Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/ocjL7cXpa0deYnq44yZHFLQ0RxA.roa
File: ocjL7cXpa0deYnq44yZHFLQ0RxA.roa (raw, json)
Hash identifier: eAaP5WIi4BscHmBpwIctir2xI4OpdRVMa6AWM6vX6cw=
Subject key identifier: A1:C8:CB:ED:C5:E9:6B:47:5E:62:7A:B8:E3:26:47:14:B4:34:47:10
Certificate issuer: /CN=8d8740799c91c2630a8092178db824f3a889a75f
Certificate serial: 018CC4936CAEEF403F51DA13EC55E2C9F760
Authority key identifier: 8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/ocjL7cXpa0deYnq44yZHFLQ0RxA.roa
Signing time: Mon 01 Jan 2024 10:30:45 +0000
ROA not before: Mon 01 Jan 2024 10:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44453
IP address blocks: 144.208.0.0/19 maxlen: 32
144.208.128.0/22 maxlen: 32
144.208.132.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:6c:ae:ef:40:3f:51:da:13:ec:55:e2:c9:f7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d8740799c91c2630a8092178db824f3a889a75f
Validity
Not Before: Jan 1 10:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1c8cbedc5e96b475e627ab8e3264714b4344710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:56:2e:2e:d8:bc:4e:5f:fd:ff:e9:b9:8d:ac:
6a:d3:f7:6b:4e:7f:14:b7:a5:06:48:e1:27:d4:5e:
c0:c0:ec:54:43:ae:c7:b2:38:c5:03:48:f0:a1:74:
3d:ee:ba:54:67:bf:08:a1:9c:4a:71:1c:70:24:76:
a1:da:23:5b:63:66:9b:bb:73:6a:ce:7b:57:e0:0d:
eb:be:23:bd:82:f3:26:15:ca:ff:39:a8:da:d4:42:
3c:08:9b:b0:c2:c2:ef:ff:b1:57:41:46:b1:f6:e7:
68:54:e8:31:9e:49:04:a2:6f:08:40:69:f9:09:2b:
e1:a1:11:c5:76:8c:f2:72:8b:3c:ec:88:c5:ff:9f:
b8:44:6d:54:23:ce:5c:fd:86:74:ff:e4:7d:e1:97:
6b:3b:8f:c5:39:a8:68:a0:d8:44:21:a4:e9:b8:1d:
be:78:5b:d0:8e:44:ff:19:e9:95:50:3e:bf:4d:0c:
14:e6:77:1e:b0:0a:67:61:56:cc:5b:23:9b:a7:72:
d6:6b:de:de:27:cf:1e:0a:4f:30:53:c2:e1:0c:7d:
22:b1:98:50:b5:e5:21:33:6e:3d:71:3b:db:4c:a8:
d9:0c:21:af:b8:60:d5:a5:d2:4d:16:bc:fc:29:95:
d6:07:1b:2e:1f:95:b1:52:80:bc:0e:f5:d6:57:76:
05:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C8:CB:ED:C5:E9:6B:47:5E:62:7A:B8:E3:26:47:14:B4:34:47:10
X509v3 Authority Key Identifier:
keyid:8D:87:40:79:9C:91:C2:63:0A:80:92:17:8D:B8:24:F3:A8:89:A7:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYdAeZyRwmMKgJIXjbgk86iJp18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/ocjL7cXpa0deYnq44yZHFLQ0RxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/5b7c94-a60d-4399-9829-52b8166829d7/1/jYdAeZyRwmMKgJIXjbgk86iJp18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.0.0/19
144.208.128.0/21
Signature Algorithm: sha256WithRSAEncryption
29:45:93:60:c5:ff:a8:d4:37:37:b3:00:72:49:46:f2:47:4b:
65:1a:38:86:43:8e:ef:a0:c6:21:33:f0:ac:ac:6a:90:93:e7:
bb:da:5d:60:f1:d9:80:61:f3:cb:a9:4b:f0:a5:89:d8:1a:72:
d8:c8:14:c9:e7:66:a2:28:6f:be:87:21:76:f0:7a:1a:db:3f:
d0:fc:84:78:77:4d:c1:da:82:a0:a1:66:77:58:89:77:24:df:
43:0a:99:9a:fe:a1:75:be:bf:19:7d:71:3d:b6:d8:4c:c2:6b:
0d:3f:a7:1d:5c:d8:4a:bb:f6:b0:de:8c:f5:56:b2:a9:97:2b:
7d:47:47:65:1e:e1:26:7f:cd:8c:2d:c2:eb:87:65:59:1a:8e:
2e:18:31:15:c6:19:3b:49:e4:38:7e:80:d3:66:d2:5f:ad:2e:
65:70:c3:67:37:1f:13:99:ad:36:81:e3:d8:3c:c9:64:f0:43:
4e:68:42:1a:46:eb:cf:0f:5d:5e:d1:c2:b5:a1:60:66:bc:08:
16:d1:bb:7f:41:eb:b6:65:53:1b:e3:ae:e5:df:67:4f:f4:12:
71:1c:dc:75:eb:18:76:bd:84:ac:1e:6d:74:03:24:0d:7b:3c:
94:b0:95:2c:a8:38:5c:ea:02:3d:cc:df:4b:38:b3:c8:db:60:
d4:1e:50:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk2yu70A/UdoT7FXiyfdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODc0MDc5OWM5MWMyNjMwYTgwOTIxNzhkYjgyNGYzYTg4
OWE3NWYwHhcNMjQwMTAxMTAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM4Y2JlZGM1ZTk2YjQ3NWU2MjdhYjhlMzI2NDcxNGI0MzQ0NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFYuLti8Tl/9/+m5jaxq0/drTn8U
t6UGSOEn1F7AwOxUQ67HsjjFA0jwoXQ97rpUZ78IoZxKcRxwJHah2iNbY2abu3Nq
zntX4A3rviO9gvMmFcr/Oaja1EI8CJuwwsLv/7FXQUax9udoVOgxnkkEom8IQGn5
CSvhoRHFdozycos87IjF/5+4RG1UI85c/YZ0/+R94ZdrO4/FOahooNhEIaTpuB2+
eFvQjkT/GemVUD6/TQwU5ncesApnYVbMWyObp3LWa97eJ88eCk8wU8LhDH0isZhQ
teUhM249cTvbTKjZDCGvuGDVpdJNFrz8KZXWBxsuH5WxUoC8DvXWV3YFZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKHIy+3F6WtHXmJ6uOMmRxS0NEcQMB8GA1UdIwQY
MBaAFI2HQHmckcJjCoCSF424JPOoiadfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4Mjkt
NTJiODE2NjgyOWQ3LzEvb2NqTDdjWHBhMGRlWW5xNDR5WkhGTFEwUnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy81YjdjOTQtYTYwZC00Mzk5LTk4MjktNTJiODE2NjgyOWQ3
LzEvallkQWVaeVJ3bU1LZ0pJWGpiZ2s4NmlKcDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFkNAAAwQD
kNCAMA0GCSqGSIb3DQEBCwUAA4IBAQApRZNgxf+o1Dc3swBySUbyR0tlGjiGQ47v
oMYhM/CsrGqQk+e72l1g8dmAYfPLqUvwpYnYGnLYyBTJ52aiKG++hyF28Hoa2z/Q
/IR4d03B2oKgoWZ3WIl3JN9DCpma/qF1vr8ZfXE9tthMwmsNP6cdXNhKu/aw3oz1
VrKplyt9R0dlHuEmf82MLcLrh2VZGo4uGDEVxhk7SeQ4foDTZtJfrS5lcMNnNx8T
ma02gePYPMlk8ENOaEIaRuvPD11e0cK1oWBmvAgW0bt/Qeu2ZVMb467l32dP9BJx
HNx16xh2vYSsHm10AyQNezyUsJUsqDhc6gI9zN9LOLPI22DUHlCX
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:30:25 2024 by rpki-client on console.sobornost.net