Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/HScTAY9dPQ1CMUh0YDpkJ4Kuhnw.roa
File: HScTAY9dPQ1CMUh0YDpkJ4Kuhnw.roa (raw, json)
Hash identifier: 9eGLvQJyBSkTpePfWE5xMDznRnPS/ihXz2VPE0ENDPY=
Subject key identifier: 1D:27:13:01:8F:5D:3D:0D:42:31:48:74:60:3A:64:27:82:AE:86:7C
Certificate issuer: /CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Certificate serial: 018CC34950B251A3735557B163C4D29A83D2
Authority key identifier: C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/HScTAY9dPQ1CMUh0YDpkJ4Kuhnw.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12566
IP address blocks: 185.39.216.0/22 maxlen: 22
95.181.220.0/22 maxlen: 22
95.181.221.0/24 maxlen: 24
2a04:800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:50:b2:51:a3:73:55:57:b1:63:c4:d2:9a:83:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d2713018f5d3d0d42314874603a642782ae867c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:60:22:54:8d:33:9f:69:3e:01:f4:89:45:cd:
8c:12:c2:4b:be:d7:1f:98:4f:49:4b:a6:22:9d:55:
98:72:0c:43:1b:20:5a:70:3e:3f:d8:7a:e7:68:c9:
b0:69:df:c0:c7:2b:e8:2b:3f:97:cf:0d:4e:c4:41:
a2:ae:92:51:bc:4d:1d:60:c8:42:6e:73:ae:dc:8a:
6c:33:1f:ba:ca:e0:e6:36:d7:4e:09:dd:d9:26:cf:
9b:e4:62:88:ed:7d:aa:03:4f:82:68:46:d1:e1:0c:
a7:3f:5b:f5:e6:4c:7f:27:dd:02:53:de:78:ff:05:
49:a0:85:ad:3e:3e:f4:2f:e4:73:9e:54:f1:c3:13:
de:27:56:ec:9f:06:17:04:7b:a1:82:46:91:f8:95:
83:47:67:77:ba:d6:a3:37:43:e6:41:3c:7d:23:db:
af:ea:74:6c:07:fd:03:a7:d0:d8:3b:36:a1:26:0c:
56:b3:26:19:27:7e:12:a7:ec:58:e9:94:f1:1a:1f:
33:be:59:43:f8:3f:1e:9e:7b:f3:1c:80:c5:cc:56:
4f:4c:27:4d:5b:d4:8a:34:c7:21:6b:9f:cb:4d:22:
2e:7b:ae:4f:87:30:d5:0e:01:e4:a4:62:ca:fe:ab:
69:0f:66:80:b4:17:f3:ae:3e:7d:f0:fd:a9:53:38:
56:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:27:13:01:8F:5D:3D:0D:42:31:48:74:60:3A:64:27:82:AE:86:7C
X509v3 Authority Key Identifier:
keyid:C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/HScTAY9dPQ1CMUh0YDpkJ4Kuhnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/xT_rKsYPoxP5pzAOTF7jO0Oog0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.220.0/22
185.39.216.0/22
IPv6:
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
8c:c3:e8:66:27:a1:07:39:1d:a7:fb:43:16:1e:2a:6d:34:76:
0b:27:24:ed:56:b0:22:30:22:0c:7f:07:a1:4d:12:ab:de:83:
06:f3:a7:30:63:60:1b:75:27:25:dc:c5:8d:f4:e9:3a:dd:d6:
25:1d:78:2d:42:36:29:36:4a:e1:5f:0f:1d:48:31:86:f1:51:
37:fc:c2:bf:8d:42:13:fc:bc:b3:34:c0:4b:11:32:c8:fa:50:
e7:9e:f5:85:98:06:1a:6e:9a:d6:d0:39:6f:cd:e6:52:62:ca:
39:3c:2e:23:13:ec:7b:36:4c:0e:85:bf:d9:70:08:00:eb:62:
f0:2d:23:b6:00:87:16:65:34:b3:14:19:33:d6:16:b4:4d:e6:
c2:33:a5:28:3f:22:e2:f3:21:56:09:07:2b:60:e4:e2:e3:b2:
cb:97:8d:b8:bb:a2:30:46:92:61:b7:f3:60:02:9a:14:49:f4:
3e:ae:85:12:df:ba:bd:5f:73:38:d1:57:87:48:29:e9:4f:6c:
36:5f:81:f9:1c:f9:45:40:aa:66:36:97:25:ab:2b:3c:84:40:
5b:ad:68:12:3f:48:71:12:70:82:d1:a2:3d:f0:8b:35:b3:a3:
7b:6b:9e:5e:10:cf:eb:3f:9d:c8:bf:10:f1:c2:c8:8e:db:6e:
44:00:bf:7c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSVCyUaNzVVexY8TSmoPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2ZlYjJhYzYwZmEzMTNmOWE3MzAwZTRjNWVlMzNiNDNh
ODgzNDEwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI3MTMwMThmNWQzZDBkNDIzMTQ4NzQ2MDNhNjQyNzgyYWU4NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2AiVI0zn2k+AfSJRc2MEsJLvtcf
mE9JS6YinVWYcgxDGyBacD4/2HrnaMmwad/AxyvoKz+Xzw1OxEGirpJRvE0dYMhC
bnOu3IpsMx+6yuDmNtdOCd3ZJs+b5GKI7X2qA0+CaEbR4QynP1v15kx/J90CU954
/wVJoIWtPj70L+RznlTxwxPeJ1bsnwYXBHuhgkaR+JWDR2d3utajN0PmQTx9I9uv
6nRsB/0Dp9DYOzahJgxWsyYZJ34Sp+xY6ZTxGh8zvllD+D8ennvzHIDFzFZPTCdN
W9SKNMcha5/LTSIue65PhzDVDgHkpGLK/qtpD2aAtBfzrj598P2pUzhWxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB0nEwGPXT0NQjFIdGA6ZCeCroZ8MB8GA1UdIwQY
MBaAFMU/6yrGD6MT+acwDkxe4ztDqINBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEt
NjdmZDcxN2M2Y2E3LzEvSFNjVEFZOWRQUTFDTVVoMFlEcGtKNEt1aG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEtNjdmZDcxN2M2Y2E3
LzEveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX7XcAwQC
uSfYMA0EAgACMAcDBQMqBAgAMA0GCSqGSIb3DQEBCwUAA4IBAQCMw+hmJ6EHOR2n
+0MWHiptNHYLJyTtVrAiMCIMfwehTRKr3oMG86cwY2AbdScl3MWN9Ok63dYlHXgt
QjYpNkrhXw8dSDGG8VE3/MK/jUIT/LyzNMBLETLI+lDnnvWFmAYabprW0DlvzeZS
Yso5PC4jE+x7NkwOhb/ZcAgA62LwLSO2AIcWZTSzFBkz1ha0TebCM6UoPyLi8yFW
CQcrYOTi47LLl424u6IwRpJht/NgApoUSfQ+roUS37q9X3M40VeHSCnpT2w2X4H5
HPlFQKpmNpclqys8hEBbrWgSP0hxEnCC0aI98Is1s6N7a55eEM/rP53IvxDxwsiO
225EAL98
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org