Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/Cwt1DGoBQXX80YIU6IXGAAHOgtA.roa
File: Cwt1DGoBQXX80YIU6IXGAAHOgtA.roa (raw, json)
Hash identifier: 9xguHN+8FgUmBOuAh/TrS1qub1gQ63IyLUXz+/7Z5Zc=
Subject key identifier: 0B:0B:75:0C:6A:01:41:75:FC:D1:82:14:E8:85:C6:00:01:CE:82:D0
Certificate issuer: /CN=d997d06eda361d935588e427f3d9833f8f7d1d20
Certificate serial: 01856C0A447A24D0076D1B50B869B5001C0A
Authority key identifier: D9:97:D0:6E:DA:36:1D:93:55:88:E4:27:F3:D9:83:3F:8F:7D:1D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZfQbto2HZNViOQn89mDP499HSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/Cwt1DGoBQXX80YIU6IXGAAHOgtA.roa
Signing time: Sun 01 Jan 2023 06:34:50 +0000
ROA not before: Sun 01 Jan 2023 06:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62000
IP address blocks: 194.147.47.0/24 maxlen: 24
194.147.67.0/24 maxlen: 24
194.146.126.0/24 maxlen: 24
2a0b:b800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:44:7a:24:d0:07:6d:1b:50:b8:69:b5:00:1c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d997d06eda361d935588e427f3d9833f8f7d1d20
Validity
Not Before: Jan 1 06:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b0b750c6a014175fcd18214e885c60001ce82d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7d:ac:d3:1b:c5:a0:28:19:3e:5e:37:7b:d7:
75:f2:92:85:21:62:ab:2d:22:8c:97:a2:69:6b:ab:
a5:ca:6a:d0:5a:7d:44:db:9d:ea:f2:14:18:b8:27:
40:1b:50:cb:f9:54:44:82:5a:fd:70:eb:20:28:e7:
19:b1:19:20:58:7e:2b:00:67:d7:32:0c:b7:4c:e6:
90:7a:b0:bd:a8:9a:0d:43:b6:b4:31:35:61:b0:f1:
77:59:30:02:9e:c0:3c:8f:b9:b6:99:2b:9d:1d:8f:
24:19:ce:6d:6e:19:2c:7b:c9:bc:cb:2e:a5:b6:07:
5c:fe:f0:aa:98:e9:b4:95:f4:30:61:5d:31:a1:ef:
f7:36:6e:95:af:62:6e:b6:13:69:5b:7b:b2:4e:38:
b3:65:33:3a:f5:75:4b:a3:2e:25:a1:86:68:d9:e9:
50:b2:31:dc:54:9e:09:c7:f3:bb:0e:20:bc:0e:46:
d1:c9:59:f2:64:24:50:5b:ae:25:42:9d:33:62:0e:
64:3c:45:c4:c7:03:ad:c6:6e:07:c7:a0:71:5e:e4:
75:bd:d1:3d:55:cb:fb:5b:09:6f:0a:59:1d:e2:6f:
1f:98:12:20:7a:0d:1f:9f:89:9f:e8:b1:c5:8e:88:
f8:45:d3:cb:a7:e8:2c:cb:cd:38:05:4c:b8:ba:9d:
e9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0B:75:0C:6A:01:41:75:FC:D1:82:14:E8:85:C6:00:01:CE:82:D0
X509v3 Authority Key Identifier:
keyid:D9:97:D0:6E:DA:36:1D:93:55:88:E4:27:F3:D9:83:3F:8F:7D:1D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZfQbto2HZNViOQn89mDP499HSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/Cwt1DGoBQXX80YIU6IXGAAHOgtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/702da5-c2cb-4b66-b299-dc5e0c46e76c/1/2ZfQbto2HZNViOQn89mDP499HSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.126.0/24
194.147.47.0/24
194.147.67.0/24
IPv6:
2a0b:b800::/29
Signature Algorithm: sha256WithRSAEncryption
08:44:a6:23:b1:1f:4a:c4:3a:9b:5b:e3:c9:5d:2d:e2:34:3f:
8e:51:c4:c3:50:50:05:63:e2:89:c1:a2:0b:1f:26:fa:7c:27:
ae:15:de:e4:3b:78:d4:2e:b1:c9:74:ad:77:cd:54:2c:14:62:
ac:a5:48:a6:08:cf:d3:fc:43:1a:fd:b9:7f:25:bd:65:3b:ef:
ee:fc:a1:89:fa:6c:f6:6f:fa:92:58:ee:86:c1:68:ae:8b:88:
19:f4:08:b3:43:bf:d8:42:6d:bb:bd:18:6e:10:3e:63:ac:62:
cf:0b:73:d2:d6:1b:bf:e8:ca:a9:7a:5a:82:db:1e:64:b6:29:
e7:27:19:f6:6d:51:6d:53:a9:df:63:90:a3:f6:0f:8d:39:a3:
7c:5f:b3:69:e9:3c:f1:54:84:30:2b:13:34:93:5a:aa:e3:80:
3b:60:6d:65:23:0c:4a:07:29:11:d9:41:65:da:ec:de:d5:f4:
50:e7:ee:d2:d6:aa:1e:2f:b6:34:c1:78:73:15:ac:8c:cb:09:
88:b4:05:07:f8:7e:e3:d4:b6:7b:c2:bc:99:d4:fb:b8:e7:1a:
e3:c7:10:9c:12:9e:89:b1:ff:35:3b:70:51:58:80:91:42:c3:
69:73:12:f2:cc:ae:33:eb:57:e8:02:7f:4e:83:59:ab:9f:2a:
9b:0f:e8:57
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsCkR6JNAHbRtQuGm1ABwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTdkMDZlZGEzNjFkOTM1NTg4ZTQyN2YzZDk4MzNmOGY3
ZDFkMjAwHhcNMjMwMTAxMDYzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBiNzUwYzZhMDE0MTc1ZmNkMTgyMTRlODg1YzYwMDAxY2U4MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH2s0xvFoCgZPl43e9d18pKFIWKr
LSKMl6Jpa6ulymrQWn1E253q8hQYuCdAG1DL+VREglr9cOsgKOcZsRkgWH4rAGfX
Mgy3TOaQerC9qJoNQ7a0MTVhsPF3WTACnsA8j7m2mSudHY8kGc5tbhkse8m8yy6l
tgdc/vCqmOm0lfQwYV0xoe/3Nm6Vr2JuthNpW3uyTjizZTM69XVLoy4loYZo2elQ
sjHcVJ4Jx/O7DiC8DkbRyVnyZCRQW64lQp0zYg5kPEXExwOtxm4Hx6BxXuR1vdE9
Vcv7WwlvClkd4m8fmBIgeg0fn4mf6LHFjoj4RdPLp+gsy804BUy4up3powIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAsLdQxqAUF1/NGCFOiFxgABzoLQMB8GA1UdIwQY
MBaAFNmX0G7aNh2TVYjkJ/PZgz+PfR0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpmUWJ0bzJIWk5WaU9Rbjg5bURQNDk5SFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83MDJkYTUtYzJjYi00YjY2LWIyOTkt
ZGM1ZTBjNDZlNzZjLzEvQ3d0MURHb0JRWFg4MFlJVTZJWEdBQUhPZ3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83MDJkYTUtYzJjYi00YjY2LWIyOTktZGM1ZTBjNDZlNzZj
LzEvMlpmUWJ0bzJIWk5WaU9Rbjg5bURQNDk5SFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwpJ+AwQA
wpMvAwQAwpNDMA0EAgACMAcDBQMqC7gAMA0GCSqGSIb3DQEBCwUAA4IBAQAIRKYj
sR9KxDqbW+PJXS3iND+OUcTDUFAFY+KJwaILHyb6fCeuFd7kO3jULrHJdK13zVQs
FGKspUimCM/T/EMa/bl/Jb1lO+/u/KGJ+mz2b/qSWO6GwWiui4gZ9AizQ7/YQm27
vRhuED5jrGLPC3PS1hu/6MqpelqC2x5ktinnJxn2bVFtU6nfY5Cj9g+NOaN8X7Np
6TzxVIQwKxM0k1qq44A7YG1lIwxKBykR2UFl2uze1fRQ5+7S1qoeL7Y0wXhzFayM
ywmItAUH+H7j1LZ7wryZ1Pu45xrjxxCcEp6Jsf81O3BRWICRQsNpcxLyzK4z61fo
An9Og1mrnyqbD+hX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:35 2024 by rpki-client on console-fra.rpki-client.org