Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/0ae0fc-1ae5-452a-a910-ea1bae2cb855/1/3lOGCckXDn7yCf0-fAAeHEnr9ds.roa
File: 3lOGCckXDn7yCf0-fAAeHEnr9ds.roa (raw, json)
Hash identifier: jR2L+DBMjV7WIxVW8rJ6PXsPcuCSbmjUAPHuVNnTDak=
Subject key identifier: DE:53:86:09:C9:17:0E:7E:F2:09:FD:3E:7C:00:1E:1C:49:EB:F5:DB
Certificate issuer: /CN=ce394fc7497f42ac8834f31d6035b91d1f6dbc93
Certificate serial: 01856F14C668CDC148826FC452720028FB5A
Authority key identifier: CE:39:4F:C7:49:7F:42:AC:88:34:F3:1D:60:35:B9:1D:1F:6D:BC:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zjlPx0l_QqyINPMdYDW5HR9tvJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/0ae0fc-1ae5-452a-a910-ea1bae2cb855/1/3lOGCckXDn7yCf0-fAAeHEnr9ds.roa
Signing time: Sun 01 Jan 2023 20:45:10 +0000
ROA not before: Sun 01 Jan 2023 20:45:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60453
IP address blocks: 213.170.208.0/22 maxlen: 22
89.42.108.0/23 maxlen: 23
185.128.96.0/22 maxlen: 22
89.43.79.0/24 maxlen: 24
185.197.149.0/24 maxlen: 24
89.33.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:c6:68:cd:c1:48:82:6f:c4:52:72:00:28:fb:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce394fc7497f42ac8834f31d6035b91d1f6dbc93
Validity
Not Before: Jan 1 20:45:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de538609c9170e7ef209fd3e7c001e1c49ebf5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c5:86:e8:54:a4:16:67:ae:e1:08:8b:e2:34:
c3:c4:01:d8:cd:2f:d8:6e:83:c7:54:27:bd:32:e3:
40:e2:f5:7f:cb:24:f8:26:1e:e7:bf:99:81:6d:6a:
39:36:93:4f:44:18:12:81:84:8d:b7:d0:fd:c0:4c:
92:a7:ef:26:29:7c:0f:78:1e:f2:14:b7:7a:6b:7e:
63:ee:1b:e5:3e:b6:d0:aa:82:73:74:74:84:d7:74:
3d:27:d4:48:7e:c3:9e:85:0f:32:b4:3e:98:da:6c:
3d:89:f4:a5:24:a9:04:2c:83:1e:b8:b9:4c:3e:fb:
29:2e:95:f4:5e:45:e4:20:4e:7b:22:74:b8:29:06:
f3:9b:0a:44:61:d1:c7:24:01:ab:c5:ac:9d:c0:ae:
40:7e:1a:4e:c5:7c:a6:1a:9a:87:ce:cc:7e:21:8b:
29:2a:27:77:14:c7:ea:0c:6a:1e:a0:00:3d:2f:bd:
67:26:ce:72:66:c8:31:f0:88:e6:18:a4:5c:0c:82:
d1:7d:61:a4:25:27:35:e2:37:b1:48:77:96:e3:76:
25:14:d9:f4:b3:8e:52:9a:41:67:9c:21:d8:6b:12:
57:bd:59:b4:d7:cd:15:6d:8a:de:7a:06:bb:b0:f2:
98:ee:7b:08:c2:7c:b7:2d:ae:5a:c3:0f:65:69:6c:
fa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:53:86:09:C9:17:0E:7E:F2:09:FD:3E:7C:00:1E:1C:49:EB:F5:DB
X509v3 Authority Key Identifier:
keyid:CE:39:4F:C7:49:7F:42:AC:88:34:F3:1D:60:35:B9:1D:1F:6D:BC:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zjlPx0l_QqyINPMdYDW5HR9tvJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0ae0fc-1ae5-452a-a910-ea1bae2cb855/1/3lOGCckXDn7yCf0-fAAeHEnr9ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0ae0fc-1ae5-452a-a910-ea1bae2cb855/1/zjlPx0l_QqyINPMdYDW5HR9tvJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.107.0/24
89.42.108.0/23
89.43.79.0/24
185.128.96.0/22
185.197.149.0/24
213.170.208.0/22
Signature Algorithm: sha256WithRSAEncryption
17:8a:1e:12:09:34:30:97:ee:af:da:6b:74:98:8d:83:48:2c:
7f:09:80:5b:00:32:47:02:8e:1e:48:f9:87:4e:44:6b:58:52:
c9:04:af:ec:ea:6a:8a:b4:d4:39:bc:ca:24:2f:c5:e1:a8:60:
52:f4:cd:46:1e:18:f2:3d:c6:c3:f4:b3:5a:29:34:66:72:52:
f6:34:86:ab:0e:18:5c:bb:e5:51:0a:80:db:bf:c8:25:8f:1d:
ca:90:1f:64:57:6b:84:40:47:bc:a2:c6:b1:90:40:a9:92:1f:
9e:96:12:23:1c:4d:61:b2:55:cf:c8:7a:56:44:e7:d1:77:e8:
78:24:26:54:7e:c8:b7:d1:20:8e:fc:2d:54:6f:d9:20:04:d2:
3f:55:f9:76:df:ff:cc:69:11:f6:8d:53:1e:55:c8:a0:0b:4d:
43:e3:1f:f1:2b:89:b7:8c:56:c1:44:2b:e3:17:4b:99:9a:ee:
2c:ce:6f:67:ae:1b:e7:d1:64:bc:d8:21:50:5c:10:25:1b:0b:
8e:fc:d1:08:5d:a6:a4:8b:d9:96:e9:bc:9c:80:4d:98:4a:13:
20:ce:3d:1a:79:e6:b4:d1:da:68:e5:8d:e0:2e:66:2c:b5:4b:
07:91:4a:d2:1f:f5:dd:28:64:4e:a2:0f:fc:32:e1:03:19:11:
a0:3a:3a:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvFMZozcFIgm/EUnIAKPtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMzk0ZmM3NDk3ZjQyYWM4ODM0ZjMxZDYwMzViOTFkMWY2
ZGJjOTMwHhcNMjMwMTAxMjA0NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUzODYwOWM5MTcwZTdlZjIwOWZkM2U3YzAwMWUxYzQ5ZWJmNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsWG6FSkFmeu4QiL4jTDxAHYzS/Y
boPHVCe9MuNA4vV/yyT4Jh7nv5mBbWo5NpNPRBgSgYSNt9D9wEySp+8mKXwPeB7y
FLd6a35j7hvlPrbQqoJzdHSE13Q9J9RIfsOehQ8ytD6Y2mw9ifSlJKkELIMeuLlM
PvspLpX0XkXkIE57InS4KQbzmwpEYdHHJAGrxaydwK5AfhpOxXymGpqHzsx+IYsp
Kid3FMfqDGoeoAA9L71nJs5yZsgx8IjmGKRcDILRfWGkJSc14jexSHeW43YlFNn0
s45SmkFnnCHYaxJXvVm0180VbYreega7sPKY7nsIwny3La5aww9laWz6iQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN5ThgnJFw5+8gn9PnwAHhxJ6/XbMB8GA1UdIwQY
MBaAFM45T8dJf0KsiDTzHWA1uR0fbbyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvempsUHgwbF9RcXlJTlBNZFlEVzVIUjl0dkpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wYWUwZmMtMWFlNS00NTJhLWE5MTAt
ZWExYmFlMmNiODU1LzEvM2xPR0Nja1hEbjd5Q2YwLWZBQWVIRW5yOWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wYWUwZmMtMWFlNS00NTJhLWE5MTAtZWExYmFlMmNiODU1
LzEvempsUHgwbF9RcXlJTlBNZFlEVzVIUjl0dkpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSFrAwQB
WSpsAwQAWStPAwQCuYBgAwQAucWVAwQC1arQMA0GCSqGSIb3DQEBCwUAA4IBAQAX
ih4SCTQwl+6v2mt0mI2DSCx/CYBbADJHAo4eSPmHTkRrWFLJBK/s6mqKtNQ5vMok
L8XhqGBS9M1GHhjyPcbD9LNaKTRmclL2NIarDhhcu+VRCoDbv8gljx3KkB9kV2uE
QEe8osaxkECpkh+elhIjHE1hslXPyHpWROfRd+h4JCZUfsi30SCO/C1Ub9kgBNI/
Vfl23//MaRH2jVMeVcigC01D4x/xK4m3jFbBRCvjF0uZmu4szm9nrhvn0WS82CFQ
XBAlGwuO/NEIXaaki9mW6bycgE2YShMgzj0aeea00dpo5Y3gLmYstUsHkUrSH/Xd
KGROog/8MuEDGRGgOjpa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:05 2024 by rpki-client on console-fra.rpki-client.org