Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/7hW1whDeY2nXfvy0PaGqJLK44kU.roa
File: 7hW1whDeY2nXfvy0PaGqJLK44kU.roa (raw, json)
Hash identifier: qplHFNEjDpiu2gSlfSV9OTIs3fIW0dYpE1k6JgzELyA=
Subject key identifier: EE:15:B5:C2:10:DE:63:69:D7:7E:FC:B4:3D:A1:AA:24:B2:B8:E2:45
Certificate issuer: /CN=2b3840b5d3c3525981c8616166679de920e350f5
Certificate serial: 018BFDCC3937756AB9D98BBE6FAD7AFC5559
Authority key identifier: 2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/7hW1whDeY2nXfvy0PaGqJLK44kU.roa
Signing time: Thu 23 Nov 2023 20:08:21 +0000
ROA not before: Thu 23 Nov 2023 20:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197882
IP address blocks: 130.255.92.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
185.184.196.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.14.250.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
159.255.160.0/22 maxlen: 22
159.255.161.0/24 maxlen: 24
159.255.160.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
31.25.136.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:cc:39:37:75:6a:b9:d9:8b:be:6f:ad:7a:fc:55:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3840b5d3c3525981c8616166679de920e350f5
Validity
Not Before: Nov 23 20:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee15b5c210de6369d77efcb43da1aa24b2b8e245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1e:88:7b:a5:d0:7f:e9:96:f1:bc:db:e5:05:
1a:6f:80:e3:d3:e8:60:3d:0a:f9:18:31:2c:82:2f:
b8:b4:01:af:d4:4d:38:06:55:32:3a:f6:53:10:08:
84:c0:f1:e5:ed:0f:11:1a:52:26:d7:a9:34:87:35:
09:33:d9:e5:04:1c:27:bc:6d:75:a2:c8:c0:e0:40:
44:78:10:4a:86:df:40:db:b1:93:18:95:50:00:cd:
9e:51:32:38:34:db:04:43:55:5e:4c:c4:17:e9:ca:
f7:e5:11:f7:71:a7:8e:e0:b5:99:da:4b:14:02:1b:
db:0c:ce:e3:42:19:77:58:ad:41:4d:7c:b8:7d:d6:
3c:d3:d6:88:f9:64:9b:df:42:d9:7b:6f:a4:fd:4e:
17:f7:7b:59:f0:08:d8:73:d6:1e:04:b6:f9:ce:2e:
41:3c:9d:7c:80:a8:51:a2:e0:78:ab:1d:fb:0a:67:
4f:62:77:52:c1:10:07:f4:60:fd:e5:b8:36:21:2f:
4a:67:38:4e:e1:4a:5a:99:eb:3f:4e:68:92:cf:ba:
d0:d1:d1:65:dd:0d:66:d9:11:c3:8e:ae:e4:68:6a:
ca:ea:2c:09:4d:bb:9c:3e:8e:da:ce:4e:81:0f:cd:
55:37:c8:33:06:cd:7b:5f:65:e7:fc:39:c4:bc:d5:
8e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:15:B5:C2:10:DE:63:69:D7:7E:FC:B4:3D:A1:AA:24:B2:B8:E2:45
X509v3 Authority Key Identifier:
keyid:2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/7hW1whDeY2nXfvy0PaGqJLK44kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/KzhAtdPDUlmByGFhZmed6SDjUPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0/23
31.25.139.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.196.0/24
185.184.198.0/23
IPv6:
2a03:bcc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
3b:42:b2:f8:37:3e:40:f5:10:24:33:b2:36:93:06:b7:91:ae:
48:e1:41:04:b8:14:e8:fe:b2:9d:ac:86:57:94:bf:13:ef:b0:
b1:31:a6:91:26:b6:eb:68:5c:e0:4e:d3:6f:82:bd:8e:58:cf:
a8:b7:20:16:a7:0d:3d:ea:7a:22:94:ab:9d:ff:ed:e2:4a:95:
a4:ee:83:03:07:e9:6b:ef:df:f8:5e:7c:8c:9e:f0:f7:e3:cb:
3e:fb:c8:da:6b:4d:54:5c:c0:bb:3a:ed:6d:81:af:08:ac:00:
7a:ad:4c:fb:98:5d:fe:f4:81:f6:c3:05:49:fc:5b:43:91:88:
4a:f9:2d:b4:89:60:a9:76:6b:07:88:a5:7c:df:b0:23:1e:5c:
de:d2:db:14:bf:37:73:1d:0c:21:31:cb:ff:d2:1c:58:ac:46:
7c:88:0d:68:b3:78:b8:91:74:d4:ed:79:22:51:c0:3f:eb:3f:
f4:05:f6:fc:18:94:ed:cc:b1:7e:53:b2:b4:44:d9:d4:43:36:
ed:0b:36:2c:c7:e8:b5:22:5d:6d:45:18:8f:37:1d:c2:61:15:
62:36:4f:6c:65:36:25:9b:88:db:ab:1b:a6:83:3f:a6:dd:a3:
9e:4e:00:97:5c:3e:32:36:c2:55:27:d5:ee:5f:9d:91:dd:ce:
d4:72:11:54
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYv9zDk3dWq52Yu+b616/FVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMzg0MGI1ZDNjMzUyNTk4MWM4NjE2MTY2Njc5ZGU5MjBl
MzUwZjUwHhcNMjMxMTIzMjAwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE1YjVjMjEwZGU2MzY5ZDc3ZWZjYjQzZGExYWEyNGIyYjhlMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR6Ie6XQf+mW8bzb5QUab4Dj0+hg
PQr5GDEsgi+4tAGv1E04BlUyOvZTEAiEwPHl7Q8RGlIm16k0hzUJM9nlBBwnvG11
osjA4EBEeBBKht9A27GTGJVQAM2eUTI4NNsEQ1VeTMQX6cr35RH3caeO4LWZ2ksU
AhvbDM7jQhl3WK1BTXy4fdY809aI+WSb30LZe2+k/U4X93tZ8AjYc9YeBLb5zi5B
PJ18gKhRouB4qx37CmdPYndSwRAH9GD95bg2IS9KZzhO4Upames/TmiSz7rQ0dFl
3Q1m2RHDjq7kaGrK6iwJTbucPo7azk6BD81VN8gzBs17X2Xn/DnEvNWO3QIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFO4VtcIQ3mNp1378tD2hqiSyuOJFMB8GA1UdIwQY
MBaAFCs4QLXTw1JZgchhYWZnnekg41D1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUt
YWQ4MGU3NTZkMjU2LzEvN2hXMXdoRGVZMm5YZnZ5MFBhR3FKTEs0NGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUtYWQ4MGU3NTZkMjU2
LzEvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBOBAIAATBIAwQBHxmIMAwD
BAAfGYsDBAEfGYwDBAKC/1wwDAMEBZ//oAMEAJ//pDAMAwQDuQ74AwQAuQ76AwQC
uWXsAwQAubjEAwQBubjGMA8EAgACMAkDBwAqA7zAAAEwDQYJKoZIhvcNAQELBQAD
ggEBADtCsvg3PkD1ECQzsjaTBreRrkjhQQS4FOj+sp2shleUvxPvsLExppEmtuto
XOBO02+CvY5Yz6i3IBanDT3qeiKUq53/7eJKlaTugwMH6Wvv3/hefIye8Pfjyz77
yNprTVRcwLs67W2BrwisAHqtTPuYXf70gfbDBUn8W0ORiEr5LbSJYKl2aweIpXzf
sCMeXN7S2xS/N3MdDCExy//SHFisRnyIDWizeLiRdNTteSJRwD/rP/QF9vwYlO3M
sX5TsrRE2dRDNu0LNizH6LUiXW1FGI83HcJhFWI2T2xlNiWbiNurG6aDP6bdo55O
AJdcPjI2wlUn1e5fnZHdztRyEVQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org