Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/q_yR2Wo2vz70zB29TnC6-RGju24.roa
File: q_yR2Wo2vz70zB29TnC6-RGju24.roa (raw, json)
Hash identifier: IeY85u4yumtrHQyk+1MEZVPXOlM3HZ/eINpH46D4xA8=
Subject key identifier: AB:FC:91:D9:6A:36:BF:3E:F4:CC:1D:BD:4E:70:BA:F9:11:A3:BB:6E
Certificate issuer: /CN=2b3840b5d3c3525981c8616166679de920e350f5
Certificate serial: 018C3F8BC9C78B8D4ABB43E92321A1A0753A
Authority key identifier: 2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/q_yR2Wo2vz70zB29TnC6-RGju24.roa
Signing time: Wed 06 Dec 2023 14:32:54 +0000
ROA not before: Wed 06 Dec 2023 14:32:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197882
IP address blocks: 130.255.92.0/24 maxlen: 24
130.255.95.0/24 maxlen: 24
130.255.93.0/24 maxlen: 24
130.255.94.0/24 maxlen: 24
31.25.136.0/24 maxlen: 24
31.25.139.0/24 maxlen: 24
31.25.137.0/24 maxlen: 24
31.25.140.0/24 maxlen: 24
31.25.141.0/24 maxlen: 24
185.184.198.0/24 maxlen: 24
185.184.199.0/24 maxlen: 24
185.101.238.0/24 maxlen: 24
185.101.239.0/24 maxlen: 24
185.101.236.0/24 maxlen: 24
185.101.237.0/24 maxlen: 24
185.14.250.0/24 maxlen: 24
185.14.248.0/23 maxlen: 23
159.255.160.0/22 maxlen: 22
159.255.161.0/24 maxlen: 24
159.255.160.0/24 maxlen: 24
159.255.164.0/24 maxlen: 24
159.255.162.0/24 maxlen: 24
159.255.163.0/24 maxlen: 24
2a03:bcc0:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:8b:c9:c7:8b:8d:4a:bb:43:e9:23:21:a1:a0:75:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3840b5d3c3525981c8616166679de920e350f5
Validity
Not Before: Dec 6 14:32:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abfc91d96a36bf3ef4cc1dbd4e70baf911a3bb6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:68:0b:6f:0e:63:b2:ea:c3:0a:82:38:59:90:
b5:88:e2:cd:d7:0e:ba:b7:dd:7d:cf:9c:96:43:8f:
d4:49:f7:9d:43:6a:6c:d1:18:61:16:d7:5b:49:49:
f8:f5:cd:ab:5e:86:2c:7c:71:7a:1f:4e:1f:eb:75:
fc:1a:93:5d:73:ce:21:ed:ab:24:cb:a4:31:88:eb:
45:ae:e1:ca:d3:c7:47:fb:c5:3e:53:44:ae:2f:ea:
af:17:44:17:d7:42:25:00:c5:42:22:e5:35:28:cb:
2b:4e:67:06:5b:52:7d:08:02:d2:1c:96:6b:f0:ce:
3c:40:d0:5c:d6:41:f4:91:cd:d3:97:30:c3:1f:e6:
ff:5f:ee:3a:7e:fc:b9:1e:f3:62:f5:e1:27:c5:0a:
33:60:1f:f3:6c:4c:30:47:73:d2:80:c1:b6:6d:aa:
11:52:8b:e0:e9:a0:b7:47:d9:08:dc:aa:e9:5e:95:
ea:62:f5:e3:3c:cb:f2:d1:6a:70:87:82:d5:b4:1d:
68:d2:3b:35:80:b9:21:51:10:98:66:96:43:fd:5c:
c0:ac:e3:a7:f4:8a:49:12:8d:95:27:33:02:32:db:
72:c0:2b:ae:85:98:a1:45:51:0c:8a:81:ac:94:ea:
32:0a:27:be:71:d3:69:26:c9:b7:a4:ca:d9:79:5e:
9d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FC:91:D9:6A:36:BF:3E:F4:CC:1D:BD:4E:70:BA:F9:11:A3:BB:6E
X509v3 Authority Key Identifier:
keyid:2B:38:40:B5:D3:C3:52:59:81:C8:61:61:66:67:9D:E9:20:E3:50:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KzhAtdPDUlmByGFhZmed6SDjUPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/q_yR2Wo2vz70zB29TnC6-RGju24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2b95ed-9882-42fa-a9f5-ad80e756d256/1/KzhAtdPDUlmByGFhZmed6SDjUPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.136.0/23
31.25.139.0-31.25.141.255
130.255.92.0/22
159.255.160.0-159.255.164.255
185.14.248.0-185.14.250.255
185.101.236.0/22
185.184.198.0/23
IPv6:
2a03:bcc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
1c:00:ca:78:e7:16:ea:a1:fa:98:bd:3d:fc:93:27:5c:b0:df:
18:ee:7d:68:76:91:4e:8f:73:1f:88:38:05:1d:54:bc:f0:d2:
e6:d0:da:5f:b6:74:06:ba:e6:c0:62:a0:9e:8a:22:40:4c:ad:
30:6a:fd:d6:f6:ea:c5:4a:ff:ce:ba:b3:e9:17:87:63:e9:19:
30:94:e5:87:6c:e2:57:5a:32:f7:7c:d4:07:f3:e4:d2:46:2c:
24:f1:f6:ec:87:6f:80:90:c1:c6:d3:e7:dd:4c:26:30:b6:7d:
ce:c9:2d:92:14:4a:06:1b:21:19:8c:20:6b:42:17:51:5c:36:
f1:16:16:f5:2f:b3:86:04:f3:fd:af:a6:9f:2b:60:f7:1f:e7:
9d:cb:3d:ca:94:1a:a0:56:51:c4:6c:77:77:d4:ae:37:ee:0a:
d8:a2:e2:9b:0f:f3:c2:45:7c:82:19:6c:c8:a9:eb:4c:cd:ec:
0b:68:66:b9:24:29:17:d7:51:95:e2:e0:e5:57:30:65:c8:61:
d6:ed:a2:9b:9e:fb:c7:dd:73:ce:97:20:4c:7e:82:51:bc:fb:
21:c1:b2:8f:b0:38:dc:f2:40:7c:84:1b:6d:3e:23:f4:15:37:
f1:10:7d:b2:9c:07:a3:da:32:cf:0d:87:0d:4b:31:11:11:05:
51:ab:54:a8
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYw/i8nHi41Ku0PpIyGhoHU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMzg0MGI1ZDNjMzUyNTk4MWM4NjE2MTY2Njc5ZGU5MjBl
MzUwZjUwHhcNMjMxMjA2MTQzMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmZjOTFkOTZhMzZiZjNlZjRjYzFkYmQ0ZTcwYmFmOTExYTNiYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGgLbw5jsurDCoI4WZC1iOLN1w66
t919z5yWQ4/USfedQ2ps0RhhFtdbSUn49c2rXoYsfHF6H04f63X8GpNdc84h7ask
y6QxiOtFruHK08dH+8U+U0SuL+qvF0QX10IlAMVCIuU1KMsrTmcGW1J9CALSHJZr
8M48QNBc1kH0kc3TlzDDH+b/X+46fvy5HvNi9eEnxQozYB/zbEwwR3PSgMG2baoR
Uovg6aC3R9kI3KrpXpXqYvXjPMvy0Wpwh4LVtB1o0js1gLkhURCYZpZD/VzArOOn
9IpJEo2VJzMCMttywCuuhZihRVEMioGslOoyCie+cdNpJsm3pMrZeV6d9wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFKv8kdlqNr8+9MwdvU5wuvkRo7tuMB8GA1UdIwQY
MBaAFCs4QLXTw1JZgchhYWZnnekg41D1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUt
YWQ4MGU3NTZkMjU2LzEvcV95UjJXbzJ2ejcwekIyOVRuQzYtUkdqdTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yYjk1ZWQtOTg4Mi00MmZhLWE5ZjUtYWQ4MGU3NTZkMjU2
LzEvS3poQXRkUERVbG1CeUdGaFptZWQ2U0RqVVBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBIBAIAATBCAwQBHxmIMAwD
BAAfGYsDBAEfGYwDBAKC/1wwDAMEBZ//oAMEAJ//pDAMAwQDuQ74AwQAuQ76AwQC
uWXsAwQBubjGMA8EAgACMAkDBwAqA7zAAAEwDQYJKoZIhvcNAQELBQADggEBABwA
ynjnFuqh+pi9PfyTJ1yw3xjufWh2kU6Pcx+IOAUdVLzw0ubQ2l+2dAa65sBioJ6K
IkBMrTBq/db26sVK/866s+kXh2PpGTCU5Yds4ldaMvd81Afz5NJGLCTx9uyHb4CQ
wcbT591MJjC2fc7JLZIUSgYbIRmMIGtCF1FcNvEWFvUvs4YE8/2vpp8rYPcf553L
PcqUGqBWUcRsd3fUrjfuCtii4psP88JFfIIZbMip60zN7AtoZrkkKRfXUZXi4OVX
MGXIYdbtopue+8fdc86XIEx+glG8+yHBso+wONzyQHyEG20+I/QVN/EQfbKcB6Pa
Ms8Nhw1LMRERBVGrVKg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:54 2024 by rpki-client on console-fra.rpki-client.org