Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/dPFyooRT5wMjp2PNQhnxVQz-6K4.roa
File: dPFyooRT5wMjp2PNQhnxVQz-6K4.roa (raw, json)
Hash identifier: HEsk2BIXbiVFICxY9xNZH3F5O1W8v1ND6OMIj3elLYs=
Subject key identifier: 74:F1:72:A2:84:53:E7:03:23:A7:63:CD:42:19:F1:55:0C:FE:E8:AE
Certificate issuer: /CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Certificate serial: 018A69B9FC2A92992789F0F309F7EA2B9BE0
Authority key identifier: C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/dPFyooRT5wMjp2PNQhnxVQz-6K4.roa
Signing time: Wed 06 Sep 2023 09:01:50 +0000
ROA not before: Wed 06 Sep 2023 09:01:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 185.39.216.0/22 maxlen: 24
95.181.220.0/22 maxlen: 24
2a04:800::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:69:b9:fc:2a:92:99:27:89:f0:f3:09:f7:ea:2b:9b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53feb2ac60fa313f9a7300e4c5ee33b43a88341
Validity
Not Before: Sep 6 09:01:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74f172a28453e70323a763cd4219f1550cfee8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4d:d0:71:e2:30:4f:d0:d8:97:99:b3:b1:37:
a2:41:24:31:ed:c1:31:0b:68:d5:a5:b5:8d:50:9b:
00:52:0a:b3:2f:17:ca:c0:9b:e5:23:6b:7d:41:fb:
59:a0:4c:15:39:56:0a:97:d9:5d:a0:2a:3a:a7:3d:
18:60:18:7a:91:13:9b:9e:be:a8:87:0b:2d:1c:a1:
ba:6e:ac:a7:f2:4c:99:df:78:41:6b:f6:89:92:14:
a5:d7:2a:bb:27:b7:58:b1:0b:95:0c:06:5f:81:ba:
ed:b3:17:62:d5:16:9e:7c:4e:89:f6:32:c4:6f:85:
3d:ab:8a:40:bf:16:b7:c3:ab:b6:1e:00:2a:a5:bd:
d2:b0:de:74:2a:5e:fd:1a:69:4e:be:79:a6:fb:d0:
d3:1e:9e:cb:ff:f6:64:6c:bc:2e:59:3b:04:a7:73:
07:6b:00:32:12:01:01:cf:2f:a8:f7:4e:33:5a:67:
29:a5:37:a5:f5:52:1f:9a:d5:22:d9:db:4f:90:46:
6e:25:ff:b2:43:aa:29:c3:56:6b:92:ab:07:73:64:
f8:88:56:e8:e1:3c:d4:b7:04:43:ae:ee:3b:49:2f:
00:b0:41:d3:a1:17:fa:5a:93:cc:89:1d:2b:3a:48:
ac:61:c4:cb:89:88:b9:fe:30:3d:a5:1f:36:da:3c:
2f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F1:72:A2:84:53:E7:03:23:A7:63:CD:42:19:F1:55:0C:FE:E8:AE
X509v3 Authority Key Identifier:
keyid:C5:3F:EB:2A:C6:0F:A3:13:F9:A7:30:0E:4C:5E:E3:3B:43:A8:83:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xT_rKsYPoxP5pzAOTF7jO0Oog0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/dPFyooRT5wMjp2PNQhnxVQz-6K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/37efd5-4266-4146-8e21-67fd717c6ca7/1/xT_rKsYPoxP5pzAOTF7jO0Oog0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.220.0/22
185.39.216.0/22
IPv6:
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
6d:4a:4e:57:01:0f:8a:d0:b6:7d:38:67:09:6b:21:8d:d2:09:
22:e2:20:03:57:75:c6:de:b0:5b:a3:54:4b:8b:7d:a1:d5:15:
6c:9d:f8:a1:1a:7a:2d:79:e0:4d:64:5e:9f:fe:7f:3d:42:ef:
20:4e:94:f3:2b:cd:7e:39:23:eb:9a:e3:14:b0:14:cc:64:bd:
2c:31:93:2b:ff:02:44:c3:92:4f:3f:a4:62:d5:de:99:35:b6:
92:d6:15:f8:27:83:af:1e:2c:70:d8:36:0c:1e:75:01:7a:04:
f3:60:15:54:69:08:a2:1a:3f:80:55:53:e8:4e:d9:4e:b7:3a:
86:f8:f8:ea:17:de:7e:63:1e:82:92:d6:5c:32:d9:52:e9:9a:
2a:8b:d0:09:2f:f8:d1:18:a7:8f:6b:26:be:33:e2:91:01:cb:
ad:3c:20:bb:06:6e:f7:a4:86:bb:e3:67:dc:6d:2c:cc:61:22:
8a:ab:0b:4f:62:60:b3:d6:0b:95:82:6d:5d:4c:9c:7c:ba:51:
fc:a8:db:a4:d1:5f:11:71:5c:87:b0:5d:21:ce:76:14:d9:09:
bb:39:2f:c5:d7:cd:e7:66:24:d7:6f:06:76:ae:6b:43:60:58:
f7:25:96:28:0d:88:66:a5:32:f1:ee:7e:59:17:03:05:b5:f4:
89:0d:af:fc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYppufwqkpknifDzCffqK5vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2ZlYjJhYzYwZmEzMTNmOWE3MzAwZTRjNWVlMzNiNDNh
ODgzNDEwHhcNMjMwOTA2MDkwMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGYxNzJhMjg0NTNlNzAzMjNhNzYzY2Q0MjE5ZjE1NTBjZmVlOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk3QceIwT9DYl5mzsTeiQSQx7cEx
C2jVpbWNUJsAUgqzLxfKwJvlI2t9QftZoEwVOVYKl9ldoCo6pz0YYBh6kRObnr6o
hwstHKG6bqyn8kyZ33hBa/aJkhSl1yq7J7dYsQuVDAZfgbrtsxdi1RaefE6J9jLE
b4U9q4pAvxa3w6u2HgAqpb3SsN50Kl79GmlOvnmm+9DTHp7L//ZkbLwuWTsEp3MH
awAyEgEBzy+o904zWmcppTel9VIfmtUi2dtPkEZuJf+yQ6opw1ZrkqsHc2T4iFbo
4TzUtwRDru47SS8AsEHToRf6WpPMiR0rOkisYcTLiYi5/jA9pR822jwvbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHTxcqKEU+cDI6djzUIZ8VUM/uiuMB8GA1UdIwQY
MBaAFMU/6yrGD6MT+acwDkxe4ztDqINBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEt
NjdmZDcxN2M2Y2E3LzEvZFBGeW9vUlQ1d01qcDJQTlFobnhWUXotNks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zN2VmZDUtNDI2Ni00MTQ2LThlMjEtNjdmZDcxN2M2Y2E3
LzEveFRfcktzWVBveFA1cHpBT1RGN2pPME9vZzBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX7XcAwQC
uSfYMA0EAgACMAcDBQMqBAgAMA0GCSqGSIb3DQEBCwUAA4IBAQBtSk5XAQ+K0LZ9
OGcJayGN0gki4iADV3XG3rBbo1RLi32h1RVsnfihGnoteeBNZF6f/n89Qu8gTpTz
K81+OSPrmuMUsBTMZL0sMZMr/wJEw5JPP6Ri1d6ZNbaS1hX4J4OvHixw2DYMHnUB
egTzYBVUaQiiGj+AVVPoTtlOtzqG+PjqF95+Yx6CktZcMtlS6Zoqi9AJL/jRGKeP
aya+M+KRAcutPCC7Bm73pIa742fcbSzMYSKKqwtPYmCz1guVgm1dTJx8ulH8qNuk
0V8RcVyHsF0hznYU2Qm7OS/F183nZiTXbwZ2rmtDYFj3JZYoDYhmpTLx7n5ZFwMF
tfSJDa/8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:51 2025 by rpki-client