Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/74O9CF2yHMaUBEhcWd6QeUsUbOI.roa
File: 74O9CF2yHMaUBEhcWd6QeUsUbOI.roa (raw, json)
Hash identifier: uhMnU7c+F+RTu2DvxrtBHJN4DNf+PmpuS1wJ8cEHq8g=
Subject key identifier: EF:83:BD:08:5D:B2:1C:C6:94:04:48:5C:59:DE:90:79:4B:14:6C:E2
Certificate issuer: /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial: 018CC2DAB24CE9936886E8E60576FDE04876
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/74O9CF2yHMaUBEhcWd6QeUsUbOI.roa
Signing time: Mon 01 Jan 2024 02:29:21 +0000
ROA not before: Mon 01 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198682
IP address blocks: 193.176.64.0/22 maxlen: 24
109.205.0.0/21 maxlen: 24
109.71.136.0/21 maxlen: 24
185.71.148.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
45.88.140.0/22 maxlen: 24
2a0b:f1c0::/32 maxlen: 32
2a00:1f10::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b2:4c:e9:93:68:86:e8:e6:05:76:fd:e0:48:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
Validity
Not Before: Jan 1 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef83bd085db21cc69404485c59de90794b146ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c6:3c:e3:5f:75:78:1c:6e:23:32:4c:9d:6c:
3d:4a:a4:3b:e9:e8:9b:81:50:5a:c7:c9:68:38:6f:
a3:49:8a:a5:1d:82:92:40:40:2c:f2:9d:9d:92:2b:
ff:89:70:a2:5e:2f:6b:ca:d9:6e:6b:fa:aa:f5:d9:
b0:39:d1:64:bc:15:62:46:40:30:8b:16:f4:b8:2e:
4a:67:e0:19:bc:cb:19:89:fa:54:ce:a5:ef:d5:07:
b1:13:1e:2e:49:53:d3:b0:05:eb:0f:25:18:c9:4f:
8d:cb:34:29:e3:05:d1:9a:78:c7:a2:34:f2:1e:59:
4f:b5:1f:eb:5b:f8:bd:e5:db:d1:63:f6:4b:ac:1b:
1d:f8:4f:c3:59:41:3a:fc:e8:d0:d2:16:5b:90:cc:
c4:9f:bf:ea:88:02:d2:ac:8b:d0:be:26:40:ab:e7:
57:78:ee:74:a2:c7:f8:32:2c:48:ad:79:fb:aa:19:
1e:f7:e2:b0:8d:12:d4:7d:6d:59:9b:88:26:32:ba:
44:22:1c:04:05:b9:12:c1:c1:b8:b7:96:57:58:a4:
fb:ff:7c:7d:07:c6:ef:49:e5:95:fd:0e:d8:ce:c0:
6a:3c:1c:83:6a:62:13:4d:11:97:5d:fd:6f:18:f2:
6f:cc:22:4e:b3:a6:3c:bf:4e:0b:61:85:b5:55:3e:
96:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:83:BD:08:5D:B2:1C:C6:94:04:48:5C:59:DE:90:79:4B:14:6C:E2
X509v3 Authority Key Identifier:
keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/74O9CF2yHMaUBEhcWd6QeUsUbOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.140.0/22
109.71.136.0/21
109.205.0.0/21
185.71.148.0/22
185.220.72.0/22
185.230.96.0/22
193.176.64.0/22
IPv6:
2a00:1f10::/32
2a0b:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
8a:8f:fb:50:a9:02:4f:01:ca:3a:62:87:b4:44:ac:7c:66:11:
f2:ed:c4:16:d1:1f:8a:8f:e7:2a:34:f4:ce:b1:0d:b3:d2:11:
91:bf:1c:a0:94:c1:27:af:ae:4d:6c:b7:71:f4:51:94:d6:c6:
c4:f0:a5:47:51:6b:56:99:ea:35:37:11:4f:53:cb:a0:c8:17:
38:7c:cc:a1:56:2e:08:14:ec:a1:56:5d:99:87:57:8e:32:18:
cc:08:9e:36:79:16:61:2e:db:4f:8d:0d:52:0d:18:04:f0:42:
2d:20:38:7c:14:4a:3f:c3:bd:61:f1:29:26:1b:14:f0:2a:42:
1f:b8:32:a0:fc:60:26:13:6f:6e:b1:99:60:bc:a3:71:46:7a:
f0:fc:b5:df:f2:dd:c8:bc:2b:0f:6e:e6:8d:a8:2c:e4:00:dd:
3a:18:ca:57:15:5b:d3:ac:58:49:ae:02:7b:a6:1a:cd:b7:c7:
e7:eb:05:a7:af:34:47:b6:cd:42:67:ce:59:5c:e4:0a:75:17:
1a:6a:46:70:32:51:d1:0f:b3:7b:10:d0:62:5d:7c:ed:43:8f:
e2:57:25:47:51:0d:20:c8:36:54:22:c0:aa:a9:b0:01:d3:be:
4f:86:c9:17:d4:bf:93:59:52:08:97:b1:2f:73:c4:9c:7e:d8:
90:ac:ea:03
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzC2rJM6ZNohujmBXb94Eh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjQwMTAxMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjgzYmQwODVkYjIxY2M2OTQwNDQ4NWM1OWRlOTA3OTRiMTQ2Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcY84191eBxuIzJMnWw9SqQ76eib
gVBax8loOG+jSYqlHYKSQEAs8p2dkiv/iXCiXi9rytlua/qq9dmwOdFkvBViRkAw
ixb0uC5KZ+AZvMsZifpUzqXv1QexEx4uSVPTsAXrDyUYyU+NyzQp4wXRmnjHojTy
HllPtR/rW/i95dvRY/ZLrBsd+E/DWUE6/OjQ0hZbkMzEn7/qiALSrIvQviZAq+dX
eO50osf4MixIrXn7qhke9+KwjRLUfW1Zm4gmMrpEIhwEBbkSwcG4t5ZXWKT7/3x9
B8bvSeWV/Q7YzsBqPByDamITTRGXXf1vGPJvzCJOs6Y8v04LYYW1VT6WqQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFO+DvQhdshzGlARIXFnekHlLFGziMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvNzRPOUNGMnlITWFVQkVoY1dkNlFlVXNVYk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLViMAwQD
bUeIAwQDbc0AAwQCuUeUAwQCudxIAwQCueZgAwQCwbBAMBQEAgACMA4DBQAqAB8Q
AwUAKgvxwDANBgkqhkiG9w0BAQsFAAOCAQEAio/7UKkCTwHKOmKHtESsfGYR8u3E
FtEfio/nKjT0zrENs9IRkb8coJTBJ6+uTWy3cfRRlNbGxPClR1FrVpnqNTcRT1PL
oMgXOHzMoVYuCBTsoVZdmYdXjjIYzAieNnkWYS7bT40NUg0YBPBCLSA4fBRKP8O9
YfEpJhsU8CpCH7gyoPxgJhNvbrGZYLyjcUZ68Py13/LdyLwrD27mjags5ADdOhjK
VxVb06xYSa4Ce6YazbfH5+sFp680R7bNQmfOWVzkCnUXGmpGcDJR0Q+zexDQYl18
7UOP4lclR1ENIMg2VCLAqqmwAdO+T4bJF9S/k1lSCJexL3PEnH7YkKzqAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:12 2024 by rpki-client on console-ams.rpki-client.org