Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/aefe47-30d7-4440-944a-5eb36b16c938/1/GtiknY9wqo3Xqzf1vY7iubHvH3g.roa
File: GtiknY9wqo3Xqzf1vY7iubHvH3g.roa (raw, json)
Hash identifier: xhJtQ66T0FWQpnZ5scqtgMiGra6mVIvNMHCRbJHGXV0=
Subject key identifier: 1A:D8:A4:9D:8F:70:AA:8D:D7:AB:37:F5:BD:8E:E2:B9:B1:EF:1F:78
Certificate issuer: /CN=3f0e49eb450708cf64740baa8ce2d1987d22c915
Certificate serial: 01856F26C2E3E032F5C862511E82FD57CEC7
Authority key identifier: 3F:0E:49:EB:45:07:08:CF:64:74:0B:AA:8C:E2:D1:98:7D:22:C9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pw5J60UHCM9kdAuqjOLRmH0iyRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/aefe47-30d7-4440-944a-5eb36b16c938/1/GtiknY9wqo3Xqzf1vY7iubHvH3g.roa
Signing time: Sun 01 Jan 2023 21:04:49 +0000
ROA not before: Sun 01 Jan 2023 21:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 213.217.29.0/24 maxlen: 24
185.53.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c2:e3:e0:32:f5:c8:62:51:1e:82:fd:57:ce:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f0e49eb450708cf64740baa8ce2d1987d22c915
Validity
Not Before: Jan 1 21:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ad8a49d8f70aa8dd7ab37f5bd8ee2b9b1ef1f78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fd:df:fa:4b:8b:60:de:e6:4e:81:fe:13:f7:
eb:53:f4:82:0e:3b:01:0b:e9:79:ca:a0:5b:e6:ea:
3c:e5:15:2f:1a:f1:30:48:46:ef:ff:a5:f2:9f:ae:
07:97:31:a5:07:6a:d7:ee:80:7f:89:d1:17:fb:53:
67:dd:37:af:9e:94:fa:58:4c:a8:9b:ea:98:9a:5e:
5a:78:f2:26:d2:f2:79:1e:75:c9:d4:c7:f6:53:88:
c4:73:99:81:87:69:32:87:b9:ed:9d:d4:b4:79:89:
ea:bf:a5:63:d1:78:89:79:86:28:e9:9d:b0:35:77:
0d:44:c8:71:7d:e0:2f:e9:71:d8:f0:17:8d:89:73:
63:4e:35:61:15:45:53:0e:1c:43:1e:07:10:1f:0d:
e7:67:84:f1:a0:a9:3c:b0:41:a3:e2:21:a8:d9:72:
2d:b1:4b:62:80:84:df:ae:83:10:51:8a:53:2a:8a:
78:dc:53:ed:ad:f7:93:f7:ce:cb:a7:89:15:af:9c:
51:a8:f1:e2:a5:c4:80:ca:68:f4:5f:8c:b1:be:5a:
cd:8d:58:f4:1e:5c:c9:9e:b9:66:b7:f2:23:98:80:
21:79:83:9e:05:3e:86:4a:a6:09:39:09:48:31:96:
86:91:49:7f:93:97:0f:9d:4b:04:07:3b:b4:aa:6d:
91:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D8:A4:9D:8F:70:AA:8D:D7:AB:37:F5:BD:8E:E2:B9:B1:EF:1F:78
X509v3 Authority Key Identifier:
keyid:3F:0E:49:EB:45:07:08:CF:64:74:0B:AA:8C:E2:D1:98:7D:22:C9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pw5J60UHCM9kdAuqjOLRmH0iyRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/aefe47-30d7-4440-944a-5eb36b16c938/1/GtiknY9wqo3Xqzf1vY7iubHvH3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/aefe47-30d7-4440-944a-5eb36b16c938/1/Pw5J60UHCM9kdAuqjOLRmH0iyRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.33.0/24
213.217.29.0/24
Signature Algorithm: sha256WithRSAEncryption
71:9c:92:23:9f:93:de:44:50:09:c6:a9:97:01:f1:a3:4e:42:
63:b9:7d:1f:ea:91:3e:eb:42:86:c8:3c:6b:9d:62:f9:c6:7f:
87:cb:1d:eb:a0:8c:ae:b3:c2:ae:96:b6:74:9d:cd:2a:8f:bf:
17:92:8e:15:1c:a5:8a:8c:42:27:c9:0e:88:ba:2a:bb:b8:04:
3d:a9:18:49:93:0f:20:e1:7c:1a:e7:f2:f5:05:53:2a:65:05:
93:41:63:62:3b:4a:cc:78:71:74:ad:5d:6d:98:cd:65:29:ac:
d2:b7:2a:e1:6b:9e:59:4f:6e:ac:69:08:f3:48:af:42:b6:01:
c5:64:60:2d:42:15:04:06:4e:3c:f5:a7:76:41:cc:6b:2a:d5:
16:ec:72:6a:5f:a0:84:33:7b:c0:6f:f9:dc:f2:cf:db:e6:32:
33:9c:a2:47:bb:f0:b7:56:78:73:98:97:cf:be:81:44:45:3a:
d1:e9:e2:ee:6d:87:c3:e0:fa:be:c8:c4:a6:40:1b:1e:37:02:
88:e8:e9:82:df:14:1f:7c:44:c6:0b:a5:7b:49:06:25:1e:2e:
8b:3f:0c:97:38:74:6d:1a:46:13:de:6d:4f:37:73:9e:dd:ce:
21:4f:c7:0c:4c:71:1b:f8:f1:ee:c5:e0:66:e3:f2:6d:ab:1d:
5f:fd:29:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJsLj4DL1yGJRHoL9V87HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMGU0OWViNDUwNzA4Y2Y2NDc0MGJhYThjZTJkMTk4N2Qy
MmM5MTUwHhcNMjMwMTAxMjEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQ4YTQ5ZDhmNzBhYThkZDdhYjM3ZjViZDhlZTJiOWIxZWYxZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgv3f+kuLYN7mToH+E/frU/SCDjsB
C+l5yqBb5uo85RUvGvEwSEbv/6Xyn64HlzGlB2rX7oB/idEX+1Nn3TevnpT6WEyo
m+qYml5aePIm0vJ5HnXJ1Mf2U4jEc5mBh2kyh7ntndS0eYnqv6Vj0XiJeYYo6Z2w
NXcNRMhxfeAv6XHY8BeNiXNjTjVhFUVTDhxDHgcQHw3nZ4TxoKk8sEGj4iGo2XIt
sUtigITfroMQUYpTKop43FPtrfeT987Lp4kVr5xRqPHipcSAymj0X4yxvlrNjVj0
HlzJnrlmt/IjmIAheYOeBT6GSqYJOQlIMZaGkUl/k5cPnUsEBzu0qm2RQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBrYpJ2PcKqN16s39b2O4rmx7x94MB8GA1UdIwQY
MBaAFD8OSetFBwjPZHQLqozi0Zh9IskVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHc1SjYwVUhDTTlrZEF1cWpPTFJtSDBpeVJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9hZWZlNDctMzBkNy00NDQwLTk0NGEt
NWViMzZiMTZjOTM4LzEvR3Rpa25ZOXdxbzNYcXpmMXZZN2l1Ykh2SDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9hZWZlNDctMzBkNy00NDQwLTk0NGEtNWViMzZiMTZjOTM4
LzEvUHc1SjYwVUhDTTlrZEF1cWpPTFJtSDBpeVJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuTUhAwQA
1dkdMA0GCSqGSIb3DQEBCwUAA4IBAQBxnJIjn5PeRFAJxqmXAfGjTkJjuX0f6pE+
60KGyDxrnWL5xn+Hyx3roIyus8KulrZ0nc0qj78Xko4VHKWKjEInyQ6Iuiq7uAQ9
qRhJkw8g4Xwa5/L1BVMqZQWTQWNiO0rMeHF0rV1tmM1lKazStyrha55ZT26saQjz
SK9CtgHFZGAtQhUEBk489ad2QcxrKtUW7HJqX6CEM3vAb/nc8s/b5jIznKJHu/C3
VnhzmJfPvoFERTrR6eLubYfD4Pq+yMSmQBseNwKI6OmC3xQffETGC6V7SQYlHi6L
PwyXOHRtGkYT3m1PN3Oe3c4hT8cMTHEb+PHuxeBm4/Jtqx1f/Sml
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org