Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/2qXS5dRK3u5FlQhhakQvhq4V4x0.roa
File: 2qXS5dRK3u5FlQhhakQvhq4V4x0.roa (raw, json)
Hash identifier: ffpvh2H6dXwEauf9Caib0avzya84BZ6tA8radcoXPlU=
Subject key identifier: DA:A5:D2:E5:D4:4A:DE:EE:45:95:08:61:6A:44:2F:86:AE:15:E3:1D
Certificate issuer: /CN=d997d06eda361d935588e427f3d9833f8f7d1d20
Certificate serial: 01856C0A426EAFAEA556268A2AC599893BF1
Authority key identifier: D9:97:D0:6E:DA:36:1D:93:55:88:E4:27:F3:D9:83:3F:8F:7D:1D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZfQbto2HZNViOQn89mDP499HSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/2qXS5dRK3u5FlQhhakQvhq4V4x0.roa
Signing time: Sun 01 Jan 2023 06:34:49 +0000
ROA not before: Sun 01 Jan 2023 06:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51269
IP address blocks: 194.147.47.0/24 maxlen: 24
194.147.67.0/24 maxlen: 24
194.146.126.0/24 maxlen: 24
185.163.124.0/22 maxlen: 32
2a0b:b800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:42:6e:af:ae:a5:56:26:8a:2a:c5:99:89:3b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d997d06eda361d935588e427f3d9833f8f7d1d20
Validity
Not Before: Jan 1 06:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daa5d2e5d44adeee459508616a442f86ae15e31d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:28:20:f3:ad:e0:52:6e:ab:fc:94:34:ee:8c:
0e:07:bd:28:27:e1:93:76:c7:d9:3d:71:d6:5f:f6:
94:91:df:22:21:18:75:6c:31:20:2d:4a:1c:8f:2d:
2e:ec:02:6e:1b:7c:00:03:65:02:73:fd:1a:f6:b8:
da:be:c2:fa:9f:35:59:f9:6f:7f:df:b7:4e:34:d7:
89:45:a0:6d:5a:44:fe:89:71:70:2e:8b:da:8d:b7:
0f:ae:e7:77:42:25:78:54:82:b5:08:6a:37:82:57:
95:5a:46:a1:65:09:9d:0d:e7:90:ee:f1:a0:8d:1a:
81:4c:23:93:03:ad:c4:93:76:77:ec:e5:d7:68:8b:
af:75:d4:4d:17:94:27:db:4c:f3:ad:bb:cd:a3:c6:
de:8e:2c:67:0f:05:84:fb:24:03:1f:15:8b:35:11:
ec:7a:4a:37:ee:39:1b:f9:f9:2c:fa:f0:d8:dd:e9:
f1:9e:30:a6:ed:73:8e:73:16:97:c3:fa:ed:42:ac:
16:93:88:36:c1:a5:f7:2b:9e:f2:87:cc:81:0e:7b:
6e:4d:a3:5e:92:80:d9:ef:09:af:65:d8:e6:66:9f:
1a:a8:c5:da:76:a3:4c:32:16:75:ea:a6:3d:40:df:
55:04:5e:a2:02:6f:ba:c4:eb:a2:14:fc:47:97:67:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A5:D2:E5:D4:4A:DE:EE:45:95:08:61:6A:44:2F:86:AE:15:E3:1D
X509v3 Authority Key Identifier:
keyid:D9:97:D0:6E:DA:36:1D:93:55:88:E4:27:F3:D9:83:3F:8F:7D:1D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZfQbto2HZNViOQn89mDP499HSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/2qXS5dRK3u5FlQhhakQvhq4V4x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/2ZfQbto2HZNViOQn89mDP499HSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.124.0/22
194.146.126.0/24
194.147.47.0/24
194.147.67.0/24
IPv6:
2a0b:b800::/29
Signature Algorithm: sha256WithRSAEncryption
4c:62:02:a8:cc:84:d6:af:70:63:55:d2:28:cd:dd:d7:f5:cf:
3d:50:c1:95:79:48:9e:f1:da:25:11:2b:9d:e7:be:21:c4:f7:
50:6f:39:b1:61:27:27:b9:66:29:89:5e:20:ac:ad:dd:4f:a7:
45:6f:c0:f7:b4:a4:70:a1:7f:e6:c3:fd:1a:6f:b0:3a:57:9a:
36:44:33:ee:19:96:e1:1a:f9:48:b8:e3:da:93:6f:4d:4b:fa:
a9:4c:34:72:1b:63:81:c6:65:d6:51:0c:da:0b:c4:c5:d8:dc:
29:55:14:1a:ad:19:ef:60:ec:3a:c2:f0:d0:b0:0d:48:1b:d0:
89:67:05:f4:7f:05:81:45:0b:a9:63:1d:40:62:5d:bd:4a:0e:
83:09:8f:16:43:e2:75:16:fc:9a:91:1a:e6:3a:51:2a:22:f0:
e1:fe:e5:82:5e:d6:0a:05:08:c5:34:33:01:03:47:3d:d9:0e:
fd:e8:98:b5:55:fe:51:2d:f0:ec:f2:e4:87:b8:af:cd:8e:8d:
21:f6:62:6c:ef:31:29:28:53:a2:fa:80:74:91:7f:28:3c:05:
2b:46:a1:e0:8e:47:33:de:98:8a:8f:08:ed:ba:0f:fe:fb:75:
d3:01:86:78:0d:65:5f:5e:6f:9d:70:bc:48:c9:d1:d5:4f:7c:
5c:60:b6:e3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsCkJur66lViaKKsWZiTvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTdkMDZlZGEzNjFkOTM1NTg4ZTQyN2YzZDk4MzNmOGY3
ZDFkMjAwHhcNMjMwMTAxMDYzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWE1ZDJlNWQ0NGFkZWVlNDU5NTA4NjE2YTQ0MmY4NmFlMTVlMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoigg863gUm6r/JQ07owOB70oJ+GT
dsfZPXHWX/aUkd8iIRh1bDEgLUocjy0u7AJuG3wAA2UCc/0a9rjavsL6nzVZ+W9/
37dONNeJRaBtWkT+iXFwLovajbcPrud3QiV4VIK1CGo3gleVWkahZQmdDeeQ7vGg
jRqBTCOTA63Ek3Z37OXXaIuvddRNF5Qn20zzrbvNo8bejixnDwWE+yQDHxWLNRHs
eko37jkb+fks+vDY3enxnjCm7XOOcxaXw/rtQqwWk4g2waX3K57yh8yBDntuTaNe
koDZ7wmvZdjmZp8aqMXadqNMMhZ16qY9QN9VBF6iAm+6xOuiFPxHl2eh0wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNql0uXUSt7uRZUIYWpEL4auFeMdMB8GA1UdIwQY
MBaAFNmX0G7aNh2TVYjkJ/PZgz+PfR0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpmUWJ0bzJIWk5WaU9Rbjg5bURQNDk5SFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83MDJkYTUtYzJjYi00YjY2LWIyOTkt
ZGM1ZTBjNDZlNzZjLzEvMnFYUzVkUkszdTVGbFFoaGFrUXZocTRWNHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83MDJkYTUtYzJjYi00YjY2LWIyOTktZGM1ZTBjNDZlNzZj
LzEvMlpmUWJ0bzJIWk5WaU9Rbjg5bURQNDk5SFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuaN8AwQA
wpJ+AwQAwpMvAwQAwpNDMA0EAgACMAcDBQMqC7gAMA0GCSqGSIb3DQEBCwUAA4IB
AQBMYgKozITWr3BjVdIozd3X9c89UMGVeUie8dolESud574hxPdQbzmxYScnuWYp
iV4grK3dT6dFb8D3tKRwoX/mw/0ab7A6V5o2RDPuGZbhGvlIuOPak29NS/qpTDRy
G2OBxmXWUQzaC8TF2NwpVRQarRnvYOw6wvDQsA1IG9CJZwX0fwWBRQupYx1AYl29
Sg6DCY8WQ+J1FvyakRrmOlEqIvDh/uWCXtYKBQjFNDMBA0c92Q796Ji1Vf5RLfDs
8uSHuK/Njo0h9mJs7zEpKFOi+oB0kX8oPAUrRqHgjkcz3piKjwjtug/++3XTAYZ4
DWVfXm+dcLxIydHVT3xcYLbj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:12 2024 by rpki-client on console-ams.rpki-client.org