Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/p1NhUzjD-nVq04SSBLwm8TIqF5c.roa
File: p1NhUzjD-nVq04SSBLwm8TIqF5c.roa (raw, json)
Hash identifier: 0aZrYCDpr80PSDPmlLMMOBW9ao3/gjxy5PgQz/YGZpo=
Subject key identifier: A7:53:61:53:38:C3:FA:75:6A:D3:84:92:04:BC:26:F1:32:2A:17:97
Certificate issuer: /CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Certificate serial: 018CC725A61B5020087206318BE44D5C8B1C
Authority key identifier: 2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/p1NhUzjD-nVq04SSBLwm8TIqF5c.roa
Signing time: Mon 01 Jan 2024 22:29:42 +0000
ROA not before: Mon 01 Jan 2024 22:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208294
IP address blocks: 185.220.101.0/24 maxlen: 24
2a0b:f4c1:2::/48 maxlen: 48
2a0b:f4c1:1::/48 maxlen: 48
2a0b:f4c2::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a6:1b:50:20:08:72:06:31:8b:e4:4d:5c:8b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Validity
Not Before: Jan 1 22:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a753615338c3fa756ad3849204bc26f1322a1797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c5:00:8e:03:6a:47:5d:5d:d0:1d:ad:d4:a3:
bf:4c:4d:eb:ac:34:0f:69:9a:2f:e6:2e:51:30:d8:
21:42:d4:a7:10:b6:98:0e:42:d6:81:0b:0a:e2:e0:
72:f0:7b:75:6d:0c:00:23:28:aa:c2:b3:9f:a9:17:
00:d2:10:7c:a0:27:a9:5f:59:28:0d:5a:25:0e:04:
5a:33:21:03:84:cc:04:ec:29:c6:e1:24:0a:3d:1a:
fe:58:3e:3d:eb:5a:b7:b2:ea:d1:14:46:00:42:74:
1d:59:58:8d:40:e2:29:d4:b3:56:b2:3c:74:3c:db:
91:c0:17:0a:ac:69:89:fd:ab:8a:d1:40:ac:14:f8:
73:3f:77:10:4f:b1:7e:5d:bb:95:4c:68:37:ba:d4:
a4:e4:4f:9a:47:fc:95:0b:6c:55:34:3d:c2:d5:83:
f3:4a:96:b1:de:76:f9:4d:9f:f6:10:08:f4:21:b2:
92:dc:f4:a8:79:71:e0:20:b6:b0:cc:a9:1c:f3:5e:
ae:30:3a:db:66:d8:f5:c4:6d:95:8d:78:cb:09:e6:
16:41:a5:3b:e3:11:96:e6:0d:1f:a8:b9:3a:53:b1:
d3:07:8c:9b:d9:79:e6:4a:f8:e6:c9:3c:d1:20:e9:
b1:64:87:ef:c7:d5:2f:62:45:6f:20:65:1e:60:1c:
ac:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:53:61:53:38:C3:FA:75:6A:D3:84:92:04:BC:26:F1:32:2A:17:97
X509v3 Authority Key Identifier:
keyid:2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/p1NhUzjD-nVq04SSBLwm8TIqF5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.101.0/24
IPv6:
2a0b:f4c1:1::-2a0b:f4c1:2:ffff:ffff:ffff:ffff:ffff
2a0b:f4c2::/40
Signature Algorithm: sha256WithRSAEncryption
7c:5f:62:db:fa:42:05:bf:ed:76:9c:9b:fc:0f:65:c5:19:9b:
80:cf:ab:91:ab:8d:9a:7e:8f:37:82:b3:81:36:78:60:f7:c1:
d8:a4:9c:09:7f:f4:63:d7:bc:fb:c6:1a:34:22:ea:e4:e1:1b:
70:4f:20:e3:eb:95:93:b7:de:f1:e7:da:3c:e3:55:6d:c6:d5:
56:f0:78:2e:d7:df:a4:33:e2:fe:93:86:cb:65:be:6f:8f:e5:
89:0b:be:16:0d:44:49:13:5d:45:24:b9:d7:3d:da:0f:a2:c8:
e4:ee:ed:2b:3e:79:b2:78:2f:b5:55:88:0c:c2:2e:43:1c:94:
4b:98:a5:b5:f0:6a:a5:4c:bc:77:8c:c2:f9:46:ac:8e:fc:cf:
b9:94:da:75:e2:b0:85:db:c9:32:ca:ff:2d:cc:e3:63:90:11:
c7:75:8d:13:72:e9:77:c0:aa:d4:a8:85:ae:1a:cc:45:a1:e2:
b6:b7:4c:96:86:69:91:d1:3d:c7:69:25:82:8c:6f:1a:68:bf:
c8:2a:89:0d:e9:a6:53:b4:79:64:79:a2:b2:18:ac:7f:b9:bb:
79:5e:94:ff:8d:a4:b5:fd:7e:f8:53:da:6a:98:e7:91:6f:44:
c1:e9:06:5d:a7:40:a1:59:e2:98:5c:a2:c9:68:7b:b9:cb:be:
52:5f:75:88
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzHJaYbUCAIcgYxi+RNXIscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMWUyNTM5NzdiZjU4M2UwZTQyMGVjOTc3YThlY2Y0ZWQx
NTRkYmUwHhcNMjQwMTAxMjIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzUzNjE1MzM4YzNmYTc1NmFkMzg0OTIwNGJjMjZmMTMyMmExNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8UAjgNqR11d0B2t1KO/TE3rrDQP
aZov5i5RMNghQtSnELaYDkLWgQsK4uBy8Ht1bQwAIyiqwrOfqRcA0hB8oCepX1ko
DVolDgRaMyEDhMwE7CnG4SQKPRr+WD4961q3surRFEYAQnQdWViNQOIp1LNWsjx0
PNuRwBcKrGmJ/auK0UCsFPhzP3cQT7F+XbuVTGg3utSk5E+aR/yVC2xVND3C1YPz
Spax3nb5TZ/2EAj0IbKS3PSoeXHgILawzKkc816uMDrbZtj1xG2VjXjLCeYWQaU7
4xGW5g0fqLk6U7HTB4yb2XnmSvjmyTzRIOmxZIfvx9UvYkVvIGUeYBys6QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKdTYVM4w/p1atOEkgS8JvEyKheXMB8GA1UdIwQY
MBaAFC8eJTl3v1g+DkIOyXeo7PTtFU2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMt
ZjI2YjE1NTFlMGY1LzEvcDFOaFV6akQtblZxMDRTU0JMd204VElxRjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zMzY0ZWQtYzVmOS00NjMxLWI5NWMtZjI2YjE1NTFlMGY1
LzEvTHg0bE9YZV9XRDRPUWc3SmQ2anM5TzBWVGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAudxlMCIE
AgACMBwwEgMHACoL9MEAAQMHACoL9MEAAgMGACoL9MIAMA0GCSqGSIb3DQEBCwUA
A4IBAQB8X2Lb+kIFv+12nJv8D2XFGZuAz6uRq42afo83grOBNnhg98HYpJwJf/Rj
17z7xho0Iurk4RtwTyDj65WTt97x59o841VtxtVW8Hgu19+kM+L+k4bLZb5vj+WJ
C74WDURJE11FJLnXPdoPosjk7u0rPnmyeC+1VYgMwi5DHJRLmKW18GqlTLx3jML5
RqyO/M+5lNp14rCF28kyyv8tzONjkBHHdY0Tcul3wKrUqIWuGsxFoeK2t0yWhmmR
0T3HaSWCjG8aaL/IKokN6aZTtHlkeaKyGKx/ubt5XpT/jaS1/X74U9pqmOeRb0TB
6QZdp0ChWeKYXKLJaHu5y75SX3WI
-----END CERTIFICATE-----
Generated at Mon Feb 12 09:38:45 2024 by rpki-client on console-ams.rpki-client.org