Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/0knkZe24Vu6CzsEccud_LJCzmfA.roa
File: 0knkZe24Vu6CzsEccud_LJCzmfA.roa (raw, json)
Hash identifier: RahETDW1JZ7n8s/r5BKga5QjGBIxL04sduO4EvwIU74=
Subject key identifier: D2:49:E4:65:ED:B8:56:EE:82:CE:C1:1C:72:E7:7F:2C:90:B3:99:F0
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 0181EDF252EDAF00C462E17AC10BE87C2E17
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/0knkZe24Vu6CzsEccud_LJCzmfA.roa
Signing time: Mon 11 Jul 2022 15:48:09 +0000
ROA not before: Mon 11 Jul 2022 15:48:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 85.255.123.0/24 maxlen: 24
85.255.122.0/24 maxlen: 24
85.255.121.0/24 maxlen: 24
85.255.120.0/24 maxlen: 24
178.212.205.0/24 maxlen: 24
178.212.204.0/24 maxlen: 24
178.212.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:f2:52:ed:af:00:c4:62:e1:7a:c1:0b:e8:7c:2e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Jul 11 15:48:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d249e465edb856ee82cec11c72e77f2c90b399f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8b:98:dd:73:5e:de:da:64:09:6b:66:53:a0:
3a:c9:a9:0d:0b:21:8f:3e:a0:57:52:37:60:b3:fb:
b2:ee:50:f9:09:fc:36:ba:e0:d4:6a:08:31:50:28:
24:94:b3:08:db:02:a9:c7:4d:2c:cf:bd:bb:0e:32:
7c:74:93:71:2a:2f:32:11:cc:36:89:bc:53:23:f5:
65:e1:92:2c:4b:be:e8:01:11:f1:ca:cf:92:74:62:
64:05:76:07:91:fc:0e:92:51:9b:0a:47:b2:41:bc:
de:07:ee:24:21:aa:f1:3a:81:18:3e:a5:45:7d:0a:
8a:b2:55:53:45:9b:fd:f3:22:8f:78:79:96:80:09:
0b:ba:58:34:4c:e6:3f:30:e4:c4:18:be:5e:7c:22:
98:96:b5:c9:dc:4b:f5:71:3a:b1:32:ee:88:fc:93:
b7:ab:8a:2f:f4:d3:f0:e6:a0:77:e8:73:24:5c:58:
81:28:20:2a:4a:2d:2f:de:6c:f6:2f:80:1a:a5:c8:
00:a6:90:a1:5d:84:25:17:2c:1a:b5:0b:c2:1b:af:
ee:05:f8:f7:a9:37:e9:72:91:b4:ad:f9:3c:0e:b5:
ab:22:cb:0b:bf:77:3b:6b:3e:22:dc:ee:90:50:da:
e8:24:49:eb:a2:79:78:2e:91:d5:41:49:fe:59:0d:
37:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:49:E4:65:ED:B8:56:EE:82:CE:C1:1C:72:E7:7F:2C:90:B3:99:F0
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/0knkZe24Vu6CzsEccud_LJCzmfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.120.0/22
178.212.203.0-178.212.205.255
Signature Algorithm: sha256WithRSAEncryption
7a:47:36:2c:4f:ac:d3:aa:1e:15:ba:a8:1d:b1:6b:33:de:32:
1a:67:34:95:41:1c:99:38:f1:de:90:1e:f3:a5:b1:81:1c:a4:
de:37:da:70:a1:8e:5c:da:0a:22:cd:a7:7a:3b:9b:ec:c7:09:
ce:15:87:bd:7e:ff:c3:27:a6:c0:72:02:1f:89:e6:15:73:f9:
17:3e:b9:d4:40:5f:84:a9:1d:84:fe:5a:c9:e9:d0:61:59:2b:
00:51:ee:8a:06:e3:da:27:7b:cf:05:7c:a5:8a:9a:7c:5a:49:
4e:d4:5d:e8:30:fd:e5:30:4c:af:8a:52:e0:ff:56:ea:79:bb:
41:d5:43:d4:f3:f6:f9:8c:f1:41:ef:b9:26:64:1a:cb:2e:8f:
9d:14:d2:89:d8:bc:0c:4a:53:dc:68:dc:bc:73:fd:f5:ba:20:
6f:88:6a:8a:16:dc:f0:33:b2:ac:64:31:a0:a1:fc:d4:78:20:
51:bf:a9:ba:87:ed:95:51:6b:32:e8:87:a6:9d:7f:cd:54:6d:
a6:65:13:0f:e1:e1:c1:be:bc:c8:2b:44:75:4c:e4:d7:7f:f1:
c7:80:06:20:16:a0:07:cc:37:2c:27:26:9a:77:90:2d:36:5a:
cc:50:08:57:93:c1:d1:c0:a6:7d:22:b7:89:3f:6b:cc:8b:1d:
2f:19:6e:0a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYHt8lLtrwDEYuF6wQvofC4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjIwNzExMTU0ODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQ5ZTQ2NWVkYjg1NmVlODJjZWMxMWM3MmU3N2YyYzkwYjM5OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuouY3XNe3tpkCWtmU6A6yakNCyGP
PqBXUjdgs/uy7lD5Cfw2uuDUaggxUCgklLMI2wKpx00sz727DjJ8dJNxKi8yEcw2
ibxTI/Vl4ZIsS77oARHxys+SdGJkBXYHkfwOklGbCkeyQbzeB+4kIarxOoEYPqVF
fQqKslVTRZv98yKPeHmWgAkLulg0TOY/MOTEGL5efCKYlrXJ3Ev1cTqxMu6I/JO3
q4ov9NPw5qB36HMkXFiBKCAqSi0v3mz2L4AapcgAppChXYQlFywatQvCG6/uBfj3
qTfpcpG0rfk8DrWrIssLv3c7az4i3O6QUNroJEnronl4LpHVQUn+WQ03QwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNJJ5GXtuFbugs7BHHLnfyyQs5nwMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvMGtua1plMjRWdTZDenNFY2N1ZF9MSkN6bWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTItZWJkY2MwMmZiYWU5
LzEvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCVf94MAwD
BACy1MsDBAGy1MwwDQYJKoZIhvcNAQELBQADggEBAHpHNixPrNOqHhW6qB2xazPe
MhpnNJVBHJk48d6QHvOlsYEcpN432nChjlzaCiLNp3o7m+zHCc4Vh71+/8MnpsBy
Ah+J5hVz+Rc+udRAX4SpHYT+Wsnp0GFZKwBR7ooG49one88FfKWKmnxaSU7UXegw
/eUwTK+KUuD/Vup5u0HVQ9Tz9vmM8UHvuSZkGssuj50U0onYvAxKU9xo3Lxz/fW6
IG+IaooW3PAzsqxkMaCh/NR4IFG/qbqH7ZVRazLoh6adf81UbaZlEw/h4cG+vMgr
RHVM5Nd/8ceABiAWoAfMNywnJpp3kC02WsxQCFeTwdHApn0it4k/a8yLHS8Zbgo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org