Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/0v6CJLlJIN3R2WuyT-1XU4kvwnc.roa
File: 0v6CJLlJIN3R2WuyT-1XU4kvwnc.roa (raw, json)
Hash identifier: hVUugUYZdmHHHBGw8aYIikDJxZDxW8tb52HM8+WrwZE=
Subject key identifier: D2:FE:82:24:B9:49:20:DD:D1:D9:6B:B2:4F:ED:57:53:89:2F:C2:77
Certificate issuer: /CN=cf640b02311376dc96eebfeca755c3b0061140ec
Certificate serial: 01856DD40A945AF42AB5D54FD0B77663CAE7
Authority key identifier: CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/0v6CJLlJIN3R2WuyT-1XU4kvwnc.roa
Signing time: Sun 01 Jan 2023 14:54:50 +0000
ROA not before: Sun 01 Jan 2023 14:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36057
IP address blocks: 85.92.152.0/21 maxlen: 21
89.18.160.0/24 maxlen: 24
89.18.184.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0a:94:5a:f4:2a:b5:d5:4f:d0:b7:76:63:ca:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf640b02311376dc96eebfeca755c3b0061140ec
Validity
Not Before: Jan 1 14:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2fe8224b94920ddd1d96bb24fed5753892fc277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a6:ba:bb:8d:24:e1:a9:98:7a:b0:cb:22:fb:
57:19:2d:c4:d7:33:ea:20:88:67:db:84:bc:58:32:
f7:00:a7:cf:d6:74:20:67:d9:a3:09:3d:e1:ba:fc:
c8:d9:25:d8:04:74:4e:2f:7a:49:30:3b:7c:68:ca:
b6:cb:0a:65:17:92:b9:1e:2f:52:15:3d:b0:21:a6:
e4:85:8f:83:84:d0:90:71:98:ee:fb:dc:65:d9:7c:
c3:d7:5d:a9:28:79:99:bd:75:18:32:62:44:f5:11:
b2:d6:26:60:c6:1f:05:36:cb:5a:92:7f:71:d5:1f:
f5:ca:53:6f:ac:02:6b:71:48:6b:38:43:10:8a:6a:
f1:86:95:e0:a2:56:0a:08:74:46:41:4e:8c:4e:26:
99:12:eb:52:cf:c9:c6:68:95:3d:cc:28:dd:05:3b:
09:56:af:9d:14:99:ad:5d:0b:24:2a:b3:70:68:9a:
db:e5:05:de:7b:ad:ea:16:78:4a:9c:c1:c8:cb:73:
09:1e:a8:35:8d:c0:4f:32:fb:63:55:71:55:90:cc:
e8:15:8e:2d:6e:c4:17:fe:2b:44:80:be:46:67:04:
fa:39:5c:c2:95:9a:7a:0f:94:fe:e3:e5:59:85:9a:
31:db:f1:fa:34:ea:f4:07:aa:03:ed:e2:d4:55:a9:
b8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FE:82:24:B9:49:20:DD:D1:D9:6B:B2:4F:ED:57:53:89:2F:C2:77
X509v3 Authority Key Identifier:
keyid:CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/0v6CJLlJIN3R2WuyT-1XU4kvwnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/z2QLAjETdtyW7r_sp1XDsAYRQOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.152.0/21
89.18.160.0/24
89.18.184.0/23
Signature Algorithm: sha256WithRSAEncryption
84:8a:70:86:39:76:35:bb:82:d5:19:86:9d:c2:a3:a0:11:35:
21:aa:11:6b:41:81:c5:26:53:0d:ca:1c:12:6a:f6:82:13:88:
d0:d6:6e:57:4b:a5:39:80:a7:d2:70:d9:c1:ee:be:96:32:6f:
1a:15:1a:a9:b4:82:d5:0c:bb:cd:f3:de:6e:fb:21:5e:bf:2d:
fd:47:68:76:23:1a:41:f3:ef:bf:1d:01:61:b5:10:f0:f0:89:
42:12:75:9f:38:cf:a9:5e:45:ba:6d:1d:53:13:1f:9c:00:1e:
98:00:44:f9:e0:b8:fc:6a:99:e9:c0:ee:ce:99:15:1c:7b:3f:
18:18:b4:63:57:9b:82:d3:05:f1:5a:49:17:5f:77:ac:e8:41:
37:17:3b:d8:4e:14:e3:e7:ed:bc:02:f2:97:13:53:1e:4a:03:
a3:0f:7f:63:f0:93:2d:54:1b:de:fc:91:26:f4:2a:1c:20:52:
3b:38:af:e3:6d:80:a7:a7:38:39:df:80:57:19:f6:27:36:24:
d7:17:fc:0e:6c:ca:cd:20:de:f8:f3:4d:6b:9b:00:4c:de:be:
97:ba:5f:07:66:48:8c:35:64:c2:ed:76:f9:47:ab:ba:86:71:
57:47:e0:f4:4b:9f:f6:50:d9:a6:cf:a2:b2:dc:5a:aa:62:82:
ac:6e:ac:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt1AqUWvQqtdVP0Ld2Y8rnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjQwYjAyMzExMzc2ZGM5NmVlYmZlY2E3NTVjM2IwMDYx
MTQwZWMwHhcNMjMwMTAxMTQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZlODIyNGI5NDkyMGRkZDFkOTZiYjI0ZmVkNTc1Mzg5MmZjMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6a6u40k4amYerDLIvtXGS3E1zPq
IIhn24S8WDL3AKfP1nQgZ9mjCT3huvzI2SXYBHROL3pJMDt8aMq2ywplF5K5Hi9S
FT2wIabkhY+DhNCQcZju+9xl2XzD112pKHmZvXUYMmJE9RGy1iZgxh8FNstakn9x
1R/1ylNvrAJrcUhrOEMQimrxhpXgolYKCHRGQU6MTiaZEutSz8nGaJU9zCjdBTsJ
Vq+dFJmtXQskKrNwaJrb5QXee63qFnhKnMHIy3MJHqg1jcBPMvtjVXFVkMzoFY4t
bsQX/itEgL5GZwT6OVzClZp6D5T+4+VZhZox2/H6NOr0B6oD7eLUVam4+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNL+giS5SSDd0dlrsk/tV1OJL8J3MB8GA1UdIwQY
MBaAFM9kCwIxE3bclu6/7KdVw7AGEUDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMt
OWRiNWJlNGQwZWZmLzEvMHY2Q0pMbEpJTjNSMld1eVQtMVhVNGt2d25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMtOWRiNWJlNGQwZWZm
LzEvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVVyYAwQA
WRKgAwQBWRK4MA0GCSqGSIb3DQEBCwUAA4IBAQCEinCGOXY1u4LVGYadwqOgETUh
qhFrQYHFJlMNyhwSavaCE4jQ1m5XS6U5gKfScNnB7r6WMm8aFRqptILVDLvN895u
+yFevy39R2h2IxpB8++/HQFhtRDw8IlCEnWfOM+pXkW6bR1TEx+cAB6YAET54Lj8
apnpwO7OmRUcez8YGLRjV5uC0wXxWkkXX3es6EE3FzvYThTj5+28AvKXE1MeSgOj
D39j8JMtVBve/JEm9CocIFI7OK/jbYCnpzg534BXGfYnNiTXF/wObMrNIN74801r
mwBM3r6Xul8HZkiMNWTC7Xb5R6u6hnFXR+D0S5/2UNmmz6Ky3FqqYoKsbqyB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:55 2024 by rpki-client on console-fra.rpki-client.org