Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/2038aa-7de5-4581-933a-d1a0c320c28a/1/9_7BOk-18Wet2CG0vJJkrfTaYrA.roa
File: 9_7BOk-18Wet2CG0vJJkrfTaYrA.roa (raw, json)
Hash identifier: /btuFwXFQK8fzyGITTpn489MRXrBQ90SfGr1yP4AFZA=
Subject key identifier: F7:FE:C1:3A:4F:B5:F1:67:AD:D8:21:B4:BC:92:64:AD:F4:DA:62:B0
Certificate issuer: /CN=8023d3d35800ef3cb2a56c38bf914397381e0ff1
Certificate serial: 018CC795537418C2F41DC16CEB26F03F2E74
Authority key identifier: 80:23:D3:D3:58:00:EF:3C:B2:A5:6C:38:BF:91:43:97:38:1E:0F:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gCPT01gA7zyypWw4v5FDlzgeD_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/2038aa-7de5-4581-933a-d1a0c320c28a/1/9_7BOk-18Wet2CG0vJJkrfTaYrA.roa
Signing time: Tue 02 Jan 2024 00:31:41 +0000
ROA not before: Tue 02 Jan 2024 00:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62353
IP address blocks: 213.159.16.0/22 maxlen: 24
213.159.16.0/21 maxlen: 24
213.159.20.0/22 maxlen: 24
185.22.12.0/22 maxlen: 24
185.22.12.0/23 maxlen: 24
185.22.14.0/23 maxlen: 24
185.81.10.0/23 maxlen: 24
185.81.11.0/24 maxlen: 24
185.81.8.0/24 maxlen: 24
185.81.8.0/23 maxlen: 24
185.81.8.0/22 maxlen: 24
2a00:5d60::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:53:74:18:c2:f4:1d:c1:6c:eb:26:f0:3f:2e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8023d3d35800ef3cb2a56c38bf914397381e0ff1
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7fec13a4fb5f167add821b4bc9264adf4da62b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:02:14:be:25:b6:51:45:46:77:05:76:bc:3a:
fc:fc:f8:80:94:2a:46:a9:8e:d9:28:63:03:c1:d5:
ad:36:d6:e2:2d:8e:d5:e8:2c:27:2e:6c:5e:71:47:
e2:41:5f:dc:6d:11:4f:9f:aa:74:82:25:36:29:b5:
c5:f9:22:a5:87:5d:b1:ef:30:60:a3:30:7d:93:eb:
aa:0d:54:78:a1:c0:9f:a6:82:08:3d:62:37:cd:f2:
3c:16:34:24:9b:f8:31:8e:b9:a5:bb:64:b4:c7:77:
c6:f8:6f:d7:36:65:a5:fa:22:66:d7:76:8d:28:0f:
18:b5:29:7d:b4:1f:5a:ec:7b:a5:0c:83:9b:ce:2d:
6a:ea:56:eb:ea:5c:a5:7e:4f:41:41:bd:c0:7d:6e:
f5:97:2e:3f:47:78:f5:1e:d6:48:99:1e:36:71:fd:
41:de:78:34:25:2f:27:e0:17:2c:94:7a:c8:9c:f5:
7c:e6:72:13:ce:d0:61:f4:07:4c:1e:41:11:81:bf:
e6:c2:21:7a:cf:f2:0c:97:21:14:ca:b1:e8:68:ac:
5a:da:76:1f:9c:22:12:7e:d6:1f:61:fa:95:86:97:
0b:a6:b9:74:c9:77:cb:c8:6d:33:5d:35:1a:4d:cf:
20:e6:e3:0b:68:59:c7:8a:cd:7a:2f:b5:7f:db:d8:
7c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:FE:C1:3A:4F:B5:F1:67:AD:D8:21:B4:BC:92:64:AD:F4:DA:62:B0
X509v3 Authority Key Identifier:
keyid:80:23:D3:D3:58:00:EF:3C:B2:A5:6C:38:BF:91:43:97:38:1E:0F:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gCPT01gA7zyypWw4v5FDlzgeD_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2038aa-7de5-4581-933a-d1a0c320c28a/1/9_7BOk-18Wet2CG0vJJkrfTaYrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2038aa-7de5-4581-933a-d1a0c320c28a/1/gCPT01gA7zyypWw4v5FDlzgeD_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.12.0/22
185.81.8.0/22
213.159.16.0/21
IPv6:
2a00:5d60::/32
Signature Algorithm: sha256WithRSAEncryption
44:5d:40:43:01:20:45:b9:f5:0f:60:05:9b:fd:19:73:92:0e:
ab:80:27:d7:66:3d:f9:50:ef:8b:78:36:54:00:5d:6f:99:87:
f6:83:91:89:a0:a5:ce:21:8c:60:d2:ab:13:f6:1e:80:b5:28:
6e:c6:52:cd:13:d7:ac:20:89:9f:e5:12:da:7e:61:d6:a6:9a:
a6:b4:c0:4d:6e:47:a0:22:ce:5e:4e:28:d6:9c:8c:63:28:de:
e5:88:fd:5a:1b:4e:2e:76:25:31:ce:ec:99:db:57:ab:76:67:
81:92:db:2e:fe:20:18:52:7a:01:50:c4:3c:19:a0:79:03:2b:
31:39:ee:c1:45:4a:23:0e:bf:4f:5c:14:61:9c:fa:2b:de:d2:
06:d1:96:bb:bf:dc:c4:70:68:53:36:1a:af:64:9e:d7:74:e1:
ba:06:f3:67:a2:83:e7:50:dc:61:c1:3c:91:a8:e6:c6:8a:d0:
c9:2d:0b:79:b5:a9:db:32:a2:98:8d:78:22:00:21:7a:51:d3:
dd:f4:2b:df:8f:71:23:22:47:ab:e4:5b:93:39:62:17:d7:1a:
e1:43:6c:f4:f2:8f:3d:c9:d7:19:7d:c5:72:77:fe:01:40:5a:
1e:ac:99:72:12:f6:a4:41:b5:6a:b1:97:33:a1:d7:de:0a:33:
13:ec:04:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlVN0GML0HcFs6ybwPy50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMjNkM2QzNTgwMGVmM2NiMmE1NmMzOGJmOTE0Mzk3Mzgx
ZTBmZjEwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2ZlYzEzYTRmYjVmMTY3YWRkODIxYjRiYzkyNjRhZGY0ZGE2MmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIUviW2UUVGdwV2vDr8/PiAlCpG
qY7ZKGMDwdWtNtbiLY7V6CwnLmxecUfiQV/cbRFPn6p0giU2KbXF+SKlh12x7zBg
ozB9k+uqDVR4ocCfpoIIPWI3zfI8FjQkm/gxjrmlu2S0x3fG+G/XNmWl+iJm13aN
KA8YtSl9tB9a7HulDIObzi1q6lbr6lylfk9BQb3AfW71ly4/R3j1HtZImR42cf1B
3ng0JS8n4BcslHrInPV85nITztBh9AdMHkERgb/mwiF6z/IMlyEUyrHoaKxa2nYf
nCISftYfYfqVhpcLprl0yXfLyG0zXTUaTc8g5uMLaFnHis16L7V/29h8owIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPf+wTpPtfFnrdghtLySZK302mKwMB8GA1UdIwQY
MBaAFIAj09NYAO88sqVsOL+RQ5c4Hg/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0NQVDAxZ0E3enl5cFd3NHY1RkRsemdlRF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yMDM4YWEtN2RlNS00NTgxLTkzM2Et
ZDFhMGMzMjBjMjhhLzEvOV83Qk9rLTE4V2V0MkNHMHZKSmtyZlRhWXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yMDM4YWEtN2RlNS00NTgxLTkzM2EtZDFhMGMzMjBjMjhh
LzEvZ0NQVDAxZ0E3enl5cFd3NHY1RkRsemdlRF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuRYMAwQC
uVEIAwQD1Z8QMA0EAgACMAcDBQAqAF1gMA0GCSqGSIb3DQEBCwUAA4IBAQBEXUBD
ASBFufUPYAWb/Rlzkg6rgCfXZj35UO+LeDZUAF1vmYf2g5GJoKXOIYxg0qsT9h6A
tShuxlLNE9esIImf5RLafmHWppqmtMBNbkegIs5eTijWnIxjKN7liP1aG04udiUx
zuyZ21erdmeBktsu/iAYUnoBUMQ8GaB5AysxOe7BRUojDr9PXBRhnPor3tIG0Za7
v9zEcGhTNhqvZJ7XdOG6BvNnooPnUNxhwTyRqObGitDJLQt5tanbMqKYjXgiACF6
UdPd9Cvfj3EjIker5FuTOWIX1xrhQ2z08o89ydcZfcVyd/4BQFoerJlyEvakQbVq
sZczodfeCjMT7AQE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:06 2024 by rpki-client on console-ams.rpki-client.org