Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/MiFW1Jg-S8dpQ-MXjZH3g75PhHA.roa
File: MiFW1Jg-S8dpQ-MXjZH3g75PhHA.roa (raw, json)
Hash identifier: sf+cPqJ7MU5KN/ILCKuu3e1wGg+rya/v7sI/YSQbquk=
Subject key identifier: 32:21:56:D4:98:3E:4B:C7:69:43:E3:17:8D:91:F7:83:BE:4F:84:70
Certificate issuer: /CN=24c64272b0b3aeb812549dee7ec58a3eaf6fa576
Certificate serial: 03B5B82F
Authority key identifier: 24:C6:42:72:B0:B3:AE:B8:12:54:9D:EE:7E:C5:8A:3E:AF:6F:A5:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMZCcrCzrrgSVJ3ufsWKPq9vpXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/MiFW1Jg-S8dpQ-MXjZH3g75PhHA.roa
Signing time: Sat 01 Jan 2022 12:00:47 +0000
ROA not before: Sat 01 Jan 2022 12:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.210.88.0/22 maxlen: 24
185.216.168.0/22 maxlen: 24
194.35.88.0/22 maxlen: 24
109.107.96.0/19 maxlen: 24
185.235.100.0/22 maxlen: 24
185.96.24.0/22 maxlen: 24
185.214.12.0/22 maxlen: 24
185.210.184.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62240815 (0x3b5b82f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24c64272b0b3aeb812549dee7ec58a3eaf6fa576
Validity
Not Before: Jan 1 12:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=322156d4983e4bc76943e3178d91f783be4f8470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bc:ed:c1:43:78:ae:05:88:52:d2:bd:9e:5a:
45:19:fd:26:9f:a9:ac:9d:ea:7d:ff:8d:6b:97:69:
23:5d:8f:2b:6d:a7:1e:a0:72:fc:af:d1:87:61:f7:
47:c0:6c:28:1d:f2:4b:d4:fb:1d:f7:8c:9a:6c:52:
75:79:34:2f:6b:62:db:bd:56:6c:36:16:78:7f:9e:
70:65:2b:59:81:fc:19:5a:f1:76:ad:9d:2a:76:b2:
98:3b:d6:5f:b5:21:51:2a:24:76:ef:a4:4a:de:10:
56:38:ae:78:6d:85:56:67:61:3c:b4:c3:9b:bd:54:
c9:fa:f8:70:3d:ae:4c:d5:62:18:2f:25:f4:43:11:
4f:6c:51:68:84:f5:13:0f:e4:ae:20:28:74:ca:ec:
28:bb:7c:28:7d:57:da:59:3d:1e:1f:30:da:a6:b3:
b2:7b:dd:2c:5c:48:53:3b:6f:93:84:bd:d2:5b:b1:
a2:1e:33:1a:3c:3c:e4:83:41:79:fe:fe:e4:64:e1:
ea:6d:b8:1b:d7:65:46:49:2b:43:1c:2f:52:72:b1:
04:bc:81:e6:ac:61:05:95:bb:0a:ec:5f:7b:e7:f8:
64:da:19:68:a5:71:5c:55:34:6b:26:c7:3b:8f:6e:
5c:8f:2b:6d:ba:a3:4a:0f:85:79:18:54:3c:51:b5:
07:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:21:56:D4:98:3E:4B:C7:69:43:E3:17:8D:91:F7:83:BE:4F:84:70
X509v3 Authority Key Identifier:
keyid:24:C6:42:72:B0:B3:AE:B8:12:54:9D:EE:7E:C5:8A:3E:AF:6F:A5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMZCcrCzrrgSVJ3ufsWKPq9vpXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/MiFW1Jg-S8dpQ-MXjZH3g75PhHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e0d0b2-9b9a-47f8-84ec-1460c78ea75d/1/JMZCcrCzrrgSVJ3ufsWKPq9vpXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.96.0/19
185.96.24.0/22
185.210.88.0/22
185.210.184.0/22
185.214.12.0/22
185.216.168.0/22
185.235.100.0/22
194.35.88.0/22
Signature Algorithm: sha256WithRSAEncryption
42:5e:d1:a1:7d:5c:ab:ad:7a:79:de:6f:f1:cb:9f:3e:a8:64:
43:22:d8:1b:ef:ce:35:5a:14:96:31:94:f6:75:57:b8:8e:66:
76:b2:d4:c4:60:d2:bc:87:9f:a6:37:97:c8:20:0a:23:b8:b0:
59:3b:f0:1b:d1:19:0d:09:b8:ca:cc:2a:ed:b9:fe:e2:4d:06:
ec:d7:cf:b7:86:59:9c:99:d0:dd:79:99:eb:27:2a:f4:5d:8c:
6a:84:e5:0c:7d:36:5f:53:36:04:cc:e6:30:fd:19:d0:a0:24:
04:f3:b0:89:53:d0:fd:f2:c2:84:58:30:18:84:6a:6c:c0:9e:
93:7a:b1:69:8e:71:64:a4:82:d0:80:86:7b:7a:88:6e:0f:db:
8a:00:40:a7:d9:27:76:b0:e5:a0:1c:71:52:49:08:a2:c8:dd:
2f:13:f1:c5:cc:f1:ad:14:0a:41:0f:1e:7a:f2:92:92:6a:b1:
4c:48:e1:bf:c7:22:75:3b:04:8c:f3:7a:1a:cb:58:6e:27:2b:
e9:62:93:f8:c5:f3:18:4b:24:32:ee:1d:09:20:db:75:ae:a7:
6a:8f:2c:69:2e:b9:e0:73:a9:11:9f:12:a4:0f:78:d7:99:4f:
e0:55:38:b1:2a:b6:b5:25:bf:52:e9:1a:d2:d4:b2:db:76:a8:
ad:4c:b8:b6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEA7W4LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGM2NDI3MmIwYjNhZWI4MTI1NDlkZWU3ZWM1OGEzZWFmNmZhNTc2MB4XDTIyMDEw
MTEyMDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzIyMTU2ZDQ5ODNl
NGJjNzY5NDNlMzE3OGQ5MWY3ODNiZTRmODQ3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKq87cFDeK4FiFLSvZ5aRRn9Jp+prJ3qff+Na5dpI12PK22n
HqBy/K/Rh2H3R8BsKB3yS9T7HfeMmmxSdXk0L2ti271WbDYWeH+ecGUrWYH8GVrx
dq2dKnaymDvWX7UhUSokdu+kSt4QVjiueG2FVmdhPLTDm71Uyfr4cD2uTNViGC8l
9EMRT2xRaIT1Ew/kriAodMrsKLt8KH1X2lk9Hh8w2qazsnvdLFxIUztvk4S90lux
oh4zGjw85INBef7+5GTh6m24G9dlRkkrQxwvUnKxBLyB5qxhBZW7Cuxfe+f4ZNoZ
aKVxXFU0aybHO49uXI8rbbqjSg+FeRhUPFG1B+ECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQyIVbUmD5Lx2lD4xeNkfeDvk+EcDAfBgNVHSMEGDAWgBQkxkJysLOuuBJU
ne5+xYo+r2+ldjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pNWkNjckN6cnJnU1ZKM3Vmc1dLUHE5dnBYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTBkMGIyLTliOWEtNDdmOC04NGVjLTE0NjBjNzhlYTc1ZC8x
L01pRlcxSmctUzhkcFEtTVhqWkgzZzc1UGhIQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTBkMGIyLTliOWEtNDdmOC04NGVjLTE0NjBjNzhlYTc1ZC8xL0pNWkNjckN6cnJn
U1ZKM3Vmc1dLUHE5dnBYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEBW1rYAMEArlgGAMEArnSWAMEArnS
uAMEArnWDAMEArnYqAMEArnrZAMEAsIjWDANBgkqhkiG9w0BAQsFAAOCAQEAQl7R
oX1cq616ed5v8cufPqhkQyLYG+/ONVoUljGU9nVXuI5mdrLUxGDSvIefpjeXyCAK
I7iwWTvwG9EZDQm4yswq7bn+4k0G7NfPt4ZZnJnQ3XmZ6ycq9F2MaoTlDH02X1M2
BMzmMP0Z0KAkBPOwiVPQ/fLChFgwGIRqbMCek3qxaY5xZKSC0ICGe3qIbg/bigBA
p9kndrDloBxxUkkIosjdLxPxxczxrRQKQQ8eevKSkmqxTEjhv8cidTsEjPN6GstY
bicr6WKT+MXzGEskMu4dCSDbda6nao8saS654HOpEZ8SpA9415lP4FU4sSq2tSW/
Uuka0tSy23aorUy4tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org