Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/84IXKrykMHhQZadqxb0M1TXpcYI.roa
File: 84IXKrykMHhQZadqxb0M1TXpcYI.roa (raw, json)
Hash identifier: b+8zzbLY/VeNpaX2SYeC0kMBetjfoN3ysocF9RsOKE0=
Subject key identifier: F3:82:17:2A:BC:A4:30:78:50:65:A7:6A:C5:BD:0C:D5:35:E9:71:82
Certificate issuer: /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial: 018CC2DAB2167DB460066E8E88215E67666A
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/84IXKrykMHhQZadqxb0M1TXpcYI.roa
Signing time: Mon 01 Jan 2024 02:29:21 +0000
ROA not before: Mon 01 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57348
IP address blocks: 185.67.149.0/24 maxlen: 24
185.67.150.0/24 maxlen: 24
185.67.151.0/24 maxlen: 24
185.67.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b2:16:7d:b4:60:06:6e:8e:88:21:5e:67:66:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
Validity
Not Before: Jan 1 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f382172abca430785065a76ac5bd0cd535e97182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8b:dc:a0:e7:59:5e:3f:13:47:ce:e4:3e:6d:
04:0f:22:8a:7e:b0:ca:ee:58:cc:49:95:6a:4e:92:
0e:4d:00:04:d2:c2:a5:e4:a2:81:99:72:c0:5d:16:
ed:b2:d5:99:fb:a3:6f:f6:c3:11:21:88:28:42:f4:
b5:7f:6b:ed:0b:bd:f0:d0:b6:f1:62:3a:6c:c2:5e:
96:11:cc:30:c6:20:18:3b:6e:ca:81:52:79:c7:22:
31:16:19:93:5d:bd:ff:db:d0:66:c7:84:7e:5b:bb:
82:32:6c:2f:9f:84:ca:b0:80:4c:19:1f:20:55:26:
7f:14:aa:a9:60:f6:34:f3:1b:65:bd:72:c0:8a:4f:
0c:a1:de:64:e6:ff:6a:31:82:5b:b2:92:4b:86:f1:
bd:e9:fd:74:0b:88:5b:86:d1:cc:b2:9c:e8:0e:fd:
47:44:35:86:ad:48:52:61:82:21:92:45:bf:b3:ef:
a7:09:e1:67:af:16:24:d8:64:67:9b:c0:f9:35:81:
18:0f:ba:67:1c:00:39:5b:83:0c:ad:88:08:01:eb:
83:a8:04:fd:c6:0b:0c:9c:16:97:6c:7a:c4:a6:be:
83:73:48:11:e9:3b:d4:f1:6a:36:ad:24:6f:4a:7b:
2a:39:91:3b:74:54:0b:b5:3a:eb:2d:d3:30:15:2d:
cf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:82:17:2A:BC:A4:30:78:50:65:A7:6A:C5:BD:0C:D5:35:E9:71:82
X509v3 Authority Key Identifier:
keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/84IXKrykMHhQZadqxb0M1TXpcYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.148.0/22
Signature Algorithm: sha256WithRSAEncryption
35:dd:50:7c:7e:8a:d9:cf:37:29:05:75:c4:09:d5:04:3a:54:
eb:ed:4f:8a:9b:e8:33:5b:2c:f7:b6:24:14:50:c4:36:bd:18:
65:18:f1:c3:9d:a7:80:e2:6b:ca:4a:02:0c:38:1c:19:cc:ab:
f1:b5:a9:06:de:2d:22:db:fd:0b:98:fd:87:9d:8b:ab:ba:e8:
60:2b:79:e5:c8:01:8e:8c:f8:b9:19:64:c9:4e:40:0c:e0:07:
eb:00:66:43:73:02:d4:fa:c4:d5:f4:86:73:e6:9b:fd:07:7a:
53:2f:92:12:e3:1f:be:cf:9e:83:27:84:a7:f3:79:d8:fb:66:
43:ce:3a:28:2b:a5:c3:44:6e:8b:68:90:42:77:23:91:76:78:
1b:67:98:b1:e8:14:46:e6:ce:3f:b1:c7:d8:5e:7b:94:3d:2d:
fd:79:c5:26:9d:98:35:30:77:83:6c:ce:73:51:23:c5:eb:25:
c0:5f:31:d6:39:81:f1:9e:d6:a4:e7:4e:a9:8f:46:33:3a:44:
37:a5:1a:dd:10:c9:70:49:95:6c:cf:1f:ce:6a:08:66:e4:5b:
47:37:7d:fa:00:fe:c1:74:c0:c8:df:81:e4:c1:86:1c:08:18:
9e:55:d2:1c:31:28:58:52:9a:73:4d:1d:ba:c8:2f:87:6c:d3:
6e:4b:cc:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2rIWfbRgBm6OiCFeZ2ZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjQwMTAxMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzgyMTcyYWJjYTQzMDc4NTA2NWE3NmFjNWJkMGNkNTM1ZTk3MTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYvcoOdZXj8TR87kPm0EDyKKfrDK
7ljMSZVqTpIOTQAE0sKl5KKBmXLAXRbtstWZ+6Nv9sMRIYgoQvS1f2vtC73w0Lbx
Yjpswl6WEcwwxiAYO27KgVJ5xyIxFhmTXb3/29Bmx4R+W7uCMmwvn4TKsIBMGR8g
VSZ/FKqpYPY08xtlvXLAik8Mod5k5v9qMYJbspJLhvG96f10C4hbhtHMspzoDv1H
RDWGrUhSYYIhkkW/s++nCeFnrxYk2GRnm8D5NYEYD7pnHAA5W4MMrYgIAeuDqAT9
xgsMnBaXbHrEpr6Dc0gR6TvU8Wo2rSRvSnsqOZE7dFQLtTrrLdMwFS3PQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOCFyq8pDB4UGWnasW9DNU16XGCMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvODRJWEtyeWtNSGhRWmFkcXhiME0xVFhwY1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUOUMA0G
CSqGSIb3DQEBCwUAA4IBAQA13VB8forZzzcpBXXECdUEOlTr7U+Km+gzWyz3tiQU
UMQ2vRhlGPHDnaeA4mvKSgIMOBwZzKvxtakG3i0i2/0LmP2HnYuruuhgK3nlyAGO
jPi5GWTJTkAM4AfrAGZDcwLU+sTV9IZz5pv9B3pTL5IS4x++z56DJ4Sn83nY+2ZD
zjooK6XDRG6LaJBCdyORdngbZ5ix6BRG5s4/scfYXnuUPS39ecUmnZg1MHeDbM5z
USPF6yXAXzHWOYHxntak506pj0YzOkQ3pRrdEMlwSZVszx/Oaghm5FtHN336AP7B
dMDI34HkwYYcCBieVdIcMShYUppzTR26yC+HbNNuS8xZ
-----END CERTIFICATE-----
Generated at Wed Mar 6 16:58:51 2024 by rpki-client on console-fra.rpki-client.org