Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/30t9_yD-qSD6D85QK_TTUQRayYw.roa
File: 30t9_yD-qSD6D85QK_TTUQRayYw.roa (raw, json)
Hash identifier: ncF6DSvwk5ud5XRe8J26THAuLlaa1RfPi008/Sj4d8A=
Subject key identifier: DF:4B:7D:FF:20:FE:A9:20:FA:0F:CE:50:2B:F4:D3:51:04:5A:C9:8C
Certificate issuer: /CN=cf640b02311376dc96eebfeca755c3b0061140ec
Certificate serial: 01856DD407C469F3F3A0747E8222CEE2BBD4
Authority key identifier: CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/30t9_yD-qSD6D85QK_TTUQRayYw.roa
Signing time: Sun 01 Jan 2023 14:54:50 +0000
ROA not before: Sun 01 Jan 2023 14:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28836
IP address blocks: 213.214.98.0/23 maxlen: 24
213.214.96.0/19 maxlen: 24
213.214.96.0/23 maxlen: 24
213.214.100.0/23 maxlen: 24
213.214.102.0/23 maxlen: 24
213.214.104.0/23 maxlen: 24
213.214.110.0/23 maxlen: 24
213.214.106.0/23 maxlen: 24
213.214.108.0/23 maxlen: 24
213.214.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:07:c4:69:f3:f3:a0:74:7e:82:22:ce:e2:bb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf640b02311376dc96eebfeca755c3b0061140ec
Validity
Not Before: Jan 1 14:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df4b7dff20fea920fa0fce502bf4d351045ac98c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f4:7b:b1:36:9d:4a:fe:bc:e6:df:00:bd:23:
5b:91:c4:55:98:b9:ae:a7:5a:78:cc:ff:99:6b:41:
61:44:19:90:38:0f:10:fa:86:6f:45:a3:d4:d3:0c:
af:73:05:5a:30:f7:d6:f3:24:9f:5d:a8:f7:53:b0:
72:b3:63:5a:e4:ea:1a:9e:a5:89:7f:a1:75:59:26:
57:17:4e:be:92:96:50:ba:05:d5:eb:37:ef:30:7b:
68:6a:a7:b0:59:02:38:9c:48:b6:c5:09:0f:9b:eb:
0b:86:39:df:df:4c:f2:0c:b6:ce:5e:ce:b0:1b:51:
be:75:5c:cb:36:74:6b:ef:74:25:37:f3:f1:70:6b:
6d:ad:97:91:0a:6f:64:e4:93:95:f1:a8:25:b4:cb:
5a:9b:a1:2f:9c:f0:b1:ab:92:15:64:97:47:5f:bb:
b3:fb:74:99:46:5f:81:7d:2c:f7:fc:83:89:21:72:
2a:5a:ec:c5:01:d2:d3:bc:82:c4:d5:7c:70:04:c8:
00:70:6c:16:dc:af:ae:ef:6e:d3:9c:55:c8:86:64:
20:48:f3:e9:16:ba:22:bc:c2:bd:c6:6e:78:77:7b:
5d:d4:d8:67:08:62:37:84:75:bf:09:fc:e1:3e:14:
33:66:ab:0c:73:df:fb:48:d9:42:c2:5a:31:f8:97:
5b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4B:7D:FF:20:FE:A9:20:FA:0F:CE:50:2B:F4:D3:51:04:5A:C9:8C
X509v3 Authority Key Identifier:
keyid:CF:64:0B:02:31:13:76:DC:96:EE:BF:EC:A7:55:C3:B0:06:11:40:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2QLAjETdtyW7r_sp1XDsAYRQOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/30t9_yD-qSD6D85QK_TTUQRayYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/00ec78-7e44-49e4-8443-9db5be4d0eff/1/z2QLAjETdtyW7r_sp1XDsAYRQOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.214.96.0/19
Signature Algorithm: sha256WithRSAEncryption
a3:28:ce:4b:b4:48:f4:8e:c1:9d:59:a8:ed:08:46:1c:b5:46:
e5:1a:9e:1f:b2:19:f3:77:e6:8e:0f:26:10:73:54:1e:a3:14:
5c:f4:be:e1:0c:8a:e7:3a:e9:c9:b2:31:ff:08:0c:f4:07:7e:
de:82:c3:b3:f2:32:35:27:a8:60:d9:02:dc:f0:1d:cf:a8:a0:
17:ff:b2:3f:1c:20:39:57:17:31:15:c8:e7:23:20:7a:3b:a0:
df:13:e7:78:9c:ba:ac:81:d3:c2:d0:6c:5e:15:9d:c7:bc:8e:
e2:e6:86:64:bc:44:83:b5:6b:0b:e4:b5:9c:55:0e:72:c6:0e:
99:e3:1e:7d:97:9c:4c:cb:10:a7:4f:08:77:26:2b:47:27:ba:
1a:79:48:86:a1:95:b4:e2:e4:e5:35:6d:f5:dd:ac:dc:2e:2a:
63:a6:cc:78:a8:16:b4:c1:21:10:f3:c4:0f:dc:2e:e1:1f:c4:
22:b5:9d:14:b4:94:85:6c:f4:fd:2b:e8:8c:c4:8b:7c:73:eb:
5f:ec:48:3f:69:74:e8:4a:a1:a8:e6:29:f2:fa:3d:80:77:b3:
4c:b7:f5:6f:36:e5:e6:a8:a8:3a:fa:1f:02:b6:1a:81:8b:75:
a5:61:b7:80:ca:3b:40:cf:47:69:40:d9:e8:d4:70:d5:f9:c6:
9c:52:70:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1AfEafPzoHR+giLO4rvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjQwYjAyMzExMzc2ZGM5NmVlYmZlY2E3NTVjM2IwMDYx
MTQwZWMwHhcNMjMwMTAxMTQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjRiN2RmZjIwZmVhOTIwZmEwZmNlNTAyYmY0ZDM1MTA0NWFjOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/R7sTadSv685t8AvSNbkcRVmLmu
p1p4zP+Za0FhRBmQOA8Q+oZvRaPU0wyvcwVaMPfW8ySfXaj3U7Bys2Na5OoanqWJ
f6F1WSZXF06+kpZQugXV6zfvMHtoaqewWQI4nEi2xQkPm+sLhjnf30zyDLbOXs6w
G1G+dVzLNnRr73QlN/PxcGttrZeRCm9k5JOV8agltMtam6EvnPCxq5IVZJdHX7uz
+3SZRl+BfSz3/IOJIXIqWuzFAdLTvILE1XxwBMgAcGwW3K+u727TnFXIhmQgSPPp
FroivMK9xm54d3td1NhnCGI3hHW/CfzhPhQzZqsMc9/7SNlCwlox+JdbaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9Lff8g/qkg+g/OUCv001EEWsmMMB8GA1UdIwQY
MBaAFM9kCwIxE3bclu6/7KdVw7AGEUDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMt
OWRiNWJlNGQwZWZmLzEvMzB0OV95RC1xU0Q2RDg1UUtfVFRVUVJheVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMGVjNzgtN2U0NC00OWU0LTg0NDMtOWRiNWJlNGQwZWZm
LzEvejJRTEFqRVRkdHlXN3Jfc3AxWERzQVlSUU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1dZgMA0G
CSqGSIb3DQEBCwUAA4IBAQCjKM5LtEj0jsGdWajtCEYctUblGp4fshnzd+aODyYQ
c1QeoxRc9L7hDIrnOunJsjH/CAz0B37egsOz8jI1J6hg2QLc8B3PqKAX/7I/HCA5
VxcxFcjnIyB6O6DfE+d4nLqsgdPC0GxeFZ3HvI7i5oZkvESDtWsL5LWcVQ5yxg6Z
4x59l5xMyxCnTwh3JitHJ7oaeUiGoZW04uTlNW313azcLipjpsx4qBa0wSEQ88QP
3C7hH8QitZ0UtJSFbPT9K+iMxIt8c+tf7Eg/aXToSqGo5iny+j2Ad7NMt/VvNuXm
qKg6+h8CthqBi3WlYbeAyjtAz0dpQNno1HDV+cacUnDF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:57 2024 by rpki-client on console-ams.rpki-client.org