Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/DKIZoNgZFekN6oL8VBkgRcaR508.roa
File: DKIZoNgZFekN6oL8VBkgRcaR508.roa (raw, json)
Hash identifier: jVjO2gfkM1+fN2zBVH9Ir9sWDPPz9Oh4fGFrXLx3MUs=
Subject key identifier: 0C:A2:19:A0:D8:19:15:E9:0D:EA:82:FC:54:19:20:45:C6:91:E7:4F
Certificate issuer: /CN=0573187ebc2a9280f1593e37c35ed88ea5655bf6
Certificate serial: 0863EA3C
Authority key identifier: 05:73:18:7E:BC:2A:92:80:F1:59:3E:37:C3:5E:D8:8E:A5:65:5B:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BXMYfrwqkoDxWT43w17YjqVlW_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/DKIZoNgZFekN6oL8VBkgRcaR508.roa
Signing time: Sat 01 Jan 2022 10:55:45 +0000
ROA not before: Sat 01 Jan 2022 10:55:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202583
IP address blocks: 157.97.177.0/24 maxlen: 24
157.97.176.0/21 maxlen: 21
157.97.176.0/24 maxlen: 24
157.97.179.0/24 maxlen: 24
157.97.178.0/24 maxlen: 24
157.97.182.0/24 maxlen: 24
157.97.181.0/24 maxlen: 24
157.97.183.0/24 maxlen: 24
157.97.180.0/24 maxlen: 24
185.72.3.0/24 maxlen: 24
185.72.0.0/24 maxlen: 24
185.72.0.0/22 maxlen: 22
185.72.2.0/24 maxlen: 24
185.72.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140765756 (0x863ea3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0573187ebc2a9280f1593e37c35ed88ea5655bf6
Validity
Not Before: Jan 1 10:55:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ca219a0d81915e90dea82fc54192045c691e74f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d5:3c:2d:91:b8:c5:16:d0:aa:a8:e6:49:3d:
4c:fd:00:49:51:9d:4c:0b:6a:66:ff:24:d5:ff:81:
87:40:e1:48:73:d0:1f:ee:af:b5:93:a0:60:29:88:
93:c2:fe:b4:d5:45:02:9b:c3:c6:9a:0b:de:1c:b9:
d8:60:42:a4:cd:d4:b4:91:2c:3b:9e:9d:e0:8a:a6:
fc:0d:bd:9a:e9:b0:4e:eb:ef:6b:15:09:72:93:0b:
6e:0c:93:1f:c7:98:23:1d:9c:2c:36:ba:b4:3d:3a:
53:27:3e:80:46:b9:d0:30:14:e7:f0:ea:e7:d9:45:
19:74:65:d5:5a:db:9c:38:e9:32:07:dc:f2:ad:c3:
1d:0d:68:8b:fd:61:4d:99:f2:82:34:63:c9:9a:96:
fd:33:78:0f:02:0b:93:4d:13:5c:f3:4d:f3:a3:8f:
8a:d8:80:e6:5b:8d:9c:db:94:d7:8a:4c:d3:1a:09:
15:01:2c:c9:08:6a:b1:9e:dd:9a:80:e9:ff:1f:ea:
95:25:db:c4:e8:a2:bd:6f:4a:36:4e:0b:66:d2:6b:
32:c0:37:48:b5:45:6c:c2:7e:f6:aa:65:20:0b:63:
fa:1b:2d:c5:01:79:54:d1:5f:e6:3d:d1:e5:f3:3b:
79:92:03:35:c4:99:52:ae:b8:64:f2:36:33:f5:5c:
e9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A2:19:A0:D8:19:15:E9:0D:EA:82:FC:54:19:20:45:C6:91:E7:4F
X509v3 Authority Key Identifier:
keyid:05:73:18:7E:BC:2A:92:80:F1:59:3E:37:C3:5E:D8:8E:A5:65:5B:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BXMYfrwqkoDxWT43w17YjqVlW_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/DKIZoNgZFekN6oL8VBkgRcaR508.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/26277c-34ef-4dfa-ac32-97f54e568952/1/BXMYfrwqkoDxWT43w17YjqVlW_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.176.0/21
185.72.0.0/22
Signature Algorithm: sha256WithRSAEncryption
13:9d:1a:a9:10:5b:a8:d1:ba:fb:ec:2f:94:bf:a0:03:82:ec:
ce:c2:69:50:ad:ed:0b:a0:44:fd:66:ef:9b:f2:d2:2f:4a:28:
52:6c:92:43:99:4d:04:49:91:32:9a:8e:ba:27:d7:98:70:87:
ea:58:14:ef:c1:18:36:52:b0:3e:09:2b:19:df:d2:06:be:dc:
01:13:70:05:6e:3f:74:bb:18:8a:9f:e5:29:93:39:59:98:05:
e7:63:b3:e6:c8:86:32:bc:91:14:e2:19:fd:eb:4b:8f:e4:69:
9f:6d:cf:60:48:2c:25:4a:9d:49:dc:79:fa:d7:82:2c:8e:73:
98:e4:54:1c:97:f2:61:aa:a1:7e:f0:90:cd:bc:4d:55:94:b7:
69:1f:f4:28:7f:52:78:d2:68:94:8d:84:60:29:e4:db:ec:67:
81:39:47:42:11:ba:24:0c:dc:ac:43:30:d8:0c:1a:28:ee:15:
dd:52:5d:59:81:f1:81:a4:57:a0:7d:b8:16:60:fa:33:12:86:
6b:b5:d6:9e:a5:12:e2:fa:68:52:ac:71:44:ff:76:a0:9d:c5:
16:d3:39:c8:bd:10:b5:1e:85:06:8e:6e:88:a0:79:96:63:42:
2f:05:4a:da:3e:b5:8f:3a:11:9f:0c:d3:2f:87:90:8f:46:0f:
f8:bb:8a:c4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECGPqPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTczMTg3ZWJjMmE5MjgwZjE1OTNlMzdjMzVlZDg4ZWE1NjU1YmY2MB4XDTIyMDEw
MTEwNTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNhMjE5YTBkODE5
MTVlOTBkZWE4MmZjNTQxOTIwNDVjNjkxZTc0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJDVPC2RuMUW0Kqo5kk9TP0ASVGdTAtqZv8k1f+Bh0DhSHPQ
H+6vtZOgYCmIk8L+tNVFApvDxpoL3hy52GBCpM3UtJEsO56d4Iqm/A29mumwTuvv
axUJcpMLbgyTH8eYIx2cLDa6tD06Uyc+gEa50DAU5/Dq59lFGXRl1VrbnDjpMgfc
8q3DHQ1oi/1hTZnygjRjyZqW/TN4DwILk00TXPNN86OPitiA5luNnNuU14pM0xoJ
FQEsyQhqsZ7dmoDp/x/qlSXbxOiivW9KNk4LZtJrMsA3SLVFbMJ+9qplIAtj+hst
xQF5VNFf5j3R5fM7eZIDNcSZUq64ZPI2M/Vc6XsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQMohmg2BkV6Q3qgvxUGSBFxpHnTzAfBgNVHSMEGDAWgBQFcxh+vCqSgPFZ
PjfDXtiOpWVb9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JYTVlmcndxa29EeFdUNDN3MTdZanFWbFdfWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvMjYyNzdjLTM0ZWYtNGRmYS1hYzMyLTk3ZjU0ZTU2ODk1Mi8x
L0RLSVpvTmdaRmVrTjZvTDhWQmtnUmNhUjUwOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
MjYyNzdjLTM0ZWYtNGRmYS1hYzMyLTk3ZjU0ZTU2ODk1Mi8xL0JYTVlmcndxa29E
eFdUNDN3MTdZanFWbFdfWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA51hsAMEArlIADANBgkqhkiG9w0B
AQsFAAOCAQEAE50aqRBbqNG6++wvlL+gA4LszsJpUK3tC6BE/Wbvm/LSL0ooUmyS
Q5lNBEmRMpqOuifXmHCH6lgU78EYNlKwPgkrGd/SBr7cARNwBW4/dLsYip/lKZM5
WZgF52Oz5siGMryRFOIZ/etLj+Rpn23PYEgsJUqdSdx5+teCLI5zmORUHJfyYaqh
fvCQzbxNVZS3aR/0KH9SeNJolI2EYCnk2+xngTlHQhG6JAzcrEMw2AwaKO4V3VJd
WYHxgaRXoH24FmD6MxKGa7XWnqUS4vpoUqxxRP92oJ3FFtM5yL0QtR6FBo5uiKB5
lmNCLwVK2j61jzoRnwzTL4eQj0YP+LuKxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org