Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/7c3cec-c7d2-45cb-b72c-26ccfcc744e5/1/NK8dWYEqf4mfaRsSLoAhw_K_VMQ.roa
File: NK8dWYEqf4mfaRsSLoAhw_K_VMQ.roa (raw, json)
Hash identifier: PpTsFXyPAx2/0cDgsbtqOTvYmg7zHWuiEC3dAJdVypE=
Subject key identifier: 34:AF:1D:59:81:2A:7F:89:9F:69:1B:12:2E:80:21:C3:F2:BF:54:C4
Certificate issuer: /CN=bcc36b3a0a55beb529e407328588963d86786cbf
Certificate serial: 01856D541693F5FAF7EA12723B5856706DA4
Authority key identifier: BC:C3:6B:3A:0A:55:BE:B5:29:E4:07:32:85:88:96:3D:86:78:6C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMNrOgpVvrUp5AcyhYiWPYZ4bL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/7c3cec-c7d2-45cb-b72c-26ccfcc744e5/1/NK8dWYEqf4mfaRsSLoAhw_K_VMQ.roa
Signing time: Sun 01 Jan 2023 12:35:05 +0000
ROA not before: Sun 01 Jan 2023 12:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205836
IP address blocks: 185.157.129.0/24 maxlen: 24
185.157.130.0/23 maxlen: 23
185.157.130.0/24 maxlen: 24
185.157.131.0/24 maxlen: 24
185.157.128.0/22 maxlen: 22
185.157.128.0/24 maxlen: 24
185.157.128.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:16:93:f5:fa:f7:ea:12:72:3b:58:56:70:6d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc36b3a0a55beb529e407328588963d86786cbf
Validity
Not Before: Jan 1 12:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34af1d59812a7f899f691b122e8021c3f2bf54c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:35:5f:aa:f0:2a:e4:46:2b:1e:7e:09:97:dd:
f3:eb:48:0f:ac:89:89:5d:9f:c6:ae:69:8e:91:da:
cf:15:f5:47:5a:4d:77:f9:79:7d:40:02:14:bd:8a:
ca:4a:e9:c3:e9:30:e9:db:0b:95:62:13:e6:66:3d:
ab:63:81:00:38:76:54:ce:df:ce:c7:ba:e4:a3:64:
23:31:b8:ed:a3:b3:c7:be:d7:05:88:4d:16:83:23:
ff:8a:15:d0:6e:c9:9b:ac:6e:d7:20:60:0d:65:41:
06:5f:5f:93:68:92:b5:92:cb:dc:ea:ec:d5:26:b2:
7c:fc:4f:f8:33:3b:b3:77:52:c7:c4:0f:ae:24:65:
44:eb:0f:cc:58:3e:a4:68:c7:81:46:91:65:cb:0c:
79:12:0a:99:a6:3c:6e:89:83:58:d8:46:cd:d1:8f:
8a:c6:5b:1e:ad:39:88:b9:99:52:61:57:1b:37:ff:
f0:8e:7b:38:2f:1c:76:1d:34:b7:9a:75:35:68:c7:
ea:89:16:e3:dc:19:95:87:87:71:98:8b:19:ff:30:
6d:cc:66:53:73:0c:e4:51:28:fb:10:01:b3:dd:a7:
1b:9f:e7:9a:1c:32:0f:a5:5c:14:ad:eb:94:6f:6a:
57:f7:c3:36:da:b3:ff:ba:35:36:a7:4d:1b:64:0a:
99:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:AF:1D:59:81:2A:7F:89:9F:69:1B:12:2E:80:21:C3:F2:BF:54:C4
X509v3 Authority Key Identifier:
keyid:BC:C3:6B:3A:0A:55:BE:B5:29:E4:07:32:85:88:96:3D:86:78:6C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMNrOgpVvrUp5AcyhYiWPYZ4bL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c3cec-c7d2-45cb-b72c-26ccfcc744e5/1/NK8dWYEqf4mfaRsSLoAhw_K_VMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/7c3cec-c7d2-45cb-b72c-26ccfcc744e5/1/vMNrOgpVvrUp5AcyhYiWPYZ4bL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.128.0/22
Signature Algorithm: sha256WithRSAEncryption
69:5d:ab:11:08:52:45:0b:9a:e7:8b:35:fe:bf:d5:2f:9d:fd:
6f:4f:23:ac:f2:e5:6f:a4:8a:f9:da:f5:79:7c:b5:c9:66:7f:
f9:79:38:6e:7c:84:04:28:cb:ba:8a:fc:f3:11:b0:96:b3:ab:
c8:38:2e:59:81:46:53:f5:52:80:68:f6:5e:78:64:ff:44:e7:
c9:21:63:54:d2:99:42:e7:2a:50:c0:a5:07:97:5f:e0:ff:a5:
fe:c1:b6:3e:64:75:e8:1d:8d:95:8a:71:cc:4b:01:4f:b4:ae:
2b:ee:71:8b:78:fe:2f:d8:fb:d4:12:14:b3:cd:97:f1:cf:23:
cc:ae:42:e1:be:a1:f7:ef:e8:96:2a:ab:c0:15:40:43:23:75:
b1:61:65:20:68:22:e8:bf:1a:d7:4e:0d:0e:b5:e5:f5:ec:24:
3a:c2:63:bf:12:ad:c0:3e:68:a7:fa:ac:a6:00:32:e4:04:a0:
db:7e:4e:f3:59:b2:e6:70:54:18:4d:bf:d8:6f:24:12:d0:86:
70:07:4c:cd:64:dc:12:26:0f:c8:c1:cf:90:34:e4:4a:53:59:
14:52:d0:e4:3d:e8:fb:fb:27:f5:79:27:35:2e:78:a4:24:04:
3f:47:90:3f:5c:5f:4d:49:da:34:9d:89:62:77:8c:0d:74:02:
b6:68:80:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVBaT9fr36hJyO1hWcG2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYzM2YjNhMGE1NWJlYjUyOWU0MDczMjg1ODg5NjNkODY3
ODZjYmYwHhcNMjMwMTAxMTIzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGFmMWQ1OTgxMmE3Zjg5OWY2OTFiMTIyZTgwMjFjM2YyYmY1NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjVfqvAq5EYrHn4Jl93z60gPrImJ
XZ/GrmmOkdrPFfVHWk13+Xl9QAIUvYrKSunD6TDp2wuVYhPmZj2rY4EAOHZUzt/O
x7rko2QjMbjto7PHvtcFiE0WgyP/ihXQbsmbrG7XIGANZUEGX1+TaJK1ksvc6uzV
JrJ8/E/4Mzuzd1LHxA+uJGVE6w/MWD6kaMeBRpFlywx5EgqZpjxuiYNY2EbN0Y+K
xlserTmIuZlSYVcbN//wjns4Lxx2HTS3mnU1aMfqiRbj3BmVh4dxmIsZ/zBtzGZT
cwzkUSj7EAGz3acbn+eaHDIPpVwUreuUb2pX98M22rP/ujU2p00bZAqZIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSvHVmBKn+Jn2kbEi6AIcPyv1TEMB8GA1UdIwQY
MBaAFLzDazoKVb61KeQHMoWIlj2GeGy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk1Ock9ncFZ2clVwNUFjeWhZaVdQWVo0Ykw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83YzNjZWMtYzdkMi00NWNiLWI3MmMt
MjZjY2ZjYzc0NGU1LzEvTks4ZFdZRXFmNG1mYVJzU0xvQWh3X0tfVk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83YzNjZWMtYzdkMi00NWNiLWI3MmMtMjZjY2ZjYzc0NGU1
LzEvdk1Ock9ncFZ2clVwNUFjeWhZaVdQWVo0Ykw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ2AMA0G
CSqGSIb3DQEBCwUAA4IBAQBpXasRCFJFC5rnizX+v9Uvnf1vTyOs8uVvpIr52vV5
fLXJZn/5eThufIQEKMu6ivzzEbCWs6vIOC5ZgUZT9VKAaPZeeGT/ROfJIWNU0plC
5ypQwKUHl1/g/6X+wbY+ZHXoHY2VinHMSwFPtK4r7nGLeP4v2PvUEhSzzZfxzyPM
rkLhvqH37+iWKqvAFUBDI3WxYWUgaCLovxrXTg0OteX17CQ6wmO/Eq3APmin+qym
ADLkBKDbfk7zWbLmcFQYTb/YbyQS0IZwB0zNZNwSJg/Iwc+QNORKU1kUUtDkPej7
+yf1eSc1LnikJAQ/R5A/XF9NSdo0nYlid4wNdAK2aIAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:29 2024 by rpki-client on console-ams.rpki-client.org