Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/976H3ZxeBlj4HLXPygIp3Icoka4.roa
File: 976H3ZxeBlj4HLXPygIp3Icoka4.roa (raw, json)
Hash identifier: atcLM8pAdaorYbVKsUVrv4g3UA+MF2Mxd//buaakjPI=
Subject key identifier: F7:BE:87:DD:9C:5E:06:58:F8:1C:B5:CF:CA:02:29:DC:87:28:91:AE
Certificate issuer: /CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Certificate serial: 018CC727505C2D625EEAABD13086DCD83C73
Authority key identifier: 39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/976H3ZxeBlj4HLXPygIp3Icoka4.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
217.12.206.0/23 maxlen: 23
82.118.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:50:5c:2d:62:5e:ea:ab:d1:30:86:dc:d8:3c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3950303615aca6e5f6f5b5691c7c2c8dca5f234d
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7be87dd9c5e0658f81cb5cfca0229dc872891ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fa:37:c8:e6:02:de:30:c9:ca:64:a2:c0:ce:
d6:c1:17:7b:b8:da:2d:3c:01:ac:20:2e:bf:f7:ec:
7c:d1:10:a5:18:2d:2c:f2:82:8f:9e:20:85:6c:90:
24:03:21:a7:4c:53:84:88:48:12:9f:0d:f4:d7:e6:
2c:46:87:7d:f3:0b:dc:0f:ab:86:5f:96:3b:b5:e0:
67:a9:67:5e:69:c3:e1:5f:ac:bc:e2:53:aa:89:de:
1d:25:39:70:ce:13:39:7d:fc:6b:3b:71:03:04:19:
bf:b5:37:cf:58:11:34:c0:6a:f8:9d:d0:5f:d5:99:
89:90:2a:9a:cb:ef:82:2c:ea:15:94:74:c2:40:84:
3b:6b:1e:9f:2e:da:29:03:8d:8f:8d:18:05:b9:10:
5f:6e:cc:d7:9b:d9:8e:91:62:c2:81:21:02:de:e6:
85:a2:30:b2:e7:86:b7:96:a7:e2:18:dd:39:4f:9b:
e4:2b:05:75:5c:36:86:b7:ee:30:5b:13:b9:75:af:
e8:a9:64:86:a8:fd:4f:bc:14:a7:9d:1e:fe:57:91:
93:8d:0c:f0:ae:d8:ae:5a:0a:fb:5a:e3:47:cc:21:
82:a7:77:f5:e9:ef:b6:71:1b:2f:b0:81:c3:5e:48:
26:a7:71:4d:3e:67:5e:47:76:7a:77:d5:14:a8:8e:
da:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:BE:87:DD:9C:5E:06:58:F8:1C:B5:CF:CA:02:29:DC:87:28:91:AE
X509v3 Authority Key Identifier:
keyid:39:50:30:36:15:AC:A6:E5:F6:F5:B5:69:1C:7C:2C:8D:CA:5F:23:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OVAwNhWspuX29bVpHHwsjcpfI00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/976H3ZxeBlj4HLXPygIp3Icoka4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/38c694-23a7-48b2-aaec-6c8fd0bc5b00/1/OVAwNhWspuX29bVpHHwsjcpfI00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
82.118.20.0/22
217.12.206.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:64:c3:98:1d:a0:70:3a:eb:b1:05:a7:09:7a:16:21:bf:0b:
5a:3e:4a:5f:0e:14:dc:1e:1f:7b:7b:e0:a3:c0:2a:3c:13:68:
66:b9:59:db:71:0d:00:94:4d:29:46:1d:4d:cf:6e:0e:83:73:
3c:70:e0:aa:5c:df:69:c5:e2:b0:70:1c:b5:08:ef:ac:28:81:
11:0a:9f:80:ac:74:0a:03:7e:f0:2e:9b:32:c5:d8:0f:ea:0a:
41:51:89:4e:09:36:82:e6:30:75:ca:52:4f:09:8d:26:74:75:
dd:8d:a5:e7:d7:e6:65:a2:6b:35:e3:90:73:74:7b:77:43:a0:
9b:c0:08:4e:9b:ed:09:b5:d2:21:f8:7e:48:b1:de:f4:5e:e1:
f8:01:21:05:90:f4:c7:86:08:9f:32:e7:40:fe:8a:18:b2:37:
b0:dd:3c:af:48:4b:89:9b:f8:6e:c4:92:f6:a3:0c:50:5c:30:
9b:72:11:97:d9:dd:25:5d:89:43:a4:96:4a:7f:2f:ff:21:c3:
27:bc:57:79:4f:a7:46:54:0e:d1:07:68:03:42:ce:01:53:00:
9d:89:e8:ae:df:8b:c0:bd:48:21:ed:77:a5:d7:14:df:39:6e:
6c:9b:88:f9:00:ab:93:15:a2:ce:1c:3f:b2:93:55:9e:28:8d:
dd:43:4f:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJ1BcLWJe6qvRMIbc2DxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NTAzMDM2MTVhY2E2ZTVmNmY1YjU2OTFjN2MyYzhkY2E1
ZjIzNGQwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2JlODdkZDljNWUwNjU4ZjgxY2I1Y2ZjYTAyMjlkYzg3Mjg5MWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfo3yOYC3jDJymSiwM7WwRd7uNot
PAGsIC6/9+x80RClGC0s8oKPniCFbJAkAyGnTFOEiEgSnw301+YsRod98wvcD6uG
X5Y7teBnqWdeacPhX6y84lOqid4dJTlwzhM5ffxrO3EDBBm/tTfPWBE0wGr4ndBf
1ZmJkCqay++CLOoVlHTCQIQ7ax6fLtopA42PjRgFuRBfbszXm9mOkWLCgSEC3uaF
ojCy54a3lqfiGN05T5vkKwV1XDaGt+4wWxO5da/oqWSGqP1PvBSnnR7+V5GTjQzw
rtiuWgr7WuNHzCGCp3f16e+2cRsvsIHDXkgmp3FNPmdeR3Z6d9UUqI7aZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPe+h92cXgZY+By1z8oCKdyHKJGuMB8GA1UdIwQY
MBaAFDlQMDYVrKbl9vW1aRx8LI3KXyNNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMt
NmM4ZmQwYmM1YjAwLzEvOTc2SDNaeGVCbGo0SExYUHlnSXAzSWNva2E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zOGM2OTQtMjNhNy00OGIyLWFhZWMtNmM4ZmQwYmM1YjAw
LzEvT1ZBd05oV3NwdVgyOWJWcEhId3NqY3BmSTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBSKwAwQC
UnYUAwQB2QzOMA0GCSqGSIb3DQEBCwUAA4IBAQBPZMOYHaBwOuuxBacJehYhvwta
PkpfDhTcHh97e+CjwCo8E2hmuVnbcQ0AlE0pRh1Nz24Og3M8cOCqXN9pxeKwcBy1
CO+sKIERCp+ArHQKA37wLpsyxdgP6gpBUYlOCTaC5jB1ylJPCY0mdHXdjaXn1+Zl
oms145BzdHt3Q6CbwAhOm+0JtdIh+H5Isd70XuH4ASEFkPTHhgifMudA/ooYsjew
3TyvSEuJm/huxJL2owxQXDCbchGX2d0lXYlDpJZKfy//IcMnvFd5T6dGVA7RB2gD
Qs4BUwCdieiu34vAvUgh7Xel1xTfOW5sm4j5AKuTFaLOHD+yk1WeKI3dQ09c
-----END CERTIFICATE-----
Generated at Fri Jun 7 11:40:20 2024 by rpki-client on console-ams.rpki-client.org