Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/Y2j6GpZ0zsl2de_HYh7x6h8HGaM.roa
File: Y2j6GpZ0zsl2de_HYh7x6h8HGaM.roa (raw, json)
Hash identifier: PjqFviNs3EefSDGbM+N0buv6NadKojzy5spTGrSPPKU=
Subject key identifier: 63:68:FA:1A:96:74:CE:C9:76:75:EF:C7:62:1E:F1:EA:1F:07:19:A3
Certificate issuer: /CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Certificate serial: 01856BD3659A8198B5A0A4F750FEEB763A6B
Authority key identifier: C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/Y2j6GpZ0zsl2de_HYh7x6h8HGaM.roa
Signing time: Sun 01 Jan 2023 05:34:54 +0000
ROA not before: Sun 01 Jan 2023 05:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 185.39.216.0/22 maxlen: 22
95.181.220.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:65:9a:81:98:b5:a0:a4:f7:50:fe:eb:76:3a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Validity
Not Before: Jan 1 05:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6368fa1a9674cec97675efc7621ef1ea1f0719a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:48:0c:11:d3:95:39:0f:ab:40:10:f2:7b:f8:
01:c5:00:8f:18:66:e8:93:a1:40:ca:28:49:f0:a5:
4b:af:ac:01:ad:c8:25:19:b7:4e:d6:b3:65:ae:14:
58:79:3a:37:79:69:cc:c0:e8:e2:56:c2:a3:0e:7a:
ac:0d:37:45:8a:41:15:1c:1b:3c:29:d1:d9:71:70:
ad:d2:73:03:21:f0:41:d3:e8:7e:7b:63:14:81:be:
cc:ac:8f:1b:e8:c6:5e:c7:39:83:33:58:21:a9:d8:
c8:58:b6:e1:af:ad:7e:15:a6:7e:0f:87:c7:89:6a:
fe:80:42:bb:0e:2f:ab:34:a7:c0:f1:90:6a:4b:dc:
ac:8a:d9:75:14:ad:22:79:30:a8:dc:8d:8a:82:47:
14:b2:7a:ff:31:f0:87:d8:04:b2:58:e4:a6:82:4b:
ac:b6:55:d8:2d:58:07:51:06:ab:db:62:33:80:1b:
f4:b7:7d:39:28:7e:3d:b6:fd:21:8a:7f:9d:34:f5:
1d:2b:03:79:86:a9:09:a1:b5:41:dc:9a:aa:f1:a0:
4e:9e:1b:4e:82:09:b8:a2:6e:cd:e5:d2:d0:b8:b2:
44:68:3d:85:5e:f8:18:39:aa:72:78:bf:9b:06:15:
11:aa:4f:95:f4:b0:d6:56:16:60:17:5c:76:57:ef:
39:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:68:FA:1A:96:74:CE:C9:76:75:EF:C7:62:1E:F1:EA:1F:07:19:A3
X509v3 Authority Key Identifier:
keyid:C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/Y2j6GpZ0zsl2de_HYh7x6h8HGaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/xT_rKsYPoxP5pzAOTF7jO0Oog0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.220.0/22
185.39.216.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:2b:53:74:5f:ac:7e:2a:d1:f8:f3:09:5a:f0:bd:d4:aa:f7:
c2:7b:f8:d0:e7:05:20:a9:20:26:5e:b4:fa:cc:32:04:65:33:
70:ef:80:58:cb:7e:b2:77:1d:59:cb:3a:05:02:5e:42:9b:4f:
d6:64:e0:cf:e8:5a:29:f5:69:32:78:72:81:62:0d:65:3e:c7:
d7:dd:c3:e6:ac:8e:8e:c4:e7:df:80:23:50:85:72:3f:9d:01:
a1:33:b8:4d:91:71:a9:34:8b:8a:02:51:bc:df:42:47:93:1f:
8d:92:0f:06:88:0b:ae:f5:b7:96:bf:c9:f3:6f:77:c5:4a:f2:
2f:cd:a6:a1:24:07:34:35:25:31:db:23:2b:e4:ac:fe:53:3e:
a3:b7:c5:b3:b0:b2:3d:73:a4:f6:fa:28:58:ac:68:00:7a:1a:
96:e4:19:ec:1c:4b:73:5b:3f:0b:42:df:72:75:75:33:6a:31:
39:aa:7a:cb:d4:17:dc:68:e2:5e:ac:0d:eb:b5:9c:65:87:fe:
97:15:2e:04:ba:a5:4e:e5:a7:6c:a7:85:df:1c:71:3c:b9:ca:
7b:4a:4e:dc:e5:f2:ca:3d:50:b3:4a:65:62:51:b7:1c:3f:f4:
4d:4b:24:5b:83:a6:25:ed:ee:ef:20:5f:5a:0d:19:7d:db:3a:
78:b1:01:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr02WagZi1oKT3UP7rdjprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2ZlYjJhYzYwZmEzMTNmOWE3MzAwZTRjNWVlMzNiNDNh
ODgzNDEwHhcNMjMwMTAxMDUzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzY4ZmExYTk2NzRjZWM5NzY3NWVmYzc2MjFlZjFlYTFmMDcxOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0gMEdOVOQ+rQBDye/gBxQCPGGbo
k6FAyihJ8KVLr6wBrcglGbdO1rNlrhRYeTo3eWnMwOjiVsKjDnqsDTdFikEVHBs8
KdHZcXCt0nMDIfBB0+h+e2MUgb7MrI8b6MZexzmDM1ghqdjIWLbhr61+FaZ+D4fH
iWr+gEK7Di+rNKfA8ZBqS9ysitl1FK0ieTCo3I2KgkcUsnr/MfCH2ASyWOSmgkus
tlXYLVgHUQar22IzgBv0t305KH49tv0hin+dNPUdKwN5hqkJobVB3Jqq8aBOnhtO
ggm4om7N5dLQuLJEaD2FXvgYOapyeL+bBhURqk+V9LDWVhZgF1x2V+85MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGNo+hqWdM7JdnXvx2Ie8eofBxmjMB8GA1UdIwQY
MBaAFMU/6yrGD6MT+acwDkxe4ztDqINBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEt
NjdmZDcxN2M2Y2E3LzEvWTJqNkdwWjB6c2wyZGVfSFloN3g2aDhIR2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEtNjdmZDcxN2M2Y2E3
LzEveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCX7XcAwQC
uSfYMA0GCSqGSIb3DQEBCwUAA4IBAQBcK1N0X6x+KtH48wla8L3UqvfCe/jQ5wUg
qSAmXrT6zDIEZTNw74BYy36ydx1ZyzoFAl5Cm0/WZODP6Fop9WkyeHKBYg1lPsfX
3cPmrI6OxOffgCNQhXI/nQGhM7hNkXGpNIuKAlG830JHkx+Nkg8GiAuu9beWv8nz
b3fFSvIvzaahJAc0NSUx2yMr5Kz+Uz6jt8WzsLI9c6T2+ihYrGgAehqW5BnsHEtz
Wz8LQt9ydXUzajE5qnrL1BfcaOJerA3rtZxlh/6XFS4EuqVO5adsp4XfHHE8ucp7
Sk7c5fLKPVCzSmViUbccP/RNSyRbg6Yl7e7vIF9aDRl92zp4sQFT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:50 2025 by rpki-client