Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/rmGyfkFNDI7C6qIZvqG4XUMcngw.roa
File: rmGyfkFNDI7C6qIZvqG4XUMcngw.roa (raw, json)
Hash identifier: YpkixmA2NcPWa+oLY2F17gMATXYN/fjtNBdZ7b9QED8=
Subject key identifier: AE:61:B2:7E:41:4D:0C:8E:C2:EA:A2:19:BE:A1:B8:5D:43:1C:9E:0C
Certificate issuer: /CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Certificate serial: 01857139EFC0B80EBD6AAA516982C47D5797
Authority key identifier: CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/rmGyfkFNDI7C6qIZvqG4XUMcngw.roa
Signing time: Mon 02 Jan 2023 06:45:00 +0000
ROA not before: Mon 02 Jan 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211552
IP address blocks: 74.220.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ef:c0:b8:0e:bd:6a:aa:51:69:82:c4:7d:57:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Validity
Not Before: Jan 2 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae61b27e414d0c8ec2eaa219bea1b85d431c9e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:26:a1:71:22:8c:4a:f8:7c:ae:a9:24:08:3e:
ea:dd:4a:40:c0:e9:a3:ad:28:5e:73:52:78:a7:e0:
10:e3:ce:45:47:4a:4c:e4:ce:dd:fe:80:55:96:3b:
ad:89:d4:5e:8f:ae:82:55:06:0f:9b:6d:c2:db:da:
89:22:d4:60:8a:f7:4b:e4:e6:5e:cb:f3:5b:f1:25:
d0:19:70:30:87:bc:c7:2b:fe:7b:d8:89:11:a3:af:
73:18:e6:6b:2b:a5:ec:93:0f:45:e4:46:ee:f3:ea:
8b:3e:03:cd:27:68:46:e5:b1:9c:88:0b:1d:43:97:
2b:ec:95:4d:ca:0d:99:1f:82:69:a1:bf:55:85:c8:
07:49:64:74:e3:3a:ab:63:50:a2:f7:a3:69:f5:71:
9f:cb:40:52:0d:99:4c:15:18:df:04:a8:95:a2:5a:
28:50:c0:6a:2e:40:b1:b6:61:73:ff:ab:f7:eb:ad:
25:58:f1:e4:09:ea:94:a7:00:b2:a5:f7:1d:0c:4f:
e5:8e:6c:54:53:d3:12:00:79:40:a2:0a:eb:ae:3d:
90:be:16:4a:b4:59:d5:64:86:f0:23:8a:ab:22:8d:
88:65:2d:43:ed:e7:63:f7:7c:bf:52:05:da:c1:1d:
53:51:a2:e8:e1:2e:74:30:ed:0f:ed:63:6e:96:fb:
32:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:61:B2:7E:41:4D:0C:8E:C2:EA:A2:19:BE:A1:B8:5D:43:1C:9E:0C
X509v3 Authority Key Identifier:
keyid:CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/rmGyfkFNDI7C6qIZvqG4XUMcngw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/yvJIiCS3FKHzDCyAn722hXVlK0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.220.16.0/21
Signature Algorithm: sha256WithRSAEncryption
70:c5:4b:60:cc:18:4c:e4:ce:69:8a:53:c4:fe:29:f2:e5:8c:
54:dc:66:59:a8:bf:93:0e:e9:73:f2:9f:34:94:da:a9:83:45:
03:33:9e:35:7d:ed:15:20:c3:33:0f:0d:59:8b:c8:97:f2:f9:
4e:39:e0:1b:da:bb:0e:ad:17:f7:2c:b6:08:23:4d:fb:75:48:
d0:0a:ae:76:22:89:58:80:38:b0:bc:2b:db:2d:20:37:7f:6c:
28:d0:83:30:90:02:74:5d:3c:05:58:23:49:97:5a:43:21:0f:
5f:10:f4:03:e5:10:c5:f1:14:b7:a9:65:11:1b:71:f8:93:6e:
6c:23:bd:fc:3c:62:da:97:5d:58:cc:2e:f4:b9:03:81:7a:b4:
15:6f:41:10:8d:0a:42:e2:02:4d:73:0e:71:a5:92:96:c9:a3:
84:5c:09:da:5b:ca:7b:4e:a3:b1:88:75:08:47:7a:6e:67:66:
77:98:74:30:b8:2a:9d:f2:88:95:8a:a3:f0:31:1f:65:39:87:
17:54:8f:a7:06:cd:f5:f9:5d:9e:99:94:03:0b:b4:91:79:71:
af:cb:62:39:90:3c:c3:1d:97:d7:10:42:89:7c:a8:95:ac:53:
7f:ed:99:cc:12:10:09:ab:f4:fb:2a:7a:60:b6:51:aa:2e:71:
ff:a9:9d:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOe/AuA69aqpRaYLEfVeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjI0ODg4MjRiNzE0YTFmMzBjMmM4MDlmYmRiNjg1NzU2
NTJiNGEwHhcNMjMwMTAyMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTYxYjI3ZTQxNGQwYzhlYzJlYWEyMTliZWExYjg1ZDQzMWM5ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiahcSKMSvh8rqkkCD7q3UpAwOmj
rShec1J4p+AQ485FR0pM5M7d/oBVljutidRej66CVQYPm23C29qJItRgivdL5OZe
y/Nb8SXQGXAwh7zHK/572IkRo69zGOZrK6Xskw9F5Ebu8+qLPgPNJ2hG5bGciAsd
Q5cr7JVNyg2ZH4Jpob9VhcgHSWR04zqrY1Ci96Np9XGfy0BSDZlMFRjfBKiVoloo
UMBqLkCxtmFz/6v3660lWPHkCeqUpwCypfcdDE/ljmxUU9MSAHlAogrrrj2QvhZK
tFnVZIbwI4qrIo2IZS1D7edj93y/UgXawR1TUaLo4S50MO0P7WNulvsyewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5hsn5BTQyOwuqiGb6huF1DHJ4MMB8GA1UdIwQY
MBaAFMrySIgktxSh8wwsgJ+9toV1ZStKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZKSWlDUzNGS0h6REN5QW43MjJoWFZsSzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS83YTkzNmMtZDZlMi00Y2MxLTllNGIt
ZDIzN2E5ZTZhYjE0LzEvcm1HeWZrRk5ESTdDNnFJWnZxRzRYVU1jbmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS83YTkzNmMtZDZlMi00Y2MxLTllNGItZDIzN2E5ZTZhYjE0
LzEveXZKSWlDUzNGS0h6REN5QW43MjJoWFZsSzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDStwQMA0G
CSqGSIb3DQEBCwUAA4IBAQBwxUtgzBhM5M5pilPE/iny5YxU3GZZqL+TDulz8p80
lNqpg0UDM541fe0VIMMzDw1Zi8iX8vlOOeAb2rsOrRf3LLYII037dUjQCq52IolY
gDiwvCvbLSA3f2wo0IMwkAJ0XTwFWCNJl1pDIQ9fEPQD5RDF8RS3qWURG3H4k25s
I738PGLal11YzC70uQOBerQVb0EQjQpC4gJNcw5xpZKWyaOEXAnaW8p7TqOxiHUI
R3puZ2Z3mHQwuCqd8oiViqPwMR9lOYcXVI+nBs31+V2emZQDC7SReXGvy2I5kDzD
HZfXEEKJfKiVrFN/7ZnMEhAJq/T7KnpgtlGqLnH/qZ0J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:49 2024 by rpki-client on console-fra.rpki-client.org