Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/78cec4-4d13-4e9d-b6b9-4afce0c9ab7a/1/y9Ub4GIX1jXllVlHol-DjWy-7Cg.roa
File: y9Ub4GIX1jXllVlHol-DjWy-7Cg.roa (raw, json)
Hash identifier: CtVIoFYvBiOKqzBCaU4GQ+FaW7H4N2J5QuYmUgHRuoA=
Subject key identifier: CB:D5:1B:E0:62:17:D6:35:E5:95:59:47:A2:5F:83:8D:6C:BE:EC:28
Certificate issuer: /CN=ef90d373fa3c887761a269d2dcec7b8f2cb17eda
Certificate serial: 06BCA54F
Authority key identifier: EF:90:D3:73:FA:3C:88:77:61:A2:69:D2:DC:EC:7B:8F:2C:B1:7E:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/75DTc_o8iHdhomnS3Ox7jyyxfto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/78cec4-4d13-4e9d-b6b9-4afce0c9ab7a/1/y9Ub4GIX1jXllVlHol-DjWy-7Cg.roa
Signing time: Sat 01 Jan 2022 06:02:57 +0000
ROA not before: Sat 01 Jan 2022 06:02:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209984
IP address blocks: 185.249.232.0/24 maxlen: 24
185.237.138.0/24 maxlen: 24
185.237.137.0/24 maxlen: 24
185.237.136.0/24 maxlen: 24
109.205.136.0/22 maxlen: 22
185.237.139.0/24 maxlen: 24
2a0c:1380::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113026383 (0x6bca54f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef90d373fa3c887761a269d2dcec7b8f2cb17eda
Validity
Not Before: Jan 1 06:02:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cbd51be06217d635e5955947a25f838d6cbeec28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e3:49:cd:09:bd:ba:b7:cc:63:b5:53:cf:4d:
8a:bf:86:53:34:80:e6:1b:eb:c3:ad:d9:60:8c:f3:
7c:7c:77:3b:e6:31:3e:f0:87:d6:af:5f:d0:9f:75:
45:aa:87:52:12:dc:04:37:6a:f1:fa:16:9f:fc:9a:
59:4f:1f:38:3d:59:95:39:d4:80:a6:99:b5:07:ab:
ba:59:8d:5e:d7:8d:e8:33:ae:cf:a1:52:6f:a8:91:
40:71:31:bf:ef:3b:fc:7c:e2:70:c3:36:3b:ef:a2:
b6:21:6a:a9:d7:a6:a4:e4:6e:d6:67:2e:b7:95:3f:
bb:e3:a2:ae:78:c4:a9:a6:81:0a:c6:ca:2e:be:14:
8f:a3:90:a8:7a:78:b4:30:56:a8:6b:80:59:b0:e1:
69:bb:3b:d4:f7:f6:8d:22:b4:60:3b:d0:ef:59:73:
bc:41:a6:05:1f:67:c6:5d:1f:d0:0c:db:ee:68:35:
b9:ad:42:a0:25:43:c6:09:37:3b:32:14:da:aa:ea:
64:bd:74:22:87:2d:a5:c6:39:d5:ff:ff:77:e8:bb:
b9:b2:ae:52:c3:a7:5c:f8:51:c9:4d:62:88:87:13:
b4:07:a3:1b:4f:1a:cc:9b:a5:29:88:d4:c1:3a:b2:
df:54:ff:6e:d5:18:df:d7:08:77:c2:b7:60:52:2f:
0b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D5:1B:E0:62:17:D6:35:E5:95:59:47:A2:5F:83:8D:6C:BE:EC:28
X509v3 Authority Key Identifier:
keyid:EF:90:D3:73:FA:3C:88:77:61:A2:69:D2:DC:EC:7B:8F:2C:B1:7E:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/75DTc_o8iHdhomnS3Ox7jyyxfto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/78cec4-4d13-4e9d-b6b9-4afce0c9ab7a/1/y9Ub4GIX1jXllVlHol-DjWy-7Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/78cec4-4d13-4e9d-b6b9-4afce0c9ab7a/1/75DTc_o8iHdhomnS3Ox7jyyxfto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.136.0/22
185.237.136.0/22
185.249.232.0/24
IPv6:
2a0c:1380::/29
Signature Algorithm: sha256WithRSAEncryption
db:ee:dc:f5:ff:8d:3b:d3:04:83:7e:c1:79:e6:9e:7e:b4:a9:
54:a4:b0:3a:d6:30:9d:7b:db:1b:cb:3b:05:fc:b6:ee:87:0e:
2a:b1:12:b5:d2:e0:8d:0d:b6:0b:80:05:5b:09:ed:8d:3d:42:
b5:bf:cb:02:ce:84:51:69:22:4c:36:ef:2e:4e:7e:4b:29:5d:
dc:b6:d9:8c:e9:6a:94:bc:79:37:b8:ce:3c:59:b5:56:db:b2:
b3:0d:8c:c2:68:00:06:cb:05:a8:0d:6e:8f:3d:df:36:40:0e:
8a:31:0f:ea:b3:9d:c3:85:6e:dc:57:88:7a:db:71:a0:41:65:
36:b4:5d:ba:8a:f8:e3:58:7e:f5:a3:df:60:71:cd:e7:ba:60:
78:59:a0:48:c0:38:bc:4e:ab:d1:48:52:03:30:b8:d8:50:c1:
ce:a0:a6:26:58:9e:21:c4:12:8e:f8:d7:4f:d4:85:6d:a3:eb:
8d:dc:2e:3d:86:84:1c:f9:d2:29:45:eb:48:1a:e4:d4:1b:91:
22:2a:dc:a0:a9:29:30:ba:26:e7:cc:46:2a:60:21:9c:ea:fc:
dc:28:f0:a6:d1:a7:1e:f9:ee:ab:02:e0:0b:8b:59:ee:86:da:
a2:34:db:54:29:0a:aa:a5:22:6c:86:7d:fe:98:d2:9b:35:91:
fc:c2:cb:34
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBrylTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjkwZDM3M2ZhM2M4ODc3NjFhMjY5ZDJkY2VjN2I4ZjJjYjE3ZWRhMB4XDTIyMDEw
MTA2MDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2JkNTFiZTA2MjE3
ZDYzNWU1OTU1OTQ3YTI1ZjgzOGQ2Y2JlZWMyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDjSc0Jvbq3zGO1U89Nir+GUzSA5hvrw63ZYIzzfHx3O+Yx
PvCH1q9f0J91RaqHUhLcBDdq8foWn/yaWU8fOD1ZlTnUgKaZtQerulmNXteN6DOu
z6FSb6iRQHExv+87/HzicMM2O++itiFqqdempORu1mcut5U/u+OirnjEqaaBCsbK
Lr4Uj6OQqHp4tDBWqGuAWbDhabs71Pf2jSK0YDvQ71lzvEGmBR9nxl0f0Azb7mg1
ua1CoCVDxgk3OzIU2qrqZL10IoctpcY51f//d+i7ubKuUsOnXPhRyU1iiIcTtAej
G08azJulKYjUwTqy31T/btUY39cId8K3YFIvCxsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTL1RvgYhfWNeWVWUeiX4ONbL7sKDAfBgNVHSMEGDAWgBTvkNNz+jyId2Gi
adLc7HuPLLF+2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc1RFRjX284aUhkaG9tblMzT3g3anl5eGZ0by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvNzhjZWM0LTRkMTMtNGU5ZC1iNmI5LTRhZmNlMGM5YWI3YS8x
L3k5VWI0R0lYMWpYbGxWbEhvbC1Eald5LTdDZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
NzhjZWM0LTRkMTMtNGU5ZC1iNmI5LTRhZmNlMGM5YWI3YS8xLzc1RFRjX284aUhk
aG9tblMzT3g3anl5eGZ0by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAm3NiAMEArntiAMEALn56DANBAIA
AjAHAwUDKgwTgDANBgkqhkiG9w0BAQsFAAOCAQEA2+7c9f+NO9MEg37BeeaefrSp
VKSwOtYwnXvbG8s7Bfy27ocOKrEStdLgjQ22C4AFWwntjT1Ctb/LAs6EUWkiTDbv
Lk5+Syld3LbZjOlqlLx5N7jOPFm1Vtuysw2MwmgABssFqA1ujz3fNkAOijEP6rOd
w4Vu3FeIettxoEFlNrRduor441h+9aPfYHHN57pgeFmgSMA4vE6r0UhSAzC42FDB
zqCmJlieIcQSjvjXT9SFbaPrjdwuPYaEHPnSKUXrSBrk1BuRIircoKkpMLom58xG
KmAhnOr83CjwptGnHvnuqwLgC4tZ7obaojTbVCkKqqUibIZ9/pjSmzWR/MLLNA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:29 2023 by rpki-client on console-ams.rpki-client.org