Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/UhvTAs2viOBco-W7JbUQWLqLPIg.roa
File: UhvTAs2viOBco-W7JbUQWLqLPIg.roa (raw, json)
Hash identifier: 24yFJqF8TNk5/eIlrgEVJVktU1uuM8TifdjcNxm+KHg=
Subject key identifier: 52:1B:D3:02:CD:AF:88:E0:5C:A3:E5:BB:25:B5:10:58:BA:8B:3C:88
Certificate issuer: /CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Certificate serial: 0185E2B8C3A119DD38995D4D9B1495E72737
Authority key identifier: 09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/UhvTAs2viOBco-W7JbUQWLqLPIg.roa
Signing time: Tue 24 Jan 2023 07:40:37 +0000
ROA not before: Tue 24 Jan 2023 07:40:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3280
IP address blocks: 185.150.19.0/24 maxlen: 24
2a0e:d480::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:b8:c3:a1:19:dd:38:99:5d:4d:9b:14:95:e7:27:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b9d37450b62ae3f144eb42ac52ce243b628a7a
Validity
Not Before: Jan 24 07:40:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=521bd302cdaf88e05ca3e5bb25b51058ba8b3c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:80:55:f8:bc:b1:bc:05:16:d5:67:b9:b6:8d:
76:78:7c:6a:18:26:eb:6e:f4:e5:40:ba:be:e2:b5:
7d:a7:21:86:f8:2c:51:aa:6f:f2:19:89:10:d8:82:
00:e4:8f:8c:b8:6b:12:2b:7e:22:63:5e:40:e0:db:
07:5c:a2:d3:70:e0:01:3e:6a:0f:19:b5:1b:02:09:
6d:3b:3d:58:77:a7:c3:3b:50:b5:36:4c:53:2d:9a:
d2:61:af:ec:3f:1b:a9:2c:e2:89:bf:9d:c2:1e:89:
13:93:91:4d:78:d3:da:65:68:c4:8b:c1:8c:ad:9e:
aa:1d:2d:e4:e5:62:72:cf:0b:51:be:ad:3b:1c:5c:
d0:8e:f8:e6:4f:d5:e5:6b:90:45:e5:58:50:12:0d:
1c:e0:f7:25:3f:d2:20:a3:02:e4:ae:22:e4:5f:ad:
fc:b7:0b:ec:51:73:d0:1e:0a:3c:75:53:f0:27:c8:
0c:18:35:ae:de:42:72:44:f0:65:a3:e8:4d:ba:e7:
be:e1:33:9a:1c:21:a4:99:cd:cf:a7:27:29:a4:93:
b3:4c:a9:f9:84:16:f8:b1:aa:fd:4d:b2:57:ea:59:
be:76:5a:10:65:f8:6d:2b:13:e4:59:16:db:96:19:
58:ef:c6:7c:bf:bc:7e:16:b0:66:40:f5:71:ef:79:
44:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1B:D3:02:CD:AF:88:E0:5C:A3:E5:BB:25:B5:10:58:BA:8B:3C:88
X509v3 Authority Key Identifier:
keyid:09:B9:D3:74:50:B6:2A:E3:F1:44:EB:42:AC:52:CE:24:3B:62:8A:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbnTdFC2KuPxROtCrFLOJDtiino.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/UhvTAs2viOBco-W7JbUQWLqLPIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e5c0b6-8788-4bb9-b885-3fbfb94d9100/1/CbnTdFC2KuPxROtCrFLOJDtiino.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.19.0/24
IPv6:
2a0e:d480::/40
Signature Algorithm: sha256WithRSAEncryption
49:3f:05:51:4a:f2:10:40:1d:3e:00:46:c2:b2:ca:56:9a:f8:
72:75:48:98:d5:72:af:32:d9:16:b2:4e:a8:ab:7a:d6:be:10:
56:87:ae:c3:6b:39:6e:9a:13:5b:cd:ec:be:db:30:70:00:c5:
e7:40:4c:8f:da:0b:86:e8:c2:38:df:c0:76:01:8d:8a:ed:e1:
af:8e:af:3a:55:72:60:b3:46:7e:1a:14:12:ad:e2:7a:33:b0:
21:5b:02:48:51:03:22:8e:ca:b8:eb:ce:35:6d:7b:62:00:bf:
43:a8:ce:fa:02:66:16:d5:43:ae:b6:16:79:e7:54:c9:e5:4c:
58:1a:7d:59:63:06:36:42:e0:fc:88:02:b9:cf:a8:41:4d:69:
cc:c2:6f:ba:4c:2f:85:d6:5a:3b:d8:dd:23:ef:93:38:ad:d7:
b8:d0:8f:eb:3f:6d:f1:3d:47:16:3b:76:40:32:32:ed:aa:d5:
f4:15:fd:80:a6:d9:1f:a4:1a:16:53:5f:bd:ed:42:e0:95:3e:
c2:02:8a:d3:3f:a9:c8:75:1c:17:1c:c6:36:6b:c7:e9:54:83:
de:9a:e3:0a:b4:cb:81:b6:b6:82:73:63:79:72:82:ed:ff:4f:
c7:b5:41:88:8d:64:0b:03:ee:c4:e2:ad:da:8e:e2:ce:98:d2:
90:a1:28:67
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYXiuMOhGd04mV1NmxSV5yc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjlkMzc0NTBiNjJhZTNmMTQ0ZWI0MmFjNTJjZTI0M2I2
MjhhN2EwHhcNMjMwMTI0MDc0MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjFiZDMwMmNkYWY4OGUwNWNhM2U1YmIyNWI1MTA1OGJhOGIzYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIBV+LyxvAUW1We5to12eHxqGCbr
bvTlQLq+4rV9pyGG+CxRqm/yGYkQ2IIA5I+MuGsSK34iY15A4NsHXKLTcOABPmoP
GbUbAgltOz1Yd6fDO1C1NkxTLZrSYa/sPxupLOKJv53CHokTk5FNeNPaZWjEi8GM
rZ6qHS3k5WJyzwtRvq07HFzQjvjmT9Xla5BF5VhQEg0c4PclP9IgowLkriLkX638
twvsUXPQHgo8dVPwJ8gMGDWu3kJyRPBlo+hNuue+4TOaHCGkmc3PpycppJOzTKn5
hBb4sar9TbJX6lm+dloQZfhtKxPkWRbblhlY78Z8v7x+FrBmQPVx73lEewIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFIb0wLNr4jgXKPluyW1EFi6izyIMB8GA1UdIwQY
MBaAFAm503RQtirj8UTrQqxSziQ7Yop6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUt
M2ZiZmI5NGQ5MTAwLzEvVWh2VEFzMnZpT0Jjby1XN0piVVFXTHFMUElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lNWMwYjYtODc4OC00YmI5LWI4ODUtM2ZiZmI5NGQ5MTAw
LzEvQ2JuVGRGQzJLdVB4Uk90Q3JGTE9KRHRpaW5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuZYTMA4E
AgACMAgDBgAqDtSAADANBgkqhkiG9w0BAQsFAAOCAQEAST8FUUryEEAdPgBGwrLK
Vpr4cnVImNVyrzLZFrJOqKt61r4QVoeuw2s5bpoTW83svtswcADF50BMj9oLhujC
ON/AdgGNiu3hr46vOlVyYLNGfhoUEq3iejOwIVsCSFEDIo7KuOvONW17YgC/Q6jO
+gJmFtVDrrYWeedUyeVMWBp9WWMGNkLg/IgCuc+oQU1pzMJvukwvhdZaO9jdI++T
OK3XuNCP6z9t8T1HFjt2QDIy7arV9BX9gKbZH6QaFlNfve1C4JU+wgKK0z+pyHUc
FxzGNmvH6VSD3prjCrTLgba2gnNjeXKC7f9Px7VBiI1kCwPuxOKt2o7izpjSkKEo
Zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org