Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/c0rI__tD7yJ9X4APGQGL1_sDDGA.roa
File: c0rI__tD7yJ9X4APGQGL1_sDDGA.roa (raw, json)
Hash identifier: j+99EiZbOxWJu9FA/1L9zQ8hVimjNxlbaoBo6ENBsCY=
Subject key identifier: 73:4A:C8:FF:FB:43:EF:22:7D:5F:80:0F:19:01:8B:D7:FB:03:0C:60
Certificate issuer: /CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Certificate serial: 018CC725A5B59FAC824C15A038242D80CA7D
Authority key identifier: 2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/c0rI__tD7yJ9X4APGQGL1_sDDGA.roa
Signing time: Mon 01 Jan 2024 22:29:42 +0000
ROA not before: Mon 01 Jan 2024 22:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205100
IP address blocks: 185.220.100.0/24 maxlen: 24
2a0b:f4c0::/32 maxlen: 48
2a0b:f4c0:400::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a5:b5:9f:ac:82:4c:15:a0:38:24:2d:80:ca:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Validity
Not Before: Jan 1 22:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=734ac8fffb43ef227d5f800f19018bd7fb030c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0a:5d:96:22:11:b9:cc:3e:95:5d:00:cd:19:
ba:fc:de:6c:44:98:83:c3:53:6e:d0:0e:33:87:7a:
d4:22:31:8a:5c:41:d8:05:14:8e:b1:8e:01:0d:4e:
b4:c6:53:6c:f2:27:17:02:ae:7c:f7:3e:0e:22:58:
fd:e9:94:01:76:df:c3:d6:00:eb:4d:f2:03:4c:6b:
76:fc:60:ae:67:67:d5:b6:cd:53:4d:cf:d7:62:c2:
3b:51:c0:9d:74:29:46:a3:21:55:35:01:e3:d2:2b:
52:66:fb:7f:cc:cf:5a:82:ac:5f:b0:3e:08:83:04:
e3:e0:d1:98:38:30:94:25:92:80:b8:38:6b:69:70:
dc:43:87:71:41:92:28:ce:e1:ce:f2:3d:32:74:13:
45:b0:fa:2d:37:7f:ec:cc:96:20:b3:1d:30:ab:6f:
4d:44:e8:f6:3a:7a:7b:ea:3e:6f:29:71:c8:82:05:
c6:52:51:c1:95:27:3e:f8:28:20:87:16:3a:27:72:
40:b3:69:57:aa:3d:0a:a9:f4:95:8c:c5:54:f6:9e:
4b:7e:a4:18:e0:c6:8f:94:3e:1f:de:17:af:ce:3f:
ba:a5:6d:65:a4:3a:c5:d0:4d:5b:ad:dc:7a:ed:57:
c8:9a:cb:80:cc:78:12:ac:6c:19:e1:12:2a:f3:f7:
6b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:4A:C8:FF:FB:43:EF:22:7D:5F:80:0F:19:01:8B:D7:FB:03:0C:60
X509v3 Authority Key Identifier:
keyid:2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/c0rI__tD7yJ9X4APGQGL1_sDDGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.100.0/24
IPv6:
2a0b:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
49:58:a8:3d:af:b9:1a:de:05:ac:91:4e:c7:27:69:2d:f4:c7:
88:f1:d2:dc:9f:9b:ec:b1:85:32:79:d5:f2:dd:98:4a:8d:2b:
5c:5a:89:9c:9a:f0:32:b6:a4:b2:f4:c4:7e:d2:89:be:a3:89:
1f:bb:45:2f:71:7a:70:55:ff:03:cb:fc:49:b9:51:32:3b:0e:
0d:e8:31:db:58:25:32:e6:27:73:b9:85:97:61:2f:51:7e:63:
3d:3d:59:d4:fd:ea:59:34:44:80:d7:3b:79:dd:ad:bc:d0:af:
c4:85:3f:bd:5e:b2:5b:d5:57:59:77:6d:a6:1d:25:c3:96:f0:
c7:1b:a5:45:7a:24:b9:ce:51:3a:be:47:ec:2a:5a:86:7f:a9:
87:91:f0:61:91:55:41:d6:b0:40:66:10:15:fe:e1:76:26:d4:
36:4f:29:64:79:4f:3d:bb:3e:60:74:86:e9:50:d6:cb:c9:47:
ef:ba:c2:ee:e4:16:a8:6f:53:48:23:4d:90:ea:e1:c0:a5:fa:
e7:e2:29:91:7f:52:6c:5f:56:b7:3b:57:a2:1f:ca:ee:c8:81:
d5:8e:d8:9f:4e:cb:8e:a5:85:55:93:28:e7:10:0f:b2:c9:dd:
ba:56:86:7d:fc:49:93:52:88:5a:8b:b6:b9:73:00:7a:78:1f:
48:df:6e:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJaW1n6yCTBWgOCQtgMp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMWUyNTM5NzdiZjU4M2UwZTQyMGVjOTc3YThlY2Y0ZWQx
NTRkYmUwHhcNMjQwMTAxMjIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzRhYzhmZmZiNDNlZjIyN2Q1ZjgwMGYxOTAxOGJkN2ZiMDMwYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgpdliIRucw+lV0AzRm6/N5sRJiD
w1Nu0A4zh3rUIjGKXEHYBRSOsY4BDU60xlNs8icXAq589z4OIlj96ZQBdt/D1gDr
TfIDTGt2/GCuZ2fVts1TTc/XYsI7UcCddClGoyFVNQHj0itSZvt/zM9agqxfsD4I
gwTj4NGYODCUJZKAuDhraXDcQ4dxQZIozuHO8j0ydBNFsPotN3/szJYgsx0wq29N
ROj2Onp76j5vKXHIggXGUlHBlSc++CgghxY6J3JAs2lXqj0KqfSVjMVU9p5LfqQY
4MaPlD4f3hevzj+6pW1lpDrF0E1brdx67VfImsuAzHgSrGwZ4RIq8/dr5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHNKyP/7Q+8ifV+ADxkBi9f7AwxgMB8GA1UdIwQY
MBaAFC8eJTl3v1g+DkIOyXeo7PTtFU2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMt
ZjI2YjE1NTFlMGY1LzEvYzBySV9fdEQ3eUo5WDRBUEdRR0wxX3NEREdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMtZjI2YjE1NTFlMGY1
LzEvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudxkMA0E
AgACMAcDBQAqC/TAMA0GCSqGSIb3DQEBCwUAA4IBAQBJWKg9r7ka3gWskU7HJ2kt
9MeI8dLcn5vssYUyedXy3ZhKjStcWomcmvAytqSy9MR+0om+o4kfu0UvcXpwVf8D
y/xJuVEyOw4N6DHbWCUy5idzuYWXYS9RfmM9PVnU/epZNESA1zt53a280K/EhT+9
XrJb1VdZd22mHSXDlvDHG6VFeiS5zlE6vkfsKlqGf6mHkfBhkVVB1rBAZhAV/uF2
JtQ2TylkeU89uz5gdIbpUNbLyUfvusLu5Baob1NII02Q6uHApfrn4imRf1JsX1a3
O1eiH8ruyIHVjtifTsuOpYVVkyjnEA+yyd26VoZ9/EmTUohai7a5cwB6eB9I324U
-----END CERTIFICATE-----
Generated at Mon Feb 12 12:06:08 2024 by rpki-client on console-fra.rpki-client.org