Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/Po2wW949qkdIFcq7_NFBAVA3594.roa
File: Po2wW949qkdIFcq7_NFBAVA3594.roa (raw, json)
Hash identifier: Mo7IPxYvlbNrkWCCpyOSXJPTg7N7px3FaL/Kaa/hxR4=
Subject key identifier: 3E:8D:B0:5B:DE:3D:AA:47:48:15:CA:BB:FC:D1:41:01:50:37:E7:DE
Certificate issuer: /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial: 018691F1995DBF107A09DCE9E7E984D78214
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/Po2wW949qkdIFcq7_NFBAVA3594.roa
Signing time: Mon 27 Feb 2023 08:16:15 +0000
ROA not before: Mon 27 Feb 2023 08:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42314
IP address blocks: 185.97.64.0/24 maxlen: 24
85.114.97.0/24 maxlen: 24
85.114.98.0/24 maxlen: 24
85.114.96.0/24 maxlen: 24
85.114.96.0/19 maxlen: 19
85.114.100.0/24 maxlen: 24
85.114.101.0/24 maxlen: 24
85.114.99.0/24 maxlen: 24
85.114.104.0/24 maxlen: 24
85.114.105.0/24 maxlen: 24
85.114.102.0/24 maxlen: 24
85.114.103.0/24 maxlen: 24
85.114.111.0/24 maxlen: 24
85.114.112.0/24 maxlen: 24
85.114.109.0/24 maxlen: 24
85.114.110.0/24 maxlen: 24
85.114.107.0/24 maxlen: 24
85.114.108.0/24 maxlen: 24
85.114.106.0/24 maxlen: 24
85.114.114.0/24 maxlen: 24
85.114.115.0/24 maxlen: 24
85.114.113.0/24 maxlen: 24
85.114.118.0/24 maxlen: 24
85.114.116.0/24 maxlen: 24
85.114.117.0/24 maxlen: 24
85.114.125.0/24 maxlen: 24
85.114.123.0/24 maxlen: 24
85.114.124.0/24 maxlen: 24
85.114.121.0/24 maxlen: 24
85.114.122.0/24 maxlen: 24
85.114.120.0/24 maxlen: 24
85.114.119.0/24 maxlen: 24
85.114.127.0/24 maxlen: 24
85.114.126.0/24 maxlen: 24
185.97.66.0/24 maxlen: 24
185.97.67.0/24 maxlen: 24
185.97.65.0/24 maxlen: 24
2a01:8b20::/32 maxlen: 32
2a01:8b20::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:91:f1:99:5d:bf:10:7a:09:dc:e9:e7:e9:84:d7:82:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
Validity
Not Before: Feb 27 08:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e8db05bde3daa474815cabbfcd141015037e7de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e0:fe:37:fc:b8:62:9b:37:9f:a2:7d:70:d5:
aa:8d:ba:c2:61:9a:b1:a3:2a:e2:06:ea:48:4d:8d:
57:bc:82:ac:c1:24:1c:72:2d:53:ce:18:bc:58:7d:
a0:89:7a:d3:83:2e:9f:ea:9a:73:e7:55:18:71:40:
7f:18:0c:e8:bd:7a:d4:c2:2c:36:b2:7c:5f:fb:ff:
b8:79:f6:9f:5e:4c:da:fa:8d:27:bf:9e:cd:79:3a:
8d:cf:ef:55:91:a0:93:17:54:55:70:6b:14:63:1b:
58:14:6d:b1:04:35:d4:9a:e6:f5:a9:6b:43:8a:3b:
ed:db:6d:1c:e9:d1:9e:ab:ba:22:1b:42:5c:10:8b:
6e:39:08:24:cb:a7:52:d4:56:9d:37:eb:53:ea:81:
ff:97:7a:54:70:aa:d9:30:09:f9:68:33:e8:ef:c9:
00:21:d8:a6:01:c2:82:5a:29:e4:6f:1f:af:bc:71:
90:47:8d:6b:a1:dd:e1:a2:ce:21:5d:fa:bd:14:50:
3d:66:08:6b:bc:2e:25:62:4d:21:7b:5b:59:f2:d6:
6a:7d:99:50:e3:1d:6b:f3:39:82:55:28:a8:01:2c:
64:b6:a6:e4:6f:fb:d7:a0:00:9e:dc:11:79:95:7b:
fb:14:de:42:1b:27:5b:1c:14:d0:e3:7f:e9:dd:48:
2f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8D:B0:5B:DE:3D:AA:47:48:15:CA:BB:FC:D1:41:01:50:37:E7:DE
X509v3 Authority Key Identifier:
keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/Po2wW949qkdIFcq7_NFBAVA3594.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.96.0/19
185.97.64.0/22
IPv6:
2a01:8b20::/29
Signature Algorithm: sha256WithRSAEncryption
b9:76:f6:2f:1a:08:fc:c2:02:83:65:ce:e1:59:35:f8:69:14:
c4:d0:b8:4f:b6:3e:43:a2:f6:b5:78:86:f3:b8:e9:2f:5f:5b:
de:4a:f0:1a:f8:7a:55:5b:62:e1:42:79:23:c9:6d:d0:b1:17:
24:80:27:b7:57:be:3b:74:ce:17:03:11:bc:79:0b:1f:60:b0:
fa:44:d6:10:53:01:5d:20:c3:a0:0b:85:78:fa:4d:d6:e3:d9:
f0:df:db:49:17:af:29:42:74:f4:b2:b2:0d:f1:c0:63:82:1b:
43:db:10:0c:d4:e5:ab:c4:72:3f:20:0a:6f:08:a6:3a:ae:c3:
fc:a3:58:63:18:f9:e5:7d:08:30:d3:66:a7:c2:7a:1c:03:cf:
fc:38:f7:e6:b5:8b:fc:7e:1c:82:04:74:85:e7:27:b5:07:63:
42:47:37:18:08:24:59:8c:da:d3:9f:b0:94:00:99:af:7a:4c:
3a:51:bc:8d:84:fb:f9:0e:98:db:89:09:86:7d:3e:86:ed:0a:
82:23:f2:b0:48:3d:1a:68:89:85:2a:35:fa:54:b8:24:0d:c8:
be:6c:c2:39:9e:06:c3:86:5a:23:bb:67:65:50:85:11:0d:fd:
00:83:73:2e:11:07:50:9e:6d:83:8e:5e:03:e8:43:d3:4d:73:
a7:9b:31:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYaR8ZldvxB6Cdzp5+mE14IUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjMwMjI3MDgxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThkYjA1YmRlM2RhYTQ3NDgxNWNhYmJmY2QxNDEwMTUwMzdlN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+D+N/y4Yps3n6J9cNWqjbrCYZqx
oyriBupITY1XvIKswSQcci1Tzhi8WH2giXrTgy6f6ppz51UYcUB/GAzovXrUwiw2
snxf+/+4efafXkza+o0nv57NeTqNz+9VkaCTF1RVcGsUYxtYFG2xBDXUmub1qWtD
ijvt220c6dGeq7oiG0JcEItuOQgky6dS1FadN+tT6oH/l3pUcKrZMAn5aDPo78kA
IdimAcKCWinkbx+vvHGQR41rod3hos4hXfq9FFA9ZghrvC4lYk0he1tZ8tZqfZlQ
4x1r8zmCVSioASxktqbkb/vXoACe3BF5lXv7FN5CGydbHBTQ43/p3UgvRwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD6NsFvePapHSBXKu/zRQQFQN+feMB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvUG8yd1c5NDlxa2RJRmNxN19ORkJBVkEzNTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFVXJgAwQC
uWFAMA0EAgACMAcDBQMqAYsgMA0GCSqGSIb3DQEBCwUAA4IBAQC5dvYvGgj8wgKD
Zc7hWTX4aRTE0LhPtj5Dova1eIbzuOkvX1veSvAa+HpVW2LhQnkjyW3QsRckgCe3
V747dM4XAxG8eQsfYLD6RNYQUwFdIMOgC4V4+k3W49nw39tJF68pQnT0srIN8cBj
ghtD2xAM1OWrxHI/IApvCKY6rsP8o1hjGPnlfQgw02anwnocA8/8OPfmtYv8fhyC
BHSF5ye1B2NCRzcYCCRZjNrTn7CUAJmvekw6UbyNhPv5DpjbiQmGfT6G7QqCI/Kw
SD0aaImFKjX6VLgkDci+bMI5ngbDhloju2dlUIURDf0Ag3MuEQdQnm2Djl4D6EPT
TXOnmzGU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:02 2024 by rpki-client on console-ams.rpki-client.org