Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/PA7mRTXaRLj1mPL0pQKV7ZsW9SY.roa
File: PA7mRTXaRLj1mPL0pQKV7ZsW9SY.roa (raw, json)
Hash identifier: acOK7CtbLNIhPceSfNWvYmV/VhI68G30NbuqbO7MfSk=
Subject key identifier: 3C:0E:E6:45:35:DA:44:B8:F5:98:F2:F4:A5:02:95:ED:9B:16:F5:26
Certificate issuer: /CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Certificate serial: 018D8433AC936DDB4B2CC7D4675FD0288007
Authority key identifier: D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/PA7mRTXaRLj1mPL0pQKV7ZsW9SY.roa
Signing time: Wed 07 Feb 2024 15:33:15 +0000
ROA not before: Wed 07 Feb 2024 15:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 62.233.60.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
146.19.185.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:33:ac:93:6d:db:4b:2c:c7:d4:67:5f:d0:28:80:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Validity
Not Before: Feb 7 15:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c0ee64535da44b8f598f2f4a50295ed9b16f526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:e2:66:f8:15:dc:c6:d1:be:7e:38:67:40:
fd:ec:55:41:50:0b:d1:a4:7a:8a:54:d3:af:d4:b3:
9c:34:76:65:e4:d0:a5:f9:a6:e5:17:3a:9e:a9:10:
5d:60:ec:76:08:ba:78:bd:c5:67:f5:4b:cd:51:cf:
30:91:ae:ef:17:c6:0c:85:8b:af:21:46:bb:97:91:
35:b5:62:93:99:ea:2e:f6:85:6f:e1:a6:08:db:71:
4f:fa:ea:78:0f:9d:ee:44:f6:26:5f:d5:5b:41:28:
9d:50:07:bd:0f:a7:ee:64:36:68:47:cc:1a:9a:a3:
b4:ea:9f:23:3b:41:11:35:c6:43:17:04:8d:26:2f:
89:60:c0:50:ac:82:1b:3f:5a:47:fe:f5:e8:d4:c5:
a2:66:27:b8:ca:d2:92:ca:1f:4d:dc:9b:2b:21:cb:
4d:36:15:1d:67:38:9e:d8:b4:fd:f0:62:33:b1:25:
64:92:84:30:44:84:10:ba:87:69:76:c9:d8:92:5d:
d5:62:b0:d7:82:25:be:22:d5:77:5b:a7:9b:02:69:
49:a3:d9:e4:4e:21:96:4f:a6:bf:15:dd:b6:a4:75:
14:93:a6:5a:54:66:c2:2d:e6:e7:ab:bd:1e:8f:0e:
7f:40:d4:af:45:3f:76:c5:8f:e9:78:ad:3a:bc:ab:
9b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0E:E6:45:35:DA:44:B8:F5:98:F2:F4:A5:02:95:ED:9B:16:F5:26
X509v3 Authority Key Identifier:
keyid:D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/PA7mRTXaRLj1mPL0pQKV7ZsW9SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/2AYuTMJvLfdu8wjOem48g0TJ0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.60.0/24
94.143.226.0/24
146.19.185.0/24
195.64.114.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e4:e9:b8:fc:01:71:97:04:6f:13:f1:06:28:12:1e:bd:e1:
cf:63:4d:ed:f8:7f:b8:2e:94:23:da:5d:1c:67:68:f9:fe:a2:
13:9e:47:24:d2:73:a9:17:ce:6e:b1:e8:ac:01:77:8b:76:ae:
e6:9e:34:57:df:2e:ea:74:bc:b3:61:ea:4d:ec:b7:18:98:df:
a6:67:69:ac:4a:7b:0d:31:1e:25:eb:28:47:2d:ed:e8:da:e7:
8b:2b:fe:08:9d:5f:78:28:7d:81:f4:38:80:03:a8:86:62:3e:
fb:81:62:97:20:3f:c6:49:6b:d5:98:30:97:d5:d3:c8:f7:3f:
da:97:9c:42:5b:fc:00:70:03:f5:09:77:d3:41:9e:89:ed:67:
40:bf:57:05:58:04:e0:41:c2:9e:4c:63:d8:e5:02:09:75:cd:
37:0c:7b:89:c4:2e:87:08:dc:2c:32:03:a7:f8:d7:ea:4a:e3:
9f:59:19:63:a4:60:bd:c4:c8:51:39:0b:51:b9:18:a8:de:23:
9e:22:9e:b7:9b:11:2c:2e:ba:e3:8f:6c:74:37:8a:f3:dd:b4:
1b:e7:71:17:48:32:28:2d:0e:08:90:b5:1a:2e:8f:fd:30:0e:
de:7e:e4:fc:dc:15:b3:b0:d3:30:0c:bc:7a:13:bc:98:f4:e7:
2e:57:a5:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2EM6yTbdtLLMfUZ1/QKIAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDYyZTRjYzI2ZjJkZjc2ZWYzMDhjZTdhNmUzYzgzNDRj
OWQwMzEwHhcNMjQwMjA3MTUzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzBlZTY0NTM1ZGE0NGI4ZjU5OGYyZjRhNTAyOTVlZDliMTZmNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqTiZvgV3MbRvn44Z0D97FVBUAvR
pHqKVNOv1LOcNHZl5NCl+ablFzqeqRBdYOx2CLp4vcVn9UvNUc8wka7vF8YMhYuv
IUa7l5E1tWKTmeou9oVv4aYI23FP+up4D53uRPYmX9VbQSidUAe9D6fuZDZoR8wa
mqO06p8jO0ERNcZDFwSNJi+JYMBQrIIbP1pH/vXo1MWiZie4ytKSyh9N3JsrIctN
NhUdZzie2LT98GIzsSVkkoQwRIQQuodpdsnYkl3VYrDXgiW+ItV3W6ebAmlJo9nk
TiGWT6a/Fd22pHUUk6ZaVGbCLebnq70ejw5/QNSvRT92xY/peK06vKubOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDwO5kU12kS49Zjy9KUCle2bFvUmMB8GA1UdIwQY
MBaAFNgGLkzCby33bvMIznpuPINEydAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAt
NGUyNjVkODk2NWVhLzEvUEE3bVJUWGFSTGoxbVBMMHBRS1Y3WnNXOVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAtNGUyNjVkODk2NWVh
LzEvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPuk8AwQA
Xo/iAwQAkhO5AwQAw0ByMA0GCSqGSIb3DQEBCwUAA4IBAQAs5Om4/AFxlwRvE/EG
KBIeveHPY03t+H+4LpQj2l0cZ2j5/qITnkck0nOpF85useisAXeLdq7mnjRX3y7q
dLyzYepN7LcYmN+mZ2msSnsNMR4l6yhHLe3o2ueLK/4InV94KH2B9DiAA6iGYj77
gWKXID/GSWvVmDCX1dPI9z/al5xCW/wAcAP1CXfTQZ6J7WdAv1cFWATgQcKeTGPY
5QIJdc03DHuJxC6HCNwsMgOn+NfqSuOfWRljpGC9xMhROQtRuRio3iOeIp63mxEs
Lrrjj2x0N4rz3bQb53EXSDIoLQ4IkLUaLo/9MA7efuT83BWzsNMwDLx6E7yY9Ocu
V6UZ
-----END CERTIFICATE-----
Generated at Fri Mar 8 17:09:50 2024 by rpki-client on console-ams.rpki-client.org