Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/Op007JdEeu_2-1FDksN4OEg6SQk.roa
File: Op007JdEeu_2-1FDksN4OEg6SQk.roa (raw, json)
Hash identifier: vD2GgpwaUVuehpnnbVu4DmRXEBMYiBOkB1I9LOwTmug=
Subject key identifier: 3A:9D:34:EC:97:44:7A:EF:F6:FB:51:43:92:C3:78:38:48:3A:49:09
Certificate issuer: /CN=d617ad35ef270efb14271357f3a675e87566bf3a
Certificate serial: 018570C2E7E7BB909B98CF3B5F032096B2F4
Authority key identifier: D6:17:AD:35:EF:27:0E:FB:14:27:13:57:F3:A6:75:E8:75:66:BF:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hetNe8nDvsUJxNX86Z16HVmvzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/Op007JdEeu_2-1FDksN4OEg6SQk.roa
Signing time: Mon 02 Jan 2023 04:34:59 +0000
ROA not before: Mon 02 Jan 2023 04:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8540
IP address blocks: 185.227.88.0/22 maxlen: 24
185.209.204.0/22 maxlen: 24
2a0b:4c40::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:e7:e7:bb:90:9b:98:cf:3b:5f:03:20:96:b2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d617ad35ef270efb14271357f3a675e87566bf3a
Validity
Not Before: Jan 2 04:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a9d34ec97447aeff6fb514392c37838483a4909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:77:55:e6:49:be:3f:f2:46:d6:bf:54:32:26:
9b:22:82:43:80:7a:90:48:65:8f:de:dc:a6:7e:83:
9b:9c:6d:f3:95:b5:0c:de:cd:58:c7:e6:bc:3b:f9:
61:f4:39:d7:3a:3d:8f:32:60:bc:9a:0c:7a:95:b2:
30:ac:f7:2a:20:0e:42:b0:39:0d:3c:ef:e7:d9:6e:
3b:45:1c:6e:de:11:15:6c:94:96:1f:02:71:d7:66:
30:fe:6c:96:44:91:36:e9:58:1b:87:51:d5:29:0a:
3a:43:d2:d8:e4:c2:90:0d:e5:ce:01:04:80:61:b4:
62:8a:95:c8:29:62:99:1d:5b:15:ed:31:57:b4:c4:
fd:40:8a:ad:12:a1:88:ad:7b:17:d9:52:1e:a0:4f:
b4:14:df:fd:da:9d:ac:74:b3:fd:2c:a0:e7:f9:dd:
e7:22:c8:d0:f3:85:c5:c2:6e:f2:4a:7c:f1:c8:e6:
33:00:91:5b:01:66:70:d7:4f:f5:e5:9f:9c:16:7a:
83:0a:eb:d6:32:52:2a:5f:3c:b8:a1:bc:86:98:d4:
31:ba:9b:61:7a:76:9a:f5:43:3e:45:13:eb:f7:77:
61:76:d5:76:88:46:ae:a9:96:4a:75:08:5d:cc:2a:
45:c6:fa:bc:5c:db:61:c1:bd:19:e8:e1:99:08:f7:
e0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9D:34:EC:97:44:7A:EF:F6:FB:51:43:92:C3:78:38:48:3A:49:09
X509v3 Authority Key Identifier:
keyid:D6:17:AD:35:EF:27:0E:FB:14:27:13:57:F3:A6:75:E8:75:66:BF:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hetNe8nDvsUJxNX86Z16HVmvzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/Op007JdEeu_2-1FDksN4OEg6SQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/850961-dcfc-456c-bba6-2698f0601bb9/1/1hetNe8nDvsUJxNX86Z16HVmvzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.204.0/22
185.227.88.0/22
IPv6:
2a0b:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
42:65:39:b2:06:81:7e:70:85:d7:55:b0:f3:05:09:8d:42:73:
ad:a2:c2:96:f6:83:c8:2c:63:39:1c:5b:3b:ce:9c:88:36:fb:
c1:40:34:b1:63:bc:7d:f6:c7:c0:f0:14:6f:ed:cd:4e:e4:d5:
4a:86:cd:f2:46:ba:bc:f4:29:ca:bc:cf:d5:bd:44:93:59:66:
84:ec:c7:d9:82:5f:7a:d3:18:87:67:dc:e6:1e:96:c7:15:15:
e4:c3:13:aa:a8:cb:a0:b0:61:72:71:d3:a1:c1:14:66:0c:7b:
bf:1f:01:af:73:08:ce:e0:3c:09:de:67:75:af:22:fc:58:58:
f8:a3:97:b6:cf:24:d3:63:85:f0:5e:e7:3d:b9:4f:b6:f1:69:
a4:30:8d:1a:74:2b:f2:12:06:0b:00:23:a4:59:96:89:0a:5f:
d6:85:1b:a0:f8:de:0f:35:02:8d:3a:47:97:b9:20:9f:58:ce:
b0:d5:4b:69:0c:81:55:34:be:79:20:80:3c:9f:25:75:a2:73:
e1:8b:f5:27:dd:08:18:a3:16:29:d4:a9:64:c8:e1:eb:cb:ab:
14:91:52:2f:b7:c4:00:98:fa:14:6b:90:3e:24:79:2c:82:cc:
21:b2:0f:63:c4:3d:b0:4a:b9:ed:77:14:3e:69:74:af:3f:07:
7d:cc:3e:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwwufnu5CbmM87XwMglrL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTdhZDM1ZWYyNzBlZmIxNDI3MTM1N2YzYTY3NWU4NzU2
NmJmM2EwHhcNMjMwMTAyMDQzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTlkMzRlYzk3NDQ3YWVmZjZmYjUxNDM5MmMzNzgzODQ4M2E0OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3dV5km+P/JG1r9UMiabIoJDgHqQ
SGWP3tymfoObnG3zlbUM3s1Yx+a8O/lh9DnXOj2PMmC8mgx6lbIwrPcqIA5CsDkN
PO/n2W47RRxu3hEVbJSWHwJx12Yw/myWRJE26Vgbh1HVKQo6Q9LY5MKQDeXOAQSA
YbRiipXIKWKZHVsV7TFXtMT9QIqtEqGIrXsX2VIeoE+0FN/92p2sdLP9LKDn+d3n
IsjQ84XFwm7ySnzxyOYzAJFbAWZw10/15Z+cFnqDCuvWMlIqXzy4obyGmNQxupth
enaa9UM+RRPr93dhdtV2iEauqZZKdQhdzCpFxvq8XNthwb0Z6OGZCPfg+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDqdNOyXRHrv9vtRQ5LDeDhIOkkJMB8GA1UdIwQY
MBaAFNYXrTXvJw77FCcTV/Omdeh1Zr86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhldE5lOG5EdnNVSnhOWDg2WjE2SFZtdnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NTA5NjEtZGNmYy00NTZjLWJiYTYt
MjY5OGYwNjAxYmI5LzEvT3AwMDdKZEVldV8yLTFGRGtzTjRPRWc2U1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84NTA5NjEtZGNmYy00NTZjLWJiYTYtMjY5OGYwNjAxYmI5
LzEvMWhldE5lOG5EdnNVSnhOWDg2WjE2SFZtdnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudHMAwQC
ueNYMA0EAgACMAcDBQMqC0xAMA0GCSqGSIb3DQEBCwUAA4IBAQBCZTmyBoF+cIXX
VbDzBQmNQnOtosKW9oPILGM5HFs7zpyINvvBQDSxY7x99sfA8BRv7c1O5NVKhs3y
Rrq89CnKvM/VvUSTWWaE7MfZgl960xiHZ9zmHpbHFRXkwxOqqMugsGFycdOhwRRm
DHu/HwGvcwjO4DwJ3md1ryL8WFj4o5e2zyTTY4XwXuc9uU+28WmkMI0adCvyEgYL
ACOkWZaJCl/WhRug+N4PNQKNOkeXuSCfWM6w1UtpDIFVNL55IIA8nyV1onPhi/Un
3QgYoxYp1KlkyOHry6sUkVIvt8QAmPoUa5A+JHksgswhsg9jxD2wSrntdxQ+aXSv
Pwd9zD42
-----END CERTIFICATE-----
Generated at Tue Dec 12 16:24:52 2023 by rpki-client on console-ams.rpki-client.org