Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ee9f74-f12a-46a6-8447-1cbe0cce11a7/1/D0RZzGthvXEjRAitJnbjsnN-6z8.roa
File: D0RZzGthvXEjRAitJnbjsnN-6z8.roa (raw, json)
Hash identifier: ZEVc68K8h83NNkeVYDeSs+pa2xCcdZT3lGM1pDTn5LY=
Subject key identifier: 0F:44:59:CC:6B:61:BD:71:23:44:08:AD:26:76:E3:B2:73:7E:EB:3F
Certificate issuer: /CN=beb221926f757ab069fe752d38c068a48964f88b
Certificate serial: 01856E0B0D5B167393E5DC3F2522EA9E2798
Authority key identifier: BE:B2:21:92:6F:75:7A:B0:69:FE:75:2D:38:C0:68:A4:89:64:F8:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrIhkm91erBp_nUtOMBopIlk-Is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/ee9f74-f12a-46a6-8447-1cbe0cce11a7/1/D0RZzGthvXEjRAitJnbjsnN-6z8.roa
Signing time: Sun 01 Jan 2023 15:54:56 +0000
ROA not before: Sun 01 Jan 2023 15:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201038
IP address blocks: 185.87.216.0/22 maxlen: 24
2a03:7c60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:0d:5b:16:73:93:e5:dc:3f:25:22:ea:9e:27:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb221926f757ab069fe752d38c068a48964f88b
Validity
Not Before: Jan 1 15:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f4459cc6b61bd71234408ad2676e3b2737eeb3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:03:87:6b:8c:33:9e:43:99:b4:40:d8:31:02:
f6:8e:3e:e7:43:79:f0:34:b0:b1:79:b4:27:f8:d7:
6f:4e:50:8c:bd:cc:27:07:8b:25:ab:65:b6:32:00:
af:c7:d5:60:23:ce:dc:44:8b:c7:dd:9a:ac:26:5d:
a3:58:12:14:ef:83:29:23:9b:84:6f:9f:32:9f:df:
05:d0:c2:35:5c:ec:6c:9b:42:01:48:6a:fd:ad:20:
89:ce:c4:4e:d5:48:04:de:ff:c7:b6:7a:1d:62:14:
40:85:8f:52:57:5d:0f:9d:81:1f:1b:09:d1:f4:b9:
7a:e2:37:dd:2e:b2:ae:0c:e8:06:93:bd:98:49:b4:
1a:f2:3c:d0:d8:ca:91:33:00:e7:c5:7b:b1:3b:7b:
1b:89:3b:ae:35:77:b0:27:a9:99:98:fd:a2:2f:5f:
1d:1a:b0:a5:8d:04:44:87:92:d2:94:e4:83:71:cd:
ad:7a:86:fa:bf:36:cb:44:b1:91:17:4a:53:48:86:
fd:e9:42:e3:92:7c:9e:2e:2a:a4:94:98:58:a2:2e:
92:43:65:39:b8:77:1d:0a:c5:65:95:7e:51:83:38:
67:22:3b:0e:28:4a:09:a5:f6:5b:7b:48:b4:41:56:
14:ce:3c:07:db:86:a0:32:3d:ae:9a:24:ba:e9:ef:
12:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:44:59:CC:6B:61:BD:71:23:44:08:AD:26:76:E3:B2:73:7E:EB:3F
X509v3 Authority Key Identifier:
keyid:BE:B2:21:92:6F:75:7A:B0:69:FE:75:2D:38:C0:68:A4:89:64:F8:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrIhkm91erBp_nUtOMBopIlk-Is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ee9f74-f12a-46a6-8447-1cbe0cce11a7/1/D0RZzGthvXEjRAitJnbjsnN-6z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ee9f74-f12a-46a6-8447-1cbe0cce11a7/1/vrIhkm91erBp_nUtOMBopIlk-Is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.216.0/22
IPv6:
2a03:7c60::/32
Signature Algorithm: sha256WithRSAEncryption
34:b1:2f:19:a4:0b:1d:39:02:c7:f8:e6:e8:f3:21:c1:de:7c:
48:fc:62:4a:0c:c0:c4:60:d5:26:ea:7a:1e:e6:ab:55:4a:ac:
9b:a7:b4:06:7a:26:af:63:22:fe:da:0d:e8:6f:1a:39:06:c3:
43:71:ba:19:4b:bb:5b:09:8c:99:ee:df:11:6c:32:8e:ab:f1:
22:a8:29:53:33:88:88:e8:df:fb:07:b3:71:40:c8:23:d5:da:
28:6c:66:8a:57:2f:28:63:83:f6:6c:5b:db:0a:dd:85:5b:7b:
5a:5a:0c:f7:15:a4:ef:28:c8:0d:9b:8d:84:eb:2a:27:13:af:
7f:0c:36:e7:37:06:5c:7e:cf:aa:14:00:98:6b:79:5a:a3:db:
63:30:ef:9b:d6:dc:a4:52:70:6c:1e:8e:69:3d:da:65:64:d5:
2c:d1:00:5b:f2:33:f2:b7:cc:cd:9f:da:09:0f:d6:24:ba:a9:
3b:ff:93:aa:98:b0:01:09:d5:7b:20:74:57:d5:91:99:74:89:
11:fe:be:2d:96:77:65:fd:f6:e9:2d:a0:b7:fe:65:1a:da:a2:
81:83:13:68:a8:ed:3f:73:d5:3d:57:30:fb:b4:81:6e:28:1b:
67:3c:f5:c5:d7:41:84:85:33:a9:8a:07:30:8a:b3:8b:26:d3:
d1:ac:b6:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuCw1bFnOT5dw/JSLqnieYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjIyMTkyNmY3NTdhYjA2OWZlNzUyZDM4YzA2OGE0ODk2
NGY4OGIwHhcNMjMwMTAxMTU1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQ0NTljYzZiNjFiZDcxMjM0NDA4YWQyNjc2ZTNiMjczN2VlYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwOHa4wznkOZtEDYMQL2jj7nQ3nw
NLCxebQn+NdvTlCMvcwnB4slq2W2MgCvx9VgI87cRIvH3ZqsJl2jWBIU74MpI5uE
b58yn98F0MI1XOxsm0IBSGr9rSCJzsRO1UgE3v/HtnodYhRAhY9SV10PnYEfGwnR
9Ll64jfdLrKuDOgGk72YSbQa8jzQ2MqRMwDnxXuxO3sbiTuuNXewJ6mZmP2iL18d
GrCljQREh5LSlOSDcc2teob6vzbLRLGRF0pTSIb96ULjknyeLiqklJhYoi6SQ2U5
uHcdCsVllX5RgzhnIjsOKEoJpfZbe0i0QVYUzjwH24agMj2umiS66e8SWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA9EWcxrYb1xI0QIrSZ247Jzfus/MB8GA1UdIwQY
MBaAFL6yIZJvdXqwaf51LTjAaKSJZPiLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJJaGttOTFlckJwX25VdE9NQm9wSWxrLUlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lZTlmNzQtZjEyYS00NmE2LTg0NDct
MWNiZTBjY2UxMWE3LzEvRDBSWnpHdGh2WEVqUkFpdEpuYmpzbk4tNno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lZTlmNzQtZjEyYS00NmE2LTg0NDctMWNiZTBjY2UxMWE3
LzEvdnJJaGttOTFlckJwX25VdE9NQm9wSWxrLUlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVfYMA0E
AgACMAcDBQAqA3xgMA0GCSqGSIb3DQEBCwUAA4IBAQA0sS8ZpAsdOQLH+Obo8yHB
3nxI/GJKDMDEYNUm6noe5qtVSqybp7QGeiavYyL+2g3obxo5BsNDcboZS7tbCYyZ
7t8RbDKOq/EiqClTM4iI6N/7B7NxQMgj1doobGaKVy8oY4P2bFvbCt2FW3taWgz3
FaTvKMgNm42E6yonE69/DDbnNwZcfs+qFACYa3lao9tjMO+b1tykUnBsHo5pPdpl
ZNUs0QBb8jPyt8zNn9oJD9Ykuqk7/5OqmLABCdV7IHRX1ZGZdIkR/r4tlndl/fbp
LaC3/mUa2qKBgxNoqO0/c9U9VzD7tIFuKBtnPPXF10GEhTOpigcwirOLJtPRrLah
-----END CERTIFICATE-----
Generated at Mon Aug 21 14:59:05 2023 by rpki-client on console-fra.rpki-client.org