Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/d70dad-b80f-41d8-b655-5e1fab7b87cf/1/3kcOJSdFyxeQ7w4LLNNPh0aKkko.roa
File: 3kcOJSdFyxeQ7w4LLNNPh0aKkko.roa (raw, json)
Hash identifier: WCMjgC89hp/Prx3C7VhI4MYyHP4VeGlN6DHrUKBCSXk=
Subject key identifier: DE:47:0E:25:27:45:CB:17:90:EF:0E:0B:2C:D3:4F:87:46:8A:92:4A
Certificate issuer: /CN=318bd11da0fa9c949e2e4a877c5d94e14ffd7dbc
Certificate serial: 01824FFCCA39911E627FC0736B6DB974B170
Authority key identifier: 31:8B:D1:1D:A0:FA:9C:94:9E:2E:4A:87:7C:5D:94:E1:4F:FD:7D:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYvRHaD6nJSeLkqHfF2U4U_9fbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/d70dad-b80f-41d8-b655-5e1fab7b87cf/1/3kcOJSdFyxeQ7w4LLNNPh0aKkko.roa
Signing time: Sat 30 Jul 2022 16:42:23 +0000
ROA not before: Sat 30 Jul 2022 16:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44016
IP address blocks: 91.235.168.0/24 maxlen: 24
212.115.104.0/22 maxlen: 24
193.23.60.0/24 maxlen: 24
2a0f:75c0:1::/48 maxlen: 48
2a09:8400::/29 maxlen: 29
2a0f:75c0:4::/48 maxlen: 48
2a0f:75c0:2::/48 maxlen: 48
2a0f:75c0:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4f:fc:ca:39:91:1e:62:7f:c0:73:6b:6d:b9:74:b1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=318bd11da0fa9c949e2e4a877c5d94e14ffd7dbc
Validity
Not Before: Jul 30 16:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de470e252745cb1790ef0e0b2cd34f87468a924a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0b:7a:3b:6a:c4:78:56:95:01:70:4b:f3:32:
2f:07:0b:87:f7:4c:07:95:21:25:f2:41:c4:d7:11:
48:08:17:b6:1e:82:60:0e:8a:64:95:84:57:c0:44:
42:20:b9:2e:3b:f3:09:69:b3:be:12:6b:e8:ae:10:
50:1b:37:d8:c0:e7:c4:dd:66:77:95:d7:6b:60:5a:
af:95:a7:86:47:04:fb:c1:da:a2:db:69:4f:77:0d:
ae:a8:85:d1:a1:4e:d7:3a:c6:33:06:d2:c4:fe:92:
36:d2:ea:0e:27:7b:21:f8:ec:5e:c6:c4:66:8d:d8:
11:b0:3a:43:7b:11:f6:1a:4d:92:80:b3:1c:8f:fd:
d4:6d:aa:e5:d4:c8:f1:69:40:22:a4:27:8b:51:d1:
b0:81:85:85:8c:8b:61:57:61:25:10:52:19:24:21:
00:80:2d:71:9a:b4:58:78:fa:6e:6e:bb:c8:84:e4:
d5:1c:b2:22:6c:19:d0:74:fc:7c:9a:81:71:ec:8d:
7b:fe:64:e8:78:ce:38:b9:d8:c5:9d:16:ef:1e:fb:
57:51:3a:f6:88:0b:a4:73:e6:af:8d:97:0d:69:8b:
32:ac:11:2a:a1:47:29:d2:42:d3:0a:2f:13:0e:61:
d9:10:63:3f:c6:76:97:86:35:08:6e:3d:52:8c:54:
e0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:47:0E:25:27:45:CB:17:90:EF:0E:0B:2C:D3:4F:87:46:8A:92:4A
X509v3 Authority Key Identifier:
keyid:31:8B:D1:1D:A0:FA:9C:94:9E:2E:4A:87:7C:5D:94:E1:4F:FD:7D:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYvRHaD6nJSeLkqHfF2U4U_9fbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d70dad-b80f-41d8-b655-5e1fab7b87cf/1/3kcOJSdFyxeQ7w4LLNNPh0aKkko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d70dad-b80f-41d8-b655-5e1fab7b87cf/1/MYvRHaD6nJSeLkqHfF2U4U_9fbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.168.0/24
193.23.60.0/24
212.115.104.0/22
IPv6:
2a09:8400::/29
2a0f:75c0:1::-2a0f:75c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7b:10:a8:01:24:e9:c3:8d:b8:c0:1d:0e:d5:ed:52:d8:56:e6:
e0:c2:14:62:fd:ce:cc:9d:63:8b:cb:57:b6:f2:05:e7:e7:d1:
1f:34:46:9a:6b:35:b6:ad:46:e3:65:39:c5:49:e3:82:f4:75:
04:38:7f:4a:63:0d:f2:79:8e:03:29:9e:98:1a:1e:1d:2e:ba:
b9:e3:ad:80:0a:46:53:6f:7b:12:60:df:62:ec:96:ce:f6:aa:
4e:dc:c8:5f:54:3c:ea:5f:c1:52:5b:a7:e3:8a:e8:cf:dd:47:
8d:1b:aa:e7:82:06:83:d7:47:60:76:70:8a:32:ae:5d:4e:24:
83:ca:b6:4e:68:df:8e:a3:c3:76:4b:1b:8b:10:cd:9b:02:bd:
6f:b7:1a:b1:44:76:28:db:05:eb:d3:ef:dd:7e:3a:63:1c:dd:
86:f0:d5:2a:02:74:c6:5a:25:02:a1:17:be:9b:63:94:de:d2:
0e:41:1e:23:e0:73:a3:eb:f5:0b:0c:9e:45:74:ed:92:10:38:
58:0b:f1:a3:4a:5d:b1:39:eb:60:15:e2:d3:ed:78:c7:4d:f3:
d6:3f:99:19:cc:63:21:37:d0:39:5a:d8:4e:ac:61:1c:a9:e8:
46:2b:f2:72:82:66:62:4c:ec:e8:aa:0a:65:d8:4a:dc:57:a1:
dc:d1:00:a2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYJP/Mo5kR5if8Bza225dLFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOGJkMTFkYTBmYTljOTQ5ZTJlNGE4NzdjNWQ5NGUxNGZm
ZDdkYmMwHhcNMjIwNzMwMTY0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ3MGUyNTI3NDVjYjE3OTBlZjBlMGIyY2QzNGY4NzQ2OGE5MjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQt6O2rEeFaVAXBL8zIvBwuH90wH
lSEl8kHE1xFICBe2HoJgDopklYRXwERCILkuO/MJabO+EmvorhBQGzfYwOfE3WZ3
lddrYFqvlaeGRwT7wdqi22lPdw2uqIXRoU7XOsYzBtLE/pI20uoOJ3sh+OxexsRm
jdgRsDpDexH2Gk2SgLMcj/3Ubarl1MjxaUAipCeLUdGwgYWFjIthV2ElEFIZJCEA
gC1xmrRYePpubrvIhOTVHLIibBnQdPx8moFx7I17/mToeM44udjFnRbvHvtXUTr2
iAukc+avjZcNaYsyrBEqoUcp0kLTCi8TDmHZEGM/xnaXhjUIbj1SjFTg3wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFN5HDiUnRcsXkO8OCyzTT4dGipJKMB8GA1UdIwQY
MBaAFDGL0R2g+pyUni5Kh3xdlOFP/X28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVl2UkhhRDZuSlNlTGtxSGZGMlU0VV85ZmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9kNzBkYWQtYjgwZi00MWQ4LWI2NTUt
NWUxZmFiN2I4N2NmLzEvM2tjT0pTZEZ5eGVRN3c0TExOTlBoMGFLa2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9kNzBkYWQtYjgwZi00MWQ4LWI2NTUtNWUxZmFiN2I4N2Nm
LzEvTVl2UkhhRDZuSlNlTGtxSGZGMlU0VV85ZmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAW+uoAwQA
wRc8AwQC1HNoMCEEAgACMBsDBQMqCYQAMBIDBwAqD3XAAAEDBwAqD3XAAAQwDQYJ
KoZIhvcNAQELBQADggEBAHsQqAEk6cONuMAdDtXtUthW5uDCFGL9zsydY4vLV7by
Befn0R80RpprNbatRuNlOcVJ44L0dQQ4f0pjDfJ5jgMpnpgaHh0uurnjrYAKRlNv
exJg32Lsls72qk7cyF9UPOpfwVJbp+OK6M/dR40bqueCBoPXR2B2cIoyrl1OJIPK
tk5o346jw3ZLG4sQzZsCvW+3GrFEdijbBevT791+OmMc3Ybw1SoCdMZaJQKhF76b
Y5Te0g5BHiPgc6Pr9QsMnkV07ZIQOFgL8aNKXbE562AV4tPteMdN89Y/mRnMYyE3
0Dla2E6sYRyp6EYr8nKCZmJM7OiqCmXYStxXodzRAKI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:09 2024 by rpki-client on console-fra.rpki-client.org