Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/42ac52-ba66-48a2-a07a-b636988ead4d/1/O8KmmqxnzESlD35lZy5IA9aNwXw.roa
File: O8KmmqxnzESlD35lZy5IA9aNwXw.roa (raw, json)
Hash identifier: Uhc21sSNx9IV1yiLY+i2TLPgOeWi5rqrFwdxaqvFKL4=
Subject key identifier: 3B:C2:A6:9A:AC:67:CC:44:A5:0F:7E:65:67:2E:48:03:D6:8D:C1:7C
Certificate issuer: /CN=1f1d04807504dcbe1ab80ef84d86e514c57e7e8d
Certificate serial: 018572B40A3763D54C0CB68805D515117A79
Authority key identifier: 1F:1D:04:80:75:04:DC:BE:1A:B8:0E:F8:4D:86:E5:14:C5:7E:7E:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hx0EgHUE3L4auA74TYblFMV-fo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/42ac52-ba66-48a2-a07a-b636988ead4d/1/O8KmmqxnzESlD35lZy5IA9aNwXw.roa
Signing time: Mon 02 Jan 2023 13:37:59 +0000
ROA not before: Mon 02 Jan 2023 13:37:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136038
IP address blocks: 193.239.151.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
193.239.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:0a:37:63:d5:4c:0c:b6:88:05:d5:15:11:7a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1d04807504dcbe1ab80ef84d86e514c57e7e8d
Validity
Not Before: Jan 2 13:37:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bc2a69aac67cc44a50f7e65672e4803d68dc17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:01:3a:71:2b:5c:67:c3:a2:16:83:29:9a:4a:
15:20:b8:af:d5:43:6d:8b:88:a7:d6:31:78:80:f2:
da:b5:ca:89:6f:5e:ec:15:8a:18:ee:88:b8:b0:90:
75:c4:61:8c:2d:a8:c6:22:4f:cd:69:b0:a6:49:02:
57:e5:0f:b0:be:b0:0d:09:42:26:86:27:ac:a6:1b:
f3:a1:98:44:09:39:8b:9a:f6:7e:eb:62:3a:ec:53:
d7:91:11:ae:eb:21:c3:1e:f2:ec:5c:99:71:21:a2:
55:0b:42:60:0a:b6:bb:fb:e1:8c:c9:dd:cc:be:72:
0e:cf:cb:1d:bb:b5:33:ec:d8:1e:c2:da:39:53:47:
3f:de:dc:d7:74:59:b1:b8:54:ee:ab:84:70:cc:c3:
33:be:aa:65:be:2b:b6:86:a2:a6:a7:b0:47:dd:29:
e6:ce:cf:63:f7:a8:50:33:38:da:a8:72:aa:2d:f5:
d0:f9:92:a5:36:ee:43:3f:b8:53:49:5e:6b:86:e2:
a6:e2:2a:fe:ac:f2:97:7b:06:45:22:3a:7b:d7:fd:
e1:82:fe:4c:f6:b2:6e:79:43:96:f9:50:99:3c:86:
70:58:f2:91:81:8f:46:bd:fa:52:02:4a:f1:47:b7:
04:8a:69:b6:8e:e3:0a:ab:c4:58:88:3f:e8:a8:44:
a1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C2:A6:9A:AC:67:CC:44:A5:0F:7E:65:67:2E:48:03:D6:8D:C1:7C
X509v3 Authority Key Identifier:
keyid:1F:1D:04:80:75:04:DC:BE:1A:B8:0E:F8:4D:86:E5:14:C5:7E:7E:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hx0EgHUE3L4auA74TYblFMV-fo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42ac52-ba66-48a2-a07a-b636988ead4d/1/O8KmmqxnzESlD35lZy5IA9aNwXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42ac52-ba66-48a2-a07a-b636988ead4d/1/Hx0EgHUE3L4auA74TYblFMV-fo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.150.0/23
193.239.154.0/24
Signature Algorithm: sha256WithRSAEncryption
07:db:e2:3b:38:2e:77:84:e1:ca:44:6e:5d:5e:51:ed:bf:f9:
a1:da:6c:f7:75:14:e3:00:3b:5e:b6:33:a7:42:50:63:7a:34:
3b:e5:14:09:f3:95:51:32:3a:9e:87:08:12:b2:24:b7:85:5b:
e9:16:0c:ef:78:2a:f8:04:8e:e5:6a:cb:bb:4a:ac:19:f5:e6:
8e:6e:ce:60:7b:07:1b:17:20:5b:fe:02:11:b1:fb:53:c0:a2:
75:73:84:08:6b:bb:6c:88:e1:c6:e9:f0:00:85:97:52:00:45:
30:b8:6e:86:7d:ff:90:fd:26:e4:a3:c6:f7:c2:b3:f8:e7:4a:
d7:78:ee:60:bf:18:8f:b2:df:73:4b:b2:28:6f:c4:66:58:e3:
ca:bb:1b:c0:f1:df:24:da:94:c0:83:7e:5e:31:25:52:04:3d:
32:02:92:51:e6:73:fd:a3:33:72:75:9a:18:5f:58:f2:a1:87:
5f:9d:7b:da:63:e1:e9:fb:a7:f4:24:e5:cc:da:ea:20:55:8c:
2f:2d:84:91:5c:30:b1:82:d3:36:0a:ca:6a:50:cd:f3:ae:df:
56:b9:64:0b:18:40:20:e8:94:1a:b7:52:27:c7:8b:2e:27:3f:
47:4b:9b:5a:05:94:fd:99:11:54:ca:35:3e:48:ca:f2:a6:f9:
0e:7d:db:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVytAo3Y9VMDLaIBdUVEXp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMWQwNDgwNzUwNGRjYmUxYWI4MGVmODRkODZlNTE0YzU3
ZTdlOGQwHhcNMjMwMTAyMTMzNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmMyYTY5YWFjNjdjYzQ0YTUwZjdlNjU2NzJlNDgwM2Q2OGRjMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gE6cStcZ8OiFoMpmkoVILiv1UNt
i4in1jF4gPLatcqJb17sFYoY7oi4sJB1xGGMLajGIk/NabCmSQJX5Q+wvrANCUIm
hiesphvzoZhECTmLmvZ+62I67FPXkRGu6yHDHvLsXJlxIaJVC0JgCra7++GMyd3M
vnIOz8sdu7Uz7Ngewto5U0c/3tzXdFmxuFTuq4RwzMMzvqplviu2hqKmp7BH3Snm
zs9j96hQMzjaqHKqLfXQ+ZKlNu5DP7hTSV5rhuKm4ir+rPKXewZFIjp71/3hgv5M
9rJueUOW+VCZPIZwWPKRgY9GvfpSAkrxR7cEimm2juMKq8RYiD/oqEShZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDvCppqsZ8xEpQ9+ZWcuSAPWjcF8MB8GA1UdIwQY
MBaAFB8dBIB1BNy+GrgO+E2G5RTFfn6NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHgwRWdIVUUzTDRhdUE3NFRZYmxGTVYtZm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80MmFjNTItYmE2Ni00OGEyLWEwN2Et
YjYzNjk4OGVhZDRkLzEvTzhLbW1xeG56RVNsRDM1bFp5NUlBOWFOd1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80MmFjNTItYmE2Ni00OGEyLWEwN2EtYjYzNjk4OGVhZDRk
LzEvSHgwRWdIVUUzTDRhdUE3NFRZYmxGTVYtZm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwe+WAwQA
we+aMA0GCSqGSIb3DQEBCwUAA4IBAQAH2+I7OC53hOHKRG5dXlHtv/mh2mz3dRTj
ADtetjOnQlBjejQ75RQJ85VRMjqehwgSsiS3hVvpFgzveCr4BI7lasu7SqwZ9eaO
bs5gewcbFyBb/gIRsftTwKJ1c4QIa7tsiOHG6fAAhZdSAEUwuG6Gff+Q/Sbko8b3
wrP450rXeO5gvxiPst9zS7Iob8RmWOPKuxvA8d8k2pTAg35eMSVSBD0yApJR5nP9
ozNydZoYX1jyoYdfnXvaY+Hp+6f0JOXM2uogVYwvLYSRXDCxgtM2CspqUM3zrt9W
uWQLGEAg6JQat1Inx4suJz9HS5taBZT9mRFUyjU+SMrypvkOfdsn
-----END CERTIFICATE-----
Generated at Fri Dec 22 13:56:08 2023 by rpki-client on console-fra.rpki-client.org