Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/2da3de-f40c-49bd-af52-a9ae251e2fc5/1/HN5lO60uJbgNafkSD9Rr3Uyy6cY.roa
File: HN5lO60uJbgNafkSD9Rr3Uyy6cY.roa (raw, json)
Hash identifier: B6dox0MIcctoQNiTQ6+r91fdD+i5sBXUlatrF8nJ1Ko=
Subject key identifier: 1C:DE:65:3B:AD:2E:25:B8:0D:69:F9:12:0F:D4:6B:DD:4C:B2:E9:C6
Certificate issuer: /CN=4235d69d8d896faec6e7c2171d30dd09b501a03f
Certificate serial: 01856E0B0C0B585019BB0D6A4A0EE5A9A344
Authority key identifier: 42:35:D6:9D:8D:89:6F:AE:C6:E7:C2:17:1D:30:DD:09:B5:01:A0:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QjXWnY2Jb67G58IXHTDdCbUBoD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/2da3de-f40c-49bd-af52-a9ae251e2fc5/1/HN5lO60uJbgNafkSD9Rr3Uyy6cY.roa
Signing time: Sun 01 Jan 2023 15:54:55 +0000
ROA not before: Sun 01 Jan 2023 15:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62388
IP address blocks: 188.212.36.0/24 maxlen: 24
89.47.37.0/24 maxlen: 24
89.37.232.0/23 maxlen: 23
89.35.112.0/24 maxlen: 24
185.114.52.0/22 maxlen: 22
2a06:7900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:0c:0b:58:50:19:bb:0d:6a:4a:0e:e5:a9:a3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4235d69d8d896faec6e7c2171d30dd09b501a03f
Validity
Not Before: Jan 1 15:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cde653bad2e25b80d69f9120fd46bdd4cb2e9c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:94:03:2b:31:7a:2e:ac:e2:e1:b0:21:46:29:
ca:37:80:af:4e:b0:6a:5c:90:64:10:e1:13:c3:43:
f5:50:8b:5a:7c:61:42:f6:73:c0:86:b6:34:7e:61:
a2:32:cd:7c:47:af:c1:3d:1c:d9:5e:8a:66:bd:97:
30:4d:dc:7f:e6:fa:b2:7d:f8:5b:f9:1c:f9:b7:63:
d8:c6:7b:7d:cb:5b:9a:30:4b:89:31:d6:c8:bb:0f:
a1:c3:18:54:0e:8e:93:b8:ea:26:0e:0d:20:7c:c9:
83:51:d1:0a:f3:ff:45:ce:8e:59:5e:aa:59:f3:80:
c0:fe:7e:9b:05:50:ce:cd:1f:49:cb:ad:98:82:8f:
3e:40:69:13:e4:e4:8b:dd:81:ee:19:14:08:91:9e:
74:01:9d:17:e8:60:4e:46:1a:a8:4a:8a:53:34:4c:
0c:e6:b3:64:a0:b1:ec:af:bf:96:d5:cc:69:39:1a:
f6:a8:95:88:43:bb:24:c2:ae:5b:31:46:6f:30:ae:
3c:a6:9e:5c:19:ae:08:8a:59:b5:ee:4d:ee:a5:1b:
91:66:32:eb:4e:4a:17:17:d2:c8:b6:1c:ae:ef:bc:
0a:07:e6:ba:89:94:af:d0:09:03:ba:e5:0d:63:71:
a9:4d:bc:fe:b1:0f:38:e2:0e:8f:d8:96:03:39:07:
c5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DE:65:3B:AD:2E:25:B8:0D:69:F9:12:0F:D4:6B:DD:4C:B2:E9:C6
X509v3 Authority Key Identifier:
keyid:42:35:D6:9D:8D:89:6F:AE:C6:E7:C2:17:1D:30:DD:09:B5:01:A0:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QjXWnY2Jb67G58IXHTDdCbUBoD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/2da3de-f40c-49bd-af52-a9ae251e2fc5/1/HN5lO60uJbgNafkSD9Rr3Uyy6cY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/2da3de-f40c-49bd-af52-a9ae251e2fc5/1/QjXWnY2Jb67G58IXHTDdCbUBoD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.112.0/24
89.37.232.0/23
89.47.37.0/24
185.114.52.0/22
188.212.36.0/24
IPv6:
2a06:7900::/29
Signature Algorithm: sha256WithRSAEncryption
93:64:44:c5:ed:f2:cb:c8:a6:47:0e:87:cb:3e:90:96:83:d3:
ce:95:dd:fa:f3:01:c1:2c:42:ce:80:33:e7:68:2e:bb:d0:ca:
a5:59:86:07:eb:da:6a:2f:f5:ae:a8:c8:cc:a0:35:f6:a4:e8:
15:52:ba:1e:8f:0b:31:3b:07:a9:4e:02:ce:51:94:8b:70:70:
fa:bd:a8:d4:c0:1f:ef:15:1c:9a:e0:29:5b:7b:b7:6a:a6:e3:
ce:3a:74:b7:5e:7e:f4:92:e5:9f:68:fc:f6:13:92:4d:e0:81:
41:69:15:f9:9e:eb:34:74:73:cb:ef:6c:3b:1f:f4:8e:7e:1d:
7b:93:86:0f:75:2a:15:ba:9f:1a:ae:97:96:03:21:19:d5:c3:
b4:af:08:1a:47:6a:ab:fc:61:3d:f0:22:be:13:4a:ec:82:5a:
d2:62:3e:40:14:46:77:4a:09:e7:b4:57:14:90:f5:b4:8c:20:
ab:92:64:ed:4b:cb:c0:86:9d:29:8a:d5:49:cf:d2:eb:b3:dc:
d2:52:9e:a0:09:d1:45:47:dc:8c:88:96:2c:8f:29:0d:65:d0:
6f:37:77:79:4b:8d:c1:76:c9:ac:f1:83:9c:12:0d:aa:40:c4:
9c:22:04:dd:16:5e:ac:f2:13:a6:f2:28:c8:b0:5e:68:5f:37:
6c:e2:49:6e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuCwwLWFAZuw1qSg7lqaNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMzVkNjlkOGQ4OTZmYWVjNmU3YzIxNzFkMzBkZDA5YjUw
MWEwM2YwHhcNMjMwMTAxMTU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RlNjUzYmFkMmUyNWI4MGQ2OWY5MTIwZmQ0NmJkZDRjYjJlOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+5QDKzF6Lqzi4bAhRinKN4CvTrBq
XJBkEOETw0P1UItafGFC9nPAhrY0fmGiMs18R6/BPRzZXopmvZcwTdx/5vqyffhb
+Rz5t2PYxnt9y1uaMEuJMdbIuw+hwxhUDo6TuOomDg0gfMmDUdEK8/9Fzo5ZXqpZ
84DA/n6bBVDOzR9Jy62Ygo8+QGkT5OSL3YHuGRQIkZ50AZ0X6GBORhqoSopTNEwM
5rNkoLHsr7+W1cxpORr2qJWIQ7skwq5bMUZvMK48pp5cGa4Iilm17k3upRuRZjLr
TkoXF9LIthyu77wKB+a6iZSv0AkDuuUNY3GpTbz+sQ844g6P2JYDOQfF8QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBzeZTutLiW4DWn5Eg/Ua91MsunGMB8GA1UdIwQY
MBaAFEI11p2NiW+uxufCFx0w3Qm1AaA/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWpYV25ZMkpiNjdHNThJWEhURGRDYlVCb0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yZGEzZGUtZjQwYy00OWJkLWFmNTIt
YTlhZTI1MWUyZmM1LzEvSE41bE82MHVKYmdOYWZrU0Q5UnIzVXl5NmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yZGEzZGUtZjQwYy00OWJkLWFmNTItYTlhZTI1MWUyZmM1
LzEvUWpYV25ZMkpiNjdHNThJWEhURGRDYlVCb0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWSNwAwQB
WSXoAwQAWS8lAwQCuXI0AwQAvNQkMA0EAgACMAcDBQMqBnkAMA0GCSqGSIb3DQEB
CwUAA4IBAQCTZETF7fLLyKZHDofLPpCWg9POld368wHBLELOgDPnaC670MqlWYYH
69pqL/WuqMjMoDX2pOgVUroejwsxOwepTgLOUZSLcHD6vajUwB/vFRya4Clbe7dq
puPOOnS3Xn70kuWfaPz2E5JN4IFBaRX5nus0dHPL72w7H/SOfh17k4YPdSoVup8a
rpeWAyEZ1cO0rwgaR2qr/GE98CK+E0rsglrSYj5AFEZ3SgnntFcUkPW0jCCrkmTt
S8vAhp0pitVJz9Lrs9zSUp6gCdFFR9yMiJYsjykNZdBvN3d5S43Bdsms8YOcEg2q
QMScIgTdFl6s8hOm8ijIsF5oXzds4klu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:36 2024 by rpki-client on console-fra.rpki-client.org