Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/ybADgkIrhhT0pl4L192iwXgag3A.roa
File: ybADgkIrhhT0pl4L192iwXgag3A.roa (raw, json)
Hash identifier: CNbGPVXFY2uRSOA413+zkL+X9X24tuwbbEs6lDlnBsw=
Subject key identifier: C9:B0:03:82:42:2B:86:14:F4:A6:5E:0B:D7:DD:A2:C1:78:1A:83:70
Certificate issuer: /CN=03d4c874a8fbaf51c9ec43ca009b22dc1d503976
Certificate serial: 01821721BCBB7F7F1A77461DC88A6C0701A9
Authority key identifier: 03:D4:C8:74:A8:FB:AF:51:C9:EC:43:CA:00:9B:22:DC:1D:50:39:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A9TIdKj7r1HJ7EPKAJsi3B1QOXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/ybADgkIrhhT0pl4L192iwXgag3A.roa
Signing time: Tue 19 Jul 2022 15:44:23 +0000
ROA not before: Tue 19 Jul 2022 15:44:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25228
IP address blocks: 213.255.212.0/22 maxlen: 22
213.255.220.0/22 maxlen: 22
213.255.232.0/22 maxlen: 22
78.138.4.0/22 maxlen: 22
83.229.100.0/24 maxlen: 24
213.255.236.0/22 maxlen: 22
83.229.101.0/24 maxlen: 24
83.229.102.0/24 maxlen: 24
213.255.252.0/22 maxlen: 22
78.138.36.0/22 maxlen: 22
185.115.108.0/22 maxlen: 22
83.229.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:17:21:bc:bb:7f:7f:1a:77:46:1d:c8:8a:6c:07:01:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03d4c874a8fbaf51c9ec43ca009b22dc1d503976
Validity
Not Before: Jul 19 15:44:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9b00382422b8614f4a65e0bd7dda2c1781a8370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6f:eb:33:9e:7f:45:67:46:b3:2a:b8:f2:52:
50:49:f4:c3:0c:02:97:52:26:e2:b3:22:fc:b4:a1:
03:17:0a:44:5d:4a:35:36:a5:47:75:20:84:37:6a:
60:46:b3:a5:c5:51:89:3f:2a:7f:5c:67:40:69:1b:
b6:34:6d:9b:8b:b9:0e:d1:87:5f:40:94:e4:54:73:
bd:5f:87:f7:8e:c0:0a:a5:03:7a:c6:72:73:f7:f9:
a6:f0:3c:2b:e4:6c:75:45:ac:4a:15:e8:2b:18:ab:
cd:6a:97:2b:f6:1a:d3:db:87:94:47:73:64:27:e7:
49:52:8c:b2:2a:c7:35:55:5d:9a:70:b8:b7:cc:e8:
06:06:d5:6c:4f:3f:84:7d:65:72:d2:d7:34:0c:fb:
12:d4:96:fc:31:1b:6d:5f:41:73:fa:48:40:22:df:
13:4c:72:ec:ec:da:70:0c:92:6c:ad:19:2c:1e:5a:
ba:ca:e0:5d:ac:25:58:04:08:9a:50:b5:e7:56:2b:
8b:c6:2e:91:fc:f0:b0:e9:a7:36:bb:50:f8:fe:d3:
20:26:a4:6b:b1:15:bc:7d:41:a9:da:ae:1e:5a:a9:
44:80:d6:68:cb:6d:f7:31:37:79:8d:5a:59:cb:9a:
be:96:76:c9:38:25:49:51:1a:6c:e7:2f:e5:78:cc:
bf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B0:03:82:42:2B:86:14:F4:A6:5E:0B:D7:DD:A2:C1:78:1A:83:70
X509v3 Authority Key Identifier:
keyid:03:D4:C8:74:A8:FB:AF:51:C9:EC:43:CA:00:9B:22:DC:1D:50:39:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9TIdKj7r1HJ7EPKAJsi3B1QOXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/ybADgkIrhhT0pl4L192iwXgag3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/A9TIdKj7r1HJ7EPKAJsi3B1QOXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.4.0/22
78.138.36.0/22
83.229.52.0/22
83.229.100.0-83.229.102.255
185.115.108.0/22
213.255.212.0/22
213.255.220.0/22
213.255.232.0/21
213.255.252.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:2b:91:4d:5a:82:6f:81:ac:a5:69:ab:b4:85:98:b3:a9:bd:
9b:d5:4c:c7:11:04:1c:3a:5b:42:b6:35:5e:bf:07:47:97:2e:
52:24:84:44:98:af:30:c8:ac:df:24:26:f0:9b:e0:1c:bc:04:
dc:25:a3:4c:3a:6c:3a:12:22:9f:e0:20:a9:54:28:5d:47:4b:
47:37:34:7a:b4:55:54:f3:4f:7e:9a:42:a7:c9:52:84:ad:b9:
40:d2:31:a2:61:db:a7:78:fb:d6:bb:2c:b5:66:a5:af:74:29:
fb:cf:88:b6:3f:20:e8:92:65:bf:ab:34:d1:be:0f:aa:0c:9c:
cf:ca:85:58:2e:95:c6:ee:e5:85:b1:f7:6f:e0:60:bf:21:ef:
1e:2d:96:86:5b:2e:d5:a0:35:b3:c7:25:d9:2f:b2:42:63:a0:
cd:97:67:b1:20:58:99:6a:a5:cc:56:3d:ca:48:49:d6:d4:f1:
db:be:70:b6:3d:c9:58:41:d2:86:b1:0d:4f:46:d6:0d:0e:68:
b9:8b:54:18:54:15:e4:e6:db:2a:6e:a4:6a:f4:0e:82:5d:e7:
45:cf:07:05:0c:0d:f5:f0:c9:1e:aa:99:f8:12:b3:fb:91:ec:
c6:42:c5:8b:dc:61:d8:38:60:99:28:da:e1:3c:8c:f3:96:1b:
71:46:89:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYIXIby7f38ad0YdyIpsBwGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZDRjODc0YThmYmFmNTFjOWVjNDNjYTAwOWIyMmRjMWQ1
MDM5NzYwHhcNMjIwNzE5MTU0NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWIwMDM4MjQyMmI4NjE0ZjRhNjVlMGJkN2RkYTJjMTc4MWE4MzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW/rM55/RWdGsyq48lJQSfTDDAKX
UibisyL8tKEDFwpEXUo1NqVHdSCEN2pgRrOlxVGJPyp/XGdAaRu2NG2bi7kO0Ydf
QJTkVHO9X4f3jsAKpQN6xnJz9/mm8Dwr5Gx1RaxKFegrGKvNapcr9hrT24eUR3Nk
J+dJUoyyKsc1VV2acLi3zOgGBtVsTz+EfWVy0tc0DPsS1Jb8MRttX0Fz+khAIt8T
THLs7NpwDJJsrRksHlq6yuBdrCVYBAiaULXnViuLxi6R/PCw6ac2u1D4/tMgJqRr
sRW8fUGp2q4eWqlEgNZoy233MTd5jVpZy5q+lnbJOCVJURps5y/leMy/yQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFMmwA4JCK4YU9KZeC9fdosF4GoNwMB8GA1UdIwQY
MBaAFAPUyHSo+69RyexDygCbItwdUDl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTlUSWRLajdyMUhKN0VQS0FKc2kzQjFRT1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kMDlhNmUtNTA4MS00Njc0LWFhNTct
MjQ0ZDg0MDk0YzBmLzEveWJBRGdrSXJoaFQwcGw0TDE5Mml3WGdhZzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kMDlhNmUtNTA4MS00Njc0LWFhNTctMjQ0ZDg0MDk0YzBm
LzEvQTlUSWRLajdyMUhKN0VQS0FKc2kzQjFRT1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCTooEAwQC
TookAwQCU+U0MAwDBAJT5WQDBABT5WYDBAK5c2wDBALV/9QDBALV/9wDBAPV/+gD
BALV//wwDQYJKoZIhvcNAQELBQADggEBAL0rkU1agm+BrKVpq7SFmLOpvZvVTMcR
BBw6W0K2NV6/B0eXLlIkhESYrzDIrN8kJvCb4By8BNwlo0w6bDoSIp/gIKlUKF1H
S0c3NHq0VVTzT36aQqfJUoStuUDSMaJh26d4+9a7LLVmpa90KfvPiLY/IOiSZb+r
NNG+D6oMnM/KhVgulcbu5YWx92/gYL8h7x4tloZbLtWgNbPHJdkvskJjoM2XZ7Eg
WJlqpcxWPcpISdbU8du+cLY9yVhB0oaxDU9G1g0OaLmLVBhUFeTm2ypupGr0DoJd
50XPBwUMDfXwyR6qmfgSs/uR7MZCxYvcYdg4YJko2uE8jPOWG3FGiVo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:10 2024 by rpki-client on console-fra.rpki-client.org