Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f68113-73a7-400d-8c99-99befa476a8f/1/h2jTtmRGuGbS8G-yrG4_9mhz2Hk.roa
File: h2jTtmRGuGbS8G-yrG4_9mhz2Hk.roa (raw, json)
Hash identifier: gK1G7KOOoRhQGQTsWxqkG9g8HDJ9mx0k8Ua49QcW+28=
Subject key identifier: 87:68:D3:B6:64:46:B8:66:D2:F0:6F:B2:AC:6E:3F:F6:68:73:D8:79
Certificate issuer: /CN=62fc2ed6557d0ce80e81505b1f9d580698887c6e
Certificate serial: 018570CC04C86EA6CB343042E0EE8B3D68CB
Authority key identifier: 62:FC:2E:D6:55:7D:0C:E8:0E:81:50:5B:1F:9D:58:06:98:88:7C:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yvwu1lV9DOgOgVBbH51YBpiIfG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f68113-73a7-400d-8c99-99befa476a8f/1/h2jTtmRGuGbS8G-yrG4_9mhz2Hk.roa
Signing time: Mon 02 Jan 2023 04:44:56 +0000
ROA not before: Mon 02 Jan 2023 04:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199624
IP address blocks: 91.208.171.0/24 maxlen: 32
185.8.4.0/22 maxlen: 32
185.166.240.0/22 maxlen: 32
2a0a:2100::/29 maxlen: 32
2a03:13c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cc:04:c8:6e:a6:cb:34:30:42:e0:ee:8b:3d:68:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fc2ed6557d0ce80e81505b1f9d580698887c6e
Validity
Not Before: Jan 2 04:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8768d3b66446b866d2f06fb2ac6e3ff66873d879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:94:9d:46:28:b2:fd:a4:ad:54:38:4d:d4:5d:
b1:2c:ca:e2:ab:66:07:01:f5:1a:6c:af:3b:f2:8f:
b1:d3:96:1d:60:41:99:f3:95:25:fb:25:99:93:71:
84:e6:f1:31:ff:38:7b:4a:12:34:48:d4:5d:27:88:
45:9b:69:41:9e:61:cb:8d:fc:1d:6a:16:9d:db:73:
97:4c:7e:cb:c7:a8:53:a6:e2:37:ee:3f:8b:fa:62:
63:3c:41:47:2c:69:a9:b5:06:fc:00:a3:06:a5:40:
d4:ac:ef:64:a2:83:30:de:a2:fa:b3:5c:aa:9c:8a:
d3:e9:92:8f:ce:61:e9:33:04:74:ef:ff:8a:ca:d4:
cd:76:06:ce:94:8a:fc:65:77:cb:ee:fb:03:e1:1a:
3f:fd:09:ed:c9:48:ab:78:8a:f4:d4:c0:0f:bd:cd:
72:43:d8:46:a0:22:0f:e9:20:29:ad:63:b2:b7:e3:
60:af:4d:d2:39:65:50:c8:81:4f:42:87:b8:dc:52:
53:2f:14:36:1e:06:bc:ad:c1:04:ec:05:0d:f7:3b:
e8:76:4d:07:1f:3a:de:d9:3f:b3:2f:db:7b:b9:73:
1f:a8:08:d1:d4:41:26:8f:81:15:c9:29:85:c0:22:
c6:7b:b6:d3:48:66:4e:04:eb:66:a1:d5:6f:5e:45:
3a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:68:D3:B6:64:46:B8:66:D2:F0:6F:B2:AC:6E:3F:F6:68:73:D8:79
X509v3 Authority Key Identifier:
keyid:62:FC:2E:D6:55:7D:0C:E8:0E:81:50:5B:1F:9D:58:06:98:88:7C:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yvwu1lV9DOgOgVBbH51YBpiIfG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f68113-73a7-400d-8c99-99befa476a8f/1/h2jTtmRGuGbS8G-yrG4_9mhz2Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f68113-73a7-400d-8c99-99befa476a8f/1/Yvwu1lV9DOgOgVBbH51YBpiIfG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.171.0/24
185.8.4.0/22
185.166.240.0/22
IPv6:
2a03:13c0::/32
2a0a:2100::/29
Signature Algorithm: sha256WithRSAEncryption
1d:14:54:b1:4c:25:24:dc:e8:74:0c:86:e9:82:dd:69:48:8f:
63:e6:28:7b:67:af:73:d7:d4:08:61:d8:5c:cd:34:72:4e:69:
84:ab:cc:bf:73:d8:84:cd:8e:42:95:21:65:f9:21:22:f1:99:
cc:fc:05:30:33:fc:d9:ff:06:a1:62:21:06:09:5b:13:ca:ec:
d9:a6:9f:53:c6:3b:d4:04:64:56:ad:ae:4d:a0:99:93:c8:69:
dc:94:fa:f9:30:e9:af:d6:58:c6:d5:43:20:e9:3b:53:e5:01:
fa:22:32:1c:cc:90:65:3d:b2:aa:dc:00:66:eb:fe:b2:a8:5c:
62:33:8d:79:ec:af:e7:b8:11:dd:af:2c:a9:ac:7b:7e:6e:01:
39:f1:96:c9:3c:62:05:e6:03:d7:cd:a9:84:43:f3:4a:fd:cf:
8c:98:95:19:82:79:50:5b:e1:41:84:3f:37:e5:92:52:0e:d4:
63:8b:da:e2:0c:81:9a:9e:45:dd:f9:f7:f5:ed:b0:68:3c:de:
63:df:e0:ab:0c:24:6b:90:c1:a1:0b:49:a2:c6:1a:0d:a4:b3:
3f:00:55:e3:c6:25:ae:0f:da:05:66:e5:17:5f:ab:4a:66:f0:
16:06:22:36:e0:e9:d9:e4:13:52:38:ff:5e:21:1c:1e:5c:8c:
87:62:41:86
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVwzATIbqbLNDBC4O6LPWjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmMyZWQ2NTU3ZDBjZTgwZTgxNTA1YjFmOWQ1ODA2OTg4
ODdjNmUwHhcNMjMwMTAyMDQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY4ZDNiNjY0NDZiODY2ZDJmMDZmYjJhYzZlM2ZmNjY4NzNkODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5SdRiiy/aStVDhN1F2xLMriq2YH
AfUabK878o+x05YdYEGZ85Ul+yWZk3GE5vEx/zh7ShI0SNRdJ4hFm2lBnmHLjfwd
ahad23OXTH7Lx6hTpuI37j+L+mJjPEFHLGmptQb8AKMGpUDUrO9kooMw3qL6s1yq
nIrT6ZKPzmHpMwR07/+KytTNdgbOlIr8ZXfL7vsD4Ro//QntyUireIr01MAPvc1y
Q9hGoCIP6SAprWOyt+Ngr03SOWVQyIFPQoe43FJTLxQ2Hga8rcEE7AUN9zvodk0H
Hzre2T+zL9t7uXMfqAjR1EEmj4EVySmFwCLGe7bTSGZOBOtmodVvXkU6PwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIdo07ZkRrhm0vBvsqxuP/Zoc9h5MB8GA1UdIwQY
MBaAFGL8LtZVfQzoDoFQWx+dWAaYiHxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXZ3dTFsVjlET2dPZ1ZCYkg1MVlCcGlJZkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNjgxMTMtNzNhNy00MDBkLThjOTkt
OTliZWZhNDc2YThmLzEvaDJqVHRtUkd1R2JTOEcteXJHNF85bWh6MkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNjgxMTMtNzNhNy00MDBkLThjOTktOTliZWZhNDc2YThm
LzEvWXZ3dTFsVjlET2dPZ1ZCYkg1MVlCcGlJZkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW9CrAwQC
uQgEAwQCuabwMBQEAgACMA4DBQAqAxPAAwUDKgohADANBgkqhkiG9w0BAQsFAAOC
AQEAHRRUsUwlJNzodAyG6YLdaUiPY+Yoe2evc9fUCGHYXM00ck5phKvMv3PYhM2O
QpUhZfkhIvGZzPwFMDP82f8GoWIhBglbE8rs2aafU8Y71ARkVq2uTaCZk8hp3JT6
+TDpr9ZYxtVDIOk7U+UB+iIyHMyQZT2yqtwAZuv+sqhcYjONeeyv57gR3a8sqax7
fm4BOfGWyTxiBeYD182phEPzSv3PjJiVGYJ5UFvhQYQ/N+WSUg7UY4va4gyBmp5F
3fn39e2waDzeY9/gqwwka5DBoQtJosYaDaSzPwBV48Ylrg/aBWblF1+rSmbwFgYi
NuDp2eQTUjj/XiEcHlyMh2JBhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:59 2024 by rpki-client on console-fra.rpki-client.org