Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/ULRZ4Y9T6I4OiHSRX_funEiAkLI.roa
File: ULRZ4Y9T6I4OiHSRX_funEiAkLI.roa (raw, json)
Hash identifier: 0vbDdO/XrFgeDd5a5Gz+k9RTzCcOc3pAKjSFRc6dND4=
Subject key identifier: 50:B4:59:E1:8F:53:E8:8E:0E:88:74:91:5F:F7:EE:9C:48:80:90:B2
Certificate issuer: /CN=a663abd479cbff76082304bf60d03adc3187d936
Certificate serial: 018B5D738F125583E0092F669351CD1ABFE0
Authority key identifier: A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/ULRZ4Y9T6I4OiHSRX_funEiAkLI.roa
Signing time: Mon 23 Oct 2023 16:52:16 +0000
ROA not before: Mon 23 Oct 2023 16:52:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:2::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5d:73:8f:12:55:83:e0:09:2f:66:93:51:cd:1a:bf:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a663abd479cbff76082304bf60d03adc3187d936
Validity
Not Before: Oct 23 16:52:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50b459e18f53e88e0e8874915ff7ee9c488090b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:36:db:e4:21:a5:66:43:94:36:30:a0:1f:08:
a5:cf:55:fc:fe:b4:13:8f:04:e0:16:0e:0f:44:0a:
73:e8:23:8c:cf:95:85:5d:c2:b9:4c:15:70:a2:04:
18:f9:1d:bf:37:a2:62:af:d3:ee:4b:92:3b:94:69:
a3:b0:62:39:44:6d:aa:32:b9:fc:ef:c1:5e:d4:f8:
61:50:bf:a7:c8:86:bc:ad:2a:26:2e:a6:f0:e7:50:
1a:36:8c:ae:25:02:b9:f4:1b:36:52:dc:2e:c6:8d:
fd:c3:ce:d0:37:35:ec:19:06:89:5f:df:9a:35:86:
ea:77:06:8e:63:80:16:79:ae:98:89:93:d7:39:d0:
ae:9a:64:15:f9:02:a0:7f:25:63:94:13:3a:5e:8c:
5f:ba:d5:4b:8e:0c:a4:2d:f9:8e:65:35:ff:75:9d:
dc:bd:b7:fc:f9:4c:1b:30:aa:44:e6:4c:09:b9:57:
c7:2a:dc:78:9c:ca:cd:a0:bc:cb:12:9f:be:f5:1f:
24:64:61:16:fe:32:a2:ec:c3:39:61:dc:6e:6f:aa:
b2:63:94:c0:54:1e:27:f0:d6:bc:ce:ec:02:14:ae:
80:4a:39:33:bb:61:e4:d0:1f:32:30:9c:b3:40:ff:
28:6f:d9:d6:9b:ae:43:d0:6c:1d:cb:ab:c9:f8:fd:
ab:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B4:59:E1:8F:53:E8:8E:0E:88:74:91:5F:F7:EE:9C:48:80:90:B2
X509v3 Authority Key Identifier:
keyid:A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/ULRZ4Y9T6I4OiHSRX_funEiAkLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/pmOr1HnL_3YIIwS_YNA63DGH2TY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.89.0-185.198.90.255
IPv6:
2a0a:8f40:2::/47
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
85:a6:d0:c9:52:9b:94:6f:64:0e:74:b3:4a:d2:61:f7:66:be:
68:f5:ca:21:c5:06:b7:66:9d:f0:d1:6a:f8:dd:c7:6c:41:04:
a9:69:26:4b:d3:ef:5a:1a:5c:67:91:b0:02:f1:b3:da:2d:87:
fe:57:48:b4:7f:ae:db:f3:7f:ee:f5:bb:99:1e:22:30:7e:24:
5d:1d:4b:4a:13:a4:c2:c0:ed:53:45:49:70:06:8b:3a:e6:cd:
d2:6e:0e:13:6e:6d:61:bf:af:d9:67:b6:71:e6:5f:70:ea:f4:
f0:a5:73:f5:c1:fd:51:7c:1c:f7:48:3f:51:c8:f1:9e:de:5e:
67:93:6d:a7:a7:23:fb:a0:12:6b:a5:4a:f8:93:32:37:a8:a1:
3e:1d:1b:db:21:94:ef:0c:08:f5:cd:4d:d5:c3:5f:7f:76:d1:
7e:10:81:a5:65:c3:0b:22:ab:d1:b5:0a:96:cb:6f:a1:95:81:
27:95:ac:a5:18:da:a1:b3:98:57:a3:d9:76:57:9f:f8:f6:ec:
72:1a:5c:88:9f:94:5e:46:c0:8f:2c:48:c8:63:90:ba:e6:63:
b1:0e:f9:79:4c:c0:64:0e:a5:98:de:28:ee:84:d8:20:de:2d:
15:6b:9a:8e:da:76:82:cf:73:b0:b2:a9:9f:70:0d:a1:b4:a7:
1a:94:91:7a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYtdc48SVYPgCS9mk1HNGr/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NjNhYmQ0NzljYmZmNzYwODIzMDRiZjYwZDAzYWRjMzE4
N2Q5MzYwHhcNMjMxMDIzMTY1MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGI0NTllMThmNTNlODhlMGU4ODc0OTE1ZmY3ZWU5YzQ4ODA5MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzbb5CGlZkOUNjCgHwilz1X8/rQT
jwTgFg4PRApz6COMz5WFXcK5TBVwogQY+R2/N6Jir9PuS5I7lGmjsGI5RG2qMrn8
78Fe1PhhUL+nyIa8rSomLqbw51AaNoyuJQK59Bs2Utwuxo39w87QNzXsGQaJX9+a
NYbqdwaOY4AWea6YiZPXOdCummQV+QKgfyVjlBM6XoxfutVLjgykLfmOZTX/dZ3c
vbf8+UwbMKpE5kwJuVfHKtx4nMrNoLzLEp++9R8kZGEW/jKi7MM5Ydxub6qyY5TA
VB4n8Na8zuwCFK6ASjkzu2Hk0B8yMJyzQP8ob9nWm65D0Gwdy6vJ+P2rrQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFC0WeGPU+iODoh0kV/37pxIgJCyMB8GA1UdIwQY
MBaAFKZjq9R5y/92CCMEv2DQOtwxh9k2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMt
YmZhMDRmNmNkZTUwLzEvVUxSWjRZOVQ2STRPaUhTUlhfZnVuRWlBa0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMtYmZhMDRmNmNkZTUw
LzEvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAUBAIAATAOMAwDBAC5xlkD
BAC5xlowLAQCAAIwJgMHASoKj0AAAjASAwcAKgqPQAAHAwcAKgqPQAAMAwcAKgqP
QAAcMA0GCSqGSIb3DQEBCwUAA4IBAQCFptDJUpuUb2QOdLNK0mH3Zr5o9cohxQa3
Zp3w0Wr43cdsQQSpaSZL0+9aGlxnkbAC8bPaLYf+V0i0f67b83/u9buZHiIwfiRd
HUtKE6TCwO1TRUlwBos65s3Sbg4Tbm1hv6/ZZ7Zx5l9w6vTwpXP1wf1RfBz3SD9R
yPGe3l5nk22npyP7oBJrpUr4kzI3qKE+HRvbIZTvDAj1zU3Vw19/dtF+EIGlZcML
IqvRtQqWy2+hlYEnlaylGNqhs5hXo9l2V5/49uxyGlyIn5ReRsCPLEjIY5C65mOx
Dvl5TMBkDqWY3ijuhNgg3i0Va5qO2naCz3OwsqmfcA2htKcalJF6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:48 2024 by rpki-client on console-fra.rpki-client.org