Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/JSzIYTwkhdAi8Nehl0BpE3OiQ7s.roa
File: JSzIYTwkhdAi8Nehl0BpE3OiQ7s.roa (raw, json)
Hash identifier: UhNU2G/94OhXf3+hmSYWDE2EE3udJ7UUJATo0PuiekM=
Subject key identifier: 25:2C:C8:61:3C:24:85:D0:22:F0:D7:A1:97:40:69:13:73:A2:43:BB
Certificate issuer: /CN=992be8d0a80d0665d8c6af41834665c88d6dfe76
Certificate serial: 018CC94E290908326E00F566C7D24CC31E33
Authority key identifier: 99:2B:E8:D0:A8:0D:06:65:D8:C6:AF:41:83:46:65:C8:8D:6D:FE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSvo0KgNBmXYxq9Bg0ZlyI1t_nY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/JSzIYTwkhdAi8Nehl0BpE3OiQ7s.roa
Signing time: Tue 02 Jan 2024 08:33:11 +0000
ROA not before: Tue 02 Jan 2024 08:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203448
IP address blocks: 185.134.172.0/22 maxlen: 24
2a0d:40c0::/33 maxlen: 33
2a0d:40c0:8000::/33 maxlen: 33
2a0d:40c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:29:09:08:32:6e:00:f5:66:c7:d2:4c:c3:1e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992be8d0a80d0665d8c6af41834665c88d6dfe76
Validity
Not Before: Jan 2 08:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=252cc8613c2485d022f0d7a19740691373a243bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:92:9d:1f:7b:5d:73:09:c4:ce:5e:99:83:
7a:be:a1:da:20:16:9d:1f:bc:00:b0:33:a3:20:3d:
56:b4:22:e2:7e:11:2c:fc:f7:40:f4:5c:28:ad:31:
7f:21:f5:c6:a1:50:75:82:d5:28:8b:ea:ab:18:a9:
1a:77:b2:4a:88:a6:2e:49:6c:90:b6:bf:8f:44:1f:
2f:aa:21:cd:cd:24:aa:af:c9:c1:2b:02:ee:d5:5b:
8c:d8:76:d8:a3:ad:48:9e:86:b7:ff:67:bd:b1:b4:
22:a8:30:7c:40:3e:a9:c6:fd:95:79:a9:a8:19:97:
4a:fe:5a:c3:6c:a6:e3:3a:ec:91:34:4f:b6:dc:f4:
fe:a5:82:50:cf:82:6a:b6:bf:a8:1b:dc:65:88:c8:
21:f5:38:08:b6:c0:ab:6f:81:51:04:08:cd:7a:27:
55:59:36:3d:a9:02:ca:38:ea:3b:e3:e6:22:6c:f3:
ba:96:2b:f7:46:44:ae:2f:a1:83:90:2e:e4:e1:a0:
35:46:4e:5d:d2:de:85:f0:90:3f:c5:36:4d:bd:e3:
58:06:56:e0:27:78:4a:d7:2d:54:4d:99:93:4d:4a:
23:cb:da:4e:9c:a2:bd:96:d4:a1:35:ba:22:db:03:
00:58:f2:fb:44:a0:68:32:0a:11:25:ea:11:3e:3a:
52:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2C:C8:61:3C:24:85:D0:22:F0:D7:A1:97:40:69:13:73:A2:43:BB
X509v3 Authority Key Identifier:
keyid:99:2B:E8:D0:A8:0D:06:65:D8:C6:AF:41:83:46:65:C8:8D:6D:FE:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSvo0KgNBmXYxq9Bg0ZlyI1t_nY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/JSzIYTwkhdAi8Nehl0BpE3OiQ7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3495b4-7b60-4a83-8c68-93c444668034/1/mSvo0KgNBmXYxq9Bg0ZlyI1t_nY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.172.0/22
IPv6:
2a0d:40c0::/32
Signature Algorithm: sha256WithRSAEncryption
9f:ac:bd:a3:ca:42:7b:14:31:7d:e3:47:94:7d:f0:e8:fd:d3:
c5:6d:cb:8b:35:a5:3f:4b:84:bc:8c:db:d5:7c:9f:c3:0a:23:
14:6a:83:88:5d:7e:2a:35:2e:2a:ca:9f:7e:24:41:a7:5e:c8:
56:a3:d9:35:01:dd:24:69:59:08:67:42:91:03:0e:94:7d:52:
35:14:8e:4d:a2:0f:56:9a:82:82:0a:b9:1f:d1:32:c3:0a:f8:
5b:3d:88:ba:61:e5:8d:1f:bf:62:f2:f4:14:77:de:2e:46:04:
20:82:94:b6:dc:7d:04:f5:08:b4:44:69:4e:7b:ce:56:a7:3f:
51:ad:ae:ef:61:2c:10:5a:a4:f8:3c:34:b1:9b:a5:7d:6a:a5:
48:b0:6e:22:fd:d5:b1:96:15:12:ed:b3:01:bd:35:32:1d:c9:
a2:ce:cf:d9:ca:42:05:68:b1:ae:ff:f5:b4:48:a3:c4:63:73:
4f:df:5d:54:81:09:c3:a4:8f:32:9a:ac:a6:47:fc:dc:80:ec:
6b:f1:d4:53:59:9f:cf:00:e1:db:46:8b:7a:b7:f1:fe:95:a5:
b2:e9:6c:ac:e6:fd:6a:56:69:83:fa:a9:05:76:b0:d0:58:bb:
b7:f6:0e:e0:4a:bc:48:e7:4f:72:61:20:bd:18:0a:b7:39:ac:
63:08:45:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTikJCDJuAPVmx9JMwx4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmJlOGQwYTgwZDA2NjVkOGM2YWY0MTgzNDY2NWM4OGQ2
ZGZlNzYwHhcNMjQwMTAyMDgzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJjYzg2MTNjMjQ4NWQwMjJmMGQ3YTE5NzQwNjkxMzczYTI0M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8iSnR97XXMJxM5emYN6vqHaIBad
H7wAsDOjID1WtCLifhEs/PdA9FworTF/IfXGoVB1gtUoi+qrGKkad7JKiKYuSWyQ
tr+PRB8vqiHNzSSqr8nBKwLu1VuM2HbYo61Inoa3/2e9sbQiqDB8QD6pxv2Veamo
GZdK/lrDbKbjOuyRNE+23PT+pYJQz4Jqtr+oG9xliMgh9TgItsCrb4FRBAjNeidV
WTY9qQLKOOo74+YibPO6liv3RkSuL6GDkC7k4aA1Rk5d0t6F8JA/xTZNveNYBlbg
J3hK1y1UTZmTTUojy9pOnKK9ltShNboi2wMAWPL7RKBoMgoRJeoRPjpSQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCUsyGE8JIXQIvDXoZdAaRNzokO7MB8GA1UdIwQY
MBaAFJkr6NCoDQZl2MavQYNGZciNbf52MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN2bzBLZ05CbVhZeHE5QmcwWmx5STF0X25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8zNDk1YjQtN2I2MC00YTgzLThjNjgt
OTNjNDQ0NjY4MDM0LzEvSlN6SVlUd2toZEFpOE5laGwwQnBFM09pUTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8zNDk1YjQtN2I2MC00YTgzLThjNjgtOTNjNDQ0NjY4MDM0
LzEvbVN2bzBLZ05CbVhZeHE5QmcwWmx5STF0X25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYasMA0E
AgACMAcDBQAqDUDAMA0GCSqGSIb3DQEBCwUAA4IBAQCfrL2jykJ7FDF940eUffDo
/dPFbcuLNaU/S4S8jNvVfJ/DCiMUaoOIXX4qNS4qyp9+JEGnXshWo9k1Ad0kaVkI
Z0KRAw6UfVI1FI5Nog9WmoKCCrkf0TLDCvhbPYi6YeWNH79i8vQUd94uRgQggpS2
3H0E9Qi0RGlOe85Wpz9Rra7vYSwQWqT4PDSxm6V9aqVIsG4i/dWxlhUS7bMBvTUy
Hcmizs/ZykIFaLGu//W0SKPEY3NP311UgQnDpI8ymqymR/zcgOxr8dRTWZ/PAOHb
Rot6t/H+laWy6Wys5v1qVmmD+qkFdrDQWLu39g7gSrxI509yYSC9GAq3OaxjCEUY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:29 2024 by rpki-client on console-fra.rpki-client.org