Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/Pe_pRqoRYjPgVcVIAMoJ4l2KqAo.roa
File: Pe_pRqoRYjPgVcVIAMoJ4l2KqAo.roa (raw, json)
Hash identifier: UfDTsW7nyW624VDy+lyCAsAHj8531o3IFJI4g13RF8w=
Subject key identifier: 3D:EF:E9:46:AA:11:62:33:E0:55:C5:48:00:CA:09:E2:5D:8A:A8:0A
Certificate issuer: /CN=9d21834344a76816682d211a3144040e5f8534d0
Certificate serial: 018CC9BC660F108F32A74C40C6CF579046D1
Authority key identifier: 9D:21:83:43:44:A7:68:16:68:2D:21:1A:31:44:04:0E:5F:85:34:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/Pe_pRqoRYjPgVcVIAMoJ4l2KqAo.roa
Signing time: Tue 02 Jan 2024 10:33:36 +0000
ROA not before: Tue 02 Jan 2024 10:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204151
IP address blocks: 212.237.176.0/21 maxlen: 21
185.107.15.0/24 maxlen: 24
185.107.13.0/24 maxlen: 24
185.107.12.0/22 maxlen: 22
185.107.14.0/24 maxlen: 24
194.45.76.0/22 maxlen: 22
185.233.252.0/24 maxlen: 24
185.233.252.0/22 maxlen: 22
185.233.253.0/24 maxlen: 24
185.233.254.0/24 maxlen: 24
185.233.255.0/24 maxlen: 24
78.31.252.0/22 maxlen: 22
46.32.144.0/21 maxlen: 24
2a06:4000::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:66:0f:10:8f:32:a7:4c:40:c6:cf:57:90:46:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d21834344a76816682d211a3144040e5f8534d0
Validity
Not Before: Jan 2 10:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3defe946aa116233e055c54800ca09e25d8aa80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:58:ff:12:13:64:3e:ca:cf:ac:67:4b:d5:ec:
f5:aa:ca:7b:86:64:6e:64:7e:73:b1:0c:6a:df:d6:
1d:36:22:b1:7d:7a:5b:1f:09:7e:d4:6f:50:f1:3e:
74:fc:31:47:85:03:8a:b7:c1:a6:ae:8f:54:d2:9c:
d0:ec:be:cb:86:71:46:7f:c0:94:ff:80:13:04:70:
ad:02:30:79:e1:ca:e8:ef:21:53:25:73:6b:23:0b:
f0:c7:a3:0b:cf:0b:d8:ec:7f:d5:64:24:21:ac:e8:
f3:d1:a0:24:1c:50:5f:c3:a1:a7:c2:f3:ea:30:e8:
c5:92:71:92:9c:4c:a3:41:75:27:df:01:c6:91:2d:
22:df:44:7a:20:84:4d:ed:38:20:22:a1:2b:1f:cd:
fd:7d:ed:62:3a:ad:19:1f:d5:cb:41:fa:28:c1:06:
b9:cf:50:24:76:a4:0e:60:03:dc:07:9e:b8:b0:01:
13:c8:95:8e:b5:3a:6d:99:89:63:d1:24:a9:e0:b9:
35:4e:68:b1:e0:18:eb:f7:dc:92:82:19:65:43:66:
d4:3e:51:04:85:93:a1:00:b5:a2:0b:6a:1d:4d:3b:
e5:34:fb:e0:af:a2:f9:f1:20:b0:f1:0b:59:6a:4d:
6d:c0:58:8c:96:4f:6c:14:51:60:8c:42:a2:3e:e5:
90:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EF:E9:46:AA:11:62:33:E0:55:C5:48:00:CA:09:E2:5D:8A:A8:0A
X509v3 Authority Key Identifier:
keyid:9D:21:83:43:44:A7:68:16:68:2D:21:1A:31:44:04:0E:5F:85:34:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/Pe_pRqoRYjPgVcVIAMoJ4l2KqAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/801f55-ec8a-4a83-a21e-96a42efce978/1/nSGDQ0SnaBZoLSEaMUQEDl-FNNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.144.0/21
78.31.252.0/22
185.107.12.0/22
185.233.252.0/22
194.45.76.0/22
212.237.176.0/21
IPv6:
2a06:4000::/29
Signature Algorithm: sha256WithRSAEncryption
41:04:e0:f0:b4:54:f1:d8:18:b3:c7:d9:fb:74:52:c1:c4:40:
7d:37:57:4d:17:40:11:cd:37:30:98:d3:0c:d9:5d:54:dc:76:
8c:19:dd:05:67:d4:31:ee:67:d8:c5:94:76:50:e2:90:08:d4:
fe:9c:dd:bb:bb:22:30:98:73:80:07:a4:59:1f:91:15:5c:19:
6b:ed:19:df:29:d9:bf:50:ba:c9:fe:00:0e:3b:a0:04:20:e1:
ec:29:c5:47:6b:43:dd:98:fe:e6:c6:42:ef:52:aa:a5:3a:23:
72:5f:a2:94:f1:59:7e:c3:68:70:fb:3a:7a:8a:f0:11:2b:05:
27:60:77:c6:91:ee:fd:92:5e:ae:39:38:31:1e:72:e0:fd:23:
ed:15:9f:7a:97:48:ec:c3:e1:ae:52:2a:2a:4e:6e:8b:2b:e0:
25:82:5b:3d:12:31:7c:64:f5:a1:35:dd:80:10:89:c1:09:50:
3a:70:f4:1c:20:00:4b:c3:99:20:d2:66:2a:95:35:e3:ca:25:
ce:23:07:d4:75:ce:94:7c:56:2b:a4:a6:6e:75:a1:77:24:c8:
5a:ec:9f:2f:b6:0c:b4:32:1f:9a:44:f0:89:7f:1b:c2:fb:bf:
aa:10:e0:0c:dc:5a:1f:59:9d:1a:d4:e1:98:c5:bf:22:ce:82:
5e:c1:64:c6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJvGYPEI8yp0xAxs9XkEbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjE4MzQzNDRhNzY4MTY2ODJkMjExYTMxNDQwNDBlNWY4
NTM0ZDAwHhcNMjQwMTAyMTAzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGVmZTk0NmFhMTE2MjMzZTA1NWM1NDgwMGNhMDllMjVkOGFhODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlj/EhNkPsrPrGdL1ez1qsp7hmRu
ZH5zsQxq39YdNiKxfXpbHwl+1G9Q8T50/DFHhQOKt8Gmro9U0pzQ7L7LhnFGf8CU
/4ATBHCtAjB54cro7yFTJXNrIwvwx6MLzwvY7H/VZCQhrOjz0aAkHFBfw6GnwvPq
MOjFknGSnEyjQXUn3wHGkS0i30R6IIRN7TggIqErH839fe1iOq0ZH9XLQfoowQa5
z1AkdqQOYAPcB564sAETyJWOtTptmYlj0SSp4Lk1Tmix4Bjr99ySghllQ2bUPlEE
hZOhALWiC2odTTvlNPvgr6L58SCw8QtZak1twFiMlk9sFFFgjEKiPuWQzwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFD3v6UaqEWIz4FXFSADKCeJdiqgKMB8GA1UdIwQY
MBaAFJ0hg0NEp2gWaC0hGjFEBA5fhTTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNHRFEwU25hQlpvTFNFYU1VUUVEbC1GTk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84MDFmNTUtZWM4YS00YTgzLWEyMWUt
OTZhNDJlZmNlOTc4LzEvUGVfcFJxb1JZalBnVmNWSUFNb0o0bDJLcUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84MDFmNTUtZWM4YS00YTgzLWEyMWUtOTZhNDJlZmNlOTc4
LzEvblNHRFEwU25hQlpvTFNFYU1VUUVEbC1GTk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLiCQAwQC
Th/8AwQCuWsMAwQCuen8AwQCwi1MAwQD1O2wMA0EAgACMAcDBQMqBkAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBBBODwtFTx2Bizx9n7dFLBxEB9N1dNF0ARzTcwmNMM2V1U
3HaMGd0FZ9Qx7mfYxZR2UOKQCNT+nN27uyIwmHOAB6RZH5EVXBlr7RnfKdm/ULrJ
/gAOO6AEIOHsKcVHa0PdmP7mxkLvUqqlOiNyX6KU8Vl+w2hw+zp6ivARKwUnYHfG
ke79kl6uOTgxHnLg/SPtFZ96l0jsw+GuUioqTm6LK+Algls9EjF8ZPWhNd2AEInB
CVA6cPQcIABLw5kg0mYqlTXjyiXOIwfUdc6UfFYrpKZudaF3JMha7J8vtgy0Mh+a
RPCJfxvC+7+qEOAM3FofWZ0a1OGYxb8izoJewWTG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:00 2024 by rpki-client on console-ams.rpki-client.org