Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/dCS-mGJNpalrKzTiDuLyR3-xNig.roa
File: dCS-mGJNpalrKzTiDuLyR3-xNig.roa (raw, json)
Hash identifier: xPQ7kNbkBtg2dNryZXIozkLZIYQtJYp0vrCH8sQO01A=
Subject key identifier: 74:24:BE:98:62:4D:A5:A9:6B:2B:34:E2:0E:E2:F2:47:7F:B1:36:28
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 03EB8794
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/dCS-mGJNpalrKzTiDuLyR3-xNig.roa
Signing time: Sat 01 Jan 2022 12:54:19 +0000
ROA not before: Sat 01 Jan 2022 12:54:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60558
IP address blocks: 185.52.52.0/22 maxlen: 22
185.52.55.0/24 maxlen: 24
2a01:b960:2301::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65767316 (0x3eb8794)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 12:54:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7424be98624da5a96b2b34e20ee2f2477fb13628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:99:b4:90:5d:55:ee:20:f2:0a:17:65:d9:6c:
a6:9c:a2:f9:6b:12:75:00:72:9a:de:c8:7e:6e:5a:
a9:07:19:18:6e:b6:8f:a4:56:46:83:42:fb:46:66:
14:c0:ad:f7:81:de:92:a5:4d:62:8b:28:9e:c5:d0:
fd:b0:47:e4:ee:54:da:67:de:21:cd:b7:94:93:76:
1f:27:71:e1:88:cf:a8:7b:7a:73:ce:fd:32:a6:22:
05:b0:36:4b:f9:12:0f:cd:13:b0:7b:f6:a5:10:04:
12:d1:7c:57:b8:64:52:b2:8a:4c:23:9e:d9:4f:47:
9e:c7:20:29:fa:fc:d4:65:6c:4c:63:85:7b:85:70:
0b:11:a2:99:39:ae:8d:ad:04:b2:b7:1e:47:0a:62:
cb:8f:1d:67:d5:c4:ea:e1:05:a4:2e:31:74:e0:70:
84:23:67:14:7d:1f:74:e1:f4:cb:a5:c3:8e:17:14:
74:b3:6d:6d:45:d1:73:f5:b4:76:ad:8b:94:58:0c:
8f:7c:7a:5f:f6:3f:35:1e:3f:4a:e9:61:6f:68:9e:
33:b7:e0:fd:94:e9:ba:45:7b:2b:66:b8:af:27:72:
bd:b1:98:fb:fa:6f:cb:0e:55:9e:1b:e7:b0:7a:96:
40:90:04:09:18:5b:f8:2d:17:0c:d6:a9:8d:9d:51:
42:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:24:BE:98:62:4D:A5:A9:6B:2B:34:E2:0E:E2:F2:47:7F:B1:36:28
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/dCS-mGJNpalrKzTiDuLyR3-xNig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.52.0/22
IPv6:
2a01:b960:2301::/48
Signature Algorithm: sha256WithRSAEncryption
89:15:ec:79:27:59:46:fd:63:3d:ce:77:58:7b:43:55:1e:dc:
c6:81:45:6a:f2:e9:d6:fd:f8:10:f5:7f:3c:15:10:30:8c:bd:
7a:96:73:27:3f:d4:73:c2:37:d3:ce:7d:24:fc:5e:ed:07:e1:
95:42:e8:d4:16:8b:24:49:f2:37:86:b7:32:85:73:4d:38:a5:
0a:dc:75:dd:6e:ec:7a:34:eb:88:9c:24:53:24:cb:86:ff:8f:
99:5a:cf:a1:1c:d4:47:25:87:f3:f9:78:b6:a2:0b:3e:95:18:
16:5d:64:3f:a6:34:b8:77:4a:cd:e9:88:18:a0:42:95:48:4d:
3b:0e:da:eb:df:4a:89:d5:4f:96:0f:4f:df:4d:74:99:96:29:
d3:5f:53:d8:49:45:ba:c9:8b:18:67:97:c4:62:c4:04:76:b5:
7d:2f:d3:a1:f3:c9:67:56:f7:f8:51:c9:3b:33:02:6d:c6:4b:
cf:1d:e2:01:d4:e4:08:b0:15:3a:5e:af:af:49:e2:6e:ab:78:
fa:d8:f5:9e:ee:47:44:6d:a5:56:bc:48:ad:e1:37:68:8d:9e:
d0:b2:39:7a:c2:27:2e:61:80:08:1c:f2:21:b3:11:21:c0:f2:
75:c8:0f:d2:34:b1:75:da:09:bb:5b:5c:dd:24:d5:39:36:e0:
e6:a2:4f:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEA+uHlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGYxNzI2ZWE0YmQ2ZDNjODA5MWFlMGM4YWQxYTAzZTkxZTM1OWEyMB4XDTIyMDEw
MTEyNTQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQyNGJlOTg2MjRk
YTVhOTZiMmIzNGUyMGVlMmYyNDc3ZmIxMzYyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCZtJBdVe4g8goXZdlsppyi+WsSdQBymt7Ifm5aqQcZGG62
j6RWRoNC+0ZmFMCt94HekqVNYosonsXQ/bBH5O5U2mfeIc23lJN2Hydx4YjPqHt6
c879MqYiBbA2S/kSD80TsHv2pRAEEtF8V7hkUrKKTCOe2U9HnscgKfr81GVsTGOF
e4VwCxGimTmuja0EsrceRwpiy48dZ9XE6uEFpC4xdOBwhCNnFH0fdOH0y6XDjhcU
dLNtbUXRc/W0dq2LlFgMj3x6X/Y/NR4/Sulhb2ieM7fg/ZTpukV7K2a4rydyvbGY
+/pvyw5VnhvnsHqWQJAECRhb+C0XDNapjZ1RQi0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR0JL6YYk2lqWsrNOIO4vJHf7E2KDAfBgNVHSMEGDAWgBQ08XJupL1tPICR
rgyK0aA+keNZojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QRnlicVM5YlR5QWthNE1pdEdnUHBIaldhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvZWY4ZTg0LTkxNjEtNDAyYy04MWFkLWU4ZThkMmZlNzBmZS8x
L2RDUy1tR0pOcGFsckt6VGlEdUx5UjMteE5pZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
ZWY4ZTg0LTkxNjEtNDAyYy04MWFkLWU4ZThkMmZlNzBmZS8xL05QRnlicVM5YlR5
QWthNE1pdEdnUHBIaldhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArk0NDAPBAIAAjAJAwcAKgG5YCMB
MA0GCSqGSIb3DQEBCwUAA4IBAQCJFex5J1lG/WM9zndYe0NVHtzGgUVq8unW/fgQ
9X88FRAwjL16lnMnP9RzwjfTzn0k/F7tB+GVQujUFoskSfI3hrcyhXNNOKUK3HXd
bux6NOuInCRTJMuG/4+ZWs+hHNRHJYfz+Xi2ogs+lRgWXWQ/pjS4d0rN6YgYoEKV
SE07Dtrr30qJ1U+WD0/fTXSZlinTX1PYSUW6yYsYZ5fEYsQEdrV9L9Oh88lnVvf4
Uck7MwJtxkvPHeIB1OQIsBU6Xq+vSeJuq3j62PWe7kdEbaVWvEit4TdojZ7Qsjl6
wicuYYAIHPIhsxEhwPJ1yA/SNLF12gm7W1zdJNU5NuDmok/H
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:42 2025 by rpki-client