Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bbc08d-aa24-4750-b75a-a9f752d408ff/1/IiOfJyNzM2sN9qmCdAXfABxnLvk.roa
File: IiOfJyNzM2sN9qmCdAXfABxnLvk.roa (raw, json)
Hash identifier: Tf8Np6qQLWIL1BXEHVxKjWYxxTv7wjxpcvRXNIq5JDo=
Subject key identifier: 22:23:9F:27:23:73:33:6B:0D:F6:A9:82:74:05:DF:00:1C:67:2E:F9
Certificate issuer: /CN=2a7166bde0d13beba0346454f31dc8a12b8429fd
Certificate serial: 01877AA847E8A2C2AADF74DDEF9693B95077
Authority key identifier: 2A:71:66:BD:E0:D1:3B:EB:A0:34:64:54:F3:1D:C8:A1:2B:84:29:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KnFmveDRO-ugNGRU8x3IoSuEKf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/bbc08d-aa24-4750-b75a-a9f752d408ff/1/IiOfJyNzM2sN9qmCdAXfABxnLvk.roa
Signing time: Thu 13 Apr 2023 12:47:41 +0000
ROA not before: Thu 13 Apr 2023 12:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205741
IP address blocks: 185.235.58.0/24 maxlen: 24
185.235.57.0/24 maxlen: 24
185.235.56.0/24 maxlen: 24
185.235.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:a8:47:e8:a2:c2:aa:df:74:dd:ef:96:93:b9:50:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a7166bde0d13beba0346454f31dc8a12b8429fd
Validity
Not Before: Apr 13 12:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22239f272373336b0df6a9827405df001c672ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d4:15:12:cc:87:85:41:d7:ed:8c:ef:ec:ee:
96:7a:56:e7:6a:d0:88:d6:06:5d:5c:b6:7a:b8:53:
07:01:72:b9:56:65:75:4c:cc:52:da:c7:0a:11:ae:
99:15:52:11:fe:97:43:ae:60:8f:eb:7c:05:4b:27:
5f:27:83:05:59:c6:a9:12:49:04:de:af:f5:f5:39:
5b:11:eb:da:25:fa:fc:88:86:d0:06:9b:6a:a1:16:
3e:3c:c5:8a:f0:b2:3a:58:dd:b0:38:3a:92:a7:7a:
2d:60:fe:a9:aa:ce:b4:d8:aa:8b:91:48:e1:96:04:
eb:b9:c5:c1:de:5a:bc:a7:0c:84:0b:76:a3:c4:4a:
2f:23:0a:84:9e:4e:d4:3d:e6:9e:a8:01:8a:53:e2:
29:be:ee:30:0e:ef:11:60:9d:53:e5:20:53:34:ce:
72:f3:84:e8:2b:f9:32:b4:5d:44:9f:b8:78:40:b5:
e5:d4:44:a2:68:58:b4:73:91:2e:a9:de:d6:07:4f:
c2:7d:67:80:d2:b1:f7:e1:08:46:c0:ce:d0:34:77:
fb:dc:11:f4:5d:e9:b0:4b:8c:1a:87:40:f7:b8:93:
7b:48:e8:41:51:ba:67:6a:25:af:74:e9:60:e2:03:
99:97:d9:1f:d9:af:e4:68:5f:6e:d6:c0:cb:74:32:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:23:9F:27:23:73:33:6B:0D:F6:A9:82:74:05:DF:00:1C:67:2E:F9
X509v3 Authority Key Identifier:
keyid:2A:71:66:BD:E0:D1:3B:EB:A0:34:64:54:F3:1D:C8:A1:2B:84:29:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KnFmveDRO-ugNGRU8x3IoSuEKf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bbc08d-aa24-4750-b75a-a9f752d408ff/1/IiOfJyNzM2sN9qmCdAXfABxnLvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bbc08d-aa24-4750-b75a-a9f752d408ff/1/KnFmveDRO-ugNGRU8x3IoSuEKf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.56.0/22
Signature Algorithm: sha256WithRSAEncryption
93:47:55:ed:f1:46:82:f9:e8:87:aa:30:11:71:ab:ea:b7:d8:
f4:66:74:62:73:48:42:75:f3:ae:5c:96:80:b5:62:f5:e3:2d:
9e:c8:85:65:c9:50:1f:11:4b:a9:7f:00:76:11:fa:98:17:6d:
fd:d5:5a:7e:95:c0:12:7d:b5:a0:d7:0a:13:e1:14:01:0f:61:
ea:90:6b:25:66:27:62:b2:27:cc:b2:67:40:02:c5:44:cd:ca:
6b:db:e8:0c:ad:ca:17:cf:17:38:2f:f4:83:e7:c2:d4:bc:83:
e2:88:c8:60:cb:75:a1:03:cb:a5:41:1d:69:b5:6e:0f:fb:be:
a6:3d:15:ec:04:0b:48:20:ba:6f:ef:7f:dd:c4:28:f3:20:6a:
e8:84:a3:3d:27:11:2c:60:6e:3e:64:94:a7:0d:27:51:44:56:
5b:99:49:86:c9:42:f9:80:60:02:39:68:09:42:89:18:e7:15:
df:7e:ab:12:c3:da:e1:a7:a8:e8:48:43:c0:3c:0f:1c:6a:ab:
83:72:72:08:94:82:3b:86:c0:c8:db:3c:eb:da:da:90:a5:30:
e9:46:13:00:e9:a0:4f:c2:4b:dc:bf:fd:db:9e:09:63:7e:8b:
83:6b:b1:b1:d4:56:e1:83:ae:3c:0f:ca:f5:23:5a:75:b3:53:
79:ec:c8:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6qEfoosKq33Td75aTuVB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNzE2NmJkZTBkMTNiZWJhMDM0NjQ1NGYzMWRjOGExMmI4
NDI5ZmQwHhcNMjMwNDEzMTI0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIzOWYyNzIzNzMzMzZiMGRmNmE5ODI3NDA1ZGYwMDFjNjcyZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9QVEsyHhUHX7Yzv7O6WelbnatCI
1gZdXLZ6uFMHAXK5VmV1TMxS2scKEa6ZFVIR/pdDrmCP63wFSydfJ4MFWcapEkkE
3q/19TlbEevaJfr8iIbQBptqoRY+PMWK8LI6WN2wODqSp3otYP6pqs602KqLkUjh
lgTrucXB3lq8pwyEC3ajxEovIwqEnk7UPeaeqAGKU+Ipvu4wDu8RYJ1T5SBTNM5y
84ToK/kytF1En7h4QLXl1ESiaFi0c5Euqd7WB0/CfWeA0rH34QhGwM7QNHf73BH0
XemwS4wah0D3uJN7SOhBUbpnaiWvdOlg4gOZl9kf2a/kaF9u1sDLdDIpXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIjnycjczNrDfapgnQF3wAcZy75MB8GA1UdIwQY
MBaAFCpxZr3g0TvroDRkVPMdyKErhCn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS25GbXZlRFJPLXVnTkdSVTh4M0lvU3VFS2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYmMwOGQtYWEyNC00NzUwLWI3NWEt
YTlmNzUyZDQwOGZmLzEvSWlPZkp5TnpNMnNOOXFtQ2RBWGZBQnhuTHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYmMwOGQtYWEyNC00NzUwLWI3NWEtYTlmNzUyZDQwOGZm
LzEvS25GbXZlRFJPLXVnTkdSVTh4M0lvU3VFS2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCues4MA0G
CSqGSIb3DQEBCwUAA4IBAQCTR1Xt8UaC+eiHqjARcavqt9j0ZnRic0hCdfOuXJaA
tWL14y2eyIVlyVAfEUupfwB2EfqYF2391Vp+lcASfbWg1woT4RQBD2HqkGslZidi
sifMsmdAAsVEzcpr2+gMrcoXzxc4L/SD58LUvIPiiMhgy3WhA8ulQR1ptW4P+76m
PRXsBAtIILpv73/dxCjzIGrohKM9JxEsYG4+ZJSnDSdRRFZbmUmGyUL5gGACOWgJ
QokY5xXffqsSw9rhp6joSEPAPA8caquDcnIIlII7hsDI2zzr2tqQpTDpRhMA6aBP
wkvcv/3bngljfouDa7Gx1Fbhg648D8r1I1p1s1N57Mjs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org