Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/faf163-0983-48ed-a3bd-ae7d31fb05e5/1/B4yrKCfn3GAdDo4Lk7i2whhPz0w.roa
File: B4yrKCfn3GAdDo4Lk7i2whhPz0w.roa (raw, json)
Hash identifier: tnmLMQFIQNORvGQqG5dvaOq7MQUZ5hQePbI2KgxQJ+I=
Subject key identifier: 07:8C:AB:28:27:E7:DC:60:1D:0E:8E:0B:93:B8:B6:C2:18:4F:CF:4C
Certificate issuer: /CN=a7bf29d886b3fdf093b992258ad158996f184b2b
Certificate serial: 01856F14DB3603F4C2E46A7C9ECC5B8B75B3
Authority key identifier: A7:BF:29:D8:86:B3:FD:F0:93:B9:92:25:8A:D1:58:99:6F:18:4B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p78p2Iaz_fCTuZIlitFYmW8YSys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/faf163-0983-48ed-a3bd-ae7d31fb05e5/1/B4yrKCfn3GAdDo4Lk7i2whhPz0w.roa
Signing time: Sun 01 Jan 2023 20:45:15 +0000
ROA not before: Sun 01 Jan 2023 20:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203485
IP address blocks: 185.133.92.0/22 maxlen: 24
2a05:40::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:db:36:03:f4:c2:e4:6a:7c:9e:cc:5b:8b:75:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7bf29d886b3fdf093b992258ad158996f184b2b
Validity
Not Before: Jan 1 20:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=078cab2827e7dc601d0e8e0b93b8b6c2184fcf4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:94:54:b8:7f:31:72:16:1b:45:57:c8:f0:07:
01:2b:c1:c0:d0:d5:8f:78:23:cc:bb:1e:3d:1b:87:
0c:65:f1:b9:cf:cd:4e:ab:8a:a7:18:89:f3:b7:b0:
26:0c:29:c9:74:d5:7f:f4:6d:dd:03:24:e0:79:60:
8c:83:18:4e:f0:4d:76:d3:b2:9c:54:e5:e1:dc:11:
9e:84:ed:7f:06:7e:2e:f7:ce:b2:01:4f:cc:de:c6:
25:cb:c3:a6:9b:2d:eb:26:2b:b0:f5:01:d0:4a:89:
35:ee:58:d9:38:1a:4c:28:66:b9:75:58:50:c3:0a:
53:d1:3a:fa:b4:b6:95:e5:e0:d7:82:2d:e9:65:f7:
09:e7:9b:29:10:5a:82:93:bc:9b:6b:88:69:4c:ab:
c9:27:d7:61:89:b9:a9:97:b9:09:f5:51:71:43:da:
0a:d5:b6:dc:16:47:9e:d1:e0:4d:fa:74:7f:87:cf:
a2:60:5b:85:d7:b9:38:62:d5:76:0b:66:9f:46:c4:
70:c0:6a:43:8a:86:3f:fc:87:cc:97:2b:52:dd:ea:
63:79:64:6d:9c:97:d1:e3:48:fe:e7:ba:8e:c7:6d:
b7:96:3c:bf:4c:a9:6e:8b:2b:8d:da:53:9b:5f:52:
75:03:39:df:4c:a3:97:19:51:ba:a1:38:7d:4b:11:
e9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8C:AB:28:27:E7:DC:60:1D:0E:8E:0B:93:B8:B6:C2:18:4F:CF:4C
X509v3 Authority Key Identifier:
keyid:A7:BF:29:D8:86:B3:FD:F0:93:B9:92:25:8A:D1:58:99:6F:18:4B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p78p2Iaz_fCTuZIlitFYmW8YSys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/faf163-0983-48ed-a3bd-ae7d31fb05e5/1/B4yrKCfn3GAdDo4Lk7i2whhPz0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/faf163-0983-48ed-a3bd-ae7d31fb05e5/1/p78p2Iaz_fCTuZIlitFYmW8YSys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.92.0/22
IPv6:
2a05:40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:e4:11:07:75:e1:e5:1b:3a:91:30:d9:d0:9d:78:64:1f:fc:
2e:00:30:da:68:d8:74:47:96:b0:68:3f:f1:4d:e9:35:8e:7f:
93:8d:0b:13:37:38:5f:49:6e:49:19:9c:3e:b6:9e:cb:a4:a3:
ab:d2:c2:60:2c:4f:b0:c9:52:9a:32:b9:6f:4c:d4:a3:3a:75:
88:d7:bd:1a:f0:2e:72:7d:78:9f:a8:90:e2:19:dc:aa:4c:ee:
40:5d:8f:af:0b:77:81:86:35:94:0c:b1:06:70:20:12:56:54:
3a:14:77:49:b3:97:fb:cd:b0:0b:07:06:73:b7:8a:2a:ed:48:
f7:d6:bf:9c:8a:83:78:40:74:5a:4a:78:17:78:a4:ad:5d:1e:
e6:88:ca:2a:04:ae:af:a8:2c:6c:8c:e1:28:6c:ee:24:1c:8a:
45:7d:6d:3e:0b:db:19:06:50:23:01:83:f7:78:da:db:9a:86:
75:01:40:38:de:57:ca:89:af:1c:de:87:27:2e:9d:0d:f2:05:
78:cc:a5:06:39:9e:91:17:48:fa:a6:b3:ea:cd:4b:50:9a:89:
6d:cc:72:20:01:b0:3e:56:f4:c5:63:c8:0a:1b:a8:51:c7:a0:
46:05:cb:d8:68:f7:04:fa:8b:b9:d9:d5:9b:a0:10:ba:89:b7:
d0:ad:4d:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFNs2A/TC5Gp8nsxbi3WzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YmYyOWQ4ODZiM2ZkZjA5M2I5OTIyNThhZDE1ODk5NmYx
ODRiMmIwHhcNMjMwMTAxMjA0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhjYWIyODI3ZTdkYzYwMWQwZThlMGI5M2I4YjZjMjE4NGZjZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpRUuH8xchYbRVfI8AcBK8HA0NWP
eCPMux49G4cMZfG5z81Oq4qnGInzt7AmDCnJdNV/9G3dAyTgeWCMgxhO8E1207Kc
VOXh3BGehO1/Bn4u986yAU/M3sYly8Ommy3rJiuw9QHQSok17ljZOBpMKGa5dVhQ
wwpT0Tr6tLaV5eDXgi3pZfcJ55spEFqCk7yba4hpTKvJJ9dhibmpl7kJ9VFxQ9oK
1bbcFkee0eBN+nR/h8+iYFuF17k4YtV2C2afRsRwwGpDioY//IfMlytS3epjeWRt
nJfR40j+57qOx223ljy/TKluiyuN2lObX1J1AznfTKOXGVG6oTh9SxHpBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAeMqygn59xgHQ6OC5O4tsIYT89MMB8GA1UdIwQY
MBaAFKe/KdiGs/3wk7mSJYrRWJlvGEsrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDc4cDJJYXpfZkNUdVpJbGl0RlltVzhZU3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mYWYxNjMtMDk4My00OGVkLWEzYmQt
YWU3ZDMxZmIwNWU1LzEvQjR5cktDZm4zR0FkRG80TGs3aTJ3aGhQejB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mYWYxNjMtMDk4My00OGVkLWEzYmQtYWU3ZDMxZmIwNWU1
LzEvcDc4cDJJYXpfZkNUdVpJbGl0RlltVzhZU3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYVcMA0E
AgACMAcDBQMqBQBAMA0GCSqGSIb3DQEBCwUAA4IBAQCe5BEHdeHlGzqRMNnQnXhk
H/wuADDaaNh0R5awaD/xTek1jn+TjQsTNzhfSW5JGZw+tp7LpKOr0sJgLE+wyVKa
MrlvTNSjOnWI170a8C5yfXifqJDiGdyqTO5AXY+vC3eBhjWUDLEGcCASVlQ6FHdJ
s5f7zbALBwZzt4oq7Uj31r+cioN4QHRaSngXeKStXR7miMoqBK6vqCxsjOEobO4k
HIpFfW0+C9sZBlAjAYP3eNrbmoZ1AUA43lfKia8c3ocnLp0N8gV4zKUGOZ6RF0j6
prPqzUtQmoltzHIgAbA+VvTFY8gKG6hRx6BGBcvYaPcE+ou52dWboBC6ibfQrU2G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org