Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/wG9B4U2LzdTYbbqzXP35QsHTd6M.roa
File: wG9B4U2LzdTYbbqzXP35QsHTd6M.roa (raw, json)
Hash identifier: 96Q8bccdFf8Tq9pfJTKle8Hf1EnY8k1RaWdY+fMLzOU=
Subject key identifier: C0:6F:41:E1:4D:8B:CD:D4:D8:6D:BA:B3:5C:FD:F9:42:C1:D3:77:A3
Certificate issuer: /CN=6085397f26a044caef6a6b669287331aa4d68645
Certificate serial: 01856ABDCD6AEAA51D2DFA146E95086DB8B7
Authority key identifier: 60:85:39:7F:26:A0:44:CA:EF:6A:6B:66:92:87:33:1A:A4:D6:86:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YIU5fyagRMrvamtmkoczGqTWhkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/wG9B4U2LzdTYbbqzXP35QsHTd6M.roa
Signing time: Sun 01 Jan 2023 00:31:41 +0000
ROA not before: Sun 01 Jan 2023 00:31:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.229.200.0/22 maxlen: 24
185.213.242.0/24 maxlen: 24
185.111.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:bd:cd:6a:ea:a5:1d:2d:fa:14:6e:95:08:6d:b8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6085397f26a044caef6a6b669287331aa4d68645
Validity
Not Before: Jan 1 00:31:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c06f41e14d8bcdd4d86dbab35cfdf942c1d377a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:71:54:70:af:9a:a5:8d:40:bd:ea:c6:c9:e9:
e2:08:ab:76:8e:e4:95:33:97:b9:7e:79:48:55:1b:
35:12:b9:1a:e0:fa:33:4d:9c:0f:e6:71:c7:fc:cb:
f3:a4:ea:20:70:54:43:db:d3:43:bc:cb:b8:c9:83:
77:e7:5c:4b:78:3a:48:a5:5e:0a:99:19:00:d4:bf:
d3:89:8e:f9:6a:cd:f2:ca:12:96:b6:ed:6d:ea:38:
b4:f3:46:cf:43:d6:32:99:d6:94:9f:d9:f4:28:37:
d6:c2:85:65:38:68:e5:34:b3:0d:6b:24:ee:d3:1d:
85:33:4c:c8:05:6d:7e:46:16:37:aa:64:df:5d:c3:
14:52:a5:65:b5:81:47:52:5d:83:d7:f5:0e:29:52:
d1:cc:e9:92:4d:71:97:91:be:4d:b3:5b:2f:1c:6d:
d2:8a:8d:b3:a6:0c:d3:2a:f6:d7:66:a0:5a:e0:ec:
4a:a6:1e:63:b7:67:18:75:38:ce:99:f0:d9:cb:a8:
e3:ec:fd:2e:29:cd:c7:de:e0:cd:32:9b:8e:76:02:
31:3e:cc:2c:6a:bd:04:57:6b:36:fb:b5:28:9c:bf:
30:50:2f:57:0d:3a:e1:1b:09:89:09:ce:cc:53:df:
3b:f2:6e:f3:e4:6b:76:3d:48:e7:66:2e:a5:92:6c:
2a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6F:41:E1:4D:8B:CD:D4:D8:6D:BA:B3:5C:FD:F9:42:C1:D3:77:A3
X509v3 Authority Key Identifier:
keyid:60:85:39:7F:26:A0:44:CA:EF:6A:6B:66:92:87:33:1A:A4:D6:86:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YIU5fyagRMrvamtmkoczGqTWhkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/wG9B4U2LzdTYbbqzXP35QsHTd6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1125a2-4432-483f-a00b-616d97a77bd6/1/YIU5fyagRMrvamtmkoczGqTWhkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.188.0/24
185.213.242.0/24
185.229.200.0/22
Signature Algorithm: sha256WithRSAEncryption
82:4e:d6:fa:1a:ab:a1:9b:a9:6d:19:c5:8e:5c:ef:23:cd:74:
37:63:cb:22:df:ba:39:79:86:e6:6c:27:a5:46:30:18:eb:67:
cc:45:a0:95:92:8d:89:28:3d:b2:69:72:6c:67:a1:d2:43:cd:
d7:7d:ee:2e:64:28:ff:3b:dc:68:b0:5d:d6:ee:4b:30:05:95:
99:59:21:b1:34:f4:7a:77:18:72:73:35:e3:31:eb:6d:c8:66:
ed:c0:7e:fc:b3:d0:23:ae:9b:75:2f:2c:3f:16:c8:e1:17:14:
81:00:ca:68:f0:b3:58:89:7d:12:86:e8:00:ae:06:d1:1d:0a:
07:2d:df:d5:91:b0:62:af:a2:af:81:29:b6:ae:79:e1:86:9f:
29:1f:80:3e:d2:1b:f0:d4:50:4a:94:c6:67:2e:fb:ef:af:1d:
ce:79:e8:56:57:79:00:36:51:9e:ad:b3:56:ec:38:47:c2:39:
b2:2a:37:7a:a1:66:42:15:85:9d:85:58:cd:0d:da:27:f0:71:
e2:ac:26:94:77:a2:c0:f9:d4:16:e4:b9:56:24:2a:1d:24:60:
2b:9b:cb:ae:af:12:ab:ae:00:92:a5:8c:6b:8d:d5:22:dc:0d:
00:0a:cb:f9:4e:62:80:e3:00:fd:73:1d:b6:61:cb:a6:de:e8:
c4:c6:96:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVqvc1q6qUdLfoUbpUIbbi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwODUzOTdmMjZhMDQ0Y2FlZjZhNmI2NjkyODczMzFhYTRk
Njg2NDUwHhcNMjMwMTAxMDAzMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDZmNDFlMTRkOGJjZGQ0ZDg2ZGJhYjM1Y2ZkZjk0MmMxZDM3N2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHFUcK+apY1AverGyeniCKt2juSV
M5e5fnlIVRs1Erka4PozTZwP5nHH/MvzpOogcFRD29NDvMu4yYN351xLeDpIpV4K
mRkA1L/TiY75as3yyhKWtu1t6ji080bPQ9YymdaUn9n0KDfWwoVlOGjlNLMNayTu
0x2FM0zIBW1+RhY3qmTfXcMUUqVltYFHUl2D1/UOKVLRzOmSTXGXkb5Ns1svHG3S
io2zpgzTKvbXZqBa4OxKph5jt2cYdTjOmfDZy6jj7P0uKc3H3uDNMpuOdgIxPsws
ar0EV2s2+7UonL8wUC9XDTrhGwmJCc7MU9878m7z5Gt2PUjnZi6lkmwqtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMBvQeFNi83U2G26s1z9+ULB03ejMB8GA1UdIwQY
MBaAFGCFOX8moETK72prZpKHMxqk1oZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUlVNWZ5YWdSTXJ2YW10bWtvY3pHcVRXaGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xMTI1YTItNDQzMi00ODNmLWEwMGIt
NjE2ZDk3YTc3YmQ2LzEvd0c5QjRVMkx6ZFRZYmJxelhQMzVRc0hUZDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xMTI1YTItNDQzMi00ODNmLWEwMGItNjE2ZDk3YTc3YmQ2
LzEvWUlVNWZ5YWdSTXJ2YW10bWtvY3pHcVRXaGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuW+8AwQA
udXyAwQCueXIMA0GCSqGSIb3DQEBCwUAA4IBAQCCTtb6Gquhm6ltGcWOXO8jzXQ3
Y8si37o5eYbmbCelRjAY62fMRaCVko2JKD2yaXJsZ6HSQ83Xfe4uZCj/O9xosF3W
7kswBZWZWSGxNPR6dxhyczXjMettyGbtwH78s9Ajrpt1Lyw/FsjhFxSBAMpo8LNY
iX0ShugArgbRHQoHLd/VkbBir6KvgSm2rnnhhp8pH4A+0hvw1FBKlMZnLvvvrx3O
eehWV3kANlGerbNW7DhHwjmyKjd6oWZCFYWdhVjNDdon8HHirCaUd6LA+dQW5LlW
JCodJGArm8uurxKrrgCSpYxrjdUi3A0ACsv5TmKA4wD9cx22Ycum3ujExpbQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:46 2024 by rpki-client on console-ams.rpki-client.org