Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/AdhpGlmsep0CNJnVk30cQ4BrYCY.roa
File: AdhpGlmsep0CNJnVk30cQ4BrYCY.roa (raw, json)
Hash identifier: b1S0rJWI21wttgxfIvUwe7GzQsXPGJRPRXxFnjT4w4w=
Subject key identifier: 01:D8:69:1A:59:AC:7A:9D:02:34:99:D5:93:7D:1C:43:80:6B:60:26
Certificate issuer: /CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Certificate serial: 018C8B787BF4EAC933971D24C9D1B93D7540
Authority key identifier: C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/AdhpGlmsep0CNJnVk30cQ4BrYCY.roa
Signing time: Thu 21 Dec 2023 08:22:58 +0000
ROA not before: Thu 21 Dec 2023 08:22:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12566
IP address blocks: 185.39.216.0/22 maxlen: 22
95.181.220.0/22 maxlen: 22
95.181.221.0/24 maxlen: 24
2a04:800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:78:7b:f4:ea:c9:33:97:1d:24:c9:d1:b9:3d:75:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Validity
Not Before: Dec 21 08:22:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01d8691a59ac7a9d023499d5937d1c43806b6026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4b:fc:c7:30:90:90:41:90:e8:37:8e:e3:2a:
ed:b7:36:fe:95:de:82:e1:a3:9a:26:21:d9:3d:f4:
04:18:e8:6b:7b:84:7f:15:25:5f:4c:c5:c9:2b:1c:
04:4a:44:ed:04:8f:78:4e:18:09:34:a0:a8:0e:f4:
b6:ef:1c:42:4f:12:dc:61:ef:98:9f:24:d2:dc:49:
6f:ba:96:b1:ff:85:8a:dc:62:37:50:e4:45:02:54:
d5:66:59:00:9b:dc:3d:d0:d9:07:76:5e:93:98:e8:
94:86:c6:98:b3:d6:26:6d:00:ae:b0:bf:ff:8b:3a:
e0:4b:aa:8a:45:90:e5:b5:69:9c:2c:c8:84:2d:32:
81:e2:ed:b7:8b:6c:66:c3:c7:42:51:bc:6b:0a:65:
cf:bb:89:03:b6:84:36:e4:7f:4b:b2:88:c9:73:e3:
39:72:78:5b:38:77:de:e0:3e:07:f9:a2:f1:fe:d6:
a4:e3:07:43:41:4b:8b:bf:cd:fa:b9:0b:ec:06:14:
fc:4b:cf:45:e1:70:59:75:76:b6:26:86:3e:7b:f4:
32:1f:84:cf:23:90:0f:2d:28:2e:1f:aa:2a:e2:3c:
24:dc:74:ee:25:bc:dd:78:fc:d5:55:c5:95:fc:8a:
ba:fd:bc:37:23:ea:9c:a9:ec:33:22:ad:fd:2a:e3:
26:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D8:69:1A:59:AC:7A:9D:02:34:99:D5:93:7D:1C:43:80:6B:60:26
X509v3 Authority Key Identifier:
keyid:C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/AdhpGlmsep0CNJnVk30cQ4BrYCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/xT_rKsYPoxP5pzAOTF7jO0Oog0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.220.0/22
185.39.216.0/22
IPv6:
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
33:51:81:ff:53:fe:ae:8c:bb:98:1b:57:0d:56:f7:a7:62:2b:
61:04:8c:5f:d5:67:fa:5b:a6:e3:9e:cb:39:3f:cb:25:b6:5d:
95:38:ad:3b:7c:9d:5b:d9:54:b6:65:ed:8b:b5:8f:d6:1d:08:
67:12:f6:9d:be:42:88:70:3b:a6:a6:ce:a3:ae:03:ee:d9:e3:
d6:97:45:9b:2e:0b:50:89:6a:93:51:5c:4f:81:d7:15:11:09:
03:4f:bb:74:6b:c6:39:97:39:df:e4:88:72:6a:05:b3:17:cf:
bf:d5:72:e0:ab:f6:b3:9f:de:df:25:a9:e0:e6:26:62:07:79:
b0:db:af:bc:9f:f8:65:b4:27:ae:e2:33:5a:cc:19:73:e0:4b:
0b:e4:d3:90:69:96:23:fc:93:96:ad:d5:f7:3f:93:ba:11:49:
85:ee:03:ce:07:90:12:f0:28:c3:24:3b:85:35:71:b5:01:ba:
59:77:ef:fb:23:5d:d4:42:41:bc:97:01:c7:a2:13:f4:47:67:
35:88:89:30:d6:30:82:f1:70:cb:af:32:a6:47:50:a4:ef:ef:
c5:a4:f1:26:ec:75:8d:4a:2e:38:aa:9a:6e:dc:54:b2:0b:a0:
e9:79:c0:9f:12:95:49:ae:02:8a:05:e8:24:ce:fb:60:c2:54:
54:77:bc:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYyLeHv06skzlx0kydG5PXVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2ZlYjJhYzYwZmEzMTNmOWE3MzAwZTRjNWVlMzNiNDNh
ODgzNDEwHhcNMjMxMjIxMDgyMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWQ4NjkxYTU5YWM3YTlkMDIzNDk5ZDU5MzdkMWM0MzgwNmI2MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0v8xzCQkEGQ6DeO4yrttzb+ld6C
4aOaJiHZPfQEGOhre4R/FSVfTMXJKxwESkTtBI94ThgJNKCoDvS27xxCTxLcYe+Y
nyTS3Elvupax/4WK3GI3UORFAlTVZlkAm9w90NkHdl6TmOiUhsaYs9YmbQCusL//
izrgS6qKRZDltWmcLMiELTKB4u23i2xmw8dCUbxrCmXPu4kDtoQ25H9LsojJc+M5
cnhbOHfe4D4H+aLx/tak4wdDQUuLv836uQvsBhT8S89F4XBZdXa2JoY+e/QyH4TP
I5APLSguH6oq4jwk3HTuJbzdePzVVcWV/Iq6/bw3I+qcqewzIq39KuMmdwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAHYaRpZrHqdAjSZ1ZN9HEOAa2AmMB8GA1UdIwQY
MBaAFMU/6yrGD6MT+acwDkxe4ztDqINBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEt
NjdmZDcxN2M2Y2E3LzEvQWRocEdsbXNlcDBDTkpuVmszMGNRNEJyWUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEtNjdmZDcxN2M2Y2E3
LzEveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX7XcAwQC
uSfYMA0EAgACMAcDBQMqBAgAMA0GCSqGSIb3DQEBCwUAA4IBAQAzUYH/U/6ujLuY
G1cNVvenYithBIxf1Wf6W6bjnss5P8sltl2VOK07fJ1b2VS2Ze2LtY/WHQhnEvad
vkKIcDumps6jrgPu2ePWl0WbLgtQiWqTUVxPgdcVEQkDT7t0a8Y5lznf5IhyagWz
F8+/1XLgq/azn97fJang5iZiB3mw26+8n/hltCeu4jNazBlz4EsL5NOQaZYj/JOW
rdX3P5O6EUmF7gPOB5AS8CjDJDuFNXG1AbpZd+/7I13UQkG8lwHHohP0R2c1iIkw
1jCC8XDLrzKmR1Ck7+/FpPEm7HWNSi44qppu3FSyC6DpecCfEpVJrgKKBegkzvtg
wlRUd7yd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:19 2025 by rpki-client