Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/156aa7-54b5-417a-8365-d9828b495f61/1/8g8VhBAjd-fgDYen0_Ji3cCa1hw.roa
File: 8g8VhBAjd-fgDYen0_Ji3cCa1hw.roa (raw, json)
Hash identifier: mq02kYSNAubiAf9QnW3ovVhQHj+4Be2vJPPoThcPjKM=
Subject key identifier: F2:0F:15:84:10:23:77:E7:E0:0D:87:A7:D3:F2:62:DD:C0:9A:D6:1C
Certificate issuer: /CN=aa6f3edaa66404e7f05b8ef7df4e9d22a3960407
Certificate serial: 018CCA29CCD4260B3717F1E1B0012604B0EE
Authority key identifier: AA:6F:3E:DA:A6:64:04:E7:F0:5B:8E:F7:DF:4E:9D:22:A3:96:04:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qm8-2qZkBOfwW473306dIqOWBAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/156aa7-54b5-417a-8365-d9828b495f61/1/8g8VhBAjd-fgDYen0_Ji3cCa1hw.roa
Signing time: Tue 02 Jan 2024 12:33:06 +0000
ROA not before: Tue 02 Jan 2024 12:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 5.42.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:cc:d4:26:0b:37:17:f1:e1:b0:01:26:04:b0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa6f3edaa66404e7f05b8ef7df4e9d22a3960407
Validity
Not Before: Jan 2 12:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f20f1584102377e7e00d87a7d3f262ddc09ad61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0a:92:12:19:03:eb:4a:85:cf:3b:bc:e2:88:
07:4e:3f:a8:b6:34:f3:db:d3:7d:cd:ff:29:50:52:
18:40:a2:1d:81:14:57:d0:30:b2:37:76:b0:b0:ee:
10:a4:69:aa:65:87:d3:cd:bd:9e:a9:ff:2c:c5:4c:
ca:c7:5d:74:c4:83:ac:2b:f5:d4:57:50:f8:0f:6c:
b0:18:6e:5d:00:1c:6a:f4:a5:b4:4d:b5:b4:d9:9e:
6b:7c:84:de:09:b7:4f:86:af:17:d9:8c:68:ba:7a:
ae:f4:b4:67:16:42:a6:7a:69:46:6f:7a:f1:e1:43:
de:f5:d9:39:d0:63:8c:7c:09:c2:26:6b:71:72:39:
f2:91:9d:fd:8c:46:a1:1d:fd:b9:98:22:0f:20:79:
90:28:c5:04:31:df:47:ea:3c:d5:bf:e9:8b:1b:b1:
d9:fb:56:ce:79:f2:68:7f:7b:b3:56:37:87:1c:9c:
fe:50:ec:69:9d:32:b9:66:97:c7:c8:ac:c4:8d:77:
78:a1:7f:1e:a3:86:8e:93:61:24:1e:f3:28:b5:a0:
f9:14:2a:80:28:50:93:f3:59:6c:7b:93:6a:02:45:
09:4d:24:2a:3d:60:d3:97:02:6f:47:fd:bf:55:6a:
8c:69:92:76:cf:f0:ed:df:f9:c4:32:86:2f:2f:ad:
cb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0F:15:84:10:23:77:E7:E0:0D:87:A7:D3:F2:62:DD:C0:9A:D6:1C
X509v3 Authority Key Identifier:
keyid:AA:6F:3E:DA:A6:64:04:E7:F0:5B:8E:F7:DF:4E:9D:22:A3:96:04:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qm8-2qZkBOfwW473306dIqOWBAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/156aa7-54b5-417a-8365-d9828b495f61/1/8g8VhBAjd-fgDYen0_Ji3cCa1hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/156aa7-54b5-417a-8365-d9828b495f61/1/qm8-2qZkBOfwW473306dIqOWBAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.209.0/24
Signature Algorithm: sha256WithRSAEncryption
52:8e:23:51:f9:5c:ee:67:56:37:9a:fc:77:f7:06:b0:7a:02:
e5:48:0a:a7:ba:8a:3e:5c:b7:14:12:21:43:fe:9a:35:f5:d5:
25:0d:33:b8:6e:56:a5:60:28:d7:27:c5:73:94:ef:44:bd:48:
3d:7c:7c:e9:1a:78:3e:5d:ab:6f:a1:85:5e:cb:16:5f:d5:6d:
a6:21:6e:75:5f:cf:50:6c:70:5a:34:41:50:f8:ce:bf:01:cd:
6b:39:8e:8e:0f:40:6e:b8:41:12:23:90:7c:48:73:ac:49:0a:
71:09:f4:73:33:fb:b7:92:c4:be:c5:50:e6:af:fa:f8:17:ed:
9c:48:31:0f:5f:3f:50:fd:4c:06:ca:73:ce:b1:48:23:e6:e9:
fc:29:90:f4:ee:a3:9a:36:3d:6b:45:e7:e7:12:e9:92:a5:b3:
dc:4f:a1:8f:7e:56:f2:b3:67:bd:11:8d:bd:e5:35:ea:72:7a:
7b:f0:ca:86:9e:82:1a:ed:54:11:a5:d6:a4:7a:c7:b1:a8:dc:
05:87:ed:b8:88:7f:a7:9e:f4:a2:ed:2e:6d:8d:7c:2a:5b:85:
e6:33:b7:67:06:ac:b9:15:e0:1f:57:c5:4e:f9:9f:56:83:e6:
06:42:0f:9d:05:c3:a0:38:60:54:d9:67:98:d3:96:89:62:2e:
6d:86:ce:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKczUJgs3F/HhsAEmBLDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNmYzZWRhYTY2NDA0ZTdmMDViOGVmN2RmNGU5ZDIyYTM5
NjA0MDcwHhcNMjQwMTAyMTIzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjBmMTU4NDEwMjM3N2U3ZTAwZDg3YTdkM2YyNjJkZGMwOWFkNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAqSEhkD60qFzzu84ogHTj+otjTz
29N9zf8pUFIYQKIdgRRX0DCyN3awsO4QpGmqZYfTzb2eqf8sxUzKx110xIOsK/XU
V1D4D2ywGG5dABxq9KW0TbW02Z5rfITeCbdPhq8X2Yxounqu9LRnFkKmemlGb3rx
4UPe9dk50GOMfAnCJmtxcjnykZ39jEahHf25mCIPIHmQKMUEMd9H6jzVv+mLG7HZ
+1bOefJof3uzVjeHHJz+UOxpnTK5ZpfHyKzEjXd4oX8eo4aOk2EkHvMotaD5FCqA
KFCT81lse5NqAkUJTSQqPWDTlwJvR/2/VWqMaZJ2z/Dt3/nEMoYvL63LxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIPFYQQI3fn4A2Hp9PyYt3AmtYcMB8GA1UdIwQY
MBaAFKpvPtqmZATn8FuO999OnSKjlgQHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW04LTJxWmtCT2Z3VzQ3MzMwNmRJcU9XQkFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8xNTZhYTctNTRiNS00MTdhLTgzNjUt
ZDk4MjhiNDk1ZjYxLzEvOGc4VmhCQWpkLWZnRFllbjBfSmkzY0NhMWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8xNTZhYTctNTRiNS00MTdhLTgzNjUtZDk4MjhiNDk1ZjYx
LzEvcW04LTJxWmtCT2Z3VzQ3MzMwNmRJcU9XQkFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrRMA0G
CSqGSIb3DQEBCwUAA4IBAQBSjiNR+VzuZ1Y3mvx39wawegLlSAqnuoo+XLcUEiFD
/po19dUlDTO4blalYCjXJ8VzlO9EvUg9fHzpGng+XatvoYVeyxZf1W2mIW51X89Q
bHBaNEFQ+M6/Ac1rOY6OD0BuuEESI5B8SHOsSQpxCfRzM/u3ksS+xVDmr/r4F+2c
SDEPXz9Q/UwGynPOsUgj5un8KZD07qOaNj1rRefnEumSpbPcT6GPflbys2e9EY29
5TXqcnp78MqGnoIa7VQRpdakesexqNwFh+24iH+nnvSi7S5tjXwqW4XmM7dnBqy5
FeAfV8VO+Z9Wg+YGQg+dBcOgOGBU2WeY05aJYi5ths4j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:10 2024 by rpki-client on console-ams.rpki-client.org