Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/1560f1-bcc2-411a-8565-ec4a8af5a98e/1/1kuGu1781GThR6cJBaUVIqgvEMs.roa
File: 1kuGu1781GThR6cJBaUVIqgvEMs.roa (raw, json)
Hash identifier: DNVvDe6iv4d9VDoxb3YEDnE8zw3ejkfPyIZin/VqygY=
Subject key identifier: D6:4B:86:BB:5E:FC:D4:64:E1:47:A7:09:05:A5:15:22:A8:2F:10:CB
Certificate issuer: /CN=6a9a54dfdb2aadd1f1efa90be1f02d8b214c6a3e
Certificate serial: 0185710BFBE5058633D5A3D0D4937DD41373
Authority key identifier: 6A:9A:54:DF:DB:2A:AD:D1:F1:EF:A9:0B:E1:F0:2D:8B:21:4C:6A:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/appU39sqrdHx76kL4fAtiyFMaj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/1560f1-bcc2-411a-8565-ec4a8af5a98e/1/1kuGu1781GThR6cJBaUVIqgvEMs.roa
Signing time: Mon 02 Jan 2023 05:54:48 +0000
ROA not before: Mon 02 Jan 2023 05:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29062
IP address blocks: 185.16.230.0/23 maxlen: 23
185.16.228.0/23 maxlen: 23
185.16.228.0/22 maxlen: 22
31.223.225.0/24 maxlen: 24
31.223.224.0/21 maxlen: 24
31.223.224.0/23 maxlen: 23
31.223.224.0/24 maxlen: 24
31.223.226.0/24 maxlen: 24
31.223.228.0/24 maxlen: 24
31.223.227.0/24 maxlen: 24
31.223.230.0/24 maxlen: 24
31.223.229.0/24 maxlen: 24
31.223.231.0/24 maxlen: 24
195.177.72.0/22 maxlen: 24
195.177.72.0/23 maxlen: 24
195.177.74.0/23 maxlen: 23
195.177.75.0/24 maxlen: 24
2a00:6180:8000::/33 maxlen: 33
2a00:6180::/33 maxlen: 33
2a00:6180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:fb:e5:05:86:33:d5:a3:d0:d4:93:7d:d4:13:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a9a54dfdb2aadd1f1efa90be1f02d8b214c6a3e
Validity
Not Before: Jan 2 05:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d64b86bb5efcd464e147a70905a51522a82f10cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a3:1c:e1:20:ff:75:77:ce:96:cd:b5:f5:87:
20:37:fa:eb:9d:76:ed:53:fb:1a:93:b8:a9:6f:57:
8b:b3:83:26:7c:77:c0:a7:44:1c:82:4d:1f:8e:eb:
0f:57:2a:44:a2:d9:ec:5c:aa:a6:dc:47:ae:1e:24:
dc:10:ec:82:85:ff:c4:20:ce:c0:a1:4a:89:71:b2:
96:36:82:21:ab:a9:1b:2c:cd:8c:60:64:22:f3:06:
36:f5:ba:2a:56:01:85:65:2d:8a:0c:6d:59:37:e4:
fc:01:dd:85:b1:d5:53:9a:bd:e0:72:40:05:59:80:
07:25:21:fc:82:6e:51:97:f6:14:7f:11:62:a1:0c:
82:b4:f4:16:6c:f1:ce:cd:80:ca:b5:ab:79:96:5a:
12:53:09:39:c4:9e:8d:0e:33:51:49:97:4a:ca:9b:
76:19:ef:1c:1e:f3:0f:53:2a:f7:bb:4e:21:3d:c8:
18:6e:74:65:77:6c:a8:d1:e6:49:54:0a:a9:8a:0d:
54:d1:c9:ef:7c:8c:2f:53:28:3a:58:4b:9c:da:8e:
47:ac:dc:12:12:49:b8:b5:c8:ad:34:76:6d:b9:60:
59:86:c7:60:2d:c7:5e:89:10:35:f1:82:3f:67:7e:
85:18:3e:e2:64:3b:9e:78:b5:e1:b3:7b:53:67:72:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4B:86:BB:5E:FC:D4:64:E1:47:A7:09:05:A5:15:22:A8:2F:10:CB
X509v3 Authority Key Identifier:
keyid:6A:9A:54:DF:DB:2A:AD:D1:F1:EF:A9:0B:E1:F0:2D:8B:21:4C:6A:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/appU39sqrdHx76kL4fAtiyFMaj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/1560f1-bcc2-411a-8565-ec4a8af5a98e/1/1kuGu1781GThR6cJBaUVIqgvEMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/1560f1-bcc2-411a-8565-ec4a8af5a98e/1/appU39sqrdHx76kL4fAtiyFMaj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.224.0/21
185.16.228.0/22
195.177.72.0/22
IPv6:
2a00:6180::/32
Signature Algorithm: sha256WithRSAEncryption
2b:7f:83:17:b2:57:0d:ad:1b:d8:9b:e6:e0:eb:5c:a2:ea:bc:
e1:a6:be:8d:11:7c:ab:1f:2a:23:41:34:e3:59:4a:01:ab:ae:
71:83:93:5d:13:9c:e7:42:6b:62:5e:52:a7:e5:fc:84:c4:39:
7d:1a:b5:39:aa:2a:c4:19:d0:a8:06:96:7f:4d:10:bf:4e:55:
2f:b4:9e:d5:f7:39:7b:be:71:92:fb:fb:e0:28:b1:5d:21:e1:
cf:82:1d:fc:de:90:0d:48:fe:be:71:b0:05:87:b3:90:0e:8e:
fd:49:e9:12:8c:74:32:63:69:41:0c:ab:09:2c:7e:0f:26:d1:
67:0e:26:a0:8f:a7:67:5c:a5:90:8e:bb:d8:33:61:4f:77:8b:
ed:42:be:79:ae:b0:be:7e:e5:f4:07:8a:17:6c:ca:dc:00:99:
28:fd:46:68:39:e0:73:95:e1:d2:36:60:c6:af:84:04:8b:56:
18:7e:de:19:e8:fe:9d:fe:6f:12:f6:fa:45:bc:ad:c1:fb:1c:
ff:9a:68:f1:f4:4a:51:2a:8e:64:22:bf:e4:be:7e:fc:12:24:
74:ba:06:11:c9:28:1a:ab:cc:1b:74:c6:da:ae:38:aa:0a:bd:
4a:ca:0a:07:e1:c2:c9:36:d5:ab:b1:2a:33:37:2e:35:72:ce:
0c:bc:7f:70
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxC/vlBYYz1aPQ1JN91BNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOWE1NGRmZGIyYWFkZDFmMWVmYTkwYmUxZjAyZDhiMjE0
YzZhM2UwHhcNMjMwMTAyMDU1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRiODZiYjVlZmNkNDY0ZTE0N2E3MDkwNWE1MTUyMmE4MmYxMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqMc4SD/dXfOls219YcgN/rrnXbt
U/sak7ipb1eLs4MmfHfAp0Qcgk0fjusPVypEotnsXKqm3EeuHiTcEOyChf/EIM7A
oUqJcbKWNoIhq6kbLM2MYGQi8wY29boqVgGFZS2KDG1ZN+T8Ad2FsdVTmr3gckAF
WYAHJSH8gm5Rl/YUfxFioQyCtPQWbPHOzYDKtat5lloSUwk5xJ6NDjNRSZdKypt2
Ge8cHvMPUyr3u04hPcgYbnRld2yo0eZJVAqpig1U0cnvfIwvUyg6WEuc2o5HrNwS
Ekm4tcitNHZtuWBZhsdgLcdeiRA18YI/Z36FGD7iZDueeLXhs3tTZ3IOJQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNZLhrte/NRk4UenCQWlFSKoLxDLMB8GA1UdIwQY
MBaAFGqaVN/bKq3R8e+pC+HwLYshTGo+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXBwVTM5c3FyZEh4NzZrTDRmQXRpeUZNYWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8xNTYwZjEtYmNjMi00MTFhLTg1NjUt
ZWM0YThhZjVhOThlLzEvMWt1R3UxNzgxR1RoUjZjSkJhVVZJcWd2RU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8xNTYwZjEtYmNjMi00MTFhLTg1NjUtZWM0YThhZjVhOThl
LzEvYXBwVTM5c3FyZEh4NzZrTDRmQXRpeUZNYWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH9/gAwQC
uRDkAwQCw7FIMA0EAgACMAcDBQAqAGGAMA0GCSqGSIb3DQEBCwUAA4IBAQArf4MX
slcNrRvYm+bg61yi6rzhpr6NEXyrHyojQTTjWUoBq65xg5NdE5znQmtiXlKn5fyE
xDl9GrU5qirEGdCoBpZ/TRC/TlUvtJ7V9zl7vnGS+/vgKLFdIeHPgh383pANSP6+
cbAFh7OQDo79SekSjHQyY2lBDKsJLH4PJtFnDiagj6dnXKWQjrvYM2FPd4vtQr55
rrC+fuX0B4oXbMrcAJko/UZoOeBzleHSNmDGr4QEi1YYft4Z6P6d/m8S9vpFvK3B
+xz/mmjx9EpRKo5kIr/kvn78EiR0ugYRySgaq8wbdMbarjiqCr1KygoH4cLJNtWr
sSozNy41cs4MvH9w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:51 2024 by rpki-client on console-fra.rpki-client.org