Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/606820-7e11-4896-8360-fc0e1d100650/1/VSasgJgx0iPbak_CROMoNjUV4xg.roa
File: VSasgJgx0iPbak_CROMoNjUV4xg.roa (raw, json)
Hash identifier: TJfp5Au+kPBHgUNEOLXNuQvRaZb7gvXKt+WwgXeX6+Y=
Subject key identifier: 55:26:AC:80:98:31:D2:23:DB:6A:4F:C2:44:E3:28:36:35:15:E3:18
Certificate issuer: /CN=2d9f4c904316a6e3672ac071e42324f2198344b5
Certificate serial: 0185E99857FBA99597E2CF8F61F80A280340
Authority key identifier: 2D:9F:4C:90:43:16:A6:E3:67:2A:C0:71:E4:23:24:F2:19:83:44:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZ9MkEMWpuNnKsBx5CMk8hmDRLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/606820-7e11-4896-8360-fc0e1d100650/1/VSasgJgx0iPbak_CROMoNjUV4xg.roa
Signing time: Wed 25 Jan 2023 15:42:33 +0000
ROA not before: Wed 25 Jan 2023 15:42:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 149.238.32.0/19 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
192.112.208.0/24 maxlen: 24
192.77.114.0/23 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:98:57:fb:a9:95:97:e2:cf:8f:61:f8:0a:28:03:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9f4c904316a6e3672ac071e42324f2198344b5
Validity
Not Before: Jan 25 15:42:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5526ac809831d223db6a4fc244e328363515e318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a5:78:41:b6:b9:1d:22:b8:97:98:a5:b0:44:
4d:de:36:52:fe:9a:bc:f3:8c:92:b9:65:71:aa:12:
61:54:90:a7:94:4b:d4:fd:1e:95:e5:ed:a7:0c:6c:
39:d7:59:03:2a:2c:78:69:76:67:9a:d1:f4:1a:7b:
2a:6d:e2:ab:6c:f6:67:64:5e:f5:84:9b:96:d8:cc:
60:ba:85:74:ae:6f:5e:ea:e8:35:97:47:ea:d6:a1:
4d:cc:13:ff:bc:92:51:7a:dc:58:c2:d8:e7:6e:e6:
67:ce:b5:9f:0a:6f:f1:45:b9:39:53:d1:d3:fd:ad:
9c:8f:5f:ec:f4:19:8f:1d:8a:8e:ca:5c:6e:50:3d:
72:47:45:91:a0:2f:c2:46:28:43:12:38:f1:54:29:
33:65:94:96:0c:e3:6a:e4:a5:3a:f2:03:46:97:3c:
40:1f:46:9a:e5:c5:11:42:91:20:3e:7f:be:5c:01:
ff:b3:06:13:f4:d7:eb:b1:1c:84:8c:7f:d4:f5:b6:
71:37:c5:00:b3:2e:6a:88:c0:94:9b:f2:c3:b0:91:
5a:44:10:e9:79:e9:6c:0d:d9:40:b6:6f:6a:17:e8:
3d:11:4d:76:42:5d:ec:64:72:f9:99:06:f9:c9:6e:
ee:cf:f9:b6:a7:f2:b4:54:2f:39:a7:b1:cf:5d:c9:
ec:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:26:AC:80:98:31:D2:23:DB:6A:4F:C2:44:E3:28:36:35:15:E3:18
X509v3 Authority Key Identifier:
keyid:2D:9F:4C:90:43:16:A6:E3:67:2A:C0:71:E4:23:24:F2:19:83:44:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ9MkEMWpuNnKsBx5CMk8hmDRLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/606820-7e11-4896-8360-fc0e1d100650/1/VSasgJgx0iPbak_CROMoNjUV4xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/606820-7e11-4896-8360-fc0e1d100650/1/LZ9MkEMWpuNnKsBx5CMk8hmDRLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/16
192.77.114.0/23
192.112.208.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:81:78:1d:15:7f:c6:a8:bc:37:b3:cc:1e:28:9d:47:66:d8:
45:1b:27:73:da:92:c3:9c:ff:d3:f3:23:39:eb:16:ce:09:a6:
e9:6e:5a:19:40:e8:9a:3d:7e:1e:bb:a5:b3:06:ba:63:be:42:
e0:0e:d8:cb:ce:61:a9:f0:34:7a:f4:b2:68:9c:cf:f0:6c:06:
9f:4d:e8:e7:fa:0a:b5:85:d2:64:5a:c9:b8:bb:bf:47:9a:cc:
d7:74:7c:39:c4:eb:a1:47:df:a5:51:27:81:24:10:b0:77:11:
fa:1f:d1:c0:c6:2f:73:66:4b:b5:54:d1:2e:59:65:ee:49:ba:
d1:9c:54:b6:04:b5:a3:9d:00:a9:6f:8b:51:fb:62:df:82:b1:
0b:39:90:e9:97:d9:3c:1c:60:da:be:fd:79:62:3e:f6:6a:2d:
98:04:55:f5:b3:0c:9e:dc:a0:bb:f9:e1:c5:93:c8:74:21:09:
f0:91:98:80:c0:9a:3d:65:65:04:2b:0a:88:da:04:24:69:69:
8e:2f:c1:7a:2c:92:25:87:8b:34:88:67:d6:60:92:cc:36:8f:
e8:f1:b5:10:08:1d:41:fd:30:0f:03:e1:6c:37:86:f6:ae:8f:
7f:dc:4b:ab:5e:67:d0:5a:8e:72:d3:94:46:3f:2f:5a:dd:11:
1a:ac:6e:4f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYXpmFf7qZWX4s+PYfgKKANAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOWY0YzkwNDMxNmE2ZTM2NzJhYzA3MWU0MjMyNGYyMTk4
MzQ0YjUwHhcNMjMwMTI1MTU0MjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTI2YWM4MDk4MzFkMjIzZGI2YTRmYzI0NGUzMjgzNjM1MTVlMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaV4Qba5HSK4l5ilsERN3jZS/pq8
84ySuWVxqhJhVJCnlEvU/R6V5e2nDGw511kDKix4aXZnmtH0GnsqbeKrbPZnZF71
hJuW2MxguoV0rm9e6ug1l0fq1qFNzBP/vJJRetxYwtjnbuZnzrWfCm/xRbk5U9HT
/a2cj1/s9BmPHYqOylxuUD1yR0WRoC/CRihDEjjxVCkzZZSWDONq5KU68gNGlzxA
H0aa5cURQpEgPn++XAH/swYT9NfrsRyEjH/U9bZxN8UAsy5qiMCUm/LDsJFaRBDp
eelsDdlAtm9qF+g9EU12Ql3sZHL5mQb5yW7uz/m2p/K0VC85p7HPXcnstwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFFUmrICYMdIj22pPwkTjKDY1FeMYMB8GA1UdIwQY
MBaAFC2fTJBDFqbjZyrAceQjJPIZg0S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFo5TWtFTVdwdU5uS3NCeDVDTWs4aG1EUkxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82MDY4MjAtN2UxMS00ODk2LTgzNjAt
ZmMwZTFkMTAwNjUwLzEvVlNhc2dKZ3gwaVBiYWtfQ1JPTW9OalVWNHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82MDY4MjAtN2UxMS00ODk2LTgzNjAtZmMwZTFkMTAwNjUw
LzEvTFo5TWtFTVdwdU5uS3NCeDVDTWs4aG1EUkxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAle4DBAHA
TXIDBADAcNAwDQYJKoZIhvcNAQELBQADggEBAH+BeB0Vf8aovDezzB4onUdm2EUb
J3PaksOc/9PzIznrFs4JpuluWhlA6Jo9fh67pbMGumO+QuAO2MvOYanwNHr0smic
z/BsBp9N6Of6CrWF0mRaybi7v0eazNd0fDnE66FH36VRJ4EkELB3Efof0cDGL3Nm
S7VU0S5ZZe5JutGcVLYEtaOdAKlvi1H7Yt+CsQs5kOmX2TwcYNq+/XliPvZqLZgE
VfWzDJ7coLv54cWTyHQhCfCRmIDAmj1lZQQrCojaBCRpaY4vwXoskiWHizSIZ9Zg
ksw2j+jxtRAIHUH9MA8D4Ww3hvauj3/cS6teZ9BajnLTlEY/L1rdERqsbk8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:08 2024 by rpki-client on console-fra.rpki-client.org