Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/jiXkvJG4ke2X7nmMfTU7A3l9HeQ.roa
File: jiXkvJG4ke2X7nmMfTU7A3l9HeQ.roa (raw, json)
Hash identifier: VNn1tQvvgrsDyiVt8OPtpXoy4npDaCQS9/9AKWmUBds=
Subject key identifier: 8E:25:E4:BC:91:B8:91:ED:97:EE:79:8C:7D:35:3B:03:79:7D:1D:E4
Certificate issuer: /CN=cbec2487e97a699b5451a429e7dddaf295b523f1
Certificate serial: 018BF64421165526C6BE05C1850E5B7A4F37
Authority key identifier: CB:EC:24:87:E9:7A:69:9B:54:51:A4:29:E7:DD:DA:F2:95:B5:23:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-wkh-l6aZtUUaQp593a8pW1I_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/jiXkvJG4ke2X7nmMfTU7A3l9HeQ.roa
Signing time: Wed 22 Nov 2023 09:02:21 +0000
ROA not before: Wed 22 Nov 2023 09:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 176.98.35.0/24 maxlen: 24
176.98.32.0/22 maxlen: 24
176.98.32.0/24 maxlen: 24
176.98.33.0/24 maxlen: 24
176.98.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:44:21:16:55:26:c6:be:05:c1:85:0e:5b:7a:4f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbec2487e97a699b5451a429e7dddaf295b523f1
Validity
Not Before: Nov 22 09:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e25e4bc91b891ed97ee798c7d353b03797d1de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:02:40:ff:e9:41:73:47:ab:ab:a6:0d:d1:d2:
ef:f5:94:a2:e7:51:da:4d:81:cd:bf:2e:db:5e:1b:
da:1d:f7:fb:83:5e:1a:cd:5d:90:ae:81:8d:64:8c:
09:03:e5:7e:49:1a:c1:10:fb:7c:70:f5:33:e1:fd:
d6:ae:cf:45:e2:63:3d:39:77:ae:03:9b:22:e1:ca:
11:f2:be:e3:42:cb:57:c1:78:b0:93:b4:4a:f3:81:
31:75:cc:cb:75:07:dd:22:51:13:da:c7:cd:71:61:
0f:f0:93:07:9e:e6:cf:79:8f:20:cb:be:a2:cb:a6:
b0:e6:61:48:23:c1:24:e3:a6:f1:12:13:2c:03:c4:
1c:33:b9:d5:ee:51:1a:24:93:5a:52:31:f4:9c:56:
58:42:42:50:ef:de:e0:1c:d4:4d:f8:12:9f:d0:75:
13:c0:97:13:d6:b5:0c:fb:64:b5:49:5f:3a:48:4f:
23:19:80:e9:55:24:9e:3e:d2:36:8c:c3:8a:e8:78:
5a:30:50:ad:d8:af:f3:9d:df:c4:21:16:16:0e:de:
e2:c6:a7:4d:b2:0d:4e:53:43:6e:01:59:50:01:f0:
07:ed:25:0f:26:fe:ef:24:18:d8:c3:4a:12:f5:72:
d4:14:5b:b0:f0:26:b0:cc:dc:30:1f:d5:ce:b3:a6:
48:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:25:E4:BC:91:B8:91:ED:97:EE:79:8C:7D:35:3B:03:79:7D:1D:E4
X509v3 Authority Key Identifier:
keyid:CB:EC:24:87:E9:7A:69:9B:54:51:A4:29:E7:DD:DA:F2:95:B5:23:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-wkh-l6aZtUUaQp593a8pW1I_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/jiXkvJG4ke2X7nmMfTU7A3l9HeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/8f95cd-a797-4780-855c-7e42c15a8a1d/1/y-wkh-l6aZtUUaQp593a8pW1I_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.32.0/22
Signature Algorithm: sha256WithRSAEncryption
21:4b:64:14:e9:f2:59:cf:ab:3f:29:fa:4b:7a:d6:7f:ec:ae:
e2:77:40:56:be:b2:29:8c:42:d7:b5:34:84:f4:12:08:03:5a:
ab:18:4c:dc:4d:ad:50:40:d8:4f:d7:04:27:1b:74:d7:c9:8e:
8f:86:5b:68:ec:39:9d:16:4e:a7:02:fc:93:6c:9b:a4:d3:6a:
54:a0:2c:b5:94:38:d4:5c:67:f7:68:d2:e8:98:f3:a2:82:63:
3c:8d:6f:04:a5:3f:9d:c2:34:57:10:15:38:a3:f4:a0:1c:8b:
3f:03:c4:ba:9b:b7:82:1c:f6:e1:15:f1:e7:89:01:02:0d:33:
44:d0:c2:ec:ef:cc:3b:43:6f:23:23:2b:67:37:b9:6d:a3:aa:
cc:a1:3a:af:f6:0a:94:f4:9d:8b:47:e2:de:a3:a8:31:8c:94:
f4:f9:6b:13:96:56:48:6f:92:8c:59:9f:60:f1:b0:ec:2e:8f:
2d:6e:95:68:26:50:d6:59:a1:a2:16:64:32:38:b4:4b:c2:c4:
ca:8c:3c:ab:b6:2e:c5:d3:11:cb:7c:c0:c9:e2:65:84:dc:4e:
30:54:ed:3a:ed:ac:e5:aa:ae:2e:d6:eb:40:38:71:6d:67:16:
87:92:9e:13:30:71:55:39:0c:00:0d:a8:b3:ff:e3:84:cd:91:
1d:5f:08:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv2RCEWVSbGvgXBhQ5bek83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZWMyNDg3ZTk3YTY5OWI1NDUxYTQyOWU3ZGRkYWYyOTVi
NTIzZjEwHhcNMjMxMTIyMDkwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTI1ZTRiYzkxYjg5MWVkOTdlZTc5OGM3ZDM1M2IwMzc5N2QxZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAJA/+lBc0erq6YN0dLv9ZSi51Ha
TYHNvy7bXhvaHff7g14azV2QroGNZIwJA+V+SRrBEPt8cPUz4f3Wrs9F4mM9OXeu
A5si4coR8r7jQstXwXiwk7RK84ExdczLdQfdIlET2sfNcWEP8JMHnubPeY8gy76i
y6aw5mFII8Ek46bxEhMsA8QcM7nV7lEaJJNaUjH0nFZYQkJQ797gHNRN+BKf0HUT
wJcT1rUM+2S1SV86SE8jGYDpVSSePtI2jMOK6HhaMFCt2K/znd/EIRYWDt7ixqdN
sg1OU0NuAVlQAfAH7SUPJv7vJBjYw0oS9XLUFFuw8CawzNwwH9XOs6ZIiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4l5LyRuJHtl+55jH01OwN5fR3kMB8GA1UdIwQY
MBaAFMvsJIfpemmbVFGkKefd2vKVtSPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS13a2gtbDZhWnRVVWFRcDU5M2E4cFcxSV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84Zjk1Y2QtYTc5Ny00NzgwLTg1NWMt
N2U0MmMxNWE4YTFkLzEvamlYa3ZKRzRrZTJYN25tTWZUVTdBM2w5SGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84Zjk1Y2QtYTc5Ny00NzgwLTg1NWMtN2U0MmMxNWE4YTFk
LzEveS13a2gtbDZhWnRVVWFRcDU5M2E4cFcxSV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGIgMA0G
CSqGSIb3DQEBCwUAA4IBAQAhS2QU6fJZz6s/KfpLetZ/7K7id0BWvrIpjELXtTSE
9BIIA1qrGEzcTa1QQNhP1wQnG3TXyY6Phlto7DmdFk6nAvyTbJuk02pUoCy1lDjU
XGf3aNLomPOigmM8jW8EpT+dwjRXEBU4o/SgHIs/A8S6m7eCHPbhFfHniQECDTNE
0MLs78w7Q28jIytnN7lto6rMoTqv9gqU9J2LR+Leo6gxjJT0+WsTllZIb5KMWZ9g
8bDsLo8tbpVoJlDWWaGiFmQyOLRLwsTKjDyrti7F0xHLfMDJ4mWE3E4wVO067azl
qq4u1utAOHFtZxaHkp4TMHFVOQwADaiz/+OEzZEdXwhN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:47 2024 by rpki-client on console-ams.rpki-client.org