Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/0be3df-6080-4655-b238-6576f5901455/1/iT8k2TPtWMTnBqaFmR1KyJSwUEU.roa
File: iT8k2TPtWMTnBqaFmR1KyJSwUEU.roa (raw, json)
Hash identifier: I69dxf4pGecMOe3K78qN14yUaSRgEKzv6keebdW9FK8=
Subject key identifier: 89:3F:24:D9:33:ED:58:C4:E7:06:A6:85:99:1D:4A:C8:94:B0:50:45
Certificate issuer: /CN=504d120b1c209849ecf9ae517af81aae81d168b7
Certificate serial: 0185715E7A7D09A407F24A880D2A4507DAF6
Authority key identifier: 50:4D:12:0B:1C:20:98:49:EC:F9:AE:51:7A:F8:1A:AE:81:D1:68:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UE0SCxwgmEns-a5RevgaroHRaLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/0be3df-6080-4655-b238-6576f5901455/1/iT8k2TPtWMTnBqaFmR1KyJSwUEU.roa
Signing time: Mon 02 Jan 2023 07:24:55 +0000
ROA not before: Mon 02 Jan 2023 07:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50131
IP address blocks: 91.246.39.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:7a:7d:09:a4:07:f2:4a:88:0d:2a:45:07:da:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=504d120b1c209849ecf9ae517af81aae81d168b7
Validity
Not Before: Jan 2 07:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=893f24d933ed58c4e706a685991d4ac894b05045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c7:dd:67:55:2f:20:dd:9b:00:e8:c6:da:c6:
88:ca:1c:8a:9d:1f:79:26:96:db:42:23:f7:05:03:
54:28:54:c8:96:9f:b9:0b:07:88:fa:a3:18:55:fc:
9b:50:c6:1e:04:9a:cc:26:b7:0d:db:c2:cd:70:0d:
34:90:71:21:1c:f9:0f:46:33:52:23:e8:f3:d0:d9:
05:d1:45:a7:23:3e:a9:a5:97:c3:8b:32:30:b0:33:
56:56:6d:69:ce:d8:4c:b2:e7:63:4b:d1:55:ca:f3:
c9:41:1c:8a:f5:42:f5:e4:65:fc:4f:0e:2a:63:36:
17:d2:6e:db:e6:7c:6f:f1:cf:57:f7:c9:be:04:0b:
5b:5c:80:45:7e:4a:76:3f:86:e1:17:3c:1f:c6:17:
88:b8:80:7b:68:c2:1e:db:30:e8:02:e3:9a:62:50:
78:1c:03:ee:24:c5:37:79:16:7c:64:15:e4:20:f6:
35:64:42:f4:11:a5:52:fe:5e:8d:da:bf:65:01:95:
2d:3a:9b:4e:71:10:e8:1b:07:71:cc:c1:e8:9f:11:
29:a9:79:5d:13:e8:01:1b:e5:11:73:62:6a:a8:72:
39:e1:03:e2:c0:ef:5e:08:bd:4a:e6:31:3e:2c:3a:
1c:c7:a2:33:7a:20:7c:ef:6d:5e:e8:65:8f:60:ee:
40:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3F:24:D9:33:ED:58:C4:E7:06:A6:85:99:1D:4A:C8:94:B0:50:45
X509v3 Authority Key Identifier:
keyid:50:4D:12:0B:1C:20:98:49:EC:F9:AE:51:7A:F8:1A:AE:81:D1:68:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UE0SCxwgmEns-a5RevgaroHRaLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0be3df-6080-4655-b238-6576f5901455/1/iT8k2TPtWMTnBqaFmR1KyJSwUEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0be3df-6080-4655-b238-6576f5901455/1/UE0SCxwgmEns-a5RevgaroHRaLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.39.0/24
Signature Algorithm: sha256WithRSAEncryption
54:f2:c6:e5:45:25:cf:ea:81:4a:c6:2e:8b:14:51:ab:61:4e:
81:e4:ff:ec:63:9a:c7:fe:fc:28:98:73:d9:6f:fb:72:2e:42:
1b:86:9b:d1:22:8c:30:e9:ef:ec:b3:a2:09:1c:c0:b8:ff:5d:
f5:3c:5e:6b:de:fd:38:ad:73:e2:fd:0e:7c:c0:8d:64:d7:4b:
cc:74:69:63:34:ab:f7:5b:f1:73:91:d6:c2:ee:2c:2d:4d:a2:
6b:85:6f:81:3d:65:9e:be:8f:0d:32:c5:27:b0:56:7a:85:e6:
72:45:72:ac:5b:e1:29:ef:ad:55:32:06:85:a8:de:0f:c5:cd:
6f:df:a8:7b:0b:55:38:05:b0:82:a9:b0:11:2d:86:be:55:d8:
ed:f2:2e:be:22:1e:15:e5:23:43:eb:4a:b5:d1:d6:0a:cf:20:
97:d7:6d:a3:d5:e4:fd:c0:50:5e:11:37:dc:30:20:e3:d4:a6:
78:ae:6f:62:5a:ba:85:63:f7:0f:c5:c6:91:68:94:ca:c4:84:
ce:56:e1:82:2b:24:61:ec:4c:84:76:8d:07:42:38:4b:a1:e8:
1e:3e:96:a5:03:3c:10:43:d1:99:75:61:d7:d4:bc:95:88:01:
3b:68:7a:9f:a1:e8:93:c7:9b:38:20:ea:88:fa:0c:c6:98:f6:
37:03:59:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXnp9CaQH8kqIDSpFB9r2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNGQxMjBiMWMyMDk4NDllY2Y5YWU1MTdhZjgxYWFlODFk
MTY4YjcwHhcNMjMwMTAyMDcyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNmMjRkOTMzZWQ1OGM0ZTcwNmE2ODU5OTFkNGFjODk0YjA1MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8fdZ1UvIN2bAOjG2saIyhyKnR95
JpbbQiP3BQNUKFTIlp+5CweI+qMYVfybUMYeBJrMJrcN28LNcA00kHEhHPkPRjNS
I+jz0NkF0UWnIz6ppZfDizIwsDNWVm1pzthMsudjS9FVyvPJQRyK9UL15GX8Tw4q
YzYX0m7b5nxv8c9X98m+BAtbXIBFfkp2P4bhFzwfxheIuIB7aMIe2zDoAuOaYlB4
HAPuJMU3eRZ8ZBXkIPY1ZEL0EaVS/l6N2r9lAZUtOptOcRDoGwdxzMHonxEpqXld
E+gBG+URc2JqqHI54QPiwO9eCL1K5jE+LDocx6IzeiB8721e6GWPYO5AjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIk/JNkz7VjE5wamhZkdSsiUsFBFMB8GA1UdIwQY
MBaAFFBNEgscIJhJ7PmuUXr4Gq6B0Wi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUUwU0N4d2dtRW5zLWE1UmV2Z2Fyb0hSYUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8wYmUzZGYtNjA4MC00NjU1LWIyMzgt
NjU3NmY1OTAxNDU1LzEvaVQ4azJUUHRXTVRuQnFhRm1SMUt5SlN3VUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8wYmUzZGYtNjA4MC00NjU1LWIyMzgtNjU3NmY1OTAxNDU1
LzEvVUUwU0N4d2dtRW5zLWE1UmV2Z2Fyb0hSYUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/YnMA0G
CSqGSIb3DQEBCwUAA4IBAQBU8sblRSXP6oFKxi6LFFGrYU6B5P/sY5rH/vwomHPZ
b/tyLkIbhpvRIoww6e/ss6IJHMC4/131PF5r3v04rXPi/Q58wI1k10vMdGljNKv3
W/FzkdbC7iwtTaJrhW+BPWWevo8NMsUnsFZ6heZyRXKsW+Ep761VMgaFqN4Pxc1v
36h7C1U4BbCCqbARLYa+Vdjt8i6+Ih4V5SND60q10dYKzyCX122j1eT9wFBeETfc
MCDj1KZ4rm9iWrqFY/cPxcaRaJTKxITOVuGCKyRh7EyEdo0HQjhLoegePpalAzwQ
Q9GZdWHX1LyViAE7aHqfoeiTx5s4IOqI+gzGmPY3A1kx
-----END CERTIFICATE-----
Generated at Tue Nov 14 12:07:07 2023 by rpki-client on console-fra.rpki-client.org