Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/7rruomUwTh5R-MIvbT0zQnd64J0.roa
File: 7rruomUwTh5R-MIvbT0zQnd64J0.roa (raw, json)
Hash identifier: Pqc3mQuwdoMB+B1rm6TPbTKNZ/8FTJ0qdp6mG7u2d7s=
Subject key identifier: EE:BA:EE:A2:65:30:4E:1E:51:F8:C2:2F:6D:3D:33:42:77:7A:E0:9D
Certificate issuer: /CN=bf1ce08452d4a51a9eb4d423d8a03a916235b572
Certificate serial: 018CCA2B3FB5BF4478D5CFDEE186FBB209A3
Authority key identifier: BF:1C:E0:84:52:D4:A5:1A:9E:B4:D4:23:D8:A0:3A:91:62:35:B5:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxzghFLUpRqetNQj2KA6kWI1tXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/7rruomUwTh5R-MIvbT0zQnd64J0.roa
Signing time: Tue 02 Jan 2024 12:34:41 +0000
ROA not before: Tue 02 Jan 2024 12:34:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 152.89.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:3f:b5:bf:44:78:d5:cf:de:e1:86:fb:b2:09:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1ce08452d4a51a9eb4d423d8a03a916235b572
Validity
Not Before: Jan 2 12:34:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eebaeea265304e1e51f8c22f6d3d3342777ae09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:41:f9:1f:91:78:ca:1e:19:e0:00:2d:69:17:
9c:23:e8:28:7d:a4:6d:f2:17:31:dd:0b:89:3e:68:
0f:50:14:4e:b8:00:42:ac:b4:88:00:18:6c:dc:17:
0a:c9:68:0d:54:39:59:41:c3:a0:0d:a4:29:14:40:
ae:2d:2c:72:50:1b:e4:d1:48:77:30:f1:e6:85:62:
bb:7a:a7:be:da:1a:e3:10:0d:3c:7b:b8:48:ca:65:
a4:38:d1:3d:13:6f:16:1b:e3:f7:18:ae:f6:31:46:
41:dc:cc:4d:aa:e4:0e:d1:6f:24:97:ba:a1:e1:7f:
48:9d:78:2a:f4:27:94:f6:cd:4d:a3:67:93:90:f9:
cc:a3:a4:3d:f8:e1:d0:9f:55:7e:d2:10:39:71:df:
af:37:43:66:22:0f:05:2e:db:80:61:05:5d:3c:a0:
f7:4a:8b:f6:77:f4:c2:c5:c6:01:25:3a:20:5f:be:
85:53:65:bf:c6:91:8c:43:34:d0:3a:f5:36:6e:de:
8c:0f:e0:5a:d5:ba:bc:75:6d:9c:ee:0f:1c:98:59:
5d:a0:77:3c:56:3b:38:2b:60:f3:9a:56:e1:45:d1:
d6:c6:c3:12:68:93:fb:2b:23:af:e4:55:53:4e:bf:
32:ed:6d:52:78:35:0f:db:f8:62:83:b2:48:d2:36:
2b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:BA:EE:A2:65:30:4E:1E:51:F8:C2:2F:6D:3D:33:42:77:7A:E0:9D
X509v3 Authority Key Identifier:
keyid:BF:1C:E0:84:52:D4:A5:1A:9E:B4:D4:23:D8:A0:3A:91:62:35:B5:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxzghFLUpRqetNQj2KA6kWI1tXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/7rruomUwTh5R-MIvbT0zQnd64J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/vxzghFLUpRqetNQj2KA6kWI1tXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.199.0/24
Signature Algorithm: sha256WithRSAEncryption
21:3f:c2:4d:fb:5e:5e:75:f5:52:06:12:b4:66:d6:b2:f3:18:
97:0d:1c:a4:92:06:12:4f:a9:74:71:ae:ed:af:6e:37:f1:0f:
a9:54:00:cf:8f:8a:da:55:5d:94:2e:89:3f:27:69:3f:e2:68:
b9:b9:ee:80:89:57:31:0f:a9:c3:0b:5c:d7:25:94:50:0b:e5:
c2:4d:35:8b:7a:a1:71:ce:82:5d:95:29:34:d2:ab:0a:4d:a4:
7f:e1:d6:d9:5c:94:e1:19:82:d0:69:65:15:b8:5e:fd:a1:e3:
b5:17:40:b0:43:98:b8:11:f5:6d:e8:2e:3f:79:15:57:56:1f:
3b:5d:a1:21:fb:dc:b1:2d:8c:79:7d:3e:b2:5a:47:c1:e2:0c:
c9:4b:96:68:a5:ab:30:c4:80:e8:d6:1f:00:a7:c2:41:4b:a9:
2a:29:e4:5e:f6:23:ed:b9:3c:3c:0f:02:74:e5:7a:2a:b0:d0:
4c:aa:9f:6c:10:37:34:94:83:af:6e:18:b8:92:24:11:a1:0e:
0c:bf:fc:67:ee:53:5e:7d:a2:07:39:2b:74:0d:da:6d:6a:da:
91:45:97:98:d2:49:66:9e:61:8b:52:49:2f:0d:f9:4a:42:86:
60:0b:cd:51:30:ef:5c:7d:ca:d6:9e:6e:5f:4f:b4:94:8f:89:
1b:b6:53:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKz+1v0R41c/e4Yb7sgmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWNlMDg0NTJkNGE1MWE5ZWI0ZDQyM2Q4YTAzYTkxNjIz
NWI1NzIwHhcNMjQwMTAyMTIzNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWJhZWVhMjY1MzA0ZTFlNTFmOGMyMmY2ZDNkMzM0Mjc3N2FlMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0H5H5F4yh4Z4AAtaRecI+gofaRt
8hcx3QuJPmgPUBROuABCrLSIABhs3BcKyWgNVDlZQcOgDaQpFECuLSxyUBvk0Uh3
MPHmhWK7eqe+2hrjEA08e7hIymWkONE9E28WG+P3GK72MUZB3MxNquQO0W8kl7qh
4X9InXgq9CeU9s1No2eTkPnMo6Q9+OHQn1V+0hA5cd+vN0NmIg8FLtuAYQVdPKD3
Sov2d/TCxcYBJTogX76FU2W/xpGMQzTQOvU2bt6MD+Ba1bq8dW2c7g8cmFldoHc8
Vjs4K2DzmlbhRdHWxsMSaJP7KyOv5FVTTr8y7W1SeDUP2/hig7JI0jYrdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO667qJlME4eUfjCL209M0J3euCdMB8GA1UdIwQY
MBaAFL8c4IRS1KUanrTUI9igOpFiNbVyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnh6Z2hGTFVwUnFldE5RajJLQTZrV0kxdFhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kNDEwMDItNDM0Ni00Y2VmLTlmNDAt
ZmNlMmY4M2MzZGY5LzEvN3JydW9tVXdUaDVSLU1JdmJUMHpRbmQ2NEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kNDEwMDItNDM0Ni00Y2VmLTlmNDAtZmNlMmY4M2MzZGY5
LzEvdnh6Z2hGTFVwUnFldE5RajJLQTZrV0kxdFhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnHMA0G
CSqGSIb3DQEBCwUAA4IBAQAhP8JN+15edfVSBhK0Ztay8xiXDRykkgYST6l0ca7t
r2438Q+pVADPj4raVV2ULok/J2k/4mi5ue6AiVcxD6nDC1zXJZRQC+XCTTWLeqFx
zoJdlSk00qsKTaR/4dbZXJThGYLQaWUVuF79oeO1F0CwQ5i4EfVt6C4/eRVXVh87
XaEh+9yxLYx5fT6yWkfB4gzJS5ZopaswxIDo1h8Ap8JBS6kqKeRe9iPtuTw8DwJ0
5XoqsNBMqp9sEDc0lIOvbhi4kiQRoQ4Mv/xn7lNefaIHOSt0DdptatqRRZeY0klm
nmGLUkkvDflKQoZgC81RMO9cfcrWnm5fT7SUj4kbtlMI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:02 2024 by rpki-client on console-ams.rpki-client.org