Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/fabab9-658b-4d2f-8553-b431498c04c4/1/PsYei-PI5YM0M8MuZJSt2--ro-A.roa
File: PsYei-PI5YM0M8MuZJSt2--ro-A.roa (raw, json)
Hash identifier: PoTa+fyyJUICKL8CYIiel7DtvKR+aZqLIcbMrf1kg2k=
Subject key identifier: 3E:C6:1E:8B:E3:C8:E5:83:34:33:C3:2E:64:94:AD:DB:EF:AB:A3:E0
Certificate issuer: /CN=903a7b98915c3ff52529046f8edb46c4217fb086
Certificate serial: 01856FA70E14AEB934B6E4ABD62DCC8439CF
Authority key identifier: 90:3A:7B:98:91:5C:3F:F5:25:29:04:6F:8E:DB:46:C4:21:7F:B0:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kDp7mJFcP_UlKQRvjttGxCF_sIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/fabab9-658b-4d2f-8553-b431498c04c4/1/PsYei-PI5YM0M8MuZJSt2--ro-A.roa
Signing time: Sun 01 Jan 2023 23:24:57 +0000
ROA not before: Sun 01 Jan 2023 23:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12453
IP address blocks: 2.56.160.0/22 maxlen: 22
195.93.174.0/23 maxlen: 23
194.59.177.0/24 maxlen: 24
91.223.248.0/24 maxlen: 24
185.31.52.0/22 maxlen: 22
185.224.24.0/22 maxlen: 22
185.85.32.0/22 maxlen: 22
185.155.124.0/22 maxlen: 22
2a0d:5dc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:0e:14:ae:b9:34:b6:e4:ab:d6:2d:cc:84:39:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=903a7b98915c3ff52529046f8edb46c4217fb086
Validity
Not Before: Jan 1 23:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ec61e8be3c8e5833433c32e6494addbefaba3e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1b:25:f1:07:4d:83:38:19:a8:f7:a8:f7:85:
2a:2d:9d:38:9c:94:10:27:f5:da:f5:83:8a:18:7a:
46:9b:7e:9f:2a:84:f8:50:47:d4:a6:24:53:f0:6a:
e6:ae:f5:fd:d5:5a:8c:24:51:2b:72:e3:4d:0a:17:
8e:cc:b8:41:51:f6:33:1c:dc:2c:df:1c:6e:6b:cc:
c7:8d:21:17:e0:d2:6d:ad:4d:42:66:8e:f4:1f:aa:
4b:54:73:93:df:e6:7d:20:54:0e:05:90:9f:c5:27:
3f:ec:99:d0:30:a4:37:56:e0:35:4d:54:95:bf:50:
5e:fb:32:a0:f9:12:98:76:0f:06:c3:89:d9:fb:cb:
35:de:e2:d1:1b:ea:be:99:6c:de:d4:af:c7:00:37:
68:75:92:3f:6b:fd:66:94:78:0c:73:a4:03:4e:24:
43:34:d2:80:93:6b:7f:53:bf:39:0f:73:f5:53:af:
ef:47:18:2b:f4:da:bb:50:96:23:86:34:08:0d:84:
87:a6:b2:7b:1a:24:74:8d:75:a3:4b:54:bc:da:3e:
d7:84:7f:63:dc:ee:f4:5a:8c:0f:e5:71:90:7f:17:
a2:3f:84:dc:2d:d8:67:07:55:82:d2:d8:65:70:45:
90:19:59:af:29:2e:d1:aa:0a:a6:72:b3:0e:94:54:
bd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C6:1E:8B:E3:C8:E5:83:34:33:C3:2E:64:94:AD:DB:EF:AB:A3:E0
X509v3 Authority Key Identifier:
keyid:90:3A:7B:98:91:5C:3F:F5:25:29:04:6F:8E:DB:46:C4:21:7F:B0:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDp7mJFcP_UlKQRvjttGxCF_sIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/fabab9-658b-4d2f-8553-b431498c04c4/1/PsYei-PI5YM0M8MuZJSt2--ro-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/fabab9-658b-4d2f-8553-b431498c04c4/1/kDp7mJFcP_UlKQRvjttGxCF_sIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.160.0/22
91.223.248.0/24
185.31.52.0/22
185.85.32.0/22
185.155.124.0/22
185.224.24.0/22
194.59.177.0/24
195.93.174.0/23
IPv6:
2a0d:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:63:f1:ec:14:2b:2b:2b:ce:e2:3e:05:cd:9a:71:28:fc:03:
d2:a5:5e:86:ba:83:1e:56:94:24:21:17:f9:08:a7:17:22:74:
ca:0e:ea:57:ef:c3:4d:7a:86:b3:8b:05:3c:85:7a:41:92:22:
f0:c8:37:06:31:6d:0a:93:12:4c:30:10:51:ab:4b:c3:74:4b:
e0:bf:51:06:b0:6e:b3:23:11:c1:e0:26:40:bc:b4:9c:55:ed:
6a:84:9c:86:9c:d2:67:ad:49:f7:53:52:71:34:b7:b9:df:c8:
f1:7b:9a:7f:90:8e:04:21:ea:78:6a:9f:82:9e:63:f4:af:10:
56:21:16:0e:92:da:d4:f1:60:1f:db:a2:fb:cd:16:99:07:b9:
7e:06:d8:53:93:ae:cc:05:ab:3b:7b:6c:89:4c:86:2f:3b:55:
a4:c9:a8:39:26:c7:c5:80:52:f5:57:cc:8c:54:41:14:40:13:
a1:30:5b:38:ae:01:43:1c:9e:46:c0:75:d6:61:ae:0d:66:76:
c7:da:dd:8e:99:fa:26:8a:63:3f:7c:6e:d6:88:91:33:b1:c0:
60:e6:a0:32:6c:86:7a:57:53:dd:fd:88:4a:24:0c:8e:89:f6:
5c:fa:66:9b:bf:a4:6d:8f:dd:f6:6b:79:85:a6:d8:5f:a6:54:
69:1d:7f:51
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVvpw4Urrk0tuSr1i3MhDnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwM2E3Yjk4OTE1YzNmZjUyNTI5MDQ2ZjhlZGI0NmM0MjE3
ZmIwODYwHhcNMjMwMTAxMjMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWM2MWU4YmUzYzhlNTgzMzQzM2MzMmU2NDk0YWRkYmVmYWJhM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBsl8QdNgzgZqPeo94UqLZ04nJQQ
J/Xa9YOKGHpGm36fKoT4UEfUpiRT8GrmrvX91VqMJFErcuNNCheOzLhBUfYzHNws
3xxua8zHjSEX4NJtrU1CZo70H6pLVHOT3+Z9IFQOBZCfxSc/7JnQMKQ3VuA1TVSV
v1Be+zKg+RKYdg8Gw4nZ+8s13uLRG+q+mWze1K/HADdodZI/a/1mlHgMc6QDTiRD
NNKAk2t/U785D3P1U6/vRxgr9Nq7UJYjhjQIDYSHprJ7GiR0jXWjS1S82j7XhH9j
3O70WowP5XGQfxeiP4TcLdhnB1WC0thlcEWQGVmvKS7RqgqmcrMOlFS9ZQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFD7GHovjyOWDNDPDLmSUrdvvq6PgMB8GA1UdIwQY
MBaAFJA6e5iRXD/1JSkEb47bRsQhf7CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RwN21KRmNQX1VsS1FSdmp0dEd4Q0Zfc0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mYWJhYjktNjU4Yi00ZDJmLTg1NTMt
YjQzMTQ5OGMwNGM0LzEvUHNZZWktUEk1WU0wTThNdVpKU3QyLS1yby1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mYWJhYjktNjU4Yi00ZDJmLTg1NTMtYjQzMTQ5OGMwNGM0
LzEva0RwN21KRmNQX1VsS1FSdmp0dEd4Q0Zfc0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCAjigAwQA
W9/4AwQCuR80AwQCuVUgAwQCuZt8AwQCueAYAwQAwjuxAwQBw12uMA0EAgACMAcD
BQMqDV3AMA0GCSqGSIb3DQEBCwUAA4IBAQB6Y/HsFCsrK87iPgXNmnEo/APSpV6G
uoMeVpQkIRf5CKcXInTKDupX78NNeoaziwU8hXpBkiLwyDcGMW0KkxJMMBBRq0vD
dEvgv1EGsG6zIxHB4CZAvLScVe1qhJyGnNJnrUn3U1JxNLe538jxe5p/kI4EIep4
ap+CnmP0rxBWIRYOktrU8WAf26L7zRaZB7l+BthTk67MBas7e2yJTIYvO1Wkyag5
JsfFgFL1V8yMVEEUQBOhMFs4rgFDHJ5GwHXWYa4NZnbH2t2OmfomimM/fG7WiJEz
scBg5qAybIZ6V1Pd/YhKJAyOifZc+mabv6Rtj932a3mFpthfplRpHX9R
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:40 2023 by rpki-client on console-fra.rpki-client.org