Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/3aG7wwcDtQlHfOIImadF0Irtmrc.roa
File: 3aG7wwcDtQlHfOIImadF0Irtmrc.roa (raw, json)
Hash identifier: dEwAqri/CBDr9gGW2S3OJN+wSvuK+i3nY8GUfnSR5NU=
Subject key identifier: DD:A1:BB:C3:07:03:B5:09:47:7C:E2:08:99:A7:45:D0:8A:ED:9A:B7
Certificate issuer: /CN=a1479239d443985876b0859d33b1a0e7114d1a20
Certificate serial: 0185729EFE7BB2EB7C21C4163AB09132A4D9
Authority key identifier: A1:47:92:39:D4:43:98:58:76:B0:85:9D:33:B1:A0:E7:11:4D:1A:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oUeSOdRDmFh2sIWdM7Gg5xFNGiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/3aG7wwcDtQlHfOIImadF0Irtmrc.roa
Signing time: Mon 02 Jan 2023 13:15:00 +0000
ROA not before: Mon 02 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34993
IP address blocks: 185.57.148.0/22 maxlen: 22
37.148.252.0/22 maxlen: 22
141.98.220.0/22 maxlen: 22
89.248.208.0/24 maxlen: 24
89.248.210.0/23 maxlen: 23
185.151.188.0/22 maxlen: 22
2a0a:1580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:fe:7b:b2:eb:7c:21:c4:16:3a:b0:91:32:a4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1479239d443985876b0859d33b1a0e7114d1a20
Validity
Not Before: Jan 2 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dda1bbc30703b509477ce20899a745d08aed9ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e2:8b:92:3f:3a:6b:c1:50:ef:2e:60:13:96:
cd:42:e5:e6:f9:c3:4c:52:d8:cc:4f:67:93:90:64:
f5:05:00:2e:c3:9b:20:f6:18:97:13:75:c0:04:5c:
78:7c:a2:52:be:de:4e:76:23:e5:84:c8:41:bd:5e:
e9:4e:bc:2e:70:8c:4c:63:5b:2c:03:80:4e:a2:21:
5c:3b:9c:c4:f0:8f:93:ea:77:e0:91:c7:bc:46:d6:
42:e0:ac:e3:84:5c:6a:01:5a:0e:c0:fa:cb:ac:95:
b0:11:15:10:3b:51:bd:1f:67:86:c5:a1:40:10:ce:
02:78:5e:e5:87:aa:9a:04:eb:21:f6:b4:b1:07:0f:
6d:13:80:4a:68:5f:3b:be:86:9e:28:3c:0d:e4:61:
06:04:d5:09:94:cd:3e:f2:93:c5:6a:2a:20:73:24:
75:16:17:5d:d9:3e:13:b9:d1:b3:9b:3b:78:bb:ea:
2c:96:1e:42:fe:6d:61:a3:bb:27:c1:3f:63:47:96:
11:9a:f0:1a:63:63:fe:5a:fb:bc:9c:48:ce:f1:4d:
04:05:0f:c9:84:22:d8:95:aa:99:4e:2e:ca:fe:eb:
e8:5c:b4:5a:16:ea:5e:76:9e:b1:a4:a8:d4:30:cc:
41:34:f8:c6:ce:f7:fb:0f:99:92:ec:35:2b:99:45:
eb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A1:BB:C3:07:03:B5:09:47:7C:E2:08:99:A7:45:D0:8A:ED:9A:B7
X509v3 Authority Key Identifier:
keyid:A1:47:92:39:D4:43:98:58:76:B0:85:9D:33:B1:A0:E7:11:4D:1A:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUeSOdRDmFh2sIWdM7Gg5xFNGiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/3aG7wwcDtQlHfOIImadF0Irtmrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b666e4-b405-4c07-bb89-59eaa8670ffa/1/oUeSOdRDmFh2sIWdM7Gg5xFNGiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.252.0/22
89.248.208.0/24
89.248.210.0/23
141.98.220.0/22
185.57.148.0/22
185.151.188.0/22
IPv6:
2a0a:1580::/29
Signature Algorithm: sha256WithRSAEncryption
4b:b9:22:d9:34:2e:3c:f8:b8:68:f0:bc:01:88:0e:f8:bc:71:
69:cb:a0:bb:0b:95:f6:5c:18:55:4f:61:21:68:f8:97:a7:fa:
8c:a3:59:d7:be:78:bb:20:0f:21:6c:95:41:90:0c:4f:3e:dc:
88:74:e8:cb:07:21:b7:48:83:08:68:2a:13:2c:3d:d0:e6:9d:
68:77:e5:bd:a6:24:b1:3a:54:8a:64:17:04:59:34:a5:d1:db:
1f:9c:45:41:b6:2d:2c:a8:41:cf:cb:33:a4:49:47:5b:f8:e9:
48:b1:dc:f8:ea:f4:dc:40:a3:27:1d:fb:9c:da:25:a3:60:7c:
f3:d2:10:64:26:27:77:49:ed:ce:90:76:47:f7:1b:8b:09:14:
20:97:8c:29:b8:ae:76:e6:06:42:69:4e:f2:f3:9c:a2:f9:e5:
4b:d5:a6:e3:6c:b1:8c:2e:82:4c:45:07:52:ec:7b:01:b9:4d:
b8:30:ee:5a:72:2a:40:e4:d6:0f:85:7d:33:b2:fb:77:50:b3:
96:c4:7c:e3:00:36:1f:30:d5:9f:d1:bf:99:c6:d2:8e:0b:b2:
c1:29:b0:52:a4:84:6b:b9:82:1e:6f:bd:15:7b:9c:bb:28:8d:
68:1d:4c:36:a0:54:2c:1e:1f:9a:7d:f8:37:58:cb:2a:f8:d1:
e0:bc:82:a0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVynv57sut8IcQWOrCRMqTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDc5MjM5ZDQ0Mzk4NTg3NmIwODU5ZDMzYjFhMGU3MTE0
ZDFhMjAwHhcNMjMwMTAyMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGExYmJjMzA3MDNiNTA5NDc3Y2UyMDg5OWE3NDVkMDhhZWQ5YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheKLkj86a8FQ7y5gE5bNQuXm+cNM
UtjMT2eTkGT1BQAuw5sg9hiXE3XABFx4fKJSvt5OdiPlhMhBvV7pTrwucIxMY1ss
A4BOoiFcO5zE8I+T6nfgkce8RtZC4KzjhFxqAVoOwPrLrJWwERUQO1G9H2eGxaFA
EM4CeF7lh6qaBOsh9rSxBw9tE4BKaF87voaeKDwN5GEGBNUJlM0+8pPFaiogcyR1
Fhdd2T4TudGzmzt4u+oslh5C/m1ho7snwT9jR5YRmvAaY2P+Wvu8nEjO8U0EBQ/J
hCLYlaqZTi7K/uvoXLRaFupedp6xpKjUMMxBNPjGzvf7D5mS7DUrmUXrCwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFN2hu8MHA7UJR3ziCJmnRdCK7Zq3MB8GA1UdIwQY
MBaAFKFHkjnUQ5hYdrCFnTOxoOcRTRogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VlU09kUkRtRmgyc0lXZE03R2c1eEZOR2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iNjY2ZTQtYjQwNS00YzA3LWJiODkt
NTllYWE4NjcwZmZhLzEvM2FHN3d3Y0R0UWxIZk9JSW1hZEYwSXJ0bXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iNjY2ZTQtYjQwNS00YzA3LWJiODktNTllYWE4NjcwZmZh
LzEvb1VlU09kUkRtRmgyc0lXZE03R2c1eEZOR2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCJZT8AwQA
WfjQAwQBWfjSAwQCjWLcAwQCuTmUAwQCuZe8MA0EAgACMAcDBQMqChWAMA0GCSqG
SIb3DQEBCwUAA4IBAQBLuSLZNC48+Lho8LwBiA74vHFpy6C7C5X2XBhVT2EhaPiX
p/qMo1nXvni7IA8hbJVBkAxPPtyIdOjLByG3SIMIaCoTLD3Q5p1od+W9piSxOlSK
ZBcEWTSl0dsfnEVBti0sqEHPyzOkSUdb+OlIsdz46vTcQKMnHfuc2iWjYHzz0hBk
Jid3Se3OkHZH9xuLCRQgl4wpuK525gZCaU7y85yi+eVL1abjbLGMLoJMRQdS7HsB
uU24MO5acipA5NYPhX0zsvt3ULOWxHzjADYfMNWf0b+ZxtKOC7LBKbBSpIRruYIe
b70Ve5y7KI1oHUw2oFQsHh+affg3WMsq+NHgvIKg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:31 2024 by rpki-client on console-fra.rpki-client.org