Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/n2-qyLsVcI5QWOeN8fOeA1Bank0.roa
File: n2-qyLsVcI5QWOeN8fOeA1Bank0.roa (raw, json)
Hash identifier: wxpGPIq5uyPTsJ7Z6la2qu43tL3qmqW8aKPs6nnyo6w=
Subject key identifier: 9F:6F:AA:C8:BB:15:70:8E:50:58:E7:8D:F1:F3:9E:03:50:5A:9E:4D
Certificate issuer: /CN=19a6857c5ba3f51dbe38f4c4a0c77c84ff0fb355
Certificate serial: 01856DC1D546366B163F83EE3C6447B61FB6
Authority key identifier: 19:A6:85:7C:5B:A3:F5:1D:BE:38:F4:C4:A0:C7:7C:84:FF:0F:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/n2-qyLsVcI5QWOeN8fOeA1Bank0.roa
Signing time: Sun 01 Jan 2023 14:34:57 +0000
ROA not before: Sun 01 Jan 2023 14:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206065
IP address blocks: 185.172.0.0/22 maxlen: 24
185.197.68.0/22 maxlen: 24
188.121.128.0/19 maxlen: 24
92.61.184.0/21 maxlen: 24
37.221.0.0/18 maxlen: 24
37.235.16.0/20 maxlen: 24
91.184.64.0/20 maxlen: 24
94.139.160.0/20 maxlen: 24
37.19.80.0/20 maxlen: 24
37.19.81.0/24 maxlen: 24
185.30.76.0/22 maxlen: 24
45.144.124.0/22 maxlen: 24
92.119.68.0/22 maxlen: 24
45.128.140.0/22 maxlen: 24
213.207.192.0/20 maxlen: 24
81.91.144.0/20 maxlen: 24
2a0c:100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:d5:46:36:6b:16:3f:83:ee:3c:64:47:b6:1f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a6857c5ba3f51dbe38f4c4a0c77c84ff0fb355
Validity
Not Before: Jan 1 14:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f6faac8bb15708e5058e78df1f39e03505a9e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:58:23:4d:b0:84:bc:46:6c:fe:ce:5b:ed:1f:
ff:58:e6:a8:14:bf:f5:9a:4a:a3:95:95:38:86:46:
60:d0:98:6c:a5:0b:8b:a7:4e:15:5d:9e:05:62:33:
45:32:26:5e:70:77:80:76:58:65:0a:a7:4a:f3:56:
0a:e7:31:7a:cc:b4:73:05:dc:a3:13:b8:05:54:14:
15:39:87:46:13:b0:97:c5:be:ae:97:ec:10:4b:d6:
b9:c0:c8:15:ad:5f:ce:c5:1e:5d:24:d9:ae:df:91:
13:91:b8:fd:98:14:5b:0b:d4:62:28:d7:64:3c:ad:
bc:c2:60:6a:bc:fc:bc:d6:5b:d9:09:bc:5b:c4:ee:
fb:97:72:9d:dd:c0:9a:04:ea:d9:40:b1:02:2f:fb:
6d:b6:ba:6a:d4:c0:ae:8d:b3:27:3a:08:68:5f:9d:
76:9b:a3:14:92:28:73:11:a5:36:66:cf:77:7f:7b:
0e:4a:7a:fd:00:6d:86:42:f7:d9:aa:b7:5f:45:81:
87:df:4a:05:b3:d1:51:19:98:39:21:f1:dc:99:da:
ae:95:7b:be:56:d3:cb:56:ed:bb:bb:6c:b2:e1:05:
80:79:53:ce:16:de:07:21:87:30:bf:05:42:f1:37:
43:2a:f1:69:5d:de:a7:d0:68:99:19:b6:25:99:ec:
78:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6F:AA:C8:BB:15:70:8E:50:58:E7:8D:F1:F3:9E:03:50:5A:9E:4D
X509v3 Authority Key Identifier:
keyid:19:A6:85:7C:5B:A3:F5:1D:BE:38:F4:C4:A0:C7:7C:84:FF:0F:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/n2-qyLsVcI5QWOeN8fOeA1Bank0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/16571f-c485-4e73-9cdf-cc3db54f6a47/1/GaaFfFuj9R2-OPTEoMd8hP8Ps1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.80.0/20
37.221.0.0/18
37.235.16.0/20
45.128.140.0/22
45.144.124.0/22
81.91.144.0/20
91.184.64.0/20
92.61.184.0/21
92.119.68.0/22
94.139.160.0/20
185.30.76.0/22
185.172.0.0/22
185.197.68.0/22
188.121.128.0/19
213.207.192.0/20
IPv6:
2a0c:100::/29
Signature Algorithm: sha256WithRSAEncryption
89:30:37:58:a5:ad:14:50:bf:dc:ca:e8:4c:cd:de:9d:2b:9e:
1b:1f:1f:6c:27:dc:c4:af:c4:36:b8:9e:31:aa:8a:33:f2:c9:
59:5c:b8:53:6b:af:91:e4:7f:fb:78:21:e2:10:c8:af:81:b2:
82:30:35:55:76:fa:08:00:c6:e0:a5:5a:7e:5a:37:cb:87:dc:
be:3d:b2:c1:eb:f5:99:b9:13:f4:01:0e:e8:e5:f1:f7:91:f9:
23:59:27:f0:0f:c6:b0:e3:82:a7:85:34:44:db:a8:d4:8a:2e:
a7:99:bc:08:94:f6:4e:fa:91:b2:f9:01:79:eb:97:7d:ce:c1:
2b:0c:09:4f:58:9e:5d:c5:a0:39:fd:94:f3:4e:26:51:16:9f:
e8:ed:a9:19:35:21:1a:d3:44:83:44:00:52:6d:c9:cf:62:c3:
81:42:66:ba:b3:05:c3:61:a8:01:53:0a:73:25:e8:5d:73:73:
34:f2:64:1e:66:04:7c:7c:ac:11:ee:07:72:19:66:dc:fc:9c:
6c:0d:da:ac:85:33:a9:b9:ee:83:b2:7f:2b:ec:d1:14:45:86:
26:06:7c:59:de:94:1c:08:ff:23:01:15:45:85:85:67:c4:68:
70:22:d8:95:1f:66:49:66:19:de:e0:8d:38:1f:2c:61:36:00:
b7:1a:a9:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYVtwdVGNmsWP4PuPGRHth+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTY4NTdjNWJhM2Y1MWRiZTM4ZjRjNGEwYzc3Yzg0ZmYw
ZmIzNTUwHhcNMjMwMTAxMTQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjZmYWFjOGJiMTU3MDhlNTA1OGU3OGRmMWYzOWUwMzUwNWE5ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVgjTbCEvEZs/s5b7R//WOaoFL/1
mkqjlZU4hkZg0JhspQuLp04VXZ4FYjNFMiZecHeAdlhlCqdK81YK5zF6zLRzBdyj
E7gFVBQVOYdGE7CXxb6ul+wQS9a5wMgVrV/OxR5dJNmu35ETkbj9mBRbC9RiKNdk
PK28wmBqvPy81lvZCbxbxO77l3Kd3cCaBOrZQLECL/tttrpq1MCujbMnOghoX512
m6MUkihzEaU2Zs93f3sOSnr9AG2GQvfZqrdfRYGH30oFs9FRGZg5IfHcmdqulXu+
VtPLVu27u2yy4QWAeVPOFt4HIYcwvwVC8TdDKvFpXd6n0GiZGbYlmex4EQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFJ9vqsi7FXCOUFjnjfHzngNQWp5NMB8GA1UdIwQY
MBaAFBmmhXxbo/Udvjj0xKDHfIT/D7NVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FhRmZGdWo5UjItT1BURW9NZDhoUDhQczFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xNjU3MWYtYzQ4NS00ZTczLTljZGYt
Y2MzZGI1NGY2YTQ3LzEvbjItcXlMc1ZjSTVRV09lTjhmT2VBMUJhbmswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xNjU3MWYtYzQ4NS00ZTczLTljZGYtY2MzZGI1NGY2YTQ3
LzEvR2FhRmZGdWo5UjItT1BURW9NZDhoUDhQczFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBCUTUAME
BiXdAAMEBCXrEAMEAi2AjAMEAi2QfAMEBFFbkAMEBFu4QAMEA1w9uAMEAlx3RAME
BF6LoAMEArkeTAMEArmsAAMEArnFRAMEBbx5gAMEBNXPwDANBAIAAjAHAwUDKgwB
ADANBgkqhkiG9w0BAQsFAAOCAQEAiTA3WKWtFFC/3MroTM3enSueGx8fbCfcxK/E
NrieMaqKM/LJWVy4U2uvkeR/+3gh4hDIr4GygjA1VXb6CADG4KVaflo3y4fcvj2y
wev1mbkT9AEO6OXx95H5I1kn8A/GsOOCp4U0RNuo1Ioup5m8CJT2TvqRsvkBeeuX
fc7BKwwJT1ieXcWgOf2U804mURaf6O2pGTUhGtNEg0QAUm3Jz2LDgUJmurMFw2Go
AVMKcyXoXXNzNPJkHmYEfHysEe4Hchlm3PycbA3arIUzqbnug7J/K+zRFEWGJgZ8
Wd6UHAj/IwEVRYWFZ8RocCLYlR9mSWYZ3uCNOB8sYTYAtxqpmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:59 2024 by rpki-client on console-ams.rpki-client.org