Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/dXGFJCM-kehG3lvAHQBBJgGm8NM.roa
File: dXGFJCM-kehG3lvAHQBBJgGm8NM.roa (raw, json)
Hash identifier: KWvAbfX6JGFf3CkV90FoE7dJnuPHXRMMir6pqP+GeaU=
Subject key identifier: 75:71:85:24:23:3E:91:E8:46:DE:5B:C0:1D:00:41:26:01:A6:F0:D3
Certificate issuer: /CN=7dd1b5b42dc3d846c2ad2549664e34f72d1cb4a6
Certificate serial: 018572CCAE093ABEE28F830EA0C76C0D569B
Authority key identifier: 7D:D1:B5:B4:2D:C3:D8:46:C2:AD:25:49:66:4E:34:F7:2D:1C:B4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fdG1tC3D2EbCrSVJZk409y0ctKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/dXGFJCM-kehG3lvAHQBBJgGm8NM.roa
Signing time: Mon 02 Jan 2023 14:04:54 +0000
ROA not before: Mon 02 Jan 2023 14:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210602
IP address blocks: 185.203.40.0/22 maxlen: 22
195.128.164.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:ae:09:3a:be:e2:8f:83:0e:a0:c7:6c:0d:56:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dd1b5b42dc3d846c2ad2549664e34f72d1cb4a6
Validity
Not Before: Jan 2 14:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75718524233e91e846de5bc01d00412601a6f0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:04:24:e7:2e:74:ca:fa:fd:d9:92:b9:64:
e9:b1:f8:05:ff:1d:91:a3:af:5b:db:73:ca:9f:58:
e3:31:72:73:37:29:08:21:ab:b2:77:20:61:74:53:
25:71:ca:24:e8:de:24:e5:9e:31:c9:ad:9c:fb:a4:
1f:76:a7:29:9c:2c:5e:24:18:ec:69:be:9c:e6:84:
c2:b3:4d:38:5f:42:62:27:0e:d1:58:ec:e5:ae:96:
3f:16:76:a5:4c:59:d0:e4:d4:9b:60:8e:0f:50:5b:
9e:ae:03:11:a9:25:e8:ee:6d:fb:e8:9d:ed:1d:d0:
ed:b3:c8:78:c3:93:88:60:8e:5b:80:ac:4b:d2:7e:
d7:ce:76:7c:21:49:36:b8:3b:22:19:dc:da:36:22:
a2:d1:f0:ff:13:39:a4:08:ce:fc:8b:a6:6b:5d:41:
53:3a:94:a9:1c:05:1e:2e:5d:fd:00:16:04:04:aa:
16:a4:3d:00:a5:81:08:0f:5b:9e:1e:0a:08:99:cc:
da:b1:b7:5a:87:d0:bb:73:55:2b:39:04:f0:fc:a5:
08:7f:f8:8f:c7:39:10:02:f1:1a:30:9c:c9:87:d7:
64:01:90:51:4d:ab:62:ae:66:b0:04:8e:e9:b6:1c:
68:40:df:87:97:26:e1:b9:42:a3:91:db:5f:1e:1f:
50:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:71:85:24:23:3E:91:E8:46:DE:5B:C0:1D:00:41:26:01:A6:F0:D3
X509v3 Authority Key Identifier:
keyid:7D:D1:B5:B4:2D:C3:D8:46:C2:AD:25:49:66:4E:34:F7:2D:1C:B4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fdG1tC3D2EbCrSVJZk409y0ctKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/dXGFJCM-kehG3lvAHQBBJgGm8NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5f5d8f-332b-42d6-a9bb-2f405d7f1d8f/1/fdG1tC3D2EbCrSVJZk409y0ctKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.40.0/22
195.128.164.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:f8:46:34:59:5f:11:55:0b:33:39:34:7b:1a:b3:64:f6:d1:
dc:8e:5c:8f:e6:7d:a2:d9:aa:d8:a1:88:f5:eb:59:71:5f:4d:
7a:c8:6d:aa:6a:08:61:7d:22:70:1f:d4:f2:5f:ab:33:8b:a0:
36:46:c2:b2:29:ea:96:f6:5e:55:c1:da:2d:d9:b1:6a:b8:43:
cf:7d:d4:a7:24:0d:b9:6e:71:c7:d1:35:e8:7d:9b:d3:61:91:
b5:d4:c1:74:3f:05:e9:2e:0c:b9:70:ef:f0:b6:ec:7e:84:9b:
e1:e7:b3:c0:8b:7e:cf:4b:96:07:c6:a8:27:82:af:e8:5b:dd:
0b:05:b8:cb:ac:e1:39:c0:5e:0c:77:35:5a:fe:8f:53:08:23:
82:b4:67:d9:bf:c9:2d:a6:03:7b:72:e5:81:a0:de:77:59:d5:
c7:2c:7a:1c:6d:5a:aa:37:6c:36:74:ab:7b:12:6a:d0:20:0d:
e2:59:5a:ea:ad:c1:4a:a8:46:d1:f0:df:e2:e3:2f:ae:33:13:
9d:43:39:7e:c8:9a:85:9d:a3:87:6e:60:e6:52:e1:9b:0c:e7:
75:71:84:c9:7e:28:b1:9c:d4:33:48:e2:7d:43:4b:63:f2:06:
a5:01:18:05:44:83:49:04:0b:b0:a0:93:aa:ca:d9:ca:77:f4:
88:66:55:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzK4JOr7ij4MOoMdsDVabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZDFiNWI0MmRjM2Q4NDZjMmFkMjU0OTY2NGUzNGY3MmQx
Y2I0YTYwHhcNMjMwMTAyMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTcxODUyNDIzM2U5MWU4NDZkZTViYzAxZDAwNDEyNjAxYTZmMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe8EJOcudMr6/dmSuWTpsfgF/x2R
o69b23PKn1jjMXJzNykIIauydyBhdFMlccok6N4k5Z4xya2c+6QfdqcpnCxeJBjs
ab6c5oTCs004X0JiJw7RWOzlrpY/FnalTFnQ5NSbYI4PUFuergMRqSXo7m376J3t
HdDts8h4w5OIYI5bgKxL0n7XznZ8IUk2uDsiGdzaNiKi0fD/EzmkCM78i6ZrXUFT
OpSpHAUeLl39ABYEBKoWpD0ApYEID1ueHgoImczasbdah9C7c1UrOQTw/KUIf/iP
xzkQAvEaMJzJh9dkAZBRTatirmawBI7pthxoQN+HlybhuUKjkdtfHh9QVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHVxhSQjPpHoRt5bwB0AQSYBpvDTMB8GA1UdIwQY
MBaAFH3RtbQtw9hGwq0lSWZONPctHLSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmRHMXRDM0QyRWJDclNWSlprNDA5eTBjdEtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy81ZjVkOGYtMzMyYi00MmQ2LWE5YmIt
MmY0MDVkN2YxZDhmLzEvZFhHRkpDTS1rZWhHM2x2QUhRQkJKZ0dtOE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy81ZjVkOGYtMzMyYi00MmQ2LWE5YmItMmY0MDVkN2YxZDhm
LzEvZmRHMXRDM0QyRWJDclNWSlprNDA5eTBjdEtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucsoAwQB
w4CkMA0GCSqGSIb3DQEBCwUAA4IBAQCP+EY0WV8RVQszOTR7GrNk9tHcjlyP5n2i
2arYoYj161lxX016yG2qaghhfSJwH9TyX6szi6A2RsKyKeqW9l5Vwdot2bFquEPP
fdSnJA25bnHH0TXofZvTYZG11MF0PwXpLgy5cO/wtux+hJvh57PAi37PS5YHxqgn
gq/oW90LBbjLrOE5wF4MdzVa/o9TCCOCtGfZv8ktpgN7cuWBoN53WdXHLHocbVqq
N2w2dKt7EmrQIA3iWVrqrcFKqEbR8N/i4y+uMxOdQzl+yJqFnaOHbmDmUuGbDOd1
cYTJfiixnNQzSOJ9Q0tj8galARgFRINJBAuwoJOqytnKd/SIZlWZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:04 2024 by rpki-client on console-ams.rpki-client.org