Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/FlMMHiqxJ7YuUe-j37ocMP-PNJw.roa
File: FlMMHiqxJ7YuUe-j37ocMP-PNJw.roa (raw, json)
Hash identifier: GPzVTM21ltz0TymTZe3YNLVe0i0ukJTGEF6WJeFp8i4=
Subject key identifier: 16:53:0C:1E:2A:B1:27:B6:2E:51:EF:A3:DF:BA:1C:30:FF:8F:34:9C
Certificate issuer: /CN=9a9c7c1db517475dfc58e3c5a954e3565d4d9174
Certificate serial: 01856CE616456304AC44FE4D380713F10D43
Authority key identifier: 9A:9C:7C:1D:B5:17:47:5D:FC:58:E3:C5:A9:54:E3:56:5D:4D:91:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpx8HbUXR138WOPFqVTjVl1NkXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/FlMMHiqxJ7YuUe-j37ocMP-PNJw.roa
Signing time: Sun 01 Jan 2023 10:34:56 +0000
ROA not before: Sun 01 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207075
IP address blocks: 185.154.144.0/22 maxlen: 24
2a07:8d40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:16:45:63:04:ac:44:fe:4d:38:07:13:f1:0d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a9c7c1db517475dfc58e3c5a954e3565d4d9174
Validity
Not Before: Jan 1 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16530c1e2ab127b62e51efa3dfba1c30ff8f349c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:11:e2:57:fd:fd:ca:a4:01:bb:9b:cc:02:c3:
40:81:72:b5:7e:00:7a:47:b5:d3:13:55:f2:f8:cf:
6f:9b:89:ce:91:b1:4f:a3:b7:9f:38:2a:dd:2c:66:
f7:5a:f5:35:11:de:e6:0e:96:d1:19:71:40:cd:ef:
d9:fc:84:24:59:0d:e1:8a:bb:b0:f6:4c:cc:32:c6:
c4:83:53:24:5b:35:b1:34:0b:6f:c8:4a:b1:94:f3:
5a:93:fe:fa:60:96:4c:89:07:76:e2:37:88:6a:32:
7d:97:ed:84:7e:26:61:b3:d6:85:a8:fd:1c:47:ce:
2d:04:5a:ab:db:37:ea:14:2a:93:c2:d8:d4:0f:e2:
b4:48:6d:d7:23:10:59:71:f1:7c:2d:64:d7:0b:d4:
14:ff:c2:1e:29:ca:d6:b5:98:6c:e7:c2:92:ff:d3:
1a:70:69:43:cf:3c:72:0a:ce:35:96:23:8f:bd:6b:
af:3f:a5:db:cd:87:ea:bf:45:40:18:b4:f1:93:8d:
45:52:b8:69:f0:2b:a4:4c:37:41:bc:d1:ed:a5:00:
a4:3d:46:76:cb:5a:0c:bd:8f:85:0e:e2:3b:55:25:
d5:59:70:7b:f5:f2:ca:be:86:32:39:f2:33:1f:1b:
05:29:af:6c:ea:b2:b7:d7:08:6c:39:24:26:e6:9e:
8d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:53:0C:1E:2A:B1:27:B6:2E:51:EF:A3:DF:BA:1C:30:FF:8F:34:9C
X509v3 Authority Key Identifier:
keyid:9A:9C:7C:1D:B5:17:47:5D:FC:58:E3:C5:A9:54:E3:56:5D:4D:91:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpx8HbUXR138WOPFqVTjVl1NkXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/FlMMHiqxJ7YuUe-j37ocMP-PNJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70148b-4687-47f0-be08-3dc831d2ed67/1/mpx8HbUXR138WOPFqVTjVl1NkXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.144.0/22
IPv6:
2a07:8d40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:7c:16:00:0e:05:79:23:16:de:a9:db:6d:5e:ab:72:2c:24:
fa:0e:de:1a:71:26:4d:ac:74:14:9f:3e:a6:92:5e:53:99:86:
96:23:c3:f6:fa:5e:98:ec:9c:96:1d:2d:0d:c8:5b:61:3d:8c:
35:e8:15:5e:cd:94:61:c7:13:ff:f2:4c:61:57:dd:1a:5e:5e:
ec:b4:f5:4c:82:94:c4:41:b7:a6:eb:4b:33:0b:6f:82:2c:98:
04:16:76:1f:48:d0:7f:63:34:59:2a:d9:4c:c1:66:9c:07:f4:
f6:bc:88:6e:fe:3f:49:7f:36:e7:64:c4:e0:e4:bf:4b:42:94:
a8:99:93:92:c9:10:cb:15:a9:98:ba:a5:ee:ea:1b:85:2e:0a:
36:45:4f:ea:76:67:52:a9:53:dc:31:dc:75:09:26:35:8f:a0:
01:24:65:80:16:bc:64:a8:04:8a:e7:a7:0c:9a:0e:b1:4a:5a:
3a:c3:5c:e2:b0:6b:ce:f8:57:94:6a:26:cd:79:65:5a:75:d5:
5c:9a:c2:c8:07:ee:06:03:d5:04:ac:aa:7c:8b:ea:9b:a6:59:
af:49:9d:03:ee:64:81:41:b7:0d:8a:bb:14:27:63:ab:f5:31:
48:e4:2c:60:02:3d:93:00:2f:a8:d2:f2:51:44:f8:a3:87:d9:
46:6c:8e:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs5hZFYwSsRP5NOAcT8Q1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOWM3YzFkYjUxNzQ3NWRmYzU4ZTNjNWE5NTRlMzU2NWQ0
ZDkxNzQwHhcNMjMwMTAxMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUzMGMxZTJhYjEyN2I2MmU1MWVmYTNkZmJhMWMzMGZmOGYzNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RHiV/39yqQBu5vMAsNAgXK1fgB6
R7XTE1Xy+M9vm4nOkbFPo7efOCrdLGb3WvU1Ed7mDpbRGXFAze/Z/IQkWQ3hiruw
9kzMMsbEg1MkWzWxNAtvyEqxlPNak/76YJZMiQd24jeIajJ9l+2EfiZhs9aFqP0c
R84tBFqr2zfqFCqTwtjUD+K0SG3XIxBZcfF8LWTXC9QU/8IeKcrWtZhs58KS/9Ma
cGlDzzxyCs41liOPvWuvP6XbzYfqv0VAGLTxk41FUrhp8CukTDdBvNHtpQCkPUZ2
y1oMvY+FDuI7VSXVWXB79fLKvoYyOfIzHxsFKa9s6rK31whsOSQm5p6NBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBZTDB4qsSe2LlHvo9+6HDD/jzScMB8GA1UdIwQY
MBaAFJqcfB21F0dd/FjjxalU41ZdTZF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXB4OEhiVVhSMTM4V09QRnFWVGpWbDFOa1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDE0OGItNDY4Ny00N2YwLWJlMDgt
M2RjODMxZDJlZDY3LzEvRmxNTUhpcXhKN1l1VWUtajM3b2NNUC1QTkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83MDE0OGItNDY4Ny00N2YwLWJlMDgtM2RjODMxZDJlZDY3
LzEvbXB4OEhiVVhSMTM4V09QRnFWVGpWbDFOa1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZqQMA0E
AgACMAcDBQMqB41AMA0GCSqGSIb3DQEBCwUAA4IBAQBffBYADgV5IxbeqdttXqty
LCT6Dt4acSZNrHQUnz6mkl5TmYaWI8P2+l6Y7JyWHS0NyFthPYw16BVezZRhxxP/
8kxhV90aXl7stPVMgpTEQbem60szC2+CLJgEFnYfSNB/YzRZKtlMwWacB/T2vIhu
/j9JfzbnZMTg5L9LQpSomZOSyRDLFamYuqXu6huFLgo2RU/qdmdSqVPcMdx1CSY1
j6ABJGWAFrxkqASK56cMmg6xSlo6w1zisGvO+FeUaibNeWVaddVcmsLIB+4GA9UE
rKp8i+qbplmvSZ0D7mSBQbcNirsUJ2Or9TFI5CxgAj2TAC+o0vJRRPijh9lGbI7y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:54 2024 by rpki-client on console-fra.rpki-client.org