Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/vrStq1IHgkcHs3hM2xSTWLSplOU.roa
File: vrStq1IHgkcHs3hM2xSTWLSplOU.roa (raw, json)
Hash identifier: 6S4bGPt9aOJdMn+5v0WlDLw0uma0lIeCZioD52r13J0=
Subject key identifier: BE:B4:AD:AB:52:07:82:47:07:B3:78:4C:DB:14:93:58:B4:A9:94:E5
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 0181D54BE386B2B7365DDF26DF43100F8599
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/vrStq1IHgkcHs3hM2xSTWLSplOU.roa
Signing time: Wed 06 Jul 2022 20:55:29 +0000
ROA not before: Wed 06 Jul 2022 20:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d5:4b:e3:86:b2:b7:36:5d:df:26:df:43:10:0f:85:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jul 6 20:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=beb4adab5207824707b3784cdb149358b4a994e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:58:52:4c:f0:ae:5e:4e:5c:04:03:3b:b1:01:
a3:84:8e:cd:e4:5e:4b:ab:2b:f9:2c:4c:c0:57:e6:
a5:5d:a9:95:ce:1e:c9:48:79:a5:fb:37:c4:6f:95:
8b:d8:0e:fc:86:58:41:ab:1c:f6:82:16:80:cf:da:
b1:be:35:6e:06:42:c2:6a:ae:d5:7d:17:7a:6d:42:
44:d4:51:91:d9:b9:15:26:79:cf:0f:33:d7:d3:ff:
b4:37:e9:4e:26:bd:dc:be:03:b7:08:e9:e3:65:99:
69:46:8a:22:ae:b0:d5:d6:57:9d:f1:44:25:da:02:
73:01:7f:9f:29:e9:22:e8:42:6f:1f:07:9a:e3:83:
c6:ad:1d:c2:9e:ba:d1:cc:86:2b:e3:7b:2e:90:06:
cd:2a:62:14:4b:bf:5d:31:28:0d:12:8d:f6:44:07:
de:78:81:0d:f3:ef:b0:d0:54:89:b6:d7:56:a4:fb:
19:27:27:9d:e2:5a:3d:80:99:ee:5a:7d:30:37:b0:
7e:5e:11:c8:10:9f:ed:4c:60:d7:b3:84:36:0a:a3:
9a:5a:9d:58:0a:e4:50:40:cd:70:9f:a5:67:b4:f3:
25:71:1b:fa:5c:ec:c3:2f:45:9b:9a:b2:c2:c1:9c:
cf:2a:6e:7b:de:01:22:81:a5:5a:01:21:67:21:ab:
f2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B4:AD:AB:52:07:82:47:07:B3:78:4C:DB:14:93:58:B4:A9:94:E5
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/vrStq1IHgkcHs3hM2xSTWLSplOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.64.0/22
176.118.188.0/23
185.177.76.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:52:70:bd:fb:12:d9:ef:b0:5d:cb:dc:30:7a:ea:40:eb:12:
49:03:43:2f:7d:10:40:6e:f9:3c:19:36:14:ed:0c:ba:25:9c:
ca:bd:16:b0:8b:9f:2c:56:36:bb:49:e3:5e:d2:06:e4:be:0d:
1e:45:c4:f7:60:7e:68:f0:a2:69:c5:10:29:ad:92:ea:5a:ba:
8e:0f:db:22:55:d5:71:34:38:e6:8a:30:65:18:16:90:40:b9:
cc:9e:a8:2f:66:88:ef:7d:03:3b:e9:f2:8b:46:8d:21:be:eb:
81:68:bf:9a:34:77:c5:5c:15:9c:46:03:15:5f:6b:4f:3b:2c:
0d:ed:3e:ba:c4:10:11:c9:a2:5e:34:88:96:c8:40:6c:8e:12:
25:1c:ba:88:26:84:78:f7:24:af:ae:7a:3b:99:26:f0:7c:7f:
87:06:c9:7c:c5:b3:92:15:ce:a8:e5:55:46:d7:bd:3f:81:69:
b4:97:ae:8a:6a:65:31:31:32:18:5b:8d:a4:d1:bd:59:6f:71:
c5:58:35:1d:72:9c:e6:77:c5:d8:45:9b:3c:dd:80:4c:49:ce:
c3:70:21:15:71:9f:62:74:1e:48:c8:a8:5f:b4:3b:80:84:10:
f8:4e:88:8f:89:06:2f:eb:5a:68:7e:a8:a0:ce:58:39:5b:e1:
1b:e4:f7:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHVS+OGsrc2Xd8m30MQD4WZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjIwNzA2MjA1NTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWI0YWRhYjUyMDc4MjQ3MDdiMzc4NGNkYjE0OTM1OGI0YTk5NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolhSTPCuXk5cBAM7sQGjhI7N5F5L
qyv5LEzAV+alXamVzh7JSHml+zfEb5WL2A78hlhBqxz2ghaAz9qxvjVuBkLCaq7V
fRd6bUJE1FGR2bkVJnnPDzPX0/+0N+lOJr3cvgO3COnjZZlpRooirrDV1led8UQl
2gJzAX+fKeki6EJvHwea44PGrR3CnrrRzIYr43sukAbNKmIUS79dMSgNEo32RAfe
eIEN8++w0FSJttdWpPsZJyed4lo9gJnuWn0wN7B+XhHIEJ/tTGDXs4Q2CqOaWp1Y
CuRQQM1wn6VntPMlcRv6XOzDL0WbmrLCwZzPKm573gEigaVaASFnIavy/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL60ratSB4JHB7N4TNsUk1i0qZTlMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvdnJTdHExSUhna2NIczNoTTJ4U1RXTFNwbE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVPxAAwQB
sHa8AwQBubFMMA0GCSqGSIb3DQEBCwUAA4IBAQA9UnC9+xLZ77Bdy9wweupA6xJJ
A0MvfRBAbvk8GTYU7Qy6JZzKvRawi58sVja7SeNe0gbkvg0eRcT3YH5o8KJpxRAp
rZLqWrqOD9siVdVxNDjmijBlGBaQQLnMnqgvZojvfQM76fKLRo0hvuuBaL+aNHfF
XBWcRgMVX2tPOywN7T66xBARyaJeNIiWyEBsjhIlHLqIJoR49ySvrno7mSbwfH+H
Bsl8xbOSFc6o5VVG170/gWm0l66KamUxMTIYW42k0b1Zb3HFWDUdcpzmd8XYRZs8
3YBMSc7DcCEVcZ9idB5IyKhftDuAhBD4ToiPiQYv61pofqigzlg5W+Eb5Pcz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:44 2024 by rpki-client on console-ams.rpki-client.org