Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/6I_BDT_oY1CKg3l0zGGqRBsxDRo.roa
File: 6I_BDT_oY1CKg3l0zGGqRBsxDRo.roa (raw, json)
Hash identifier: niY434QDIFznxm/PTRTnsjtVcnre8cER3+ncUyjumgo=
Subject key identifier: E8:8F:C1:0D:3F:E8:63:50:8A:83:79:74:CC:61:AA:44:1B:31:0D:1A
Certificate issuer: /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial: 018C3EB937AC93D4D81C9ACC2D090347457A
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/6I_BDT_oY1CKg3l0zGGqRBsxDRo.roa
Signing time: Wed 06 Dec 2023 10:42:54 +0000
ROA not before: Wed 06 Dec 2023 10:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39405
IP address blocks: 185.117.16.0/24 maxlen: 24
185.117.16.0/22 maxlen: 24
185.227.0.0/22 maxlen: 24
185.247.86.0/23 maxlen: 24
185.116.130.0/24 maxlen: 24
185.116.128.0/22 maxlen: 24
185.244.73.0/24 maxlen: 24
193.84.73.0/24 maxlen: 24
185.244.72.0/22 maxlen: 24
45.153.92.0/22 maxlen: 24
185.253.92.0/22 maxlen: 24
141.0.205.0/24 maxlen: 24
141.0.202.0/24 maxlen: 24
141.0.200.0/24 maxlen: 24
141.0.200.0/21 maxlen: 24
141.0.206.0/24 maxlen: 24
185.249.184.0/22 maxlen: 24
185.249.184.0/24 maxlen: 24
185.246.96.0/22 maxlen: 24
93.93.40.0/21 maxlen: 24
93.93.40.0/24 maxlen: 24
93.93.47.0/24 maxlen: 24
93.93.45.0/24 maxlen: 24
2a01:6600::/32 maxlen: 32
2a0c:4400::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:b9:37:ac:93:d4:d8:1c:9a:cc:2d:09:03:47:45:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
Validity
Not Before: Dec 6 10:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e88fc10d3fe863508a837974cc61aa441b310d1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:80:f8:ec:92:ed:cd:a4:82:fe:e6:6d:f2:f3:
3b:d9:41:97:e1:57:fd:18:ff:55:f5:eb:b1:39:62:
78:35:94:0c:7b:c4:93:7b:6c:3b:a8:14:be:fa:80:
bf:16:4c:bb:7b:88:45:9b:a2:c2:c1:27:4a:0c:c3:
1c:1b:ae:98:f5:06:80:33:d9:b9:72:97:1f:92:a0:
9c:f4:56:71:a6:41:aa:56:3e:07:27:07:a6:a0:8c:
8f:ca:9c:45:81:c0:00:1d:37:eb:50:1b:80:d1:40:
1a:c3:c3:fc:6e:2a:c1:c3:44:7e:51:4d:ca:91:ac:
6d:53:06:2d:0f:6a:22:a1:0f:4b:30:8d:4d:1d:a4:
ab:3c:4d:9b:c5:5f:b8:44:c7:e9:5b:e2:be:b2:57:
26:b7:e2:69:1e:58:3a:64:d8:81:0c:2b:b9:e9:f3:
df:ca:35:0a:cf:00:6d:86:ac:75:ca:ad:50:ab:36:
bf:15:f4:cd:f0:07:29:00:0b:9d:ce:4a:bf:2c:37:
84:bc:6c:ee:b0:dc:0c:fc:9f:c6:44:ca:06:a3:ef:
d7:70:26:7b:75:4c:3e:0a:c1:5a:35:e2:40:31:f5:
5a:c3:ef:7a:b9:3f:88:9f:0a:3c:fd:0e:b0:d8:9c:
a4:e6:8e:8b:bd:4b:c0:3c:ac:de:f5:1e:f7:6b:e8:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:8F:C1:0D:3F:E8:63:50:8A:83:79:74:CC:61:AA:44:1B:31:0D:1A
X509v3 Authority Key Identifier:
keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/6I_BDT_oY1CKg3l0zGGqRBsxDRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.92.0/22
93.93.40.0/21
141.0.200.0/21
185.116.128.0/22
185.117.16.0/22
185.227.0.0/22
185.244.72.0/22
185.246.96.0/22
185.247.86.0/23
185.249.184.0/22
185.253.92.0/22
193.84.73.0/24
IPv6:
2a01:6600::/32
2a0c:4400::/32
Signature Algorithm: sha256WithRSAEncryption
08:e2:d7:f0:ca:1e:60:c9:c8:cb:57:e9:10:47:2f:1d:9a:22:
a8:31:3e:56:d3:ea:59:8e:d0:14:2a:dc:52:67:6f:2c:55:0d:
7f:6b:48:4a:18:d1:f1:aa:19:3f:d6:28:50:da:2e:99:6e:b6:
3d:bc:5d:85:20:26:cb:c4:1c:b9:3a:89:41:ae:de:99:2b:fb:
ad:f1:b2:6b:fd:6b:dd:8b:87:5e:11:8b:c1:e2:b8:46:d7:c3:
c0:71:fe:26:bf:00:4b:00:4d:25:a9:f1:73:43:03:52:b2:4c:
6c:b9:84:ca:96:65:bb:65:21:72:a7:14:54:8f:8a:3d:91:22:
12:47:e6:43:0f:ed:7b:12:5d:eb:73:07:54:70:e8:5a:67:69:
60:06:07:bd:04:c3:2c:93:ca:93:c3:f5:92:ff:15:3a:bb:0f:
ea:79:6b:3f:fe:4b:e9:84:b3:96:ba:32:2b:e1:23:d1:2d:ef:
bb:65:1c:08:f9:05:41:8e:61:70:b1:8f:79:05:00:4d:f4:2a:
6d:c2:77:44:59:15:bb:36:cf:fb:b2:f6:18:fa:d2:b7:c8:fd:
de:38:af:44:e9:0a:c6:60:89:94:03:d3:4c:8a:aa:4d:2d:26:
bb:86:1c:d5:d9:35:84:24:ec:be:3c:3a:c2:bf:01:9c:4e:6a:
1b:fd:c9:ff
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYw+uTesk9TYHJrMLQkDR0V6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjMxMjA2MTA0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODhmYzEwZDNmZTg2MzUwOGE4Mzc5NzRjYzYxYWE0NDFiMzEwZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoID47JLtzaSC/uZt8vM72UGX4Vf9
GP9V9euxOWJ4NZQMe8STe2w7qBS++oC/Fky7e4hFm6LCwSdKDMMcG66Y9QaAM9m5
cpcfkqCc9FZxpkGqVj4HJwemoIyPypxFgcAAHTfrUBuA0UAaw8P8birBw0R+UU3K
kaxtUwYtD2oioQ9LMI1NHaSrPE2bxV+4RMfpW+K+slcmt+JpHlg6ZNiBDCu56fPf
yjUKzwBthqx1yq1Qqza/FfTN8AcpAAudzkq/LDeEvGzusNwM/J/GRMoGo+/XcCZ7
dUw+CsFaNeJAMfVaw+96uT+Inwo8/Q6w2Jyk5o6LvUvAPKze9R73a+inrQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFOiPwQ0/6GNQioN5dMxhqkQbMQ0aMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvNklfQkRUX29ZMUNLZzNsMHpHR3FSQnN4RFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLZlcAwQD
XV0oAwQDjQDIAwQCuXSAAwQCuXUQAwQCueMAAwQCufRIAwQCufZgAwQBufdWAwQC
ufm4AwQCuf1cAwQAwVRJMBQEAgACMA4DBQAqAWYAAwUAKgxEADANBgkqhkiG9w0B
AQsFAAOCAQEACOLX8MoeYMnIy1fpEEcvHZoiqDE+VtPqWY7QFCrcUmdvLFUNf2tI
ShjR8aoZP9YoUNoumW62PbxdhSAmy8QcuTqJQa7emSv7rfGya/1r3YuHXhGLweK4
RtfDwHH+Jr8ASwBNJanxc0MDUrJMbLmEypZlu2UhcqcUVI+KPZEiEkfmQw/texJd
63MHVHDoWmdpYAYHvQTDLJPKk8P1kv8VOrsP6nlrP/5L6YSzlroyK+Ej0S3vu2Uc
CPkFQY5hcLGPeQUATfQqbcJ3RFkVuzbP+7L2GPrSt8j93jivROkKxmCJlAPTTIqq
TS0mu4Yc1dk1hCTsvjw6wr8BnE5qG/3J/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:05 2024 by rpki-client on console-fra.rpki-client.org