Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/uO9pHujdqcydJRwmknJ9el35yZw.roa
File: uO9pHujdqcydJRwmknJ9el35yZw.roa (raw, json)
Hash identifier: ESW0lYXQjN95ScX5Kbur0Ai/jOjz0UDx6fRsNkBb/Jc=
Subject key identifier: B8:EF:69:1E:E8:DD:A9:CC:9D:25:1C:26:92:72:7D:7A:5D:F9:C9:9C
Certificate issuer: /CN=bf1ce08452d4a51a9eb4d423d8a03a916235b572
Certificate serial: 01855E0C974A636DF15580B1559ABA072274
Authority key identifier: BF:1C:E0:84:52:D4:A5:1A:9E:B4:D4:23:D8:A0:3A:91:62:35:B5:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxzghFLUpRqetNQj2KA6kWI1tXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/uO9pHujdqcydJRwmknJ9el35yZw.roa
Signing time: Thu 29 Dec 2022 13:22:41 +0000
ROA not before: Thu 29 Dec 2022 13:22:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43278
IP address blocks: 152.89.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:0c:97:4a:63:6d:f1:55:80:b1:55:9a:ba:07:22:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1ce08452d4a51a9eb4d423d8a03a916235b572
Validity
Not Before: Dec 29 13:22:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8ef691ee8dda9cc9d251c2692727d7a5df9c99c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2d:46:22:b6:00:d0:02:97:a5:6b:bc:78:37:
1a:51:0f:e8:1d:6f:8c:6e:a3:78:cb:7d:dc:47:b4:
b5:cf:63:a4:f6:33:94:3d:ea:06:37:59:26:be:5e:
ce:40:d3:9a:33:fc:01:3e:86:49:00:4c:4b:ac:16:
2a:1a:93:b3:18:53:d8:87:a4:50:44:5e:c8:a0:04:
4b:69:f0:04:49:31:d3:bd:72:7b:2d:a8:b6:b0:3f:
ce:f3:ef:7c:93:9c:2f:22:44:73:66:e6:aa:39:a4:
e7:59:61:bd:2d:25:d2:c6:9a:cb:3f:86:de:78:d3:
1c:9f:72:74:aa:e3:bb:a3:d5:fd:3c:bf:78:0f:c8:
ca:45:5b:c4:11:35:f2:e4:16:98:dc:56:9e:3c:c1:
c1:a7:a9:95:8b:62:c2:92:70:d4:06:b2:1f:f4:ed:
14:cd:12:09:5f:6e:d8:80:36:c5:d3:aa:c2:f3:51:
e6:36:a0:dd:81:e8:00:4a:e2:a3:9b:75:82:8b:2b:
c5:28:a7:68:64:64:ff:90:6c:3b:b5:0a:97:fa:33:
d8:b7:7b:79:b1:24:c2:c1:3f:c3:37:81:da:21:8d:
98:30:de:32:91:63:4d:05:d3:df:a9:88:e1:b9:c4:
2b:3f:83:6d:b3:6b:3a:0f:59:54:de:4d:47:e4:c4:
2a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:EF:69:1E:E8:DD:A9:CC:9D:25:1C:26:92:72:7D:7A:5D:F9:C9:9C
X509v3 Authority Key Identifier:
keyid:BF:1C:E0:84:52:D4:A5:1A:9E:B4:D4:23:D8:A0:3A:91:62:35:B5:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxzghFLUpRqetNQj2KA6kWI1tXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/uO9pHujdqcydJRwmknJ9el35yZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d41002-4346-4cef-9f40-fce2f83c3df9/1/vxzghFLUpRqetNQj2KA6kWI1tXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.199.0/24
Signature Algorithm: sha256WithRSAEncryption
26:15:78:72:aa:41:29:70:46:97:40:45:3c:75:0b:8d:91:78:
f4:8b:3e:1e:87:27:04:5f:f4:8c:c7:f0:1a:84:9a:2e:52:83:
0e:ec:68:7b:32:ec:e4:97:80:35:f0:4a:c0:44:ff:32:5b:6f:
f7:56:0d:46:cf:7f:19:d3:53:56:bc:47:f8:40:48:fa:76:5f:
fb:a9:85:36:d4:ff:d5:24:06:ba:da:f4:2b:22:3f:f3:d8:e9:
82:e8:f4:3a:17:6b:8d:0b:a7:b3:dc:01:34:a6:d8:43:ae:6e:
ef:61:ba:a2:9f:65:75:5b:d2:ed:52:ff:92:88:f2:d1:ed:98:
f2:3f:3a:0f:3d:36:e9:ca:f4:d0:c4:9e:43:04:42:6a:4e:87:
e6:7e:72:25:b9:28:22:0b:4d:f4:98:f9:38:16:cc:4a:85:f1:
a9:c3:b6:34:a6:f2:08:30:c0:16:34:d7:1f:d5:64:9b:30:bd:
d4:28:7e:f2:59:de:6c:9f:f8:12:53:e3:a9:c4:1d:c4:35:71:
b4:42:07:82:e5:b0:ae:3a:e7:a6:58:94:83:21:18:99:66:7a:
97:aa:cc:3e:6d:ae:f3:3f:73:c8:4d:1c:aa:c5:99:8d:a5:a1:
c8:39:77:e0:47:3e:d5:ed:dd:73:bd:84:e4:68:76:a9:0f:ae:
d3:fb:cc:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVeDJdKY23xVYCxVZq6ByJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWNlMDg0NTJkNGE1MWE5ZWI0ZDQyM2Q4YTAzYTkxNjIz
NWI1NzIwHhcNMjIxMjI5MTMyMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGVmNjkxZWU4ZGRhOWNjOWQyNTFjMjY5MjcyN2Q3YTVkZjljOTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy1GIrYA0AKXpWu8eDcaUQ/oHW+M
bqN4y33cR7S1z2Ok9jOUPeoGN1kmvl7OQNOaM/wBPoZJAExLrBYqGpOzGFPYh6RQ
RF7IoARLafAESTHTvXJ7Lai2sD/O8+98k5wvIkRzZuaqOaTnWWG9LSXSxprLP4be
eNMcn3J0quO7o9X9PL94D8jKRVvEETXy5BaY3FaePMHBp6mVi2LCknDUBrIf9O0U
zRIJX27YgDbF06rC81HmNqDdgegASuKjm3WCiyvFKKdoZGT/kGw7tQqX+jPYt3t5
sSTCwT/DN4HaIY2YMN4ykWNNBdPfqYjhucQrP4Nts2s6D1lU3k1H5MQqKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjvaR7o3anMnSUcJpJyfXpd+cmcMB8GA1UdIwQY
MBaAFL8c4IRS1KUanrTUI9igOpFiNbVyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnh6Z2hGTFVwUnFldE5RajJLQTZrV0kxdFhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kNDEwMDItNDM0Ni00Y2VmLTlmNDAt
ZmNlMmY4M2MzZGY5LzEvdU85cEh1amRxY3lkSlJ3bWtuSjllbDM1eVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kNDEwMDItNDM0Ni00Y2VmLTlmNDAtZmNlMmY4M2MzZGY5
LzEvdnh6Z2hGTFVwUnFldE5RajJLQTZrV0kxdFhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnHMA0G
CSqGSIb3DQEBCwUAA4IBAQAmFXhyqkEpcEaXQEU8dQuNkXj0iz4ehycEX/SMx/Aa
hJouUoMO7Gh7Muzkl4A18ErARP8yW2/3Vg1Gz38Z01NWvEf4QEj6dl/7qYU21P/V
JAa62vQrIj/z2OmC6PQ6F2uNC6ez3AE0pthDrm7vYbqin2V1W9LtUv+SiPLR7Zjy
PzoPPTbpyvTQxJ5DBEJqTofmfnIluSgiC030mPk4FsxKhfGpw7Y0pvIIMMAWNNcf
1WSbML3UKH7yWd5sn/gSU+OpxB3ENXG0QgeC5bCuOuemWJSDIRiZZnqXqsw+ba7z
P3PITRyqxZmNpaHIOXfgRz7V7d1zvYTkaHapD67T+8za
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:02 2024 by rpki-client on console-ams.rpki-client.org