Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/_gKco7Cft9JNLyyk8S9klZFag0I.roa
File: _gKco7Cft9JNLyyk8S9klZFag0I.roa (raw, json)
Hash identifier: 9c4ZuaU+sfTAxLaKnPGZH0reBk58N9v5bHyccb39N4E=
Subject key identifier: FE:02:9C:A3:B0:9F:B7:D2:4D:2F:2C:A4:F1:2F:64:95:91:5A:83:42
Certificate issuer: /CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Certificate serial: 018D13D7EB4065BFB14F39A4C20DBD1CEECF
Authority key identifier: D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/_gKco7Cft9JNLyyk8S9klZFag0I.roa
Signing time: Tue 16 Jan 2024 19:55:33 +0000
ROA not before: Tue 16 Jan 2024 19:55:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 62.233.60.0/24 maxlen: 24
146.19.185.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:eb:40:65:bf:b1:4f:39:a4:c2:0d:bd:1c:ee:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8062e4cc26f2df76ef308ce7a6e3c8344c9d031
Validity
Not Before: Jan 16 19:55:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe029ca3b09fb7d24d2f2ca4f12f6495915a8342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:41:a8:5b:cc:a6:ee:b1:89:66:a0:89:26:d8:
60:b6:90:52:96:56:e1:4b:5e:a2:27:51:bb:1b:b6:
ad:fc:fb:3c:4c:36:08:c8:23:e4:e3:f5:5c:4e:11:
c2:f5:79:75:dd:a5:3f:13:3b:46:a3:39:1c:06:10:
32:ef:69:58:e6:ad:a7:f5:da:0c:53:e4:5b:dd:8b:
4b:09:02:17:ce:ed:cf:15:e3:af:21:79:00:83:d0:
36:a2:8b:11:2d:da:1a:02:95:28:af:c8:a6:c8:ff:
30:82:cd:b1:18:f5:92:d5:04:3f:bf:a4:e5:39:a1:
38:ef:d2:02:0e:aa:62:52:21:23:20:30:39:1c:22:
82:17:fe:09:51:ff:1a:24:91:0e:bb:84:60:26:37:
e7:b3:a5:29:a3:fe:09:86:8c:c0:3e:f0:26:e6:64:
1b:4d:17:74:49:64:ff:82:10:44:10:8a:18:27:a0:
95:1f:e1:7e:e2:25:28:33:b2:54:b4:be:d4:81:fe:
3d:dc:02:3e:55:f9:2b:6b:86:7b:4e:10:85:02:9a:
dd:ad:54:59:83:ac:5c:1d:ff:21:80:d6:fe:b1:3e:
4d:21:5f:6d:f1:5c:f1:6e:0a:fa:22:6d:12:f9:46:
b3:8a:ae:27:9e:ac:79:6f:90:fe:6d:fb:36:ef:ea:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:02:9C:A3:B0:9F:B7:D2:4D:2F:2C:A4:F1:2F:64:95:91:5A:83:42
X509v3 Authority Key Identifier:
keyid:D8:06:2E:4C:C2:6F:2D:F7:6E:F3:08:CE:7A:6E:3C:83:44:C9:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AYuTMJvLfdu8wjOem48g0TJ0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/_gKco7Cft9JNLyyk8S9klZFag0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8774b5-5710-4e32-9850-4e265d8965ea/1/2AYuTMJvLfdu8wjOem48g0TJ0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.60.0/24
146.19.185.0/24
195.64.114.0/24
Signature Algorithm: sha256WithRSAEncryption
61:8a:c1:89:21:19:15:1c:41:ca:75:7b:df:77:72:d4:34:0f:
06:1f:75:d1:62:f6:ab:17:85:a6:2b:12:19:3a:39:ef:89:db:
5b:7a:35:95:63:c8:a6:e1:33:4e:77:36:78:c8:1b:21:46:ad:
28:57:ff:a8:bf:8a:85:53:18:22:36:ed:2d:1c:16:33:e0:b4:
a0:e0:74:55:50:4c:c7:de:e3:f0:c6:87:4a:ab:89:7c:cc:83:
7b:1f:3b:03:e2:29:89:38:7a:49:23:98:01:a9:2a:5a:52:9b:
2f:73:c0:84:39:e4:3b:43:62:3c:80:2c:36:81:f4:1c:e5:3d:
74:e7:42:a8:68:a7:28:5c:10:6f:ea:71:39:61:bd:af:9f:3b:
7a:d9:d1:bd:c9:5e:4c:48:b0:ce:a5:c7:a0:ff:99:3a:47:5a:
de:cf:21:69:8c:c5:b4:a4:4d:7c:dc:f3:62:99:d5:5c:94:41:
2d:3a:68:0d:f5:0a:e0:da:4e:ce:71:66:28:5b:a2:bb:c2:8f:
7a:43:5e:42:7b:58:16:59:da:bb:fd:54:2d:81:41:bb:71:bd:
27:3a:b2:12:6e:3e:0b:00:eb:c1:84:7c:24:b0:95:e2:e6:9d:
38:02:22:39:94:b1:5c:f2:ee:3d:bd:a1:31:fd:0c:56:a3:c9:
6e:22:12:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0T1+tAZb+xTzmkwg29HO7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDYyZTRjYzI2ZjJkZjc2ZWYzMDhjZTdhNmUzYzgzNDRj
OWQwMzEwHhcNMjQwMTE2MTk1NTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTAyOWNhM2IwOWZiN2QyNGQyZjJjYTRmMTJmNjQ5NTkxNWE4MzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UGoW8ym7rGJZqCJJthgtpBSllbh
S16iJ1G7G7at/Ps8TDYIyCPk4/VcThHC9Xl13aU/EztGozkcBhAy72lY5q2n9doM
U+Rb3YtLCQIXzu3PFeOvIXkAg9A2oosRLdoaApUor8imyP8wgs2xGPWS1QQ/v6Tl
OaE479ICDqpiUiEjIDA5HCKCF/4JUf8aJJEOu4RgJjfns6Upo/4JhozAPvAm5mQb
TRd0SWT/ghBEEIoYJ6CVH+F+4iUoM7JUtL7Ugf493AI+Vfkra4Z7ThCFAprdrVRZ
g6xcHf8hgNb+sT5NIV9t8Vzxbgr6Im0S+Uaziq4nnqx5b5D+bfs27+qcLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP4CnKOwn7fSTS8spPEvZJWRWoNCMB8GA1UdIwQY
MBaAFNgGLkzCby33bvMIznpuPINEydAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAt
NGUyNjVkODk2NWVhLzEvX2dLY283Q2Z0OUpOTHl5azhTOWtsWkZhZzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84Nzc0YjUtNTcxMC00ZTMyLTk4NTAtNGUyNjVkODk2NWVh
LzEvMkFZdVRNSnZMZmR1OHdqT2VtNDhnMFRKMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPuk8AwQA
khO5AwQAw0ByMA0GCSqGSIb3DQEBCwUAA4IBAQBhisGJIRkVHEHKdXvfd3LUNA8G
H3XRYvarF4WmKxIZOjnvidtbejWVY8im4TNOdzZ4yBshRq0oV/+ov4qFUxgiNu0t
HBYz4LSg4HRVUEzH3uPwxodKq4l8zIN7HzsD4imJOHpJI5gBqSpaUpsvc8CEOeQ7
Q2I8gCw2gfQc5T1050KoaKcoXBBv6nE5Yb2vnzt62dG9yV5MSLDOpceg/5k6R1re
zyFpjMW0pE183PNimdVclEEtOmgN9Qrg2k7OcWYoW6K7wo96Q15Ce1gWWdq7/VQt
gUG7cb0nOrISbj4LAOvBhHwksJXi5p04AiI5lLFc8u49vaEx/QxWo8luIhIM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org