Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/2DErzKNOx34kcmtSTRN6w2CDqaw.roa
File: 2DErzKNOx34kcmtSTRN6w2CDqaw.roa (raw, json)
Hash identifier: Hg8kw/ZFztCm8HWOWxUE0qjVxQnUVCi//JyaoQkIs78=
Subject key identifier: D8:31:2B:CC:A3:4E:C7:7E:24:72:6B:52:4D:13:7A:C3:60:83:A9:AC
Certificate issuer: /CN=4bf203d6ae6698e09f255780b88accdcd94675a1
Certificate serial: 018E135CEDE9A0C0CDA892B7F25F1A51A582
Authority key identifier: 4B:F2:03:D6:AE:66:98:E0:9F:25:57:80:B8:8A:CC:DC:D9:46:75:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_ID1q5mmOCfJVeAuIrM3NlGdaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/2DErzKNOx34kcmtSTRN6w2CDqaw.roa
Signing time: Wed 06 Mar 2024 10:44:00 +0000
ROA not before: Wed 06 Mar 2024 10:44:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59605
IP address blocks: 151.248.96.0/20 maxlen: 20
151.248.96.0/21 maxlen: 21
151.248.97.0/24 maxlen: 24
151.248.98.0/24 maxlen: 24
151.248.99.0/24 maxlen: 24
151.248.101.0/24 maxlen: 24
151.248.103.0/24 maxlen: 24
151.248.104.0/24 maxlen: 24
151.248.105.0/24 maxlen: 24
151.248.106.0/24 maxlen: 24
151.248.107.0/24 maxlen: 24
151.248.108.0/24 maxlen: 24
151.248.109.0/24 maxlen: 24
151.248.110.0/24 maxlen: 24
151.248.111.0/24 maxlen: 24
185.201.192.0/22 maxlen: 22
185.201.192.0/24 maxlen: 24
185.201.193.0/24 maxlen: 24
185.201.194.0/24 maxlen: 24
185.201.195.0/24 maxlen: 24
2a02:f040::/29 maxlen: 29
2a02:f040::/48 maxlen: 48
2a02:f040:1::/48 maxlen: 48
2a02:f040:4::/48 maxlen: 48
2a02:f040:5::/48 maxlen: 48
2a02:f040:7::/48 maxlen: 48
2a02:f040:a::/48 maxlen: 48
2a02:f040:c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:5c:ed:e9:a0:c0:cd:a8:92:b7:f2:5f:1a:51:a5:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf203d6ae6698e09f255780b88accdcd94675a1
Validity
Not Before: Mar 6 10:44:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8312bcca34ec77e24726b524d137ac36083a9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7d:11:6f:bb:1a:f6:b0:e1:06:0e:39:46:dc:
6c:bc:02:d9:7f:8f:be:46:86:04:ab:4f:cc:56:6e:
cf:69:d2:61:22:2a:dc:fa:04:c1:7e:3e:8d:0c:47:
74:e5:b4:f3:b6:e4:eb:74:18:fc:db:52:69:0d:bd:
c3:c3:57:36:64:87:c1:c0:54:d2:4b:e0:4a:a8:c6:
ea:c3:86:68:bd:e7:6d:84:0a:29:19:ff:bc:6b:2e:
95:e7:d3:11:cd:ca:25:3f:33:38:67:76:70:e5:87:
5c:cb:b7:85:bd:c0:f6:6b:4a:fe:73:6e:ec:7f:4a:
e8:2a:22:f8:31:90:75:5e:9a:f9:65:ee:bf:e0:b1:
01:17:13:d0:f7:83:cf:ec:1e:3c:53:67:6f:aa:fd:
a4:4d:21:f0:d9:32:d0:1b:7c:96:7a:27:65:f0:7e:
fe:f3:44:63:ec:58:35:e6:9b:b4:c5:f8:4c:ac:79:
a5:0b:fa:27:86:91:93:a5:c2:74:2e:f7:66:95:85:
9d:76:2a:80:49:25:10:ce:71:c5:e5:3c:83:85:df:
d5:7c:bd:c4:44:90:9f:e4:ec:f8:4b:96:7b:88:bb:
22:6c:e4:aa:db:86:4e:bf:25:62:01:a6:10:95:3a:
07:ee:90:a9:1c:79:5e:54:36:fd:9e:a3:9a:a1:6e:
4d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:31:2B:CC:A3:4E:C7:7E:24:72:6B:52:4D:13:7A:C3:60:83:A9:AC
X509v3 Authority Key Identifier:
keyid:4B:F2:03:D6:AE:66:98:E0:9F:25:57:80:B8:8A:CC:DC:D9:46:75:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_ID1q5mmOCfJVeAuIrM3NlGdaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/2DErzKNOx34kcmtSTRN6w2CDqaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/299984-6d7d-45e3-b6fd-bc917c9235d2/1/S_ID1q5mmOCfJVeAuIrM3NlGdaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.96.0/20
185.201.192.0/22
IPv6:
2a02:f040::/29
Signature Algorithm: sha256WithRSAEncryption
ab:a3:c2:6d:52:08:df:e5:87:c4:03:1f:a5:a3:e9:65:6a:0b:
fb:d6:8f:72:97:a2:a3:28:cf:72:c1:11:cc:53:b9:82:dd:5b:
d7:e1:42:48:1c:71:b4:ed:25:24:3c:db:97:77:8a:b1:1f:fb:
fd:35:44:0e:7f:b9:a9:1a:39:32:88:89:0c:31:40:90:b4:f9:
14:2a:f7:8a:e4:36:83:ec:3f:ec:db:4b:8d:62:70:ba:a0:27:
fc:66:70:77:d0:cc:ff:ce:6a:4f:32:63:66:bb:6a:2c:76:7e:
0e:61:ee:a9:14:fb:7a:6f:62:73:7a:a5:21:55:0d:80:6d:db:
4c:76:90:17:96:cf:29:48:02:61:62:f9:9b:8f:ef:d4:b3:64:
56:20:b0:94:4e:9d:ef:9a:d5:80:31:1f:42:7f:65:3d:59:bf:
6f:07:99:1c:30:47:d9:a8:f9:35:fe:e2:b3:3f:e0:30:c6:7a:
1a:57:cb:2a:52:97:2c:cf:bb:f2:36:80:6a:ba:47:1e:db:2a:
11:fd:29:b8:48:1e:21:93:50:f7:1a:04:c7:3c:c0:00:36:eb:
95:f8:a7:0d:f0:bc:13:0f:b5:0e:0c:6a:26:47:c3:46:30:55:
b6:89:24:cd:61:9b:33:fe:30:8d:de:76:9c:f6:13:ff:63:08:
4f:f8:e2:86
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY4TXO3poMDNqJK38l8aUaWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjIwM2Q2YWU2Njk4ZTA5ZjI1NTc4MGI4OGFjY2RjZDk0
Njc1YTEwHhcNMjQwMzA2MTA0NDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODMxMmJjY2EzNGVjNzdlMjQ3MjZiNTI0ZDEzN2FjMzYwODNhOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg30Rb7sa9rDhBg45RtxsvALZf4++
RoYEq0/MVm7PadJhIirc+gTBfj6NDEd05bTztuTrdBj821JpDb3Dw1c2ZIfBwFTS
S+BKqMbqw4ZovedthAopGf+8ay6V59MRzcolPzM4Z3Zw5Ydcy7eFvcD2a0r+c27s
f0roKiL4MZB1Xpr5Ze6/4LEBFxPQ94PP7B48U2dvqv2kTSHw2TLQG3yWeidl8H7+
80Rj7Fg15pu0xfhMrHmlC/onhpGTpcJ0LvdmlYWddiqASSUQznHF5TyDhd/VfL3E
RJCf5Oz4S5Z7iLsibOSq24ZOvyViAaYQlToH7pCpHHleVDb9nqOaoW5NhwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNgxK8yjTsd+JHJrUk0TesNgg6msMB8GA1UdIwQY
MBaAFEvyA9auZpjgnyVXgLiKzNzZRnWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19JRDFxNW1tT0NmSlZlQXVJck0zTmxHZGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8yOTk5ODQtNmQ3ZC00NWUzLWI2ZmQt
YmM5MTdjOTIzNWQyLzEvMkRFcnpLTk94MzRrY210U1RSTjZ3MkNEcWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8yOTk5ODQtNmQ3ZC00NWUzLWI2ZmQtYmM5MTdjOTIzNWQy
LzEvU19JRDFxNW1tT0NmSlZlQXVJck0zTmxHZGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEl/hgAwQC
ucnAMA0EAgACMAcDBQMqAvBAMA0GCSqGSIb3DQEBCwUAA4IBAQCro8JtUgjf5YfE
Ax+lo+llagv71o9yl6KjKM9ywRHMU7mC3VvX4UJIHHG07SUkPNuXd4qxH/v9NUQO
f7mpGjkyiIkMMUCQtPkUKveK5DaD7D/s20uNYnC6oCf8ZnB30Mz/zmpPMmNmu2os
dn4OYe6pFPt6b2JzeqUhVQ2AbdtMdpAXls8pSAJhYvmbj+/Us2RWILCUTp3vmtWA
MR9Cf2U9Wb9vB5kcMEfZqPk1/uKzP+AwxnoaV8sqUpcsz7vyNoBqukce2yoR/Sm4
SB4hk1D3GgTHPMAANuuV+KcN8LwTD7UODGomR8NGMFW2iSTNYZsz/jCN3nac9hP/
YwhP+OKG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:26 2024 by rpki-client on console-ams.rpki-client.org