Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/XuI_CyD5mNuEucesHXZdEaI4_qE.roa
File: XuI_CyD5mNuEucesHXZdEaI4_qE.roa (raw, json)
Hash identifier: /fM/q/Zv/Ts2PulaOFqqzi0jq+ASrQB+tZSZlTS5nhI=
Subject key identifier: 5E:E2:3F:0B:20:F9:98:DB:84:B9:C7:AC:1D:76:5D:11:A2:38:FE:A1
Certificate issuer: /CN=03d17bc7ebebdcc9f1b3fdb55ad122e7062243e2
Certificate serial: 0188E7A0D4E7439116A175F4D4AD5EE9B832
Authority key identifier: 03:D1:7B:C7:EB:EB:DC:C9:F1:B3:FD:B5:5A:D1:22:E7:06:22:43:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A9F7x-vr3Mnxs_21WtEi5wYiQ-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/XuI_CyD5mNuEucesHXZdEaI4_qE.roa
Signing time: Fri 23 Jun 2023 09:40:57 +0000
ROA not before: Fri 23 Jun 2023 09:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.151.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:a0:d4:e7:43:91:16:a1:75:f4:d4:ad:5e:e9:b8:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03d17bc7ebebdcc9f1b3fdb55ad122e7062243e2
Validity
Not Before: Jun 23 09:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ee23f0b20f998db84b9c7ac1d765d11a238fea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:70:9b:e8:3e:17:53:89:0e:1e:f0:a9:ae:ea:
2b:0f:ef:ef:93:dd:44:b9:56:a8:8a:ee:05:0b:92:
9a:bc:c5:21:ad:fd:cc:b4:0e:db:c9:f3:a8:2b:a1:
73:5b:ce:23:07:dc:97:80:4f:fc:a5:65:c1:2f:26:
af:29:3a:20:50:fe:cd:29:1b:14:19:a7:ae:26:6c:
19:50:19:8f:94:48:36:d0:a5:e3:9e:2f:dc:7e:f0:
78:aa:47:a4:d3:15:e3:93:69:29:f9:75:3f:a6:09:
57:31:9c:ea:85:be:4e:45:ba:93:3f:97:2c:a5:cb:
fe:8c:9b:f9:04:d4:3e:89:2e:12:09:82:47:fe:f5:
75:f6:ed:e2:01:bd:c4:19:b5:f1:2f:2b:6f:39:de:
dc:ff:4a:50:72:75:17:64:25:34:3b:9e:41:72:fd:
5a:9f:d0:64:f5:bf:68:96:af:b8:5d:e3:57:6e:2a:
bd:dc:e2:e3:2e:30:44:53:d6:14:a7:67:c5:a7:6a:
14:25:21:db:3f:0f:5b:56:92:42:cc:4f:a7:6b:76:
2d:b8:95:28:4a:71:4e:d0:ed:2f:0e:28:4d:6b:b5:
c2:da:d8:a5:7a:59:04:0f:84:4f:bc:4f:36:b7:9d:
8f:ef:97:e7:b2:3d:06:f3:a1:cc:0f:55:7d:92:e9:
8f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E2:3F:0B:20:F9:98:DB:84:B9:C7:AC:1D:76:5D:11:A2:38:FE:A1
X509v3 Authority Key Identifier:
keyid:03:D1:7B:C7:EB:EB:DC:C9:F1:B3:FD:B5:5A:D1:22:E7:06:22:43:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9F7x-vr3Mnxs_21WtEi5wYiQ-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/XuI_CyD5mNuEucesHXZdEaI4_qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/21582f-511a-4af3-8028-e2d88376d44d/1/A9F7x-vr3Mnxs_21WtEi5wYiQ-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.146.0/24
Signature Algorithm: sha256WithRSAEncryption
64:94:34:5f:98:a9:ef:29:93:a8:ba:8d:1f:71:3d:90:e9:80:
db:05:ea:f0:2a:f6:7e:30:aa:1f:c8:3c:94:bc:e1:98:5e:5d:
3a:6b:44:15:12:9c:87:b3:71:bb:fc:73:0b:3a:a0:d7:3c:d2:
18:3a:1d:62:c4:ee:81:e8:27:7a:70:56:81:e2:e9:7e:11:62:
b6:72:f2:ec:db:f4:1b:6d:ea:05:a6:46:fa:d3:84:a3:8b:d5:
88:65:fe:08:f1:ba:31:ea:9c:52:a4:2f:15:2c:f2:12:dd:11:
c2:e1:3c:ab:ac:b0:75:28:24:97:fc:24:02:9f:29:27:eb:92:
60:62:53:e3:0e:5d:b8:dc:a1:80:86:1f:c1:1b:9b:8b:13:00:
df:de:11:27:eb:4f:97:a0:94:71:69:52:7b:d4:79:e6:5a:66:
ee:20:f8:ef:a3:79:0b:32:11:81:3c:60:1b:24:b5:f6:c5:51:
94:6c:ef:d2:72:c0:38:c2:42:10:08:71:34:e9:06:98:7f:9e:
9b:b2:4f:bb:a4:d0:3a:b4:5d:c7:02:a0:f2:8e:7c:76:75:e7:
ab:79:fa:52:97:f8:63:eb:00:c0:39:e8:50:0d:40:7d:da:7c:
03:eb:9b:e7:a3:3d:09:e3:a7:5e:0c:28:f8:0c:a7:0e:ab:ff:
01:26:06:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjnoNTnQ5EWoXX01K1e6bgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZDE3YmM3ZWJlYmRjYzlmMWIzZmRiNTVhZDEyMmU3MDYy
MjQzZTIwHhcNMjMwNjIzMDk0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWUyM2YwYjIwZjk5OGRiODRiOWM3YWMxZDc2NWQxMWEyMzhmZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnCb6D4XU4kOHvCpruorD+/vk91E
uVaoiu4FC5KavMUhrf3MtA7byfOoK6FzW84jB9yXgE/8pWXBLyavKTogUP7NKRsU
GaeuJmwZUBmPlEg20KXjni/cfvB4qkek0xXjk2kp+XU/pglXMZzqhb5ORbqTP5cs
pcv+jJv5BNQ+iS4SCYJH/vV19u3iAb3EGbXxLytvOd7c/0pQcnUXZCU0O55Bcv1a
n9Bk9b9olq+4XeNXbiq93OLjLjBEU9YUp2fFp2oUJSHbPw9bVpJCzE+na3YtuJUo
SnFO0O0vDihNa7XC2tilelkED4RPvE82t52P75fnsj0G86HMD1V9kumPHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7iPwsg+ZjbhLnHrB12XRGiOP6hMB8GA1UdIwQY
MBaAFAPRe8fr69zJ8bP9tVrRIucGIkPiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTlGN3gtdnIzTW54c18yMVd0RWk1d1lpUS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yMTU4MmYtNTExYS00YWYzLTgwMjgt
ZTJkODgzNzZkNDRkLzEvWHVJX0N5RDVtTnVFdWNlc0hYWmRFYUk0X3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yMTU4MmYtNTExYS00YWYzLTgwMjgtZTJkODgzNzZkNDRk
LzEvQTlGN3gtdnIzTW54c18yMVd0RWk1d1lpUS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZeSMA0G
CSqGSIb3DQEBCwUAA4IBAQBklDRfmKnvKZOouo0fcT2Q6YDbBerwKvZ+MKofyDyU
vOGYXl06a0QVEpyHs3G7/HMLOqDXPNIYOh1ixO6B6Cd6cFaB4ul+EWK2cvLs2/Qb
beoFpkb604Sji9WIZf4I8box6pxSpC8VLPIS3RHC4TyrrLB1KCSX/CQCnykn65Jg
YlPjDl243KGAhh/BG5uLEwDf3hEn60+XoJRxaVJ71HnmWmbuIPjvo3kLMhGBPGAb
JLX2xVGUbO/ScsA4wkIQCHE06QaYf56bsk+7pNA6tF3HAqDyjnx2deerefpSl/hj
6wDAOehQDUB92nwD65vnoz0J46deDCj4DKcOq/8BJgbn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:43 2024 by rpki-client on console-ams.rpki-client.org