Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/ehJJK4tMt4OrprO0Ch0ah9NE1tc.roa
File: ehJJK4tMt4OrprO0Ch0ah9NE1tc.roa (raw, json)
Hash identifier: m7goPD46RKyerQoYoWqMyDK7sVWW7laSRV+kek4HdVk=
Subject key identifier: 7A:12:49:2B:8B:4C:B7:83:AB:A6:B3:B4:0A:1D:1A:87:D3:44:D6:D7
Certificate issuer: /CN=537b37656cd14d488a70512921875717a0d910b6
Certificate serial: 018432BD7D8A90031367D5664331DF435A16
Authority key identifier: 53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/ehJJK4tMt4OrprO0Ch0ah9NE1tc.roa
Signing time: Tue 01 Nov 2022 10:29:49 +0000
ROA not before: Tue 01 Nov 2022 10:29:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12345
IP address blocks: 91.240.163.0/24 maxlen: 24
178.239.20.0/24 maxlen: 24
178.239.21.0/24 maxlen: 24
91.240.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:bd:7d:8a:90:03:13:67:d5:66:43:31:df:43:5a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537b37656cd14d488a70512921875717a0d910b6
Validity
Not Before: Nov 1 10:29:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a12492b8b4cb783aba6b3b40a1d1a87d344d6d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3b:74:6f:48:03:bb:f4:66:01:1d:9f:d9:2b:
3f:07:9a:19:6a:87:ab:20:e7:ce:4a:86:94:d9:77:
86:91:bd:e4:d0:c1:e9:a6:50:ea:1d:c3:dd:fd:d4:
55:57:07:41:6f:4f:30:00:b9:34:00:15:65:3e:fb:
07:28:08:a9:be:ba:cc:f7:79:3b:30:45:14:19:6b:
fd:67:22:02:75:ed:d7:64:a0:a3:0f:be:77:92:0f:
b7:37:85:a5:63:d2:63:74:fa:8a:8a:f1:89:3a:a1:
12:68:49:03:33:44:82:c4:02:97:48:a2:70:ef:d0:
61:db:7a:ce:8e:38:17:bf:e8:6b:18:72:48:5c:b0:
9b:fc:1f:e7:a6:2e:04:1f:85:fd:35:e5:92:4b:2c:
4b:b0:a3:85:0c:bf:52:83:29:40:b5:7c:8b:fe:a5:
41:e3:25:01:a3:07:7b:ad:60:ae:39:d3:0a:c6:be:
c2:40:a9:ab:47:eb:1c:2a:16:6e:cf:86:9a:eb:7f:
d3:16:c3:7f:7d:04:28:3c:52:c6:fc:17:9c:68:4f:
0f:c8:9e:99:00:89:93:ae:08:df:85:06:31:5e:86:
06:55:73:41:43:2d:9d:f0:d7:d1:42:09:55:7c:06:
af:24:5d:a5:8d:58:7f:5f:01:27:4c:42:af:87:b2:
ae:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:12:49:2B:8B:4C:B7:83:AB:A6:B3:B4:0A:1D:1A:87:D3:44:D6:D7
X509v3 Authority Key Identifier:
keyid:53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/ehJJK4tMt4OrprO0Ch0ah9NE1tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/U3s3ZWzRTUiKcFEpIYdXF6DZELY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.128.0/24
91.240.163.0/24
178.239.20.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:25:eb:cd:7a:dd:c9:95:e5:7b:bd:7e:0b:ae:19:34:35:70:
f5:7b:f8:74:63:1f:8f:02:ed:f9:c2:34:b0:1f:0c:4d:c5:6b:
3f:7c:b4:ab:0d:f6:81:ee:4e:64:0b:e8:b4:22:d7:c9:c1:c4:
5d:2a:6d:99:6b:67:8a:dd:fd:e3:f5:75:50:27:49:80:47:03:
5a:72:99:a3:43:ee:38:77:4b:52:19:bb:ae:ab:ff:75:f0:bd:
5d:f9:fe:f6:65:6a:4a:71:07:d6:5f:49:02:52:cc:6b:68:ff:
ad:7e:08:b5:c1:83:92:d5:82:af:32:6a:40:b7:9b:63:09:3b:
da:ba:7a:47:8b:e1:20:ff:cc:45:d5:13:57:3f:71:14:7e:e2:
51:86:b1:31:0c:de:77:1c:e1:4e:8a:13:06:2f:b0:bd:74:86:
7a:6b:6b:d8:6d:dd:d0:d4:b3:47:28:40:4b:5d:e9:e4:e6:4d:
bf:ef:12:70:36:9e:3f:94:a4:f0:4d:35:27:27:93:59:d6:2e:
ac:f3:16:50:fc:e2:7d:ec:cc:11:5d:a1:08:8b:bb:7c:f7:3e:
6b:aa:6e:97:14:88:81:cf:3a:30:1f:da:16:84:e9:1d:f9:d9:
91:ee:01:e9:23:0d:3a:bc:6a:8a:48:8c:e9:12:11:63:84:8a:
f8:ab:59:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQyvX2KkAMTZ9VmQzHfQ1oWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2IzNzY1NmNkMTRkNDg4YTcwNTEyOTIxODc1NzE3YTBk
OTEwYjYwHhcNMjIxMTAxMTAyOTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTEyNDkyYjhiNGNiNzgzYWJhNmIzYjQwYTFkMWE4N2QzNDRkNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjt0b0gDu/RmAR2f2Ss/B5oZaoer
IOfOSoaU2XeGkb3k0MHpplDqHcPd/dRVVwdBb08wALk0ABVlPvsHKAipvrrM93k7
MEUUGWv9ZyICde3XZKCjD753kg+3N4WlY9JjdPqKivGJOqESaEkDM0SCxAKXSKJw
79Bh23rOjjgXv+hrGHJIXLCb/B/npi4EH4X9NeWSSyxLsKOFDL9SgylAtXyL/qVB
4yUBowd7rWCuOdMKxr7CQKmrR+scKhZuz4aa63/TFsN/fQQoPFLG/BecaE8PyJ6Z
AImTrgjfhQYxXoYGVXNBQy2d8NfRQglVfAavJF2ljVh/XwEnTEKvh7KuBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHoSSSuLTLeDq6aztAodGofTRNbXMB8GA1UdIwQY
MBaAFFN7N2Vs0U1IinBRKSGHVxeg2RC2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNzM1pXelJUVWlLY0ZFcElZZFhGNkRaRUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8yNzI3YjUtNGM5My00OWU3LWI3ZWUt
Zjk4OTViYjg1ZmIxLzEvZWhKSks0dE10NE9ycHJPMENoMGFoOU5FMXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8yNzI3YjUtNGM5My00OWU3LWI3ZWUtZjk4OTViYjg1ZmIx
LzEvVTNzM1pXelJUVWlLY0ZFcElZZFhGNkRaRUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/CAAwQA
W/CjAwQBsu8UMA0GCSqGSIb3DQEBCwUAA4IBAQCfJevNet3JleV7vX4Lrhk0NXD1
e/h0Yx+PAu35wjSwHwxNxWs/fLSrDfaB7k5kC+i0ItfJwcRdKm2Za2eK3f3j9XVQ
J0mARwNacpmjQ+44d0tSGbuuq/918L1d+f72ZWpKcQfWX0kCUsxraP+tfgi1wYOS
1YKvMmpAt5tjCTvaunpHi+Eg/8xF1RNXP3EUfuJRhrExDN53HOFOihMGL7C9dIZ6
a2vYbd3Q1LNHKEBLXenk5k2/7xJwNp4/lKTwTTUnJ5NZ1i6s8xZQ/OJ97MwRXaEI
i7t89z5rqm6XFIiBzzowH9oWhOkd+dmR7gHpIw06vGqKSIzpEhFjhIr4q1lz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:44 2024 by rpki-client on console-fra.rpki-client.org