Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/rOvCBRBnWsYbbtF8_BT3NxDa_DQ.roa
File: rOvCBRBnWsYbbtF8_BT3NxDa_DQ.roa (raw, json)
Hash identifier: ta4xbCPIB56EgrT8evJVXkIfF3j7IVerdurKNJeuObU=
Subject key identifier: AC:EB:C2:05:10:67:5A:C6:1B:6E:D1:7C:FC:14:F7:37:10:DA:FC:34
Certificate issuer: /CN=7f65bff64d8a87977e334d89c4e38c0d1095af63
Certificate serial: 018CFD0A9ECF1327D6F3F490ADD985FFC0D9
Authority key identifier: 7F:65:BF:F6:4D:8A:87:97:7E:33:4D:89:C4:E3:8C:0D:10:95:AF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2W_9k2Kh5d-M02JxOOMDRCVr2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/rOvCBRBnWsYbbtF8_BT3NxDa_DQ.roa
Signing time: Fri 12 Jan 2024 09:39:40 +0000
ROA not before: Fri 12 Jan 2024 09:39:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201730
IP address blocks: 185.138.244.0/22 maxlen: 22
185.138.244.0/24 maxlen: 24
185.138.245.0/24 maxlen: 24
185.138.246.0/24 maxlen: 24
185.138.247.0/24 maxlen: 24
185.146.148.0/24 maxlen: 24
185.146.149.0/24 maxlen: 24
185.146.150.0/24 maxlen: 24
185.146.148.0/22 maxlen: 22
185.146.151.0/24 maxlen: 24
185.78.100.0/24 maxlen: 24
185.78.101.0/24 maxlen: 24
185.78.102.0/24 maxlen: 24
185.78.103.0/24 maxlen: 24
185.78.100.0/22 maxlen: 22
194.169.252.0/24 maxlen: 24
37.221.88.0/22 maxlen: 24
185.65.92.0/24 maxlen: 24
185.65.93.0/24 maxlen: 24
185.65.92.0/22 maxlen: 22
185.65.94.0/24 maxlen: 24
185.65.95.0/24 maxlen: 24
2a05:5fc1::/32 maxlen: 32
2a03:1aa0::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fd:0a:9e:cf:13:27:d6:f3:f4:90:ad:d9:85:ff:c0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f65bff64d8a87977e334d89c4e38c0d1095af63
Validity
Not Before: Jan 12 09:39:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acebc20510675ac61b6ed17cfc14f73710dafc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e6:c4:f4:9a:7d:06:60:f1:21:9d:55:90:20:
04:fa:ab:2b:f0:d5:9c:95:18:9d:a1:ee:69:74:38:
c5:25:66:e7:94:f8:d1:6d:2f:02:7f:66:c2:6c:f7:
84:73:7d:9e:5c:b1:25:6b:36:7f:59:36:1c:e9:8b:
f9:cb:0b:37:b1:aa:44:05:0b:80:b5:a3:78:38:c9:
8f:83:2e:f4:ce:fb:d9:22:ac:15:ad:b2:23:bc:84:
f7:5a:02:e5:be:59:97:74:55:26:d8:18:6b:b3:76:
84:2e:8d:88:6a:0c:0e:37:1e:a1:3e:87:4c:0b:ed:
60:ed:d1:f5:16:5a:24:9b:d7:23:8d:e6:df:11:77:
c4:a8:7c:35:ab:82:9a:20:f2:f9:0c:e0:c2:dd:b3:
a8:5a:c7:8a:8b:9c:95:d8:ec:aa:21:3f:12:fa:ed:
01:09:21:62:57:c7:e8:65:2d:16:4b:4c:44:d8:99:
ae:37:c8:b9:bb:ba:4f:a8:47:44:63:13:64:ba:e7:
08:05:0a:29:2e:23:40:b9:da:64:b9:69:68:8c:12:
0c:2a:a1:ac:81:47:b9:dc:25:52:62:ed:47:61:fd:
22:d7:17:a6:89:d0:97:0a:7d:bb:40:be:8a:3a:8c:
83:aa:62:9b:d3:aa:71:52:57:9c:ac:29:1e:fe:89:
60:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EB:C2:05:10:67:5A:C6:1B:6E:D1:7C:FC:14:F7:37:10:DA:FC:34
X509v3 Authority Key Identifier:
keyid:7F:65:BF:F6:4D:8A:87:97:7E:33:4D:89:C4:E3:8C:0D:10:95:AF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2W_9k2Kh5d-M02JxOOMDRCVr2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/rOvCBRBnWsYbbtF8_BT3NxDa_DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3a803c-872d-4927-afa7-15374177739d/1/f2W_9k2Kh5d-M02JxOOMDRCVr2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.88.0/22
185.65.92.0/22
185.78.100.0/22
185.138.244.0/22
185.146.148.0/22
194.169.252.0/24
IPv6:
2a03:1aa0::/32
2a05:5fc1::/32
Signature Algorithm: sha256WithRSAEncryption
48:55:ac:03:e9:47:55:13:ee:fc:86:4e:e5:bb:f7:1a:91:06:
b5:88:45:8b:9c:19:a8:b3:b8:d8:c9:05:80:b3:a3:63:7b:48:
5e:cd:63:56:12:0d:0e:5f:4b:87:9f:f2:05:c1:4a:de:f0:1f:
8a:23:dc:a8:a9:bd:ce:47:f6:80:8e:76:82:98:79:5f:2e:0c:
56:8c:48:89:02:c1:66:6e:46:63:a2:3a:60:ea:9b:ab:a1:24:
7b:01:92:80:41:25:6b:5c:74:e5:b7:fe:13:ff:4a:04:33:23:
cb:c3:51:58:22:67:25:d3:80:e7:99:12:65:30:73:ed:b6:e5:
87:d8:22:af:3b:11:3b:9e:86:fa:94:78:b6:33:02:d5:f0:f4:
de:ae:31:97:5a:08:cd:48:8a:ae:f1:32:b1:9c:84:c6:27:db:
0d:20:94:97:71:a6:fe:b7:e6:45:c4:84:2b:c8:f7:26:20:7e:
c2:1c:dd:ee:70:ee:6f:1b:94:f5:3d:be:93:a2:84:ac:84:b5:
c0:38:76:8f:27:3a:fc:31:ec:8c:a0:f9:ff:54:9e:b7:3a:ef:
e9:5c:be:05:d8:21:12:e2:7a:e2:bb:da:b4:76:d1:33:7c:65:
9f:e4:ce:f4:00:56:5c:15:0b:a9:fe:ed:1e:c7:94:67:f0:24:
42:a2:91:de
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYz9Cp7PEyfW8/SQrdmF/8DZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNjViZmY2NGQ4YTg3OTc3ZTMzNGQ4OWM0ZTM4YzBkMTA5
NWFmNjMwHhcNMjQwMTEyMDkzOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ViYzIwNTEwNjc1YWM2MWI2ZWQxN2NmYzE0ZjczNzEwZGFmYzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+bE9Jp9BmDxIZ1VkCAE+qsr8NWc
lRidoe5pdDjFJWbnlPjRbS8Cf2bCbPeEc32eXLElazZ/WTYc6Yv5yws3sapEBQuA
taN4OMmPgy70zvvZIqwVrbIjvIT3WgLlvlmXdFUm2Bhrs3aELo2IagwONx6hPodM
C+1g7dH1Flokm9cjjebfEXfEqHw1q4KaIPL5DODC3bOoWseKi5yV2OyqIT8S+u0B
CSFiV8foZS0WS0xE2JmuN8i5u7pPqEdEYxNkuucIBQopLiNAudpkuWlojBIMKqGs
gUe53CVSYu1HYf0i1xemidCXCn27QL6KOoyDqmKb06pxUlecrCke/olgjQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKzrwgUQZ1rGG27RfPwU9zcQ2vw0MB8GA1UdIwQY
MBaAFH9lv/ZNioeXfjNNicTjjA0Qla9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjJXXzlrMktoNWQtTTAySnhPT01EUkNWcjJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zYTgwM2MtODcyZC00OTI3LWFmYTct
MTUzNzQxNzc3MzlkLzEvck92Q0JSQm5Xc1liYnRGOF9CVDNOeERhX0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zYTgwM2MtODcyZC00OTI3LWFmYTctMTUzNzQxNzc3Mzlk
LzEvZjJXXzlrMktoNWQtTTAySnhPT01EUkNWcjJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCJd1YAwQC
uUFcAwQCuU5kAwQCuYr0AwQCuZKUAwQAwqn8MBQEAgACMA4DBQAqAxqgAwUAKgVf
wTANBgkqhkiG9w0BAQsFAAOCAQEASFWsA+lHVRPu/IZO5bv3GpEGtYhFi5wZqLO4
2MkFgLOjY3tIXs1jVhINDl9Lh5/yBcFK3vAfiiPcqKm9zkf2gI52gph5Xy4MVoxI
iQLBZm5GY6I6YOqbq6EkewGSgEEla1x05bf+E/9KBDMjy8NRWCJnJdOA55kSZTBz
7bblh9girzsRO56G+pR4tjMC1fD03q4xl1oIzUiKrvEysZyExifbDSCUl3Gm/rfm
RcSEK8j3JiB+whzd7nDubxuU9T2+k6KErIS1wDh2jyc6/DHsjKD5/1Setzrv6Vy+
BdghEuJ64rvatHbRM3xln+TO9ABWXBULqf7tHseUZ/AkQqKR3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:23 2024 by rpki-client on console-fra.rpki-client.org