Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/d5XwQtQ6CppFh_mtx0N9WV8Gj8s.roa
File: d5XwQtQ6CppFh_mtx0N9WV8Gj8s.roa (raw, json)
Hash identifier: rUz7UA7y5mdMdhmJRWl5s7164JkGMeNpG+na3aRIrmU=
Subject key identifier: 77:95:F0:42:D4:3A:0A:9A:45:87:F9:AD:C7:43:7D:59:5F:06:8F:CB
Certificate issuer: /CN=3f1eb51c80ccb36bfdc74667d17fc3cf1220d63e
Certificate serial: 018CC6B78F0BB4D647C6F15473CB565368CA
Authority key identifier: 3F:1E:B5:1C:80:CC:B3:6B:FD:C7:46:67:D1:7F:C3:CF:12:20:D6:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Px61HIDMs2v9x0Zn0X_DzxIg1j4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/d5XwQtQ6CppFh_mtx0N9WV8Gj8s.roa
Signing time: Mon 01 Jan 2024 20:29:27 +0000
ROA not before: Mon 01 Jan 2024 20:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57111
IP address blocks: 185.204.132.0/22 maxlen: 22
185.199.24.0/22 maxlen: 22
2a0a:9440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8f:0b:b4:d6:47:c6:f1:54:73:cb:56:53:68:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f1eb51c80ccb36bfdc74667d17fc3cf1220d63e
Validity
Not Before: Jan 1 20:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7795f042d43a0a9a4587f9adc7437d595f068fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f6:94:0a:ee:fc:4a:d4:7a:b4:55:1f:00:9b:
ae:c9:bf:4b:9b:59:c2:7b:85:95:a4:e5:48:54:cf:
fa:76:ab:e3:ff:e4:c3:5e:bc:c8:4d:2f:b8:09:32:
22:4d:fe:bb:86:fd:a6:51:6a:95:6b:71:f7:ba:18:
52:cd:5a:7d:68:4d:32:40:de:0a:34:64:f5:b7:91:
be:91:3a:9d:7c:b3:4f:19:19:0c:02:77:49:f1:79:
ae:d8:11:dc:72:a7:a6:52:11:fd:5f:f8:d0:8a:b1:
d2:e1:77:ea:39:aa:f6:f8:78:5d:34:87:81:a4:c8:
ae:c8:0f:67:29:3f:68:79:81:b0:cd:b4:6b:e9:a8:
d6:e5:6d:a7:f5:29:e1:cd:5d:14:9d:c7:91:e7:93:
63:9b:8c:37:77:29:a6:c0:f1:01:0a:24:f7:41:de:
13:a8:b0:36:d8:44:3c:ef:2d:6a:9a:2b:de:28:8a:
e7:cd:ff:ad:b7:06:f0:63:54:aa:c7:19:b8:8e:a1:
71:d3:6f:0b:26:63:d9:8d:c7:16:98:68:e6:0c:c2:
d8:67:eb:a0:04:0e:ef:21:b2:8b:00:07:be:8c:40:
ee:da:1c:3d:7a:99:41:85:c7:d2:98:ef:f0:1a:18:
f8:8c:56:bb:c7:6c:40:0d:96:8d:78:56:d6:94:e3:
cf:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:95:F0:42:D4:3A:0A:9A:45:87:F9:AD:C7:43:7D:59:5F:06:8F:CB
X509v3 Authority Key Identifier:
keyid:3F:1E:B5:1C:80:CC:B3:6B:FD:C7:46:67:D1:7F:C3:CF:12:20:D6:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Px61HIDMs2v9x0Zn0X_DzxIg1j4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/d5XwQtQ6CppFh_mtx0N9WV8Gj8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/2e844b-0cd5-4779-a038-fdabfadb6279/1/Px61HIDMs2v9x0Zn0X_DzxIg1j4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.24.0/22
185.204.132.0/22
IPv6:
2a0a:9440::/29
Signature Algorithm: sha256WithRSAEncryption
8e:ce:85:6b:6d:cf:72:c3:a1:07:5d:b3:6e:fd:5c:5c:1e:26:
a4:ff:5e:65:29:45:fa:82:8f:8b:85:3c:fb:48:34:19:94:35:
1c:86:fc:2f:23:8a:86:02:49:07:be:c7:28:b8:35:fb:b6:0d:
37:ce:9a:c7:c8:e0:f9:88:dc:6c:0d:09:af:6f:69:09:b1:ec:
dd:a4:47:c5:3d:84:27:80:10:58:de:9c:de:b4:dc:6d:70:2c:
6e:85:f3:61:4b:f5:52:66:59:c0:8f:9e:12:ca:55:78:28:b3:
c1:de:66:66:bc:41:31:d8:25:46:62:8d:ae:01:a9:a6:71:8b:
4a:c8:85:e0:a3:35:35:2c:35:18:44:80:9c:18:3f:c2:81:09:
7d:87:60:08:b3:71:60:6f:0c:4c:ae:de:2f:f2:50:8c:68:6b:
ff:43:eb:17:79:d5:25:97:26:fc:8c:6b:01:58:66:25:3c:66:
c1:92:69:6e:9d:db:06:37:d5:d4:a4:ca:68:4b:37:eb:37:fe:
a7:b9:51:ce:46:82:25:a2:a3:15:a0:6a:89:2d:f0:86:1d:7a:
37:dc:fa:de:de:c5:92:fb:7e:3a:ae:f7:0f:dc:a6:c0:75:cc:
de:cf:39:67:11:0e:84:72:fe:f4:77:37:94:e1:15:c8:96:5d:
09:20:2e:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGt48LtNZHxvFUc8tWU2jKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMWViNTFjODBjY2IzNmJmZGM3NDY2N2QxN2ZjM2NmMTIy
MGQ2M2UwHhcNMjQwMTAxMjAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzk1ZjA0MmQ0M2EwYTlhNDU4N2Y5YWRjNzQzN2Q1OTVmMDY4ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPaUCu78StR6tFUfAJuuyb9Lm1nC
e4WVpOVIVM/6dqvj/+TDXrzITS+4CTIiTf67hv2mUWqVa3H3uhhSzVp9aE0yQN4K
NGT1t5G+kTqdfLNPGRkMAndJ8Xmu2BHccqemUhH9X/jQirHS4XfqOar2+HhdNIeB
pMiuyA9nKT9oeYGwzbRr6ajW5W2n9SnhzV0UnceR55Njm4w3dymmwPEBCiT3Qd4T
qLA22EQ87y1qmiveKIrnzf+ttwbwY1Sqxxm4jqFx028LJmPZjccWmGjmDMLYZ+ug
BA7vIbKLAAe+jEDu2hw9eplBhcfSmO/wGhj4jFa7x2xADZaNeFbWlOPPpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHeV8ELUOgqaRYf5rcdDfVlfBo/LMB8GA1UdIwQY
MBaAFD8etRyAzLNr/cdGZ9F/w88SINY+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHg2MUhJRE1zMnY5eDBabjBYX0R6eElnMWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8yZTg0NGItMGNkNS00Nzc5LWEwMzgt
ZmRhYmZhZGI2Mjc5LzEvZDVYd1F0UTZDcHBGaF9tdHgwTjlXVjhHajhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8yZTg0NGItMGNkNS00Nzc5LWEwMzgtZmRhYmZhZGI2Mjc5
LzEvUHg2MUhJRE1zMnY5eDBabjBYX0R6eElnMWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuccYAwQC
ucyEMA0EAgACMAcDBQMqCpRAMA0GCSqGSIb3DQEBCwUAA4IBAQCOzoVrbc9yw6EH
XbNu/VxcHiak/15lKUX6go+LhTz7SDQZlDUchvwvI4qGAkkHvscouDX7tg03zprH
yOD5iNxsDQmvb2kJsezdpEfFPYQngBBY3pzetNxtcCxuhfNhS/VSZlnAj54SylV4
KLPB3mZmvEEx2CVGYo2uAammcYtKyIXgozU1LDUYRICcGD/CgQl9h2AIs3FgbwxM
rt4v8lCMaGv/Q+sXedUllyb8jGsBWGYlPGbBkmlundsGN9XUpMpoSzfrN/6nuVHO
RoIloqMVoGqJLfCGHXo33Pre3sWS+346rvcP3KbAdczezzlnEQ6Ecv70dzeU4RXI
ll0JIC6n
-----END CERTIFICATE-----
Generated at Thu Sep 26 10:42:24 2024 by rpki-client on console-ams.rpki-client.org