Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/30b2dc-43bf-4497-8b44-2c3e3b593646/1/_bJAKFt7trR_sF0NBTnHkKbEGbc.roa
File: _bJAKFt7trR_sF0NBTnHkKbEGbc.roa (raw, json)
Hash identifier: s3uXp/Aa+61nG1lpsBkj9ICAA/ib1f4CeUC0hAWFwvQ=
Subject key identifier: FD:B2:40:28:5B:7B:B6:B4:7F:B0:5D:0D:05:39:C7:90:A6:C4:19:B7
Certificate issuer: /CN=b3d2595ee861126a87a7203782c5f59e02261e81
Certificate serial: 018CC6B941A0C7F1BC08E7B5665FC7DDA792
Authority key identifier: B3:D2:59:5E:E8:61:12:6A:87:A7:20:37:82:C5:F5:9E:02:26:1E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9JZXuhhEmqHpyA3gsX1ngImHoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/30b2dc-43bf-4497-8b44-2c3e3b593646/1/_bJAKFt7trR_sF0NBTnHkKbEGbc.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57523
IP address blocks: 152.89.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:41:a0:c7:f1:bc:08:e7:b5:66:5f:c7:dd:a7:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d2595ee861126a87a7203782c5f59e02261e81
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdb240285b7bb6b47fb05d0d0539c790a6c419b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bd:a6:f3:f7:9a:82:6e:6d:cd:8f:1e:f9:21:
dd:ef:06:1f:cd:5e:4c:a0:ad:62:2f:95:62:b0:89:
a2:54:8d:3e:42:bf:93:4e:68:45:27:67:81:97:a5:
2a:55:ac:10:18:57:69:c7:d4:5e:0a:12:32:a7:48:
0c:8a:59:af:10:c0:ea:d5:83:94:bc:8b:bb:ec:44:
37:06:01:37:dd:ae:d2:c7:22:df:4b:e5:c6:19:bf:
42:dc:5e:47:34:e7:d6:26:48:1b:de:67:e9:e7:25:
c3:4a:ae:b5:c9:ae:39:3d:c3:e2:a1:e3:b3:8c:f7:
61:df:13:bf:30:73:e8:09:e5:0f:7e:22:95:10:b4:
e3:72:be:63:36:c9:87:d4:db:21:b6:92:f8:8f:f5:
c1:b7:57:f5:4e:5b:96:e4:58:8a:0f:17:4d:b5:75:
37:26:c6:e8:1a:25:a1:3f:fd:6e:ac:38:20:7d:82:
fc:e4:44:22:f1:f8:47:73:56:a2:8d:bf:91:34:79:
14:27:a2:ca:0e:e9:fd:6d:71:59:84:c4:ad:86:0f:
50:40:29:61:bd:e9:06:8c:4d:69:7f:fc:8d:bd:b0:
56:71:58:62:0d:17:6e:4a:5d:cd:ab:e4:48:42:51:
41:7f:56:4e:ff:5e:21:b3:cd:19:7c:bc:e7:eb:2e:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B2:40:28:5B:7B:B6:B4:7F:B0:5D:0D:05:39:C7:90:A6:C4:19:B7
X509v3 Authority Key Identifier:
keyid:B3:D2:59:5E:E8:61:12:6A:87:A7:20:37:82:C5:F5:9E:02:26:1E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9JZXuhhEmqHpyA3gsX1ngImHoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/30b2dc-43bf-4497-8b44-2c3e3b593646/1/_bJAKFt7trR_sF0NBTnHkKbEGbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/30b2dc-43bf-4497-8b44-2c3e3b593646/1/s9JZXuhhEmqHpyA3gsX1ngImHoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.198.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:8d:ca:62:4c:c6:f4:6b:9e:a4:04:44:0f:5e:09:39:f6:49:
14:2a:1d:df:a8:c7:06:cd:fe:a9:fe:55:13:30:0d:e8:dd:de:
35:db:f6:61:3c:29:16:05:7b:0c:6d:28:81:dc:1d:87:30:21:
a0:1f:b5:79:3b:40:94:a5:93:2e:a8:67:dc:75:1f:59:ed:3b:
d1:f9:f7:7e:47:66:41:25:84:05:11:93:52:7f:64:58:ae:6a:
49:d3:d6:f4:80:2c:ae:cb:03:3c:15:7f:45:a8:8a:b8:7e:54:
07:d7:b2:16:03:64:df:d2:76:ab:8e:11:dd:7b:0c:3e:bb:f7:
fa:fa:02:18:10:7c:3a:6b:43:db:3e:ed:8c:c8:4a:7d:50:86:
41:26:e3:84:83:9d:db:7b:4f:05:b3:df:2f:da:b9:78:50:2f:
61:8d:1e:3d:dd:f6:87:6a:a1:8f:bf:47:c9:f6:72:df:cf:4b:
9d:28:8d:1e:99:cd:37:74:aa:d6:f5:a7:89:18:57:df:0c:9d:
3a:31:4c:c2:34:cd:43:49:76:d9:85:d3:05:60:22:07:a7:9b:
22:21:fa:b9:66:f6:7e:85:c1:86:49:ef:95:95:60:e9:3f:b9:
db:86:4b:09:d9:25:59:b8:88:02:e4:3d:16:7f:69:2f:09:1b:
65:a5:31:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuUGgx/G8COe1Zl/H3aeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDI1OTVlZTg2MTEyNmE4N2E3MjAzNzgyYzVmNTllMDIy
NjFlODEwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIyNDAyODViN2JiNmI0N2ZiMDVkMGQwNTM5Yzc5MGE2YzQxOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL2m8/eagm5tzY8e+SHd7wYfzV5M
oK1iL5VisImiVI0+Qr+TTmhFJ2eBl6UqVawQGFdpx9ReChIyp0gMilmvEMDq1YOU
vIu77EQ3BgE33a7SxyLfS+XGGb9C3F5HNOfWJkgb3mfp5yXDSq61ya45PcPioeOz
jPdh3xO/MHPoCeUPfiKVELTjcr5jNsmH1NshtpL4j/XBt1f1TluW5FiKDxdNtXU3
JsboGiWhP/1urDggfYL85EQi8fhHc1aijb+RNHkUJ6LKDun9bXFZhMSthg9QQClh
vekGjE1pf/yNvbBWcVhiDRduSl3Nq+RIQlFBf1ZO/14hs80ZfLzn6y50mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2yQChbe7a0f7BdDQU5x5CmxBm3MB8GA1UdIwQY
MBaAFLPSWV7oYRJqh6cgN4LF9Z4CJh6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlKWlh1aGhFbXFIcHlBM2dzWDFuZ0ltSG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zMGIyZGMtNDNiZi00NDk3LThiNDQt
MmMzZTNiNTkzNjQ2LzEvX2JKQUtGdDd0clJfc0YwTkJUbkhrS2JFR2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zMGIyZGMtNDNiZi00NDk3LThiNDQtMmMzZTNiNTkzNjQ2
LzEvczlKWlh1aGhFbXFIcHlBM2dzWDFuZ0ltSG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnGMA0G
CSqGSIb3DQEBCwUAA4IBAQCcjcpiTMb0a56kBEQPXgk59kkUKh3fqMcGzf6p/lUT
MA3o3d412/ZhPCkWBXsMbSiB3B2HMCGgH7V5O0CUpZMuqGfcdR9Z7TvR+fd+R2ZB
JYQFEZNSf2RYrmpJ09b0gCyuywM8FX9FqIq4flQH17IWA2Tf0narjhHdeww+u/f6
+gIYEHw6a0PbPu2MyEp9UIZBJuOEg53be08Fs98v2rl4UC9hjR493faHaqGPv0fJ
9nLfz0udKI0emc03dKrW9aeJGFffDJ06MUzCNM1DSXbZhdMFYCIHp5siIfq5ZvZ+
hcGGSe+VlWDpP7nbhksJ2SVZuIgC5D0Wf2kvCRtlpTHM
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:00:30 2024 by rpki-client on console.sobornost.net