Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/KrrN2IpNzk0aqmeIT4thUvpNAhU.roa
File: KrrN2IpNzk0aqmeIT4thUvpNAhU.roa (raw, json)
Hash identifier: Z8bb9KV/FktXTJlhN+rI7/HerD+qWD0PuWMTDfyI9XY=
Subject key identifier: 2A:BA:CD:D8:8A:4D:CE:4D:1A:AA:67:88:4F:8B:61:52:FA:4D:02:15
Certificate issuer: /CN=bf1ce08452d4a51a9eb4d423d8a03a916235b572
Certificate serial: 01856F94C7D2CD58D81D1712DF3E2A343A34
Authority key identifier: BF:1C:E0:84:52:D4:A5:1A:9E:B4:D4:23:D8:A0:3A:91:62:35:B5:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxzghFLUpRqetNQj2KA6kWI1tXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/KrrN2IpNzk0aqmeIT4thUvpNAhU.roa
Signing time: Sun 01 Jan 2023 23:04:59 +0000
ROA not before: Sun 01 Jan 2023 23:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43278
IP address blocks: 152.89.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c7:d2:cd:58:d8:1d:17:12:df:3e:2a:34:3a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1ce08452d4a51a9eb4d423d8a03a916235b572
Validity
Not Before: Jan 1 23:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2abacdd88a4dce4d1aaa67884f8b6152fa4d0215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:26:bc:85:ec:90:f5:d0:6a:92:1a:64:86:
0c:c7:06:c5:ad:0e:4a:4a:da:7d:37:5a:87:c1:03:
b7:b5:67:fc:22:22:84:02:59:de:a2:58:0c:13:37:
a8:eb:ed:f3:af:24:e7:81:33:3b:49:37:87:ad:fe:
9e:2b:02:e3:a0:b8:6f:ab:78:b2:2e:ec:2d:10:d4:
f6:18:ed:06:6a:7c:8d:6a:fb:a0:2a:97:f3:18:9e:
92:9a:45:fe:46:ce:7a:70:99:96:64:2b:f3:0d:98:
34:67:f8:02:14:bd:35:e6:80:ed:8a:96:03:c9:4f:
01:a2:26:23:43:df:ec:ad:a8:7e:83:e2:a4:48:66:
c5:98:73:15:5f:86:9f:81:67:07:f7:5b:0d:d0:30:
f8:42:5c:b3:fc:00:c4:33:0f:f4:f4:69:8d:38:a3:
41:40:1e:76:c0:44:5e:62:9b:50:12:2c:3f:7d:01:
c6:79:e9:36:2e:d8:10:c4:81:ee:81:7c:76:61:e1:
aa:c0:79:91:56:f4:31:86:4f:27:d8:b9:bb:32:c4:
52:65:c2:c9:71:ba:18:97:f6:ec:d2:30:ff:87:f3:
ad:0a:7d:10:35:cf:31:60:88:a2:9d:5c:60:85:aa:
29:02:2b:e4:f3:ff:7a:21:cd:8b:35:a8:a7:31:8a:
10:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BA:CD:D8:8A:4D:CE:4D:1A:AA:67:88:4F:8B:61:52:FA:4D:02:15
X509v3 Authority Key Identifier:
keyid:BF:1C:E0:84:52:D4:A5:1A:9E:B4:D4:23:D8:A0:3A:91:62:35:B5:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxzghFLUpRqetNQj2KA6kWI1tXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/KrrN2IpNzk0aqmeIT4thUvpNAhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/vxzghFLUpRqetNQj2KA6kWI1tXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.199.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:23:6a:5d:3a:9f:6c:5b:39:c0:6b:23:ac:d0:99:7b:a9:59:
8a:a2:de:0c:22:e8:e0:a7:9f:cd:d1:e2:2b:a7:dd:a1:bc:61:
62:47:9d:ed:81:a8:70:e5:c0:80:0d:c6:13:30:c1:7c:4d:03:
d6:88:16:ec:bc:47:1f:1d:ff:1d:bb:c3:ad:91:75:28:8e:47:
15:19:45:86:02:00:6c:04:a5:5f:f7:8c:a9:34:fa:58:93:3e:
92:ea:5b:54:77:a7:f1:08:ec:ff:bf:9d:f1:fa:40:f9:0a:47:
4e:15:1a:92:4e:c7:21:cd:fa:0b:b9:3f:36:f6:43:3d:fa:25:
07:95:8b:39:38:2a:b5:50:42:08:01:78:4d:b4:30:ec:e7:11:
0c:fe:5b:a5:e9:e6:53:21:1b:76:b9:47:59:3d:ff:6c:51:fb:
cb:9f:89:c8:89:b9:4f:17:1c:66:78:59:b9:56:ab:19:a4:bc:
45:04:cf:54:72:36:52:60:0b:e2:0e:3c:f5:d0:3a:79:fb:d4:
ff:1e:a3:3c:a8:04:27:99:b8:c4:46:47:13:c4:ff:54:16:b5:
0e:5e:3f:ed:2e:7e:2f:3e:96:02:64:94:cb:4c:4a:5e:6c:20:
b5:c4:65:b7:95:09:45:80:2e:ad:7d:e0:fc:aa:4c:f7:e9:ba:
87:7c:3a:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlMfSzVjYHRcS3z4qNDo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWNlMDg0NTJkNGE1MWE5ZWI0ZDQyM2Q4YTAzYTkxNjIz
NWI1NzIwHhcNMjMwMTAxMjMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWJhY2RkODhhNGRjZTRkMWFhYTY3ODg0ZjhiNjE1MmZhNGQwMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVsmvIXskPXQapIaZIYMxwbFrQ5K
Stp9N1qHwQO3tWf8IiKEAlneolgMEzeo6+3zryTngTM7STeHrf6eKwLjoLhvq3iy
LuwtENT2GO0GanyNavugKpfzGJ6SmkX+Rs56cJmWZCvzDZg0Z/gCFL015oDtipYD
yU8BoiYjQ9/srah+g+KkSGbFmHMVX4afgWcH91sN0DD4Qlyz/ADEMw/09GmNOKNB
QB52wEReYptQEiw/fQHGeek2LtgQxIHugXx2YeGqwHmRVvQxhk8n2Lm7MsRSZcLJ
cboYl/bs0jD/h/OtCn0QNc8xYIiinVxghaopAivk8/96Ic2LNainMYoQXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCq6zdiKTc5NGqpniE+LYVL6TQIVMB8GA1UdIwQY
MBaAFL8c4IRS1KUanrTUI9igOpFiNbVyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnh6Z2hGTFVwUnFldE5RajJLQTZrV0kxdFhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kNDEwMDItNDM0Ni00Y2VmLTlmNDAt
ZmNlMmY4M2MzZGY5LzEvS3JyTjJJcE56azBhcW1lSVQ0dGhVdnBOQWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kNDEwMDItNDM0Ni00Y2VmLTlmNDAtZmNlMmY4M2MzZGY5
LzEvdnh6Z2hGTFVwUnFldE5RajJLQTZrV0kxdFhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnHMA0G
CSqGSIb3DQEBCwUAA4IBAQC5I2pdOp9sWznAayOs0Jl7qVmKot4MIujgp5/N0eIr
p92hvGFiR53tgahw5cCADcYTMMF8TQPWiBbsvEcfHf8du8OtkXUojkcVGUWGAgBs
BKVf94ypNPpYkz6S6ltUd6fxCOz/v53x+kD5CkdOFRqSTschzfoLuT829kM9+iUH
lYs5OCq1UEIIAXhNtDDs5xEM/lul6eZTIRt2uUdZPf9sUfvLn4nIiblPFxxmeFm5
VqsZpLxFBM9UcjZSYAviDjz10Dp5+9T/HqM8qAQnmbjERkcTxP9UFrUOXj/tLn4v
PpYCZJTLTEpebCC1xGW3lQlFgC6tfeD8qkz36bqHfDqn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org