Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/qyjpRnyetUCJE6ujmIMOIse_yBE.roa
File: qyjpRnyetUCJE6ujmIMOIse_yBE.roa (raw, json)
Hash identifier: ihA1czap/pToCa/E69J6l8uxURW9GMuiaaocMqdRbkc=
Subject key identifier: AB:28:E9:46:7C:9E:B5:40:89:13:AB:A3:98:83:0E:22:C7:BF:C8:11
Certificate issuer: /CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Certificate serial: 01856F549C38E3755B4DCDAE792238D2D4DC
Authority key identifier: 05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/qyjpRnyetUCJE6ujmIMOIse_yBE.roa
Signing time: Sun 01 Jan 2023 21:54:53 +0000
ROA not before: Sun 01 Jan 2023 21:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35625
IP address blocks: 195.74.80.0/24 maxlen: 24
45.138.192.0/22 maxlen: 22
185.161.44.0/22 maxlen: 22
185.252.156.0/22 maxlen: 22
37.235.88.0/21 maxlen: 21
46.29.120.0/21 maxlen: 21
185.75.140.0/22 maxlen: 22
2a02:21c8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:9c:38:e3:75:5b:4d:cd:ae:79:22:38:d2:d4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Validity
Not Before: Jan 1 21:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab28e9467c9eb5408913aba398830e22c7bfc811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:97:5e:2b:6a:04:66:d6:e1:3b:15:55:e9:
79:7f:d2:b8:6f:32:b2:be:58:b5:0c:0a:93:7c:f1:
54:08:0e:2e:25:d8:6b:cc:4b:46:7d:4d:ca:9b:cc:
24:22:3a:41:6f:3b:23:7e:8c:41:84:f7:90:2f:99:
83:b3:74:4c:8b:56:4e:01:98:62:9a:0b:e0:ea:8d:
56:bd:ff:44:bf:32:94:2e:94:78:05:be:9c:3a:57:
18:d1:3d:87:cb:eb:ab:1d:f9:5a:d5:72:18:97:5c:
85:df:01:2c:c9:ae:91:57:3b:22:a2:a5:6c:b6:74:
62:1d:43:17:39:9d:50:69:b8:37:43:79:b7:15:8a:
35:e7:af:55:4e:84:b3:fb:8f:7f:c3:cd:34:d9:58:
3d:b1:8a:7c:4a:30:14:f0:72:1b:b6:40:d6:c8:be:
06:58:1a:ce:9c:e9:e8:d8:68:94:b7:5d:1c:25:f5:
3d:09:9e:b6:5b:dc:be:13:04:b8:35:fe:31:f7:4c:
25:ea:1f:a8:11:ab:12:50:b6:10:df:58:02:ba:e1:
85:f3:78:59:4d:6c:ca:f2:72:a1:95:8c:bc:c0:56:
e3:95:e4:58:5e:58:3f:34:47:37:b0:f0:5c:21:f2:
9a:f7:1f:d7:a6:a2:6e:36:aa:d4:47:82:6d:56:73:
7c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:28:E9:46:7C:9E:B5:40:89:13:AB:A3:98:83:0E:22:C7:BF:C8:11
X509v3 Authority Key Identifier:
keyid:05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/qyjpRnyetUCJE6ujmIMOIse_yBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.88.0/21
45.138.192.0/22
46.29.120.0/21
185.75.140.0/22
185.161.44.0/22
185.252.156.0/22
195.74.80.0/24
IPv6:
2a02:21c8::/32
Signature Algorithm: sha256WithRSAEncryption
d6:05:59:e6:24:da:ad:23:b3:5c:d3:bb:9c:d8:46:00:cc:1e:
e9:b4:1d:98:47:ce:f2:06:c3:b2:c6:d9:23:eb:ec:6d:e5:89:
c0:28:34:e1:3c:28:e7:80:17:70:fd:77:de:7c:c8:bc:43:6e:
d7:b7:2e:e2:dc:4d:85:f5:30:0e:6b:e6:28:20:29:78:cb:1f:
f4:ee:99:da:0e:33:ba:cd:61:6e:73:2f:f5:d8:30:d8:9d:af:
56:86:87:c5:a1:f4:12:e8:8e:51:a3:08:58:c5:28:2f:c2:2b:
54:22:73:59:eb:bf:66:3e:59:ff:cb:ee:ec:3b:e2:63:55:e7:
b8:83:80:b3:a2:35:e1:52:6d:63:0f:d2:b0:87:3d:a2:89:fd:
ab:45:ee:08:96:cf:6d:23:70:ab:23:90:92:92:e3:16:8d:7f:
e9:95:67:06:d0:c6:6f:14:46:e0:1b:53:3e:5b:e3:ac:45:f2:
0a:f6:4e:f8:e7:76:10:e0:52:d6:39:7c:37:3d:3e:75:4b:ec:
8b:f3:c8:34:2d:ed:f5:14:72:78:35:e6:7d:8d:47:7b:a7:fe:
6e:a3:a3:eb:70:5e:c9:1b:77:6f:04:1a:b1:1a:7c:53:0f:a5:
be:c3:9d:42:5f:63:bd:fa:6f:25:11:a6:db:26:a7:82:bb:73:
d6:8b:a7:0f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVvVJw443VbTc2ueSI40tTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZDY1ODU5NGI2NTM2NGIyYzJlNTZhNmE0NWViYjA2ODQ3
YjM4NDkwHhcNMjMwMTAxMjE1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjI4ZTk0NjdjOWViNTQwODkxM2FiYTM5ODgzMGUyMmM3YmZjODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR+XXitqBGbW4TsVVel5f9K4bzKy
vli1DAqTfPFUCA4uJdhrzEtGfU3Km8wkIjpBbzsjfoxBhPeQL5mDs3RMi1ZOAZhi
mgvg6o1Wvf9EvzKULpR4Bb6cOlcY0T2Hy+urHfla1XIYl1yF3wEsya6RVzsioqVs
tnRiHUMXOZ1Qabg3Q3m3FYo1569VToSz+49/w8002Vg9sYp8SjAU8HIbtkDWyL4G
WBrOnOno2GiUt10cJfU9CZ62W9y+EwS4Nf4x90wl6h+oEasSULYQ31gCuuGF83hZ
TWzK8nKhlYy8wFbjleRYXlg/NEc3sPBcIfKa9x/XpqJuNqrUR4JtVnN8TQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKso6UZ8nrVAiROro5iDDiLHv8gRMB8GA1UdIwQY
MBaAFAXWWFlLZTZLLC5WpqReuwaEezhJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRaWVdVdGxOa3NzTGxhbXBGNjdCb1I3T0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85YjFmOTUtM2IxOC00ODEyLTkyNGUt
N2JmZGE2MjU0NGNlLzEvcXlqcFJueWV0VUNKRTZ1am1JTU9Jc2VfeUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85YjFmOTUtM2IxOC00ODEyLTkyNGUtN2JmZGE2MjU0NGNl
LzEvQmRaWVdVdGxOa3NzTGxhbXBGNjdCb1I3T0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDJetYAwQC
LYrAAwQDLh14AwQCuUuMAwQCuaEsAwQCufycAwQAw0pQMA0EAgACMAcDBQAqAiHI
MA0GCSqGSIb3DQEBCwUAA4IBAQDWBVnmJNqtI7Nc07uc2EYAzB7ptB2YR87yBsOy
xtkj6+xt5YnAKDThPCjngBdw/XfefMi8Q27Xty7i3E2F9TAOa+YoICl4yx/07pna
DjO6zWFucy/12DDYna9WhofFofQS6I5RowhYxSgvwitUInNZ679mPln/y+7sO+Jj
Vee4g4CzojXhUm1jD9Kwhz2iif2rRe4Ils9tI3CrI5CSkuMWjX/plWcG0MZvFEbg
G1M+W+OsRfIK9k7453YQ4FLWOXw3PT51S+yL88g0Le31FHJ4NeZ9jUd7p/5uo6Pr
cF7JG3dvBBqxGnxTD6W+w51CX2O9+m8lEabbJqeCu3PWi6cP
-----END CERTIFICATE-----
Generated at Thu Dec 7 11:32:24 2023 by rpki-client on console-fra.rpki-client.org