Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/hmc7tFq5smXVy_HjM84pzaMrsaI.roa
File: hmc7tFq5smXVy_HjM84pzaMrsaI.roa (raw, json)
Hash identifier: LpKhdlDWji5hgBFO5g+tcK0PYilw3O8kqCiPTftUBxM=
Subject key identifier: 86:67:3B:B4:5A:B9:B2:65:D5:CB:F1:E3:33:CE:29:CD:A3:2B:B1:A2
Certificate issuer: /CN=2b3840b5d3c3525981c8616166679de920e350f5
Certificate serial: 0189DE7777E95B6F1BEA13E3B69F4B0199E1
Authority key identifier: 2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/hmc7tFq5smXVy_HjM84pzaMrsaI.roa
Signing time: Thu 10 Aug 2023 08:01:58 +0000
ROA not before: Thu 10 Aug 2023 08:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197882
IP address blocks: 130.255.92.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
185.184.196.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.14.250.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
159.255.160.0/22 maxlen: 22
159.255.161.0/24 maxlen: 24
159.255.160.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
31.25.136.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.138.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:77:77:e9:5b:6f:1b:ea:13:e3:b6:9f:4b:01:99:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3840b5d3c3525981c8616166679de920e350f5
Validity
Not Before: Aug 10 08:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86673bb45ab9b265d5cbf1e333ce29cda32bb1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:da:94:d8:8e:24:d0:49:15:7c:13:d1:b5:76:
dd:77:8f:f1:41:16:b8:68:0e:d1:84:02:8a:28:64:
7e:1a:2e:7e:ff:37:58:e0:5a:34:37:e9:cd:e8:e1:
b6:67:0b:2f:e1:7e:85:38:4e:17:9d:76:c3:8e:0b:
8b:8f:61:dc:89:3d:6f:7f:40:bb:5a:a7:42:7a:fd:
30:34:99:c7:ab:15:92:8e:a5:5d:2c:cb:1b:08:89:
97:ae:70:6c:54:19:0a:af:d7:ca:7e:f3:f5:e2:5e:
91:ad:33:c7:db:ce:62:ec:a9:1e:26:23:8c:52:94:
88:6a:12:78:f4:02:c0:e4:0d:5c:74:9f:45:eb:2e:
aa:19:d8:c4:69:3e:2c:d6:e3:4b:45:47:42:13:8c:
14:3e:5b:d5:57:2f:94:96:b1:5c:e5:c4:3d:7e:6f:
8f:f4:c4:3c:8f:65:5a:f7:a0:ce:9f:a3:0e:d1:a2:
42:8f:4b:f5:2a:b5:47:5b:81:10:9e:68:3d:b8:0e:
0c:03:2b:db:5c:93:75:80:98:22:83:70:cf:b2:a0:
49:76:a4:a5:b7:27:d3:de:df:75:98:3b:8f:5d:35:
13:1c:7d:c4:28:dd:6d:ad:63:df:e0:d9:c4:1b:e1:
99:15:8a:5d:23:47:93:e5:56:3f:aa:7f:87:7c:d7:
b1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:67:3B:B4:5A:B9:B2:65:D5:CB:F1:E3:33:CE:29:CD:A3:2B:B1:A2
X509v3 Authority Key Identifier:
keyid:2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/hmc7tFq5smXVy_HjM84pzaMrsaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/KzhAtdPDUlmByGFhZmed6SDjUPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.196.0/24
185.184.198.0/23
IPv6:
2a03:bcc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
70:b7:87:29:5a:b2:04:08:6f:41:6b:8f:72:3a:06:e1:a0:ed:
0e:7d:77:93:24:1f:06:f7:5b:fb:3c:db:ac:12:7f:36:30:fb:
c6:81:3a:32:cf:97:81:77:61:15:41:f5:b8:a7:31:38:65:ba:
71:f9:07:eb:c9:a3:d1:b3:b8:cc:d4:d6:7d:dc:52:45:b2:ec:
26:8c:db:56:f4:0a:85:11:e7:35:28:2f:4d:14:73:57:03:cd:
75:80:82:0a:96:e6:65:9b:d2:c0:42:fa:5a:0f:af:d9:92:27:
63:2f:5f:08:9d:0b:e2:bb:5c:81:a7:fa:a6:d5:86:eb:59:9f:
66:69:d8:3b:87:29:90:22:56:ba:1a:c1:11:5f:bc:4e:fb:31:
1f:74:9f:de:62:14:ef:b1:f1:60:dc:39:f3:4a:05:16:b8:34:
41:ad:84:fd:04:83:af:4c:fc:8e:86:07:48:54:8d:36:e2:2d:
56:12:4c:1e:78:9d:60:f0:a9:fa:a5:3b:dd:be:f5:a6:d9:32:
b4:8a:73:65:e9:63:5e:9c:10:1f:1f:fa:08:39:57:ed:23:25:
15:ca:e2:17:ff:81:78:3b:a9:d6:70:e9:86:a0:e6:08:67:fe:
b0:b0:81:8e:0d:89:4c:2d:9a:2a:6b:58:37:de:59:8a:f5:71:
3e:a9:ce:a1
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYned3fpW28b6hPjtp9LAZnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMzg0MGI1ZDNjMzUyNTk4MWM4NjE2MTY2Njc5ZGU5MjBl
MzUwZjUwHhcNMjMwODEwMDgwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY3M2JiNDVhYjliMjY1ZDVjYmYxZTMzM2NlMjljZGEzMmJiMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9qU2I4k0EkVfBPRtXbdd4/xQRa4
aA7RhAKKKGR+Gi5+/zdY4Fo0N+nN6OG2Zwsv4X6FOE4XnXbDjguLj2HciT1vf0C7
WqdCev0wNJnHqxWSjqVdLMsbCImXrnBsVBkKr9fKfvP14l6RrTPH285i7KkeJiOM
UpSIahJ49ALA5A1cdJ9F6y6qGdjEaT4s1uNLRUdCE4wUPlvVVy+UlrFc5cQ9fm+P
9MQ8j2Va96DOn6MO0aJCj0v1KrVHW4EQnmg9uA4MAyvbXJN1gJgig3DPsqBJdqSl
tyfT3t91mDuPXTUTHH3EKN1trWPf4NnEG+GZFYpdI0eT5VY/qn+HfNexrwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFIZnO7RaubJl1cvx4zPOKc2jK7GiMB8GA1UdIwQY
MBaAFCs4QLXTw1JZgchhYWZnnekg41D1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUt
YWQ4MGU3NTZkMjU2LzEvaG1jN3RGcTVzbVhWeV9Iak04NHB6YU1yc2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUtYWQ4MGU3NTZkMjU2
LzEvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBIBAIAATBCMAwDBAMfGYgD
BAEfGYwDBAKC/1wwDAMEBZ//oAMEAJ//pDAMAwQDuQ74AwQAuQ76AwQCuWXsAwQA
ubjEAwQBubjGMA8EAgACMAkDBwAqA7zAAAEwDQYJKoZIhvcNAQELBQADggEBAHC3
hylasgQIb0Frj3I6BuGg7Q59d5MkHwb3W/s826wSfzYw+8aBOjLPl4F3YRVB9bin
MThlunH5B+vJo9GzuMzU1n3cUkWy7CaM21b0CoUR5zUoL00Uc1cDzXWAggqW5mWb
0sBC+loPr9mSJ2MvXwidC+K7XIGn+qbVhutZn2Zp2DuHKZAiVroawRFfvE77MR90
n95iFO+x8WDcOfNKBRa4NEGthP0Eg69M/I6GB0hUjTbiLVYSTB54nWDwqfqlO92+
9abZMrSKc2XpY16cEB8f+gg5V+0jJRXK4hf/gXg7qdZw6Yag5ghn/rCwgY4NiUwt
miprWDfeWYr1cT6pzqE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org