Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/7JjmZ1VDkb1S8-Mrfnv93XLh-so.roa
File: 7JjmZ1VDkb1S8-Mrfnv93XLh-so.roa (raw, json)
Hash identifier: QiB4OdjLRhK7z0DlSXjBcLmZ6ugeJ30bjXcEK36H+So=
Subject key identifier: EC:98:E6:67:55:43:91:BD:52:F3:E3:2B:7E:7B:FD:DD:72:E1:FA:CA
Certificate issuer: /CN=7cac8d7f4b75170607bfcf8439c2e1d03a21410d
Certificate serial: 01856D017C72B3100A73FE6C0AF5D2A0A8E8
Authority key identifier: 7C:AC:8D:7F:4B:75:17:06:07:BF:CF:84:39:C2:E1:D0:3A:21:41:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKyNf0t1FwYHv8-EOcLh0DohQQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/7JjmZ1VDkb1S8-Mrfnv93XLh-so.roa
Signing time: Sun 01 Jan 2023 11:04:51 +0000
ROA not before: Sun 01 Jan 2023 11:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202038
IP address blocks: 109.234.226.0/23 maxlen: 23
109.234.225.0/24 maxlen: 24
109.234.224.0/21 maxlen: 21
194.169.50.0/24 maxlen: 24
109.234.224.0/24 maxlen: 24
31.25.56.0/21 maxlen: 24
109.234.228.0/23 maxlen: 23
185.78.216.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:7c:72:b3:10:0a:73:fe:6c:0a:f5:d2:a0:a8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cac8d7f4b75170607bfcf8439c2e1d03a21410d
Validity
Not Before: Jan 1 11:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec98e667554391bd52f3e32b7e7bfddd72e1faca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5b:90:f2:da:44:95:fb:11:19:b2:07:28:28:
bc:c3:94:8b:23:91:d0:0b:86:17:6d:6f:22:42:ae:
02:6a:cb:9e:a4:1f:4b:8e:e3:59:16:77:9e:93:cc:
68:d1:ec:b9:0d:43:97:3a:c2:d5:55:f8:5e:8e:45:
c1:4b:88:39:ac:e6:f9:d7:3f:ef:8e:b4:2d:38:80:
d7:d8:fe:a4:c7:02:65:ef:1a:ae:6b:7f:c2:d8:4c:
c2:e8:bd:e5:fe:7b:31:9b:19:a4:95:11:6a:eb:04:
24:d5:66:ff:4d:52:cc:c5:a4:df:f4:eb:a5:fe:2d:
3a:6b:92:e7:66:7a:0b:47:a7:25:fa:d7:4d:31:e3:
ae:05:97:b0:64:4a:26:fa:ae:d4:15:b8:25:e6:13:
12:ca:20:af:30:b2:ad:90:a6:6e:17:f3:fc:1e:fd:
82:5c:89:af:9d:6a:1d:72:2b:9d:67:6e:ec:5a:33:
68:d1:32:1a:31:f6:bd:69:df:c4:09:f5:af:ba:c4:
35:51:1a:3e:35:62:06:75:46:69:27:78:ed:4f:29:
ed:82:3e:2d:fd:66:44:8b:44:f5:32:0e:67:af:e4:
62:b7:da:0a:cf:22:3b:42:41:25:a9:8f:aa:6f:f8:
71:d4:5b:3e:d4:2e:46:b2:93:6e:45:71:08:bf:7c:
0d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:98:E6:67:55:43:91:BD:52:F3:E3:2B:7E:7B:FD:DD:72:E1:FA:CA
X509v3 Authority Key Identifier:
keyid:7C:AC:8D:7F:4B:75:17:06:07:BF:CF:84:39:C2:E1:D0:3A:21:41:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKyNf0t1FwYHv8-EOcLh0DohQQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/7JjmZ1VDkb1S8-Mrfnv93XLh-so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/97913c-748e-4fd1-9194-208fcfdfb201/1/fKyNf0t1FwYHv8-EOcLh0DohQQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.56.0/21
109.234.224.0/21
185.78.216.0/23
194.169.50.0/24
Signature Algorithm: sha256WithRSAEncryption
03:03:94:27:da:4b:80:4a:3a:40:78:43:0b:e3:80:58:7b:13:
5b:96:4e:d0:a2:d8:80:45:ae:11:d2:06:a4:08:c0:2f:69:da:
e7:14:53:8f:6c:7e:c0:c9:45:41:04:80:ce:f3:fa:bd:d3:fd:
d5:ee:84:17:58:e0:78:4d:a0:6f:c2:fd:47:33:f8:de:35:96:
4b:ec:b2:33:52:04:d0:15:36:54:5e:da:75:07:8f:45:40:cb:
95:a4:5b:01:e3:d6:dc:08:1a:b8:c8:a2:db:07:44:46:27:e3:
49:a0:5d:ad:c5:84:17:58:f1:9a:4c:b7:9c:ac:b8:12:72:74:
9e:d9:41:06:f4:70:10:f5:42:d1:eb:4d:a4:f5:3f:01:ff:80:
e9:0e:86:53:92:05:94:cb:f0:88:b9:cf:49:4a:52:74:a9:18:
3f:5d:f0:32:d1:8d:e9:87:7c:95:45:50:4b:8f:36:90:66:89:
f9:d7:08:72:90:14:ff:f1:e2:b3:e4:82:29:f4:f7:b5:e5:62:
56:32:fb:0d:64:1e:99:44:79:36:73:22:a8:5f:f3:39:64:13:
ac:4a:54:52:22:4f:98:40:f1:c0:8e:39:db:f1:2b:e4:6f:dc:
7d:71:16:5f:2f:48:40:c4:d0:93:65:b0:89:39:31:fb:78:f5:
b9:b3:c9:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtAXxysxAKc/5sCvXSoKjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYWM4ZDdmNGI3NTE3MDYwN2JmY2Y4NDM5YzJlMWQwM2Ey
MTQxMGQwHhcNMjMwMTAxMTEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzk4ZTY2NzU1NDM5MWJkNTJmM2UzMmI3ZTdiZmRkZDcyZTFmYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1uQ8tpElfsRGbIHKCi8w5SLI5HQ
C4YXbW8iQq4CasuepB9LjuNZFneek8xo0ey5DUOXOsLVVfhejkXBS4g5rOb51z/v
jrQtOIDX2P6kxwJl7xqua3/C2EzC6L3l/nsxmxmklRFq6wQk1Wb/TVLMxaTf9Oul
/i06a5LnZnoLR6cl+tdNMeOuBZewZEom+q7UFbgl5hMSyiCvMLKtkKZuF/P8Hv2C
XImvnWodciudZ27sWjNo0TIaMfa9ad/ECfWvusQ1URo+NWIGdUZpJ3jtTyntgj4t
/WZEi0T1Mg5nr+Rit9oKzyI7QkElqY+qb/hx1Fs+1C5GspNuRXEIv3wNEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOyY5mdVQ5G9UvPjK357/d1y4frKMB8GA1UdIwQY
MBaAFHysjX9LdRcGB7/PhDnC4dA6IUENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkt5TmYwdDFGd1lIdjgtRU9jTGgwRG9oUVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85NzkxM2MtNzQ4ZS00ZmQxLTkxOTQt
MjA4ZmNmZGZiMjAxLzEvN0pqbVoxVkRrYjFTOC1NcmZudjkzWExoLXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85NzkxM2MtNzQ4ZS00ZmQxLTkxOTQtMjA4ZmNmZGZiMjAx
LzEvZkt5TmYwdDFGd1lIdjgtRU9jTGgwRG9oUVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDHxk4AwQD
bergAwQBuU7YAwQAwqkyMA0GCSqGSIb3DQEBCwUAA4IBAQADA5Qn2kuASjpAeEML
44BYexNblk7QotiARa4R0gakCMAvadrnFFOPbH7AyUVBBIDO8/q90/3V7oQXWOB4
TaBvwv1HM/jeNZZL7LIzUgTQFTZUXtp1B49FQMuVpFsB49bcCBq4yKLbB0RGJ+NJ
oF2txYQXWPGaTLecrLgScnSe2UEG9HAQ9ULR602k9T8B/4DpDoZTkgWUy/CIuc9J
SlJ0qRg/XfAy0Y3ph3yVRVBLjzaQZon51whykBT/8eKz5IIp9Pe15WJWMvsNZB6Z
RHk2cyKoX/M5ZBOsSlRSIk+YQPHAjjnb8Svkb9x9cRZfL0hAxNCTZbCJOTH7ePW5
s8lm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:23 2024 by rpki-client on console-fra.rpki-client.org