Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/gJhAb1MLnmNyczqZr1APrAqn-2Q.roa
File: gJhAb1MLnmNyczqZr1APrAqn-2Q.roa (raw, json)
Hash identifier: d/sDEXrX6u+SSdz+/39ELWI4Y7AHuXX3bJ4EOXiD39Y=
Subject key identifier: 80:98:40:6F:53:0B:9E:63:72:73:3A:99:AF:50:0F:AC:0A:A7:FB:64
Certificate issuer: /CN=4b0f3a6bea15f2cfdaaf11e526178af6a0811acf
Certificate serial: 018CC9BC18D501BC3CE10BA309F29D3F5ACE
Authority key identifier: 4B:0F:3A:6B:EA:15:F2:CF:DA:AF:11:E5:26:17:8A:F6:A0:81:1A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sw86a-oV8s_arxHlJheK9qCBGs8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/gJhAb1MLnmNyczqZr1APrAqn-2Q.roa
Signing time: Tue 02 Jan 2024 10:33:16 +0000
ROA not before: Tue 02 Jan 2024 10:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 194.110.27.0/24 maxlen: 24
194.110.30.0/24 maxlen: 24
194.110.72.0/24 maxlen: 24
194.110.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:18:d5:01:bc:3c:e1:0b:a3:09:f2:9d:3f:5a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b0f3a6bea15f2cfdaaf11e526178af6a0811acf
Validity
Not Before: Jan 2 10:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8098406f530b9e6372733a99af500fac0aa7fb64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:86:ff:63:11:81:cd:58:6c:bc:76:0b:8a:73:
91:bf:7d:0f:96:f6:ca:fd:29:6e:b6:35:3a:79:20:
0e:29:aa:57:52:b9:97:44:5e:b9:e4:24:8c:a4:27:
34:ee:6e:0c:82:60:37:6d:5b:fb:57:da:f3:a4:a6:
65:ba:75:f7:39:2a:7d:ce:18:71:3b:f6:58:5f:cf:
76:29:92:0b:f6:46:03:b4:22:f2:5d:00:2e:24:08:
ca:57:b8:ce:01:f3:dc:e7:5b:58:13:78:89:23:99:
b6:30:34:11:18:7e:77:1b:b9:cf:e3:8f:52:c8:b7:
9b:03:8c:4c:df:52:ad:7a:52:a0:ef:d4:0f:90:c5:
f8:e6:ac:5c:ea:0c:59:4d:16:ad:f4:79:0e:05:41:
b6:8f:51:8a:b5:a6:4b:aa:e3:a1:43:fb:35:bb:2e:
86:cc:5b:e6:18:dc:8d:e4:79:30:88:21:07:c2:e4:
4c:95:6b:66:53:bc:50:3e:20:aa:d0:4d:b0:ca:c7:
a9:03:05:b8:c7:c3:42:43:63:c1:dd:8d:4d:3b:5b:
07:c1:30:7d:d1:ac:c5:c7:3a:63:02:f4:e7:11:4c:
3a:c6:da:fa:9d:cc:dc:6f:fc:25:af:cd:e8:07:43:
80:13:a3:c4:97:9e:d5:5a:b6:11:a4:33:ba:13:0c:
65:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:98:40:6F:53:0B:9E:63:72:73:3A:99:AF:50:0F:AC:0A:A7:FB:64
X509v3 Authority Key Identifier:
keyid:4B:0F:3A:6B:EA:15:F2:CF:DA:AF:11:E5:26:17:8A:F6:A0:81:1A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sw86a-oV8s_arxHlJheK9qCBGs8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/gJhAb1MLnmNyczqZr1APrAqn-2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4688ad-feb0-4777-94d7-fff1b3a1e9ea/1/Sw86a-oV8s_arxHlJheK9qCBGs8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.22.0/24
194.110.27.0/24
194.110.30.0/24
194.110.72.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:49:67:96:2f:b0:8d:4f:b0:bc:d7:cf:f3:21:97:2d:0d:47:
90:95:ba:55:36:0c:86:9f:8d:a7:cc:04:3f:ae:fb:ae:be:e6:
97:6b:e0:0f:16:b6:72:8a:82:2a:07:ac:0e:16:2a:90:8f:47:
59:0f:e1:69:ff:85:61:01:87:5a:fb:eb:6d:d6:ba:a8:ae:43:
ef:34:e1:db:ca:1b:c5:e6:67:cc:20:4c:00:41:3b:aa:c0:fe:
44:1b:10:c7:cc:2b:c4:23:30:b4:f0:3b:80:09:bd:a9:35:4d:
88:a6:46:33:6b:ff:dc:b6:68:23:f2:98:e2:f5:12:95:e3:bd:
ba:72:b4:f6:de:91:13:3d:7d:03:65:c9:21:6b:b8:c1:4e:67:
a4:f9:9f:6c:e0:80:1b:d6:bc:ab:27:57:f3:c0:9e:04:6f:0b:
28:82:42:16:80:55:9e:3d:49:cf:2e:43:51:99:d3:3e:9a:84:
cc:03:40:11:80:6f:20:ee:fc:e8:fb:8f:01:74:bd:7a:4c:2a:
f6:a5:34:2c:ec:be:56:32:e5:e1:0d:30:8b:0a:18:7e:95:fd:
a2:8c:11:92:90:34:05:c1:d1:4b:31:c7:9e:83:86:c9:cc:45:
15:1c:9e:0b:15:2e:b5:4c:1f:c7:84:00:eb:b9:b1:10:45:e8:
27:d5:46:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvBjVAbw84QujCfKdP1rOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMGYzYTZiZWExNWYyY2ZkYWFmMTFlNTI2MTc4YWY2YTA4
MTFhY2YwHhcNMjQwMTAyMTAzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDk4NDA2ZjUzMGI5ZTYzNzI3MzNhOTlhZjUwMGZhYzBhYTdmYjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIb/YxGBzVhsvHYLinORv30PlvbK
/SlutjU6eSAOKapXUrmXRF655CSMpCc07m4MgmA3bVv7V9rzpKZlunX3OSp9zhhx
O/ZYX892KZIL9kYDtCLyXQAuJAjKV7jOAfPc51tYE3iJI5m2MDQRGH53G7nP449S
yLebA4xM31KtelKg79QPkMX45qxc6gxZTRat9HkOBUG2j1GKtaZLquOhQ/s1uy6G
zFvmGNyN5HkwiCEHwuRMlWtmU7xQPiCq0E2wysepAwW4x8NCQ2PB3Y1NO1sHwTB9
0azFxzpjAvTnEUw6xtr6nczcb/wlr83oB0OAE6PEl57VWrYRpDO6Ewxl6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFICYQG9TC55jcnM6ma9QD6wKp/tkMB8GA1UdIwQY
MBaAFEsPOmvqFfLP2q8R5SYXivaggRrPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3c4NmEtb1Y4c19hcnhIbEpoZUs5cUNCR3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80Njg4YWQtZmViMC00Nzc3LTk0ZDct
ZmZmMWIzYTFlOWVhLzEvZ0poQWIxTUxubU55Y3pxWnIxQVByQXFuLTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80Njg4YWQtZmViMC00Nzc3LTk0ZDctZmZmMWIzYTFlOWVh
LzEvU3c4NmEtb1Y4c19hcnhIbEpoZUs5cUNCR3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwm4WAwQA
wm4bAwQAwm4eAwQAwm5IMA0GCSqGSIb3DQEBCwUAA4IBAQCKSWeWL7CNT7C818/z
IZctDUeQlbpVNgyGn42nzAQ/rvuuvuaXa+APFrZyioIqB6wOFiqQj0dZD+Fp/4Vh
AYda++tt1rqorkPvNOHbyhvF5mfMIEwAQTuqwP5EGxDHzCvEIzC08DuACb2pNU2I
pkYza//ctmgj8pji9RKV4726crT23pETPX0DZckha7jBTmek+Z9s4IAb1ryrJ1fz
wJ4EbwsogkIWgFWePUnPLkNRmdM+moTMA0ARgG8g7vzo+48BdL16TCr2pTQs7L5W
MuXhDTCLChh+lf2ijBGSkDQFwdFLMceeg4bJzEUVHJ4LFS61TB/HhADrubEQRegn
1Ubo
-----END CERTIFICATE-----
Generated at Mon Sep 9 15:05:14 2024 by rpki-client on console-ams.rpki-client.org