Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/8RhZYUr51nxuaY-Q336JjDZmz1E.roa
File: 8RhZYUr51nxuaY-Q336JjDZmz1E.roa (raw, json)
Hash identifier: Vc5oJu54aFLzYaZ/1p8CBqgu9Xph0Zp3jKPU0h6NlnY=
Subject key identifier: F1:18:59:61:4A:F9:D6:7C:6E:69:8F:90:DF:7E:89:8C:36:66:CF:51
Certificate issuer: /CN=4c0dad1bf18215a2fa808691a7bc5f9e702f99e2
Certificate serial: 018A0F4C79F23C50930BD556DA29419BD7BA
Authority key identifier: 4C:0D:AD:1B:F1:82:15:A2:FA:80:86:91:A7:BC:5F:9E:70:2F:99:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TA2tG_GCFaL6gIaRp7xfnnAvmeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/8RhZYUr51nxuaY-Q336JjDZmz1E.roa
Signing time: Sat 19 Aug 2023 19:36:24 +0000
ROA not before: Sat 19 Aug 2023 19:36:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209097
IP address blocks: 185.115.204.0/24 maxlen: 24
2a12:f284::/32 maxlen: 32
2a12:f282::/32 maxlen: 32
2a12:f280::/32 maxlen: 32
2a12:f286::/31 maxlen: 31
2a12:f285::/32 maxlen: 32
2a12:f283::/32 maxlen: 32
2a12:f281::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0f:4c:79:f2:3c:50:93:0b:d5:56:da:29:41:9b:d7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c0dad1bf18215a2fa808691a7bc5f9e702f99e2
Validity
Not Before: Aug 19 19:36:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f11859614af9d67c6e698f90df7e898c3666cf51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f9:48:3e:d6:f6:68:00:d5:59:4d:7e:4a:ec:
92:12:6c:ac:55:0f:3e:71:bc:ce:eb:f6:2f:e9:cb:
07:f6:ac:fd:ea:af:1a:05:6a:85:39:42:4f:64:93:
c9:01:f1:88:28:be:bf:08:ad:da:12:83:6d:65:62:
40:6f:86:8c:d3:8a:82:58:ae:e4:42:c4:5f:ca:2f:
2e:3a:2f:a4:5d:a2:ea:b3:8e:99:ef:f1:2e:5b:08:
db:40:17:70:7e:ae:11:5a:53:08:44:ee:8b:ca:f8:
e5:83:5a:b5:a3:ed:ad:4c:c0:a4:97:07:f8:c0:f5:
8d:49:5d:4f:70:0b:9b:00:00:a5:02:a7:dc:4f:71:
0d:47:2d:c0:7f:c0:f9:95:e4:50:6d:b1:79:dd:5d:
a8:8b:d6:58:3a:7d:00:d6:7e:a3:34:f3:81:a6:96:
55:4f:19:14:be:1a:10:9c:bf:e1:d9:87:9c:9a:df:
37:e4:7c:6f:66:7e:12:ec:dd:88:61:81:4b:c1:92:
79:75:aa:5c:0b:d5:98:c2:08:e4:a0:9a:12:fe:b1:
6f:0c:00:f6:32:12:07:89:58:ba:0d:b1:c6:67:92:
33:79:da:d7:3e:cd:5e:05:62:69:77:6c:d5:6f:48:
8e:54:65:40:de:8a:4d:6c:01:c0:1d:f5:11:88:2d:
03:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:18:59:61:4A:F9:D6:7C:6E:69:8F:90:DF:7E:89:8C:36:66:CF:51
X509v3 Authority Key Identifier:
keyid:4C:0D:AD:1B:F1:82:15:A2:FA:80:86:91:A7:BC:5F:9E:70:2F:99:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TA2tG_GCFaL6gIaRp7xfnnAvmeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/8RhZYUr51nxuaY-Q336JjDZmz1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/8f7ae3-8e5e-4f06-9824-c869d7691b32/1/TA2tG_GCFaL6gIaRp7xfnnAvmeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.204.0/24
IPv6:
2a12:f280::/29
Signature Algorithm: sha256WithRSAEncryption
0e:5b:94:ce:1d:40:91:40:42:f3:b7:9e:f2:f9:74:3d:de:bd:
37:eb:10:c7:c0:63:f9:90:9b:2b:d8:a6:f8:04:0c:bb:17:e7:
28:ee:19:73:90:91:27:8c:7c:05:91:4b:fa:72:d9:ff:a3:2b:
96:ab:2f:e2:b1:d1:aa:d6:a9:3a:57:f3:31:ce:db:ff:4f:9c:
f0:68:ed:61:b4:2b:d0:6d:74:09:da:08:5d:46:dd:29:fe:34:
2d:e9:27:3d:68:b3:74:8b:93:c4:d4:f8:3e:2d:44:30:a8:ce:
a3:09:7a:de:30:45:ea:9e:ae:64:1c:ec:64:f0:03:f9:6b:ce:
d8:e6:54:c9:99:a3:13:d9:aa:d0:8a:62:30:25:2b:b8:29:9e:
9c:e3:db:76:93:84:ff:bc:de:27:d0:57:d0:23:b6:18:bf:aa:
cc:e1:a0:4c:94:92:ab:37:d5:70:d8:1c:0c:9a:05:dc:31:d7:
65:ed:bb:07:c6:ea:f0:66:8a:12:59:95:4c:60:bf:5e:7b:ab:
21:3d:82:08:e9:58:59:9d:dd:3c:36:f0:81:ae:75:96:ec:b6:
5d:b3:18:fa:5b:d7:5f:b0:f3:1e:cd:4b:a3:a4:da:29:65:a9:
25:60:8a:57:99:11:ef:c2:90:d9:8a:cc:1a:51:e0:02:37:c3:
7d:54:73:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoPTHnyPFCTC9VW2ilBm9e6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMGRhZDFiZjE4MjE1YTJmYTgwODY5MWE3YmM1ZjllNzAy
Zjk5ZTIwHhcNMjMwODE5MTkzNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTE4NTk2MTRhZjlkNjdjNmU2OThmOTBkZjdlODk4YzM2NjZjZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvlIPtb2aADVWU1+SuySEmysVQ8+
cbzO6/Yv6csH9qz96q8aBWqFOUJPZJPJAfGIKL6/CK3aEoNtZWJAb4aM04qCWK7k
QsRfyi8uOi+kXaLqs46Z7/EuWwjbQBdwfq4RWlMIRO6Lyvjlg1q1o+2tTMCklwf4
wPWNSV1PcAubAAClAqfcT3ENRy3Af8D5leRQbbF53V2oi9ZYOn0A1n6jNPOBppZV
TxkUvhoQnL/h2Yecmt835HxvZn4S7N2IYYFLwZJ5dapcC9WYwgjkoJoS/rFvDAD2
MhIHiVi6DbHGZ5IzedrXPs1eBWJpd2zVb0iOVGVA3opNbAHAHfURiC0DXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPEYWWFK+dZ8bmmPkN9+iYw2Zs9RMB8GA1UdIwQY
MBaAFEwNrRvxghWi+oCGkae8X55wL5niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEEydEdfR0NGYUw2Z0lhUnA3eGZubkF2bWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84ZjdhZTMtOGU1ZS00ZjA2LTk4MjQt
Yzg2OWQ3NjkxYjMyLzEvOFJoWllVcjUxbnh1YVktUTMzNkpqRFptejFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84ZjdhZTMtOGU1ZS00ZjA2LTk4MjQtYzg2OWQ3NjkxYjMy
LzEvVEEydEdfR0NGYUw2Z0lhUnA3eGZubkF2bWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXPMMA0E
AgACMAcDBQMqEvKAMA0GCSqGSIb3DQEBCwUAA4IBAQAOW5TOHUCRQELzt57y+XQ9
3r036xDHwGP5kJsr2Kb4BAy7F+co7hlzkJEnjHwFkUv6ctn/oyuWqy/isdGq1qk6
V/Mxztv/T5zwaO1htCvQbXQJ2ghdRt0p/jQt6Sc9aLN0i5PE1Pg+LUQwqM6jCXre
MEXqnq5kHOxk8AP5a87Y5lTJmaMT2arQimIwJSu4KZ6c49t2k4T/vN4n0FfQI7YY
v6rM4aBMlJKrN9Vw2BwMmgXcMddl7bsHxurwZooSWZVMYL9ee6shPYII6VhZnd08
NvCBrnWW7LZdsxj6W9dfsPMezUujpNopZaklYIpXmRHvwpDZiswaUeACN8N9VHNd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:08 2024 by rpki-client on console-fra.rpki-client.org