Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/smdtwR7Mh1CctABCafJ-2myyMcE.roa
File: smdtwR7Mh1CctABCafJ-2myyMcE.roa (raw, json)
Hash identifier: 2eDcG5PTkjSpfNumKHF1aIQnceR8CWgR4Nhh9X0VytI=
Subject key identifier: B2:67:6D:C1:1E:CC:87:50:9C:B4:00:42:69:F2:7E:DA:6C:B2:31:C1
Certificate issuer: /CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Certificate serial: 018D13D7F18F5283EA81B28638240DAE99B4
Authority key identifier: 33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/smdtwR7Mh1CctABCafJ-2myyMcE.roa
Signing time: Tue 16 Jan 2024 19:55:35 +0000
ROA not before: Tue 16 Jan 2024 19:55:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 62.204.57.0/24 maxlen: 24
146.19.194.0/24 maxlen: 24
212.18.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:f1:8f:52:83:ea:81:b2:86:38:24:0d:ae:99:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Validity
Not Before: Jan 16 19:55:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2676dc11ecc87509cb4004269f27eda6cb231c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d0:95:dd:d7:95:8c:7b:0b:9d:40:51:64:51:
1b:8c:26:66:67:04:c2:5d:df:87:60:4a:e7:4c:b5:
1d:f5:01:55:57:4d:55:d9:69:25:63:7e:cc:28:67:
a4:2d:00:6d:43:7d:81:b7:2c:b9:18:03:f1:64:94:
21:c3:3c:65:fd:08:89:8a:3f:23:3e:02:d2:7f:cf:
a2:c0:f1:5c:b4:70:3f:ba:2f:a7:a8:df:3d:e3:6b:
c4:b9:28:9d:b7:62:cc:e3:4d:7e:1c:2a:b0:74:7e:
db:2f:62:76:95:ab:30:43:9a:0b:6d:64:ce:f4:4d:
68:02:31:c5:cd:ca:6f:18:aa:f9:0d:6d:14:d6:12:
a7:b6:b1:cd:24:d9:e0:75:89:7d:5b:e1:14:d2:43:
26:e7:28:ab:35:89:56:5a:f6:90:c6:bd:72:73:ee:
93:6f:a1:da:a0:cb:d1:52:fb:1d:b8:9d:8a:f5:81:
09:4d:98:3c:ee:57:46:b4:ab:8b:db:3b:64:8b:d5:
38:74:80:34:f1:39:54:9e:de:2f:68:6f:4b:c6:c9:
75:13:02:3a:71:6a:dc:ce:0d:35:79:4e:e1:94:e6:
b4:22:a5:9f:9e:1c:89:b1:bb:ed:2f:e5:b0:67:e6:
10:d0:49:38:44:8c:a6:8f:45:ec:cf:8c:2f:09:b3:
7d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:67:6D:C1:1E:CC:87:50:9C:B4:00:42:69:F2:7E:DA:6C:B2:31:C1
X509v3 Authority Key Identifier:
keyid:33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/smdtwR7Mh1CctABCafJ-2myyMcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/M_XOH8N5J8taTmexdsemOzL_bok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.57.0/24
146.19.194.0/24
212.18.103.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:6e:7d:96:af:6b:2c:d6:3c:1d:ae:9b:e4:ae:41:bc:34:5e:
72:55:66:fe:bb:aa:87:34:91:6a:70:18:98:b9:c3:92:50:d0:
e9:c6:f7:34:10:c9:5d:b7:d8:f9:a3:23:0a:10:ea:4e:1d:fe:
70:73:31:66:7b:ba:95:7d:a3:ba:7c:39:27:d3:29:ed:52:b6:
a3:57:59:6e:76:33:2c:98:55:91:62:0b:eb:3b:2e:dc:6c:62:
dc:24:f9:bb:cd:cb:d4:7c:d7:d7:b7:6e:d6:66:93:8c:ac:c9:
a2:86:56:ea:cf:86:bd:f7:cf:32:03:4a:dc:5b:03:26:e9:d2:
0c:47:01:2a:0c:a5:cb:04:7f:f9:31:35:79:06:b5:40:b7:05:
92:6f:fd:3d:5d:ba:3b:d9:b3:ef:83:5a:a3:f0:96:69:59:75:
30:60:7b:01:da:58:03:7c:2c:50:c9:30:90:58:59:d3:b1:68:
ae:f7:9c:66:bc:9e:dc:3e:f3:43:65:bc:8c:f8:e9:b5:d7:6f:
39:88:b2:b8:9a:a9:f4:fc:84:cf:bc:a6:2a:38:43:0c:25:5b:
bf:10:95:77:c1:a0:7b:6e:ec:60:2d:d6:37:c6:0a:56:85:7d:
59:e0:4a:fb:e4:92:74:16:ef:4f:4b:ca:ec:f9:74:60:12:e6:
47:ba:7b:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0T1/GPUoPqgbKGOCQNrpm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZjVjZTFmYzM3OTI3Y2I1YTRlNjdiMTc2YzdhNjNiMzJm
ZjZlODkwHhcNMjQwMTE2MTk1NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY3NmRjMTFlY2M4NzUwOWNiNDAwNDI2OWYyN2VkYTZjYjIzMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdCV3deVjHsLnUBRZFEbjCZmZwTC
Xd+HYErnTLUd9QFVV01V2WklY37MKGekLQBtQ32Btyy5GAPxZJQhwzxl/QiJij8j
PgLSf8+iwPFctHA/ui+nqN8942vEuSidt2LM401+HCqwdH7bL2J2laswQ5oLbWTO
9E1oAjHFzcpvGKr5DW0U1hKntrHNJNngdYl9W+EU0kMm5yirNYlWWvaQxr1yc+6T
b6HaoMvRUvsduJ2K9YEJTZg87ldGtKuL2ztki9U4dIA08TlUnt4vaG9Lxsl1EwI6
cWrczg01eU7hlOa0IqWfnhyJsbvtL+WwZ+YQ0Ek4RIymj0Xsz4wvCbN99QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLJnbcEezIdQnLQAQmnyftpssjHBMB8GA1UdIwQY
MBaAFDP1zh/DeSfLWk5nsXbHpjsy/26JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUt
M2ZmYzAxZmNiZmI2LzEvc21kdHdSN01oMUNjdEFCQ2FmSi0ybXl5TWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUtM2ZmYzAxZmNiZmI2
LzEvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPsw5AwQA
khPCAwQA1BJnMA0GCSqGSIb3DQEBCwUAA4IBAQCcbn2Wr2ss1jwdrpvkrkG8NF5y
VWb+u6qHNJFqcBiYucOSUNDpxvc0EMldt9j5oyMKEOpOHf5wczFme7qVfaO6fDkn
0yntUrajV1ludjMsmFWRYgvrOy7cbGLcJPm7zcvUfNfXt27WZpOMrMmihlbqz4a9
988yA0rcWwMm6dIMRwEqDKXLBH/5MTV5BrVAtwWSb/09Xbo72bPvg1qj8JZpWXUw
YHsB2lgDfCxQyTCQWFnTsWiu95xmvJ7cPvNDZbyM+Om11285iLK4mqn0/ITPvKYq
OEMMJVu/EJV3waB7buxgLdY3xgpWhX1Z4Er75JJ0Fu9PS8rs+XRgEuZHunsj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:21 2024 by rpki-client on console-fra.rpki-client.org