Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/f6895e-e60d-408b-9a98-b180f1fdbb2a/1/vXkf8FjS3dndfFsCb1LtQF11zfo.roa
File: vXkf8FjS3dndfFsCb1LtQF11zfo.roa (raw, json)
Hash identifier: q8KdrA55AypWbeL/Idqts1QK1gjKr/B6mT6VuMD+PvQ=
Subject key identifier: BD:79:1F:F0:58:D2:DD:D9:DD:7C:5B:02:6F:52:ED:40:5D:75:CD:FA
Certificate issuer: /CN=bf57c5f8a6d8b9d170739408491029044edebdc9
Certificate serial: 018CC8DF04DBFFD5106AEFE5DDB268398911
Authority key identifier: BF:57:C5:F8:A6:D8:B9:D1:70:73:94:08:49:10:29:04:4E:DE:BD:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1fF-KbYudFwc5QISRApBE7evck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/f6895e-e60d-408b-9a98-b180f1fdbb2a/1/vXkf8FjS3dndfFsCb1LtQF11zfo.roa
Signing time: Tue 02 Jan 2024 06:31:48 +0000
ROA not before: Tue 02 Jan 2024 06:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203460
IP address blocks: 185.115.60.0/22 maxlen: 22
2a06:7580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:04:db:ff:d5:10:6a:ef:e5:dd:b2:68:39:89:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf57c5f8a6d8b9d170739408491029044edebdc9
Validity
Not Before: Jan 2 06:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd791ff058d2ddd9dd7c5b026f52ed405d75cdfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f6:02:7b:27:da:5c:77:ef:ac:2d:a3:90:02:
24:c8:e2:fd:50:e7:1a:9f:9a:90:f0:e9:f5:0a:6d:
40:c1:80:fe:e4:2a:91:9f:a6:81:af:b2:9b:ff:2e:
21:6c:96:bf:88:c9:64:4a:7d:a6:1e:b3:fe:76:64:
e0:91:29:a7:c5:20:b6:39:75:f6:7a:c7:31:8a:43:
4c:72:1f:d3:c2:45:5f:16:1a:47:23:f6:d8:1b:ba:
c5:99:e4:2f:ff:13:9d:18:82:d1:61:6e:80:f1:6e:
fd:a0:12:e2:18:fd:d8:40:10:ca:b6:58:a1:de:22:
28:42:5c:d9:5d:81:f8:cd:06:06:d5:94:b0:83:39:
b3:0d:6d:3a:6f:17:9c:b7:9c:6f:2b:2f:f4:9d:f5:
80:66:02:9c:4b:91:47:05:e7:32:08:f8:cc:50:e4:
db:16:8c:07:17:2f:77:36:8c:9b:0f:e1:62:e1:59:
e6:e6:88:2e:81:6d:5b:cc:cb:3a:62:ca:ca:32:2b:
88:91:3c:ff:70:22:79:05:10:8a:df:80:c9:f7:45:
9b:24:5a:70:2c:8c:f6:17:9d:ed:62:d4:cc:c6:c8:
5c:04:87:68:59:7d:a7:dd:53:15:2d:fb:54:be:62:
6d:e8:af:47:e0:9d:3b:8b:d9:66:70:dd:43:0d:37:
46:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:79:1F:F0:58:D2:DD:D9:DD:7C:5B:02:6F:52:ED:40:5D:75:CD:FA
X509v3 Authority Key Identifier:
keyid:BF:57:C5:F8:A6:D8:B9:D1:70:73:94:08:49:10:29:04:4E:DE:BD:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1fF-KbYudFwc5QISRApBE7evck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/f6895e-e60d-408b-9a98-b180f1fdbb2a/1/vXkf8FjS3dndfFsCb1LtQF11zfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/f6895e-e60d-408b-9a98-b180f1fdbb2a/1/v1fF-KbYudFwc5QISRApBE7evck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.60.0/22
IPv6:
2a06:7580::/29
Signature Algorithm: sha256WithRSAEncryption
b5:28:01:33:17:44:ce:a7:9c:f8:bb:d4:bd:bf:b0:5c:af:3f:
96:2a:f8:f3:7e:90:a4:91:9f:9f:47:ac:f8:ed:a2:90:df:a8:
fd:f8:0c:15:a8:fd:b7:11:f7:b0:d4:09:12:d7:51:1a:86:a7:
26:04:b8:e6:00:c6:34:cf:76:ec:ea:63:5a:46:f5:06:a8:47:
a2:0b:f5:70:8d:21:7f:32:3e:a3:e3:72:b5:95:1c:d0:34:9c:
63:bc:7a:7b:d6:07:cf:2a:a8:08:0b:82:b0:40:68:df:90:b8:
0d:ca:b8:98:ad:6a:53:9c:11:f8:1a:34:68:0d:a9:33:50:8a:
1e:76:53:35:6d:3a:3c:d1:1e:93:2e:f9:ba:52:24:79:35:b7:
52:88:73:d5:72:d9:77:e5:9f:6d:93:52:77:89:0a:e3:03:2c:
36:da:c2:93:f1:9d:86:91:fd:0c:2f:2f:3e:c7:1e:e8:ca:fa:
af:95:0e:93:02:5b:1b:ba:b7:30:4e:3a:b6:13:37:2d:48:79:
99:16:98:0f:75:ca:2d:a9:50:fb:1a:6a:0f:fa:b8:5c:60:50:
6a:11:93:a6:c7:33:d5:6d:c7:0c:b8:c6:c5:fc:95:72:5d:6a:
8a:d8:17:db:c0:45:33:9d:cb:35:45:fa:88:af:76:97:ce:9a:
7a:ce:d8:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3wTb/9UQau/l3bJoOYkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTdjNWY4YTZkOGI5ZDE3MDczOTQwODQ5MTAyOTA0NGVk
ZWJkYzkwHhcNMjQwMTAyMDYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDc5MWZmMDU4ZDJkZGQ5ZGQ3YzViMDI2ZjUyZWQ0MDVkNzVjZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfYCeyfaXHfvrC2jkAIkyOL9UOca
n5qQ8On1Cm1AwYD+5CqRn6aBr7Kb/y4hbJa/iMlkSn2mHrP+dmTgkSmnxSC2OXX2
escxikNMch/TwkVfFhpHI/bYG7rFmeQv/xOdGILRYW6A8W79oBLiGP3YQBDKtlih
3iIoQlzZXYH4zQYG1ZSwgzmzDW06bxect5xvKy/0nfWAZgKcS5FHBecyCPjMUOTb
FowHFy93NoybD+Fi4Vnm5ogugW1bzMs6YsrKMiuIkTz/cCJ5BRCK34DJ90WbJFpw
LIz2F53tYtTMxshcBIdoWX2n3VMVLftUvmJt6K9H4J07i9lmcN1DDTdG1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL15H/BY0t3Z3XxbAm9S7UBddc36MB8GA1UdIwQY
MBaAFL9Xxfim2LnRcHOUCEkQKQRO3r3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFmRi1LYll1ZEZ3YzVRSVNSQXBCRTdldmNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9mNjg5NWUtZTYwZC00MDhiLTlhOTgt
YjE4MGYxZmRiYjJhLzEvdlhrZjhGalMzZG5kZkZzQ2IxTHRRRjExemZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9mNjg5NWUtZTYwZC00MDhiLTlhOTgtYjE4MGYxZmRiYjJh
LzEvdjFmRi1LYll1ZEZ3YzVRSVNSQXBCRTdldmNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXM8MA0E
AgACMAcDBQMqBnWAMA0GCSqGSIb3DQEBCwUAA4IBAQC1KAEzF0TOp5z4u9S9v7Bc
rz+WKvjzfpCkkZ+fR6z47aKQ36j9+AwVqP23Efew1AkS11EahqcmBLjmAMY0z3bs
6mNaRvUGqEeiC/VwjSF/Mj6j43K1lRzQNJxjvHp71gfPKqgIC4KwQGjfkLgNyriY
rWpTnBH4GjRoDakzUIoedlM1bTo80R6TLvm6UiR5NbdSiHPVctl35Z9tk1J3iQrj
Ayw22sKT8Z2Gkf0MLy8+xx7oyvqvlQ6TAlsburcwTjq2EzctSHmZFpgPdcotqVD7
GmoP+rhcYFBqEZOmxzPVbccMuMbF/JVyXWqK2BfbwEUzncs1RfqIr3aXzpp6zthy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:54 2024 by rpki-client on console-ams.rpki-client.org