Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/EhNnA_7XE3MMpNKEQ2nI26Fdapo.roa
File: EhNnA_7XE3MMpNKEQ2nI26Fdapo.roa (raw, json)
Hash identifier: ZyHBp3rPqewrJUqk69gKmUR3W0/QEswniag736ohQUs=
Subject key identifier: 12:13:67:03:FE:D7:13:73:0C:A4:D2:84:43:69:C8:DB:A1:5D:6A:9A
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 018ABD5C4C22DD737370BD5D47D9FFC119DB
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/EhNnA_7XE3MMpNKEQ2nI26Fdapo.roa
Signing time: Fri 22 Sep 2023 14:47:37 +0000
ROA not before: Fri 22 Sep 2023 14:47:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 217.69.16.0/20 maxlen: 20
185.3.24.0/22 maxlen: 22
2a03:6c81::/32 maxlen: 32
2a03:6c82::/32 maxlen: 32
2a03:6c80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:5c:4c:22:dd:73:73:70:bd:5d:47:d9:ff:c1:19:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Sep 22 14:47:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12136703fed713730ca4d2844369c8dba15d6a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:35:20:2a:5a:5a:cc:54:43:05:37:79:c0:77:
c9:0f:bd:5b:62:78:25:41:18:51:16:c0:41:bc:84:
cc:ca:df:54:14:17:c2:30:5d:3f:b4:bb:26:07:10:
6c:be:94:11:f3:32:9f:bb:43:42:e4:25:24:84:4d:
95:6a:77:62:b0:b2:1a:8c:7f:fd:74:ca:78:e3:15:
34:a6:ea:96:f2:de:5c:55:90:eb:20:73:c3:52:d2:
14:fa:d1:e2:69:5b:25:1a:af:06:35:58:ad:da:9c:
39:ab:8f:4d:23:99:ac:f3:78:93:80:15:4f:d2:c7:
2b:d0:f5:dd:07:22:cc:4e:2d:fb:f2:b8:d1:c8:d8:
f0:e3:1f:3d:2d:71:c2:d8:27:04:0d:a9:57:90:56:
77:f0:52:0b:29:d3:98:77:40:67:ab:65:2a:d3:7e:
79:3f:1d:4f:98:a6:5a:cb:ed:0f:be:42:71:9f:f3:
34:a4:ba:a6:88:0d:46:23:28:d8:7c:c6:53:ab:2a:
a4:35:ca:8d:77:4c:e8:ab:f8:3d:2b:09:16:d9:39:
10:ff:de:78:99:6b:74:af:17:3f:2a:3b:3a:70:71:
74:6d:97:98:af:d5:c2:f8:39:02:03:29:d0:45:64:
36:52:36:f9:38:f0:ea:0a:fc:f8:97:d5:21:62:cd:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:13:67:03:FE:D7:13:73:0C:A4:D2:84:43:69:C8:DB:A1:5D:6A:9A
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/EhNnA_7XE3MMpNKEQ2nI26Fdapo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.24.0/22
217.69.16.0/20
IPv6:
2a03:6c80::-2a03:6c82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:1a:13:7d:89:b7:09:7a:d5:39:2e:8c:c2:7a:30:24:a2:6d:
e4:0d:a1:4e:11:4c:d2:56:ed:a1:05:b6:f9:eb:51:c8:94:62:
21:f0:58:b5:60:20:c1:43:74:22:0c:aa:32:2d:22:4c:d6:fc:
cf:ac:61:e4:db:3a:93:07:9e:59:54:f0:ed:ce:a0:f4:ae:55:
d3:f4:2d:eb:c1:e6:65:29:90:3b:8b:5a:79:c0:bd:47:00:61:
a6:38:88:1e:9d:15:bc:ed:a4:8c:14:15:a6:0c:2b:4f:9e:40:
5b:63:2e:2f:29:5a:4a:34:69:e7:7e:a8:90:a5:1e:b8:a5:c6:
41:22:eb:4d:d6:4f:27:3f:82:c7:93:b8:16:21:0a:28:3f:cc:
7c:96:21:fc:ea:0d:b8:b1:11:c7:e3:fa:80:66:ec:14:aa:47:
e7:84:26:fc:d8:43:09:b0:2f:4b:7b:07:e7:5b:73:c3:73:f0:
42:ed:e3:b4:7c:ea:50:eb:9d:84:2a:d7:7b:ee:48:5d:75:c0:
5b:ee:ac:b2:0a:6b:a4:3b:13:d1:c4:6d:d2:d7:37:bd:9e:57:
6e:be:4e:9c:5e:e3:7f:3b:8b:29:ad:e8:ba:b2:ed:d1:ae:1d:
89:6c:c9:3c:5b:a9:27:06:bf:d7:53:1d:35:75:3d:52:60:ec:
2d:04:a5:39
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYq9XEwi3XNzcL1dR9n/wRnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm
ZDE5YjQwHhcNMjMwOTIyMTQ0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjEzNjcwM2ZlZDcxMzczMGNhNGQyODQ0MzY5YzhkYmExNWQ2YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjUgKlpazFRDBTd5wHfJD71bYngl
QRhRFsBBvITMyt9UFBfCMF0/tLsmBxBsvpQR8zKfu0NC5CUkhE2VandisLIajH/9
dMp44xU0puqW8t5cVZDrIHPDUtIU+tHiaVslGq8GNVit2pw5q49NI5ms83iTgBVP
0scr0PXdByLMTi378rjRyNjw4x89LXHC2CcEDalXkFZ38FILKdOYd0Bnq2Uq0355
Px1PmKZay+0PvkJxn/M0pLqmiA1GIyjYfMZTqyqkNcqNd0zoq/g9KwkW2TkQ/954
mWt0rxc/Kjs6cHF0bZeYr9XC+DkCAynQRWQ2Ujb5OPDqCvz4l9UhYs3GlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBITZwP+1xNzDKTShENpyNuhXWqaMB8GA1UdIwQY
MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt
NjFiNzkwMmVlMjA0LzEvRWhObkFfN1hFM01NcE5LRVEybkkyNkZkYXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0
LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQMYAwQE
2UUQMBYEAgACMBAwDgMFByoDbIADBQAqA2yCMA0GCSqGSIb3DQEBCwUAA4IBAQBw
GhN9ibcJetU5LozCejAkom3kDaFOEUzSVu2hBbb561HIlGIh8Fi1YCDBQ3QiDKoy
LSJM1vzPrGHk2zqTB55ZVPDtzqD0rlXT9C3rweZlKZA7i1p5wL1HAGGmOIgenRW8
7aSMFBWmDCtPnkBbYy4vKVpKNGnnfqiQpR64pcZBIutN1k8nP4LHk7gWIQooP8x8
liH86g24sRHH4/qAZuwUqkfnhCb82EMJsC9LewfnW3PDc/BC7eO0fOpQ652EKtd7
7khddcBb7qyyCmukOxPRxG3S1ze9nlduvk6cXuN/O4sprei6su3Rrh2JbMk8W6kn
Br/XUx01dT1SYOwtBKU5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:44 2025 by rpki-client