Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/bAY0JttdkDTOZQCMfqjxihJ11QE.roa
File: bAY0JttdkDTOZQCMfqjxihJ11QE.roa (raw, json)
Hash identifier: 4LDZRGO2u34z0HIvO50FjG7iI/ensh3rRTw8pJwBMlQ=
Subject key identifier: 6C:06:34:26:DB:5D:90:34:CE:65:00:8C:7E:A8:F1:8A:12:75:D5:01
Certificate issuer: /CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Certificate serial: 11B26D82
Authority key identifier: 81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/bAY0JttdkDTOZQCMfqjxihJ11QE.roa
Signing time: Mon 28 Mar 2022 18:00:22 +0000
ROA not before: Mon 28 Mar 2022 18:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43402
IP address blocks: 83.142.240.0/21 maxlen: 24
95.131.160.0/21 maxlen: 21
95.131.166.0/24 maxlen: 24
95.131.167.0/24 maxlen: 24
185.127.144.0/22 maxlen: 22
185.127.144.0/23 maxlen: 23
2a03:62c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296906114 (0x11b26d82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Validity
Not Before: Mar 28 18:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c063426db5d9034ce65008c7ea8f18a1275d501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:88:0f:73:cf:e9:b7:cf:a2:8e:1d:42:58:9e:
0a:29:41:eb:2d:a1:8a:64:56:42:26:dd:0f:ee:72:
5a:88:e7:5c:16:62:66:06:00:aa:4d:22:a5:c5:81:
9b:25:7b:cd:e6:6a:49:af:a5:18:88:95:5c:e5:48:
e8:c8:80:4b:83:d0:34:75:11:4c:db:0d:af:82:15:
ba:dd:ca:21:cc:65:25:24:2d:28:50:d4:0c:27:0d:
36:2b:c4:fc:6f:24:37:c9:e1:9c:a9:54:1a:13:38:
2a:44:93:72:16:ce:95:eb:c3:c5:33:d4:ed:f3:64:
c9:4e:79:44:68:08:e4:b4:74:3f:e4:d1:65:66:48:
ef:df:1a:f2:27:b7:c7:f4:2f:08:2e:d6:af:64:b4:
9a:56:b5:c5:74:92:15:ff:08:c8:f9:98:52:63:62:
07:99:63:a3:4f:c6:0a:56:5a:2e:ef:36:ff:f2:bd:
a4:29:96:17:7a:af:fe:64:0d:f4:21:e6:13:a9:41:
0b:a2:7d:c1:4c:59:ea:a5:70:36:33:07:0f:d1:71:
6f:1e:1c:f1:2f:16:80:bd:67:7c:32:4d:01:c2:47:
15:81:b6:b3:04:f8:d1:64:35:32:27:16:06:38:48:
08:7e:0b:ca:f9:58:c8:3b:c4:7b:ac:19:84:51:c9:
a7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:06:34:26:DB:5D:90:34:CE:65:00:8C:7E:A8:F1:8A:12:75:D5:01
X509v3 Authority Key Identifier:
keyid:81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/bAY0JttdkDTOZQCMfqjxihJ11QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/gQLT4NXyHscsdFcxpkH7eQN4feA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.240.0/21
95.131.160.0/21
185.127.144.0/22
IPv6:
2a03:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
33:8f:79:b9:b1:31:15:45:cb:13:87:93:28:df:9e:f8:a8:87:
ad:46:39:c3:a1:98:27:a7:43:ee:82:46:78:71:e4:fc:86:97:
7b:92:28:e7:d7:af:eb:8b:cf:61:8b:2c:0f:79:da:97:52:f2:
ec:34:f0:b4:90:5d:55:f3:cc:0f:d8:4f:db:73:f7:2b:09:81:
13:ad:47:0a:26:77:25:ef:30:68:49:37:66:33:71:e9:64:6d:
64:58:36:7f:e0:2d:d7:d4:76:f7:3c:04:59:98:e8:5c:d7:3d:
07:1d:52:f3:15:72:9d:f6:ee:aa:49:3c:23:aa:5d:48:db:49:
1d:58:61:24:76:8c:d1:a3:5d:bb:73:60:96:b6:6c:32:2e:6a:
64:1d:83:76:6b:39:8d:1a:fe:5f:9a:76:74:65:87:51:d8:46:
8a:92:ed:18:67:59:f4:2c:21:05:67:67:6e:3d:1d:9b:11:ee:
a6:b1:f9:d3:ec:36:f5:e6:d9:51:b9:b2:b9:bf:f6:b8:4c:cc:
26:37:ef:6f:33:45:a4:81:68:16:e2:a2:9a:c0:3f:a4:c4:39:
ed:64:90:5b:c2:5f:2b:ea:65:e0:f5:0d:86:08:84:00:b4:1a:
81:8e:d7:e8:a0:a3:a4:74:a1:bd:0b:36:d7:c1:4f:76:39:82:
cf:7e:72:5b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEbJtgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTAyZDNlMGQ1ZjIxZWM3MmM3NDU3MzFhNjQxZmI3OTAzNzg3ZGUwMB4XDTIyMDMy
ODE4MDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMwNjM0MjZkYjVk
OTAzNGNlNjUwMDhjN2VhOGYxOGExMjc1ZDUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOID3PP6bfPoo4dQlieCilB6y2himRWQibdD+5yWojnXBZi
ZgYAqk0ipcWBmyV7zeZqSa+lGIiVXOVI6MiAS4PQNHURTNsNr4IVut3KIcxlJSQt
KFDUDCcNNivE/G8kN8nhnKlUGhM4KkSTchbOlevDxTPU7fNkyU55RGgI5LR0P+TR
ZWZI798a8ie3x/QvCC7Wr2S0mla1xXSSFf8IyPmYUmNiB5ljo0/GClZaLu82//K9
pCmWF3qv/mQN9CHmE6lBC6J9wUxZ6qVwNjMHD9Fxbx4c8S8WgL1nfDJNAcJHFYG2
swT40WQ1MicWBjhICH4LyvlYyDvEe6wZhFHJp7MCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRsBjQm212QNM5lAIx+qPGKEnXVATAfBgNVHSMEGDAWgBSBAtPg1fIexyx0
VzGmQft5A3h94DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRTFQ0Tlh5SHNjc2RGY3hwa0g3ZVFONGZlQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8x
L2JBWTBKdHRka0RUT1pRQ01mcWp4aWhKMTFRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8xL2dRTFQ0Tlh5SHNj
c2RGY3hwa0g3ZVFONGZlQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1OO8AMEA1+DoAMEArl/kDANBAIA
AjAHAwUAKgNiwDANBgkqhkiG9w0BAQsFAAOCAQEAM495ubExFUXLE4eTKN+e+KiH
rUY5w6GYJ6dD7oJGeHHk/IaXe5Io59ev64vPYYssD3nal1Ly7DTwtJBdVfPMD9hP
23P3KwmBE61HCiZ3Je8waEk3ZjNx6WRtZFg2f+At19R29zwEWZjoXNc9Bx1S8xVy
nfbuqkk8I6pdSNtJHVhhJHaM0aNdu3NglrZsMi5qZB2Ddms5jRr+X5p2dGWHUdhG
ipLtGGdZ9CwhBWdnbj0dmxHuprH50+w29ebZUbmyub/2uEzMJjfvbzNFpIFoFuKi
msA/pMQ57WSQW8JfK+pl4PUNhgiEALQagY7X6KCjpHShvQs218FPdjmCz35yWw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:43 2024 by rpki-client on console-ams.rpki-client.org