Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/cR0bd2KAT3rj16PBC9y6gpjBeS0.roa
File: cR0bd2KAT3rj16PBC9y6gpjBeS0.roa (raw, json)
Hash identifier: GVilUX7JJ0PbT6xCDHQC5zH8hyNTgwy8iP556gcOT08=
Subject key identifier: 71:1D:1B:77:62:80:4F:7A:E3:D7:A3:C1:0B:DC:BA:82:98:C1:79:2D
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 018CC2DAECA17180CF2E574371ABE6A75F1B
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/cR0bd2KAT3rj16PBC9y6gpjBeS0.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49767
IP address blocks: 194.31.216.0/22 maxlen: 22
109.72.0.0/20 maxlen: 20
2a02:2930::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ec:a1:71:80:cf:2e:57:43:71:ab:e6:a7:5f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=711d1b7762804f7ae3d7a3c10bdcba8298c1792d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:22:ad:e1:27:c6:17:44:ac:98:d6:20:67:c8:
c8:23:fc:12:f8:28:d7:c2:9a:f2:a5:86:cb:b5:31:
1d:0b:43:07:67:d4:b8:e3:6e:01:57:e1:3d:cf:de:
96:59:28:01:53:5c:3b:5b:58:1d:12:ea:90:b6:b9:
c2:9d:13:e9:6a:08:cf:a5:3e:c0:9a:db:ed:f7:d8:
37:7d:b4:51:95:37:30:92:c8:35:1d:84:80:15:0c:
7c:cf:b5:6f:ce:65:57:49:3d:da:4f:48:79:75:f3:
58:26:c0:c5:ee:15:f1:2b:89:ef:1c:b3:81:4f:90:
98:62:d4:e9:68:e4:7d:da:dc:bf:b2:06:d0:02:49:
7b:cb:32:de:b1:52:9d:0f:79:f9:dd:cd:a2:2e:bc:
32:99:a5:bf:ac:9c:22:4e:2f:9f:41:9b:27:b2:ca:
c6:60:e8:dd:bc:37:e1:e6:82:f4:ca:06:cd:0e:d6:
24:f3:d5:c9:61:21:f9:98:fd:b8:1e:c6:e0:ad:d6:
a5:d7:b9:f1:af:a9:ef:ce:c7:53:d5:ef:33:2c:30:
f7:5b:31:ea:47:37:e8:a1:42:39:b2:1a:b3:65:97:
c2:f0:96:0c:5a:97:12:48:d5:fa:f0:ba:67:8b:8d:
89:61:94:e3:be:85:6c:12:b0:25:c5:d8:95:68:14:
4e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1D:1B:77:62:80:4F:7A:E3:D7:A3:C1:0B:DC:BA:82:98:C1:79:2D
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/cR0bd2KAT3rj16PBC9y6gpjBeS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.0.0/20
194.31.216.0/22
IPv6:
2a02:2930::/32
Signature Algorithm: sha256WithRSAEncryption
9e:dc:0b:e1:45:dd:a5:95:8b:e5:6a:a9:a0:a2:6e:0f:77:6f:
1c:13:c7:ae:bf:0e:71:10:8c:ef:69:24:2d:6f:a4:0c:05:5b:
95:e3:73:57:75:32:5a:45:52:e2:ca:bb:52:47:2d:65:cf:cc:
bd:c7:34:0e:02:67:ee:03:38:9a:e2:7d:09:49:4c:d6:dc:c7:
8c:a0:6f:14:d6:b6:f4:f9:80:f1:d1:21:70:45:25:c7:2d:ad:
03:9b:5c:05:aa:3c:2f:d2:ce:fd:44:c4:e1:45:fe:a2:3f:cd:
ed:27:35:ac:9c:34:dd:56:7d:3d:1e:cf:e6:e5:7c:b0:e1:4f:
97:13:ca:91:97:40:dd:85:c0:c7:da:a4:80:8e:0d:c5:4b:9d:
15:5d:8a:8f:a3:a8:09:9e:59:b4:4d:bf:fa:d2:e8:d3:5b:38:
6c:29:77:f7:7f:48:40:92:1b:df:9b:dc:85:57:97:7c:51:94:
06:b7:f6:df:be:cf:43:31:61:38:7c:12:e3:ca:3d:13:a1:af:
57:5a:c4:50:a0:93:e5:7f:6d:0e:f9:ee:f0:e7:9f:12:62:9b:
fa:9b:8c:33:bd:d7:04:f0:26:41:40:43:aa:7e:4a:f9:b8:08:
83:7d:31:48:da:be:d0:7f:17:79:3c:57:0f:19:e7:8a:20:98:
0d:58:f3:e4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2uyhcYDPLldDcavmp18bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTFkMWI3NzYyODA0ZjdhZTNkN2EzYzEwYmRjYmE4Mjk4YzE3OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiKt4SfGF0SsmNYgZ8jII/wS+CjX
wprypYbLtTEdC0MHZ9S4424BV+E9z96WWSgBU1w7W1gdEuqQtrnCnRPpagjPpT7A
mtvt99g3fbRRlTcwksg1HYSAFQx8z7VvzmVXST3aT0h5dfNYJsDF7hXxK4nvHLOB
T5CYYtTpaOR92ty/sgbQAkl7yzLesVKdD3n53c2iLrwymaW/rJwiTi+fQZsnssrG
YOjdvDfh5oL0ygbNDtYk89XJYSH5mP24Hsbgrdal17nxr6nvzsdT1e8zLDD3WzHq
RzfooUI5shqzZZfC8JYMWpcSSNX68Lpni42JYZTjvoVsErAlxdiVaBROpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHEdG3digE9649ejwQvcuoKYwXktMB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvY1IwYmQyS0FUM3JqMTZQQkM5eTZncGpCZVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEbUgAAwQC
wh/YMA0EAgACMAcDBQAqAikwMA0GCSqGSIb3DQEBCwUAA4IBAQCe3AvhRd2llYvl
aqmgom4Pd28cE8euvw5xEIzvaSQtb6QMBVuV43NXdTJaRVLiyrtSRy1lz8y9xzQO
AmfuAzia4n0JSUzW3MeMoG8U1rb0+YDx0SFwRSXHLa0Dm1wFqjwv0s79RMThRf6i
P83tJzWsnDTdVn09Hs/m5Xyw4U+XE8qRl0DdhcDH2qSAjg3FS50VXYqPo6gJnlm0
Tb/60ujTWzhsKXf3f0hAkhvfm9yFV5d8UZQGt/bfvs9DMWE4fBLjyj0Toa9XWsRQ
oJPlf20O+e7w558SYpv6m4wzvdcE8CZBQEOqfkr5uAiDfTFI2r7Qfxd5PFcPGeeK
IJgNWPPk
-----END CERTIFICATE-----
Generated at Thu Jun 20 19:38:34 2024 by rpki-client on console-ams.rpki-client.org