Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/adcd18-eb22-4031-be5d-4287346c7f18/1/Iixh3Ob8fuQDYVp8_-DBcwGKrRI.roa
File: Iixh3Ob8fuQDYVp8_-DBcwGKrRI.roa (raw, json)
Hash identifier: sSTKQNrvctWCJhvJ3uHMS4UyAxG/gUihCr8S8qnuy2E=
Subject key identifier: 22:2C:61:DC:E6:FC:7E:E4:03:61:5A:7C:FF:E0:C1:73:01:8A:AD:12
Certificate issuer: /CN=0eae204b66eb4ecfeac2d2e180f2ee686b9aa7d7
Certificate serial: 018B5107EEB6794BA6D46FCF1FD520FD050B
Authority key identifier: 0E:AE:20:4B:66:EB:4E:CF:EA:C2:D2:E1:80:F2:EE:68:6B:9A:A7:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dq4gS2brTs_qwtLhgPLuaGuap9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/adcd18-eb22-4031-be5d-4287346c7f18/1/Iixh3Ob8fuQDYVp8_-DBcwGKrRI.roa
Signing time: Sat 21 Oct 2023 06:59:16 +0000
ROA not before: Sat 21 Oct 2023 06:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205460
IP address blocks: 185.218.10.0/24 maxlen: 24
185.218.11.0/24 maxlen: 24
185.218.8.0/22 maxlen: 22
185.218.8.0/24 maxlen: 24
185.218.9.0/24 maxlen: 24
194.55.142.0/24 maxlen: 24
194.55.140.0/24 maxlen: 24
194.55.143.0/24 maxlen: 24
194.55.140.0/22 maxlen: 22
194.55.141.0/24 maxlen: 24
2a09:c380::/32 maxlen: 32
2a09:c380:0:1::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:51:07:ee:b6:79:4b:a6:d4:6f:cf:1f:d5:20:fd:05:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eae204b66eb4ecfeac2d2e180f2ee686b9aa7d7
Validity
Not Before: Oct 21 06:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=222c61dce6fc7ee403615a7cffe0c173018aad12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:39:67:ea:ed:fb:88:b3:25:87:36:b0:0c:ab:
4b:4f:de:6d:42:34:a7:cf:d6:95:7a:ce:61:d7:73:
c2:37:af:2d:de:1d:d9:5e:40:a1:b4:82:a1:3e:55:
d8:95:29:a9:08:21:e3:9b:9d:95:56:44:4a:fe:8b:
a7:20:5b:88:8d:4b:5f:34:91:0e:48:2d:4c:1c:12:
3d:2c:dc:cb:aa:d5:cc:3d:2c:d7:3f:a9:a1:73:99:
1e:23:33:5c:5a:5c:b9:7f:f6:c2:a1:0b:c4:31:47:
47:0c:2a:da:33:f2:6e:38:bd:59:d1:53:bb:64:9a:
6e:92:00:72:71:07:3c:eb:b3:62:23:28:26:fa:1f:
df:8f:89:18:fc:50:a4:66:f8:04:14:23:d9:55:67:
69:c8:37:5e:49:1b:78:e3:27:43:65:65:a7:82:ce:
9c:40:3d:d8:a3:f5:b7:0d:63:07:86:58:94:5a:25:
85:6a:a0:68:6a:e2:15:b0:59:f0:93:1b:54:d5:85:
aa:5f:ba:e1:26:56:a5:0a:99:45:b9:8e:42:20:a4:
16:85:6c:38:52:72:c5:ec:59:d1:f8:c2:f5:5e:cc:
27:a8:db:69:d2:fe:a5:3d:9b:6e:19:98:a9:14:a5:
e8:13:28:80:ec:1d:a3:62:c6:37:65:5f:99:b3:d1:
55:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2C:61:DC:E6:FC:7E:E4:03:61:5A:7C:FF:E0:C1:73:01:8A:AD:12
X509v3 Authority Key Identifier:
keyid:0E:AE:20:4B:66:EB:4E:CF:EA:C2:D2:E1:80:F2:EE:68:6B:9A:A7:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dq4gS2brTs_qwtLhgPLuaGuap9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/adcd18-eb22-4031-be5d-4287346c7f18/1/Iixh3Ob8fuQDYVp8_-DBcwGKrRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/adcd18-eb22-4031-be5d-4287346c7f18/1/Dq4gS2brTs_qwtLhgPLuaGuap9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.8.0/22
194.55.140.0/22
IPv6:
2a09:c380::/32
Signature Algorithm: sha256WithRSAEncryption
5d:41:5d:de:bf:21:2a:4a:e7:00:b1:6a:d1:53:1f:77:8e:21:
ad:83:72:55:f3:35:85:05:30:8d:44:11:07:cf:51:fd:66:b7:
af:54:f3:df:ab:66:f9:19:e2:0a:70:a9:3e:c0:ed:2e:64:96:
7a:43:40:7c:41:15:4a:09:62:66:13:0b:07:74:30:e9:99:8a:
90:18:df:27:d6:09:b6:e7:c8:07:44:05:ce:a8:5f:ca:d2:1f:
cb:93:d8:87:e3:8e:f4:66:0b:25:e8:11:21:19:34:69:11:22:
51:17:22:8c:8d:02:ac:c4:d5:15:76:55:fe:10:eb:fd:11:3d:
9b:d6:a6:c3:64:7e:70:14:60:59:9b:c5:0f:84:5a:00:c5:22:
b3:c9:bb:58:b6:5f:df:20:5c:f1:78:b1:85:ed:e2:e2:37:22:
70:ad:7a:7a:04:61:6d:83:86:6f:b9:4c:12:05:a6:4a:39:cc:
e5:31:da:72:9b:a7:ce:15:05:6e:ae:26:9e:d6:67:a3:b6:58:
68:aa:9b:5f:c4:b2:c8:8d:93:3a:5c:34:6b:8c:bd:76:ad:72:
71:c4:ba:cb:c0:66:de:19:40:ca:41:86:89:33:35:10:35:e2:
ca:ca:de:dc:bf:fd:a3:25:af:43:e6:f3:12:7e:d4:38:1d:85:
e4:10:6c:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtRB+62eUum1G/PH9Ug/QULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYWUyMDRiNjZlYjRlY2ZlYWMyZDJlMTgwZjJlZTY4NmI5
YWE3ZDcwHhcNMjMxMDIxMDY1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJjNjFkY2U2ZmM3ZWU0MDM2MTVhN2NmZmUwYzE3MzAxOGFhZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzln6u37iLMlhzawDKtLT95tQjSn
z9aVes5h13PCN68t3h3ZXkChtIKhPlXYlSmpCCHjm52VVkRK/ounIFuIjUtfNJEO
SC1MHBI9LNzLqtXMPSzXP6mhc5keIzNcWly5f/bCoQvEMUdHDCraM/JuOL1Z0VO7
ZJpukgBycQc867NiIygm+h/fj4kY/FCkZvgEFCPZVWdpyDdeSRt44ydDZWWngs6c
QD3Yo/W3DWMHhliUWiWFaqBoauIVsFnwkxtU1YWqX7rhJlalCplFuY5CIKQWhWw4
UnLF7FnR+ML1XswnqNtp0v6lPZtuGZipFKXoEyiA7B2jYsY3ZV+Zs9FVDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCIsYdzm/H7kA2FafP/gwXMBiq0SMB8GA1UdIwQY
MBaAFA6uIEtm607P6sLS4YDy7mhrmqfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHE0Z1MyYnJUc19xd3RMaGdQTHVhR3VhcDljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZGNkMTgtZWIyMi00MDMxLWJlNWQt
NDI4NzM0NmM3ZjE4LzEvSWl4aDNPYjhmdVFEWVZwOF8tREJjd0dLclJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hZGNkMTgtZWIyMi00MDMxLWJlNWQtNDI4NzM0NmM3ZjE4
LzEvRHE0Z1MyYnJUc19xd3RMaGdQTHVhR3VhcDljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudoIAwQC
wjeMMA0EAgACMAcDBQAqCcOAMA0GCSqGSIb3DQEBCwUAA4IBAQBdQV3evyEqSucA
sWrRUx93jiGtg3JV8zWFBTCNRBEHz1H9ZrevVPPfq2b5GeIKcKk+wO0uZJZ6Q0B8
QRVKCWJmEwsHdDDpmYqQGN8n1gm258gHRAXOqF/K0h/Lk9iH4470Zgsl6BEhGTRp
ESJRFyKMjQKsxNUVdlX+EOv9ET2b1qbDZH5wFGBZm8UPhFoAxSKzybtYtl/fIFzx
eLGF7eLiNyJwrXp6BGFtg4ZvuUwSBaZKOczlMdpym6fOFQVuriae1mejtlhoqptf
xLLIjZM6XDRrjL12rXJxxLrLwGbeGUDKQYaJMzUQNeLKyt7cv/2jJa9D5vMSftQ4
HYXkEGzz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org