Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/SbGWEjLvUpUUdimDnEz9Uysdzn0.roa
File: SbGWEjLvUpUUdimDnEz9Uysdzn0.roa (raw, json)
Hash identifier: D/06X/UHOAZA+rg6Fr8qzFddXt82uzMR7k9CoXHOsE4=
Subject key identifier: 49:B1:96:12:32:EF:52:95:14:76:29:83:9C:4C:FD:53:2B:1D:CE:7D
Certificate issuer: /CN=85c313e9965eaa7b3ae9bd5cbf3566d44a51097d
Certificate serial: 018746547196034E7C32188D21AA442AAB50
Authority key identifier: 85:C3:13:E9:96:5E:AA:7B:3A:E9:BD:5C:BF:35:66:D4:4A:51:09:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcMT6ZZeqns66b1cvzVm1EpRCX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/SbGWEjLvUpUUdimDnEz9Uysdzn0.roa
Signing time: Mon 03 Apr 2023 08:55:51 +0000
ROA not before: Mon 03 Apr 2023 08:55:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.40.84.0/24 maxlen: 24
185.40.85.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.40.87.0/24 maxlen: 24
185.123.103.0/24 maxlen: 24
2a04:8340::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:54:71:96:03:4e:7c:32:18:8d:21:aa:44:2a:ab:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c313e9965eaa7b3ae9bd5cbf3566d44a51097d
Validity
Not Before: Apr 3 08:55:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49b1961232ef5295147629839c4cfd532b1dce7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d9:41:7c:9e:c5:5e:4a:70:ac:97:ac:da:33:
0a:54:f4:6c:74:7a:50:86:4d:93:d9:a3:a0:5d:02:
92:ff:67:a6:c8:7d:b3:f8:1c:7a:e8:69:dd:ce:97:
30:fd:b4:fb:46:12:2b:6c:eb:f3:81:24:52:1c:e5:
df:28:9a:f1:06:c4:4c:d8:35:a2:14:54:0b:e9:24:
65:fa:c3:39:11:f4:9a:85:d0:05:cc:c6:7d:f8:48:
0a:8d:db:24:7d:e9:4a:7e:b3:3b:d9:2c:7e:1e:55:
42:03:dc:da:0c:ae:b4:22:ab:1a:77:f2:d3:12:2e:
40:34:58:08:70:01:5d:68:06:19:f9:ec:a5:71:16:
c3:f0:b7:4e:81:7f:f6:a5:69:15:3d:e9:59:d2:a9:
ac:a6:9e:69:01:89:a3:85:5a:ea:dc:42:25:22:60:
48:db:7f:c7:1f:14:de:e7:7a:2c:cd:40:8e:99:eb:
a5:65:dc:90:be:9d:ae:69:83:0c:29:79:87:2a:46:
d9:f5:55:18:e9:cc:74:bf:f8:60:84:e9:4e:ff:f7:
df:f1:c6:56:3b:c2:4a:21:ba:d1:0c:81:2a:e8:75:
a4:c7:78:25:7e:50:e5:7d:aa:cf:0d:1c:8c:98:a3:
c2:91:1d:68:c1:79:cc:de:29:ec:e4:e5:cf:b2:b8:
04:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B1:96:12:32:EF:52:95:14:76:29:83:9C:4C:FD:53:2B:1D:CE:7D
X509v3 Authority Key Identifier:
keyid:85:C3:13:E9:96:5E:AA:7B:3A:E9:BD:5C:BF:35:66:D4:4A:51:09:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcMT6ZZeqns66b1cvzVm1EpRCX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/SbGWEjLvUpUUdimDnEz9Uysdzn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/059a7a-b569-4680-8de5-de231280c2a1/1/hcMT6ZZeqns66b1cvzVm1EpRCX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.84.0/22
185.123.103.0/24
IPv6:
2a04:8340::/29
Signature Algorithm: sha256WithRSAEncryption
43:90:f4:29:f9:c5:a1:bc:b7:4f:8c:28:56:22:4c:a8:41:58:
55:74:e1:0c:0f:8a:61:bd:42:4e:a4:59:15:9f:d0:27:96:49:
c3:ec:2a:30:6d:2c:9f:cf:3e:57:8f:ca:bf:35:7a:97:c8:8d:
12:90:e5:af:b0:1f:11:24:32:18:7f:e8:c8:2d:94:0b:a5:85:
f1:55:89:11:24:6a:52:fd:48:38:bb:75:9d:e0:a5:ae:3b:8f:
63:db:6f:1c:7a:52:fd:88:73:58:b0:00:1d:f6:d8:b4:64:b1:
3d:f4:20:20:46:78:9c:5d:c7:91:03:1d:48:f1:78:3a:1f:d9:
54:81:2a:04:8b:88:85:d2:e6:b6:88:39:c6:2a:f6:8a:79:e9:
4e:6b:a9:40:5f:32:e8:8e:5b:78:c3:a4:5c:d2:9a:b3:aa:49:
1a:b2:cd:4c:bc:1c:81:d0:b9:50:ce:a4:4a:0c:25:7f:16:64:
0f:6d:be:ef:4c:ee:0e:89:4c:b3:9a:ce:f4:c6:96:9f:9a:5d:
0e:e8:21:c2:e6:6d:e2:c9:cd:88:04:f6:30:6f:9d:ad:e3:87:
41:b8:ba:17:0f:3f:d7:df:78:57:eb:eb:81:19:63:fd:53:75:
53:cf:8f:d2:f5:6a:47:65:15:ed:9a:b7:b3:ab:9a:09:44:62:
b8:dc:ac:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYdGVHGWA058MhiNIapEKqtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzMxM2U5OTY1ZWFhN2IzYWU5YmQ1Y2JmMzU2NmQ0NGE1
MTA5N2QwHhcNMjMwNDAzMDg1NTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWIxOTYxMjMyZWY1Mjk1MTQ3NjI5ODM5YzRjZmQ1MzJiMWRjZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydlBfJ7FXkpwrJes2jMKVPRsdHpQ
hk2T2aOgXQKS/2emyH2z+Bx66Gndzpcw/bT7RhIrbOvzgSRSHOXfKJrxBsRM2DWi
FFQL6SRl+sM5EfSahdAFzMZ9+EgKjdskfelKfrM72Sx+HlVCA9zaDK60Iqsad/LT
Ei5ANFgIcAFdaAYZ+eylcRbD8LdOgX/2pWkVPelZ0qmspp5pAYmjhVrq3EIlImBI
23/HHxTe53oszUCOmeulZdyQvp2uaYMMKXmHKkbZ9VUY6cx0v/hghOlO//ff8cZW
O8JKIbrRDIEq6HWkx3glflDlfarPDRyMmKPCkR1owXnM3ins5OXPsrgEsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEmxlhIy71KVFHYpg5xM/VMrHc59MB8GA1UdIwQY
MBaAFIXDE+mWXqp7Oum9XL81ZtRKUQl9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNNVDZaWmVxbnM2NmIxY3Z6Vm0xRXBSQ1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wNTlhN2EtYjU2OS00NjgwLThkZTUt
ZGUyMzEyODBjMmExLzEvU2JHV0VqTHZVcFVVZGltRG5FejlVeXNkem4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wNTlhN2EtYjU2OS00NjgwLThkZTUtZGUyMzEyODBjMmEx
LzEvaGNNVDZaWmVxbnM2NmIxY3Z6Vm0xRXBSQ1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuShUAwQA
uXtnMA0EAgACMAcDBQMqBINAMA0GCSqGSIb3DQEBCwUAA4IBAQBDkPQp+cWhvLdP
jChWIkyoQVhVdOEMD4phvUJOpFkVn9AnlknD7CowbSyfzz5Xj8q/NXqXyI0SkOWv
sB8RJDIYf+jILZQLpYXxVYkRJGpS/Ug4u3Wd4KWuO49j228celL9iHNYsAAd9ti0
ZLE99CAgRnicXceRAx1I8Xg6H9lUgSoEi4iF0ua2iDnGKvaKeelOa6lAXzLojlt4
w6Rc0pqzqkkass1MvByB0LlQzqRKDCV/FmQPbb7vTO4OiUyzms70xpafml0O6CHC
5m3iyc2IBPYwb52t44dBuLoXDz/X33hX6+uBGWP9U3VTz4/S9WpHZRXtmrezq5oJ
RGK43Kzd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:09 2024 by rpki-client on console-ams.rpki-client.org