3:8b:9d:87:06:93:49:01:d5:05:
8a:48:73:8d:89:5c:9b:ef:1c:c9:1b:95:a5:b1:1b:
cb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C5:AC:17:C3:C0:B5:16:2B:CA:2D:CC:3D:40:38:0A:38:6A:6F:B7
X509v3 Authority Key Identifier:
keyid:CB:EC:24:87:E9:7A:69:9B:54:51:A4:29:E7:DD:DA:F2:95:B5:23:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-wkh-l6aZtUUaQp593a8pW1I_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/P8WsF8PAtRYryi3MPUA4Cjhqb7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/y-wkh-l6aZtUUaQp593a8pW1I_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:f8:fd:d9:3d:2b:c8:12:09:e9:6a:42:19:a9:53:c8:64:a4:
6b:ca:d2:61:56:f5:95:92:36:85:e1:cc:10:fa:4c:00:62:91:
0d:47:a2:52:bb:89:d0:92:a1:cc:0c:70:4a:ed:54:10:37:d7:
60:97:07:f8:72:a9:b9:f9:81:e4:4c:d0:7b:84:ab:f9:a7:3b:
98:17:e7:fe:af:90:f0:da:83:18:cb:d8:e2:d5:0f:66:4e:8a:
e1:84:5d:b3:30:ed:7c:fe:18:63:5a:c6:39:31:d1:2b:d5:ac:
c1:0f:2b:38:fd:99:46:59:d4:8f:f9:84:f5:7d:41:51:4b:16:
55:49:40:76:93:26:3d:42:b1:c4:8e:9f:ea:7d:ae:84:e7:21:
db:0d:07:b0:0d:8c:03:65:34:0f:1f:3e:0c:25:c6:4d:8f:67:
10:7d:7d:7f:fa:2b:85:fc:90:16:45:3e:91:fe:05:ad:cb:21:
e4:04:c8:5a:c7:23:4d:5e:29:a3:e9:28:49:7e:c6:13:81:7d:
4a:bd:7d:2a:71:dd:82:24:7d:8d:eb:00:81:df:87:24:6a:6c:
68:9c:a4:3a:05:22:eb:62:5d:04:89:7c:04:66:0e:c8:68:50:
c6:38:5e:d0:f2:a9:9d:48:74:7f:9e:2a:55:d0:2d:e3:ef:99:
75:4e:40:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwsJmFLge1FUp2+6CntQm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZWMyNDg3ZTk3YTY5OWI1NDUxYTQyOWU3ZGRkYWYyOTVi
NTIzZjEwHhcNMjMwMTAyMDQxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM1YWMxN2MzYzBiNTE2MmJjYTJkY2MzZDQwMzgwYTM4NmE2ZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYaPUM8rm5+KmeWuTU89oeLnhhth
w1NLEp4WopjO1USQFQA4u21quwZkSOZpCvZ9b8LDWppzSTWq/IEZFAaLc0H4tuKB
K5Y5PTRNcXQwPPmbJ7r+O7CBLn01QwQF3sRo8IEihaoOzjHaH8QB/JmOqT0KZcxy
3JmiotKyajn+lDIe9oK4kSjFzbw1/kWPOM7dhIYpOKpU4VGLj6NqL0YHNdCUa3Dz
Cm0DkTeHSpOKAZoFsL6fmtRKmTM0Xr1p4BtmYNMevc3Bn83IUMcpymWok+NS3prw
E3KYnfUrjHxonCeVurnp/bOLnYcGk0kB1QWKSHONiVyb7xzJG5WlsRvLVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/FrBfDwLUWK8otzD1AOAo4am+3MB8GA1UdIwQY
MBaAFMvsJIfpemmbVFGkKefd2vKVtSPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS13a2gtbDZhWnRVVWFRcDU5M2E4cFcxSV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84Zjk1Y2QtYTc5Ny00NzgwLTg1NWMt
N2U0MmMxNWE4YTFkLzEvUDhXc0Y4UEF0UllyeWkzTVBVQTRDamhxYjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84Zjk1Y2QtYTc5Ny00NzgwLTg1NWMtN2U0MmMxNWE4YTFk
LzEveS13a2gtbDZhWnRVVWFRcDU5M2E4cFcxSV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGIgMA0G
CSqGSIb3DQEBCwUAA4IBAQCi+P3ZPSvIEgnpakIZqVPIZKRrytJhVvWVkjaF4cwQ
+kwAYpENR6JSu4nQkqHMDHBK7VQQN9dglwf4cqm5+YHkTNB7hKv5pzuYF+f+r5Dw
2oMYy9ji1Q9mTorhhF2zMO18/hhjWsY5MdEr1azBDys4/ZlGWdSP+YT1fUFRSxZV
SUB2kyY9QrHEjp/qfa6E5yHbDQewDYwDZTQPHz4MJcZNj2cQfX1/+iuF/JAWRT6R
/gWtyyHkBMhaxyNNXimj6ShJfsYTgX1KvX0qcd2CJH2N6wCB34ckamxonKQ6BSLr
Yl0EiXwEZg7IaFDGOF7Q8qmdSHR/nipV0C3j75l1TkA3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:34 2024 by rpki-client on console-fra.rpki-client.org