Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e2662e-d81d-4baa-91cc-f845cfbb5e7a/1/mTud1BDG195eC_rFQHia_a1lGTU.roa
File: mTud1BDG195eC_rFQHia_a1lGTU.roa (raw, json)
Hash identifier: adDrzI/3CANOVc9f5i34EJWlVJlRcG4dO0uEL/+qSLI=
Subject key identifier: 99:3B:9D:D4:10:C6:D7:DE:5E:0B:FA:C5:40:78:9A:FD:AD:65:19:35
Certificate issuer: /CN=d2c9bc2cf905bd43b429f5194a81936cf1ec619b
Certificate serial: 01857102BF0F400E445341EFAF31040385A2
Authority key identifier: D2:C9:BC:2C:F9:05:BD:43:B4:29:F5:19:4A:81:93:6C:F1:EC:61:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sm8LPkFvUO0KfUZSoGTbPHsYZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e2662e-d81d-4baa-91cc-f845cfbb5e7a/1/mTud1BDG195eC_rFQHia_a1lGTU.roa
Signing time: Mon 02 Jan 2023 05:44:43 +0000
ROA not before: Mon 02 Jan 2023 05:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41458
IP address blocks: 195.3.164.0/22 maxlen: 22
94.229.0.0/20 maxlen: 20
185.50.132.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:bf:0f:40:0e:44:53:41:ef:af:31:04:03:85:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c9bc2cf905bd43b429f5194a81936cf1ec619b
Validity
Not Before: Jan 2 05:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=993b9dd410c6d7de5e0bfac540789afdad651935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:ef:b8:b8:32:a7:8f:66:d0:a1:e2:0d:1f:
93:80:c6:78:22:8c:cb:cb:89:a2:60:f1:bd:44:7c:
82:fc:fe:dd:9c:51:69:7b:e0:9b:4d:ca:de:c3:39:
f6:84:65:14:81:d3:fb:06:ac:a7:26:4a:1b:b4:5c:
97:5e:f6:4a:2c:2b:c1:25:d8:ca:fe:21:f2:e0:71:
c9:44:c1:22:16:b3:5b:ae:2c:1f:e6:8c:92:c5:b6:
9b:08:b9:92:d7:cc:e1:14:e2:b4:0f:7f:ec:e8:95:
3f:08:35:a5:be:25:93:d2:cc:34:88:f5:00:9c:43:
2b:2a:7a:08:e9:78:77:4b:93:55:21:ff:76:7b:0f:
de:4e:e8:86:d5:4a:fa:f7:c9:39:bb:97:55:ee:17:
d0:66:be:1f:5b:1d:43:f1:ae:6a:d8:b3:fc:5e:20:
71:e6:34:f4:a4:92:4b:2d:d1:26:30:34:36:8c:f7:
b3:d5:19:7a:74:b9:5a:60:d8:01:d0:d5:f7:4d:a1:
4b:3f:37:09:ef:92:63:16:f3:bf:e1:aa:2a:86:28:
65:5a:cc:61:c7:b2:18:23:5c:95:4b:66:82:19:7a:
49:ee:8b:62:d7:32:c1:dd:79:a8:ad:5d:8c:3b:95:
40:e5:fa:6e:6a:5c:87:94:b1:24:27:5e:84:04:f6:
e3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3B:9D:D4:10:C6:D7:DE:5E:0B:FA:C5:40:78:9A:FD:AD:65:19:35
X509v3 Authority Key Identifier:
keyid:D2:C9:BC:2C:F9:05:BD:43:B4:29:F5:19:4A:81:93:6C:F1:EC:61:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sm8LPkFvUO0KfUZSoGTbPHsYZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e2662e-d81d-4baa-91cc-f845cfbb5e7a/1/mTud1BDG195eC_rFQHia_a1lGTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e2662e-d81d-4baa-91cc-f845cfbb5e7a/1/0sm8LPkFvUO0KfUZSoGTbPHsYZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.0.0/20
185.50.132.0/22
195.3.164.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:cc:7a:a3:44:a3:49:ad:4a:bc:9c:b7:be:67:ea:34:ba:96:
ad:d4:d8:a8:ad:c3:93:06:54:4d:a6:b0:8e:3f:ae:23:64:48:
f1:a7:bc:32:cd:cc:de:0d:ae:91:c1:f4:eb:b6:89:cf:41:42:
80:2d:21:34:26:03:30:87:97:e3:ec:27:a5:0e:2f:5a:fa:8c:
9f:cb:a9:3c:e5:9f:5e:0f:79:29:79:71:79:56:a8:55:cb:21:
08:2a:5d:97:04:51:f5:b1:83:fc:8c:1b:07:1d:02:68:6f:e4:
83:d2:9d:14:f2:4a:45:5a:4b:7f:0f:72:b9:de:1c:88:3d:85:
7f:07:99:e5:cf:39:eb:6f:63:5d:42:61:32:8c:c4:78:f6:b3:
d7:ce:2e:39:ea:df:d8:84:be:4e:2f:39:98:bb:3f:68:85:d6:
ea:11:ad:44:f8:70:7f:8a:b3:c4:3c:c6:4b:ca:8e:05:30:5c:
82:9e:19:45:ae:4b:79:5e:c0:55:7a:52:b5:a4:f2:0e:0b:0f:
37:94:bb:60:df:cd:a3:d0:b1:cd:4b:20:35:7f:da:28:94:82:
82:06:f1:df:81:63:aa:d7:b6:27:43:45:fd:18:61:1d:40:66:
db:62:99:dd:9c:d3:1a:2c:7f:83:cb:31:8b:61:50:9f:02:8a:
d7:79:f3:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxAr8PQA5EU0HvrzEEA4WiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzliYzJjZjkwNWJkNDNiNDI5ZjUxOTRhODE5MzZjZjFl
YzYxOWIwHhcNMjMwMTAyMDU0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNiOWRkNDEwYzZkN2RlNWUwYmZhYzU0MDc4OWFmZGFkNjUxOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsITvuLgyp49m0KHiDR+TgMZ4IozL
y4miYPG9RHyC/P7dnFFpe+CbTcrewzn2hGUUgdP7BqynJkobtFyXXvZKLCvBJdjK
/iHy4HHJRMEiFrNbriwf5oySxbabCLmS18zhFOK0D3/s6JU/CDWlviWT0sw0iPUA
nEMrKnoI6Xh3S5NVIf92ew/eTuiG1Ur698k5u5dV7hfQZr4fWx1D8a5q2LP8XiBx
5jT0pJJLLdEmMDQ2jPez1Rl6dLlaYNgB0NX3TaFLPzcJ75JjFvO/4aoqhihlWsxh
x7IYI1yVS2aCGXpJ7oti1zLB3XmorV2MO5VA5fpualyHlLEkJ16EBPbj6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJk7ndQQxtfeXgv6xUB4mv2tZRk1MB8GA1UdIwQY
MBaAFNLJvCz5Bb1DtCn1GUqBk2zx7GGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNtOExQa0Z2VU8wS2ZVWlNvR1RiUEhzWVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lMjY2MmUtZDgxZC00YmFhLTkxY2Mt
Zjg0NWNmYmI1ZTdhLzEvbVR1ZDFCREcxOTVlQ19yRlFIaWFfYTFsR1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lMjY2MmUtZDgxZC00YmFhLTkxY2MtZjg0NWNmYmI1ZTdh
LzEvMHNtOExQa0Z2VU8wS2ZVWlNvR1RiUEhzWVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEXuUAAwQC
uTKEAwQCwwOkMA0GCSqGSIb3DQEBCwUAA4IBAQCdzHqjRKNJrUq8nLe+Z+o0upat
1NiorcOTBlRNprCOP64jZEjxp7wyzczeDa6RwfTrtonPQUKALSE0JgMwh5fj7Cel
Di9a+oyfy6k85Z9eD3kpeXF5VqhVyyEIKl2XBFH1sYP8jBsHHQJob+SD0p0U8kpF
Wkt/D3K53hyIPYV/B5nlzznrb2NdQmEyjMR49rPXzi456t/YhL5OLzmYuz9ohdbq
Ea1E+HB/irPEPMZLyo4FMFyCnhlFrkt5XsBVelK1pPIOCw83lLtg382j0LHNSyA1
f9oolIKCBvHfgWOq17YnQ0X9GGEdQGbbYpndnNMaLH+DyzGLYVCfAorXefMg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:17 2024 by rpki-client on console-ams.rpki-client.org