Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/0NdZeN1KNULHJtBxCqSn43RY1gk.roa
File: 0NdZeN1KNULHJtBxCqSn43RY1gk.roa (raw, json)
Hash identifier: 1WabQYnR/3otf77NZkT+w/xobCMIGMV0g7DP+ed5Ctk=
Subject key identifier: D0:D7:59:78:DD:4A:35:42:C7:26:D0:71:0A:A4:A7:E3:74:58:D6:09
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 018698AAF32343061693BD65360121F3BF5C
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/0NdZeN1KNULHJtBxCqSn43RY1gk.roa
Signing time: Tue 28 Feb 2023 15:36:25 +0000
ROA not before: Tue 28 Feb 2023 15:36:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 85.255.122.0/24 maxlen: 24
178.212.205.0/24 maxlen: 24
178.212.204.0/24 maxlen: 24
178.212.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:aa:f3:23:43:06:16:93:bd:65:36:01:21:f3:bf:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Feb 28 15:36:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0d75978dd4a3542c726d0710aa4a7e37458d609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ae:21:7b:be:92:6b:ab:be:ef:d2:66:8a:1e:
e5:1a:97:d5:9d:ec:f8:63:84:64:e0:e6:90:ab:c1:
79:48:61:75:7e:a0:6c:f7:3d:80:44:8d:1a:3d:8f:
1b:81:40:f5:30:ba:44:af:f9:e6:b2:25:ba:c1:4c:
99:e1:08:b4:1a:e1:89:6e:1f:88:82:40:c5:55:9a:
99:45:c8:6b:10:2c:f6:b6:03:99:4d:b1:80:7a:57:
d9:b9:e7:5f:38:09:e6:13:7b:c9:17:08:86:99:2c:
9b:2f:98:c3:cf:e1:41:8f:96:ca:d2:dd:8a:53:96:
33:d7:32:de:7d:8d:7b:52:92:9a:bf:00:e5:c4:ff:
5d:b8:a2:33:66:2f:6c:42:5f:a1:8a:db:43:57:42:
dd:70:51:73:87:11:f9:17:44:ac:60:0a:3d:a3:0b:
a0:53:7c:ae:b2:b3:0a:eb:95:c7:37:78:44:78:ab:
a4:7a:e4:d5:b8:5c:51:b5:a4:14:75:ee:83:be:e7:
39:01:4e:a4:91:f5:82:0f:ad:25:ff:a1:76:71:23:
e4:52:57:86:5f:da:ad:88:c4:8d:5c:45:04:b0:d7:
67:e4:59:42:36:ae:98:41:bb:2f:51:0e:e6:fb:25:
4e:de:fa:6b:26:45:7c:1e:23:f4:8d:05:16:5d:e9:
af:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D7:59:78:DD:4A:35:42:C7:26:D0:71:0A:A4:A7:E3:74:58:D6:09
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/0NdZeN1KNULHJtBxCqSn43RY1gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.122.0/24
178.212.203.0-178.212.205.255
Signature Algorithm: sha256WithRSAEncryption
2b:b7:d8:40:d5:f2:02:2f:31:b6:0f:3d:00:54:d4:15:64:fe:
ef:02:71:ef:3f:cf:a2:8c:03:3c:99:23:73:b3:c9:18:0f:1c:
18:ed:d7:8c:a5:72:6b:6f:ba:1d:9b:04:e0:41:f3:ef:12:96:
65:ee:fe:dc:10:99:33:3d:bc:54:b7:6c:98:72:78:a6:94:8c:
48:8e:a6:76:95:aa:33:0c:5c:ec:ec:4f:2e:66:d8:1f:1e:5b:
6c:5a:5a:48:71:6a:ee:2b:64:1a:5d:14:62:f3:77:48:41:d1:
11:0f:8f:ee:7b:3d:22:8a:73:62:5e:bb:87:69:90:20:89:9f:
36:21:d6:d4:eb:fc:18:12:2d:04:11:60:73:f6:7c:44:2e:5e:
0f:df:59:97:5e:7e:56:1a:ef:7b:a3:9b:73:59:19:36:7c:83:
db:a1:d8:86:56:88:74:05:0f:26:f1:1c:df:0a:08:be:4b:1e:
c5:ca:54:7c:60:5c:5a:c9:17:a8:b0:d7:0a:27:4a:04:83:ce:
af:db:e4:f5:00:df:f7:21:8d:88:1a:15:8e:76:db:cf:9c:18:
e5:4a:72:ee:8e:5c:bd:0c:41:fa:d8:10:60:31:66:51:fc:44:
87:c7:2b:12:81:da:0b:56:5b:8e:ad:b1:3a:4e:22:a2:2b:16:
fe:ec:5e:82
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYaYqvMjQwYWk71lNgEh879cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMjI4MTUzNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ3NTk3OGRkNGEzNTQyYzcyNmQwNzEwYWE0YTdlMzc0NThkNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5a4he76Sa6u+79Jmih7lGpfVnez4
Y4Rk4OaQq8F5SGF1fqBs9z2ARI0aPY8bgUD1MLpEr/nmsiW6wUyZ4Qi0GuGJbh+I
gkDFVZqZRchrECz2tgOZTbGAelfZuedfOAnmE3vJFwiGmSybL5jDz+FBj5bK0t2K
U5Yz1zLefY17UpKavwDlxP9duKIzZi9sQl+hittDV0LdcFFzhxH5F0SsYAo9owug
U3yusrMK65XHN3hEeKukeuTVuFxRtaQUde6Dvuc5AU6kkfWCD60l/6F2cSPkUleG
X9qtiMSNXEUEsNdn5FlCNq6YQbsvUQ7m+yVO3vprJkV8HiP0jQUWXemvDwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNDXWXjdSjVCxybQcQqkp+N0WNYJMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvME5kWmVOMUtOVUxISnRCeENxU240M1JZMWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVf96MAwD
BACy1MsDBAGy1MwwDQYJKoZIhvcNAQELBQADggEBACu32EDV8gIvMbYPPQBU1BVk
/u8Cce8/z6KMAzyZI3OzyRgPHBjt14ylcmtvuh2bBOBB8+8SlmXu/twQmTM9vFS3
bJhyeKaUjEiOpnaVqjMMXOzsTy5m2B8eW2xaWkhxau4rZBpdFGLzd0hB0REPj+57
PSKKc2Jeu4dpkCCJnzYh1tTr/BgSLQQRYHP2fEQuXg/fWZdeflYa73ujm3NZGTZ8
g9uh2IZWiHQFDybxHN8KCL5LHsXKVHxgXFrJF6iw1wonSgSDzq/b5PUA3/chjYga
FY5228+cGOVKcu6OXL0MQfrYEGAxZlH8RIfHKxKB2gtWW46tsTpOIqIrFv7sXoI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:45 2024 by rpki-client on console-ams.rpki-client.org