Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ac7b15-c695-4bf3-bdc8-63a68e9473e1/1/ebKmoXrVz0myUvFc3kBF0LAtQlU.roa
File: ebKmoXrVz0myUvFc3kBF0LAtQlU.roa (raw, json)
Hash identifier: IfHtx7o8rPrI/iqFbbYTRJYD9tPrYXaT8IeyeG9uo3E=
Subject key identifier: 79:B2:A6:A1:7A:D5:CF:49:B2:52:F1:5C:DE:40:45:D0:B0:2D:42:55
Certificate issuer: /CN=04306dee029d89d4d387c80d8188bb04c82f12c5
Certificate serial: 018702EB4B0D31EC69F22BD89F6AC724665F
Authority key identifier: 04:30:6D:EE:02:9D:89:D4:D3:87:C8:0D:81:88:BB:04:C8:2F:12:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BDBt7gKdidTTh8gNgYi7BMgvEsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/ac7b15-c695-4bf3-bdc8-63a68e9473e1/1/ebKmoXrVz0myUvFc3kBF0LAtQlU.roa
Signing time: Tue 21 Mar 2023 06:46:27 +0000
ROA not before: Tue 21 Mar 2023 06:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38984
IP address blocks: 188.65.232.0/22 maxlen: 22
188.65.236.0/23 maxlen: 23
188.65.238.0/23 maxlen: 23
185.23.228.0/23 maxlen: 23
185.23.231.0/24 maxlen: 24
185.23.230.0/24 maxlen: 24
195.135.238.0/24 maxlen: 24
195.135.237.0/24 maxlen: 24
195.135.236.0/24 maxlen: 24
195.135.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:02:eb:4b:0d:31:ec:69:f2:2b:d8:9f:6a:c7:24:66:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04306dee029d89d4d387c80d8188bb04c82f12c5
Validity
Not Before: Mar 21 06:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79b2a6a17ad5cf49b252f15cde4045d0b02d4255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:c5:59:35:03:12:1f:3d:44:6e:d8:90:fd:
d6:02:ee:6f:25:19:fc:25:9c:38:ca:89:4d:d0:47:
2a:13:8b:c7:22:c5:6b:a6:a6:d0:04:27:d0:13:ef:
2f:69:d8:d5:de:7a:4f:5c:b7:89:d6:ae:7d:34:23:
33:b2:36:5b:63:49:7e:d5:74:19:c8:48:92:bd:ec:
43:ee:23:4f:8d:cc:90:96:75:79:ab:f0:7f:26:ad:
f0:10:10:d7:c0:61:d6:11:41:02:27:86:df:0b:b9:
97:f5:86:b9:56:61:8c:69:90:81:fb:7f:8c:70:83:
6d:fd:bf:b1:cc:ec:a2:41:d6:8e:cc:3a:4f:ef:cf:
f9:ae:74:29:e8:da:87:94:dd:b4:28:bb:45:8b:43:
da:a1:3d:a1:e5:64:77:c3:71:bf:03:49:2b:75:9b:
09:25:42:5f:65:4d:eb:f6:ea:f9:c5:67:25:c4:88:
3a:b7:63:e4:bb:7d:b2:f6:38:b8:12:f3:91:13:66:
f7:16:30:87:a0:d5:2e:b6:1d:92:a0:65:d4:5b:f0:
c3:94:aa:40:bb:95:88:96:2a:9a:ff:2d:80:96:c0:
87:42:96:dd:2e:b3:35:c8:ae:68:b6:36:7a:b0:d2:
71:a9:ce:86:7b:d9:26:6b:1b:e7:71:fe:d0:20:c1:
ea:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B2:A6:A1:7A:D5:CF:49:B2:52:F1:5C:DE:40:45:D0:B0:2D:42:55
X509v3 Authority Key Identifier:
keyid:04:30:6D:EE:02:9D:89:D4:D3:87:C8:0D:81:88:BB:04:C8:2F:12:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDBt7gKdidTTh8gNgYi7BMgvEsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ac7b15-c695-4bf3-bdc8-63a68e9473e1/1/ebKmoXrVz0myUvFc3kBF0LAtQlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ac7b15-c695-4bf3-bdc8-63a68e9473e1/1/BDBt7gKdidTTh8gNgYi7BMgvEsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.228.0/22
188.65.232.0/21
195.135.236.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:67:fa:7f:3a:d4:e9:33:ac:28:96:5d:d3:3d:da:b4:7a:dd:
b7:78:a8:7b:e0:2c:eb:dc:c8:3d:df:e9:14:cc:e5:df:98:f7:
74:e3:38:61:4e:cc:e1:f5:95:42:01:f7:15:e7:86:14:e8:2c:
6a:44:f3:e6:74:1e:43:be:bb:d6:eb:23:78:be:b2:70:62:75:
f8:25:4b:ed:25:9f:d5:99:7a:7d:02:4b:2f:11:9a:f5:91:9d:
3e:95:67:09:73:68:c8:20:90:57:d2:91:ce:9c:99:66:e0:99:
7f:8b:c2:33:6e:63:79:e8:c7:5a:52:4a:43:0e:30:1b:51:aa:
c1:8b:1d:2f:63:73:6d:80:97:10:97:d9:34:42:25:23:69:ed:
aa:43:70:f2:fa:05:c0:a5:60:57:26:01:57:24:97:7e:3c:89:
1f:f0:4f:cb:ca:25:aa:41:d6:05:d4:9a:52:9f:40:98:75:27:
b7:a3:98:c2:aa:c9:18:27:6f:ea:36:ce:10:df:93:80:77:4a:
ee:5b:af:e7:e8:2d:49:65:a0:0a:e2:16:71:6e:b8:53:9d:1c:
02:81:30:e7:58:5b:81:25:af:ee:df:a6:28:b3:db:05:69:5c:
52:37:56:f4:cf:d2:b8:d3:3d:49:ab:bc:3f:ba:52:2c:c5:3b:
ab:65:97:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcC60sNMexp8ivYn2rHJGZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MzA2ZGVlMDI5ZDg5ZDRkMzg3YzgwZDgxODhiYjA0Yzgy
ZjEyYzUwHhcNMjMwMzIxMDY0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWIyYTZhMTdhZDVjZjQ5YjI1MmYxNWNkZTQwNDVkMGIwMmQ0MjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXzFWTUDEh89RG7YkP3WAu5vJRn8
JZw4yolN0EcqE4vHIsVrpqbQBCfQE+8vadjV3npPXLeJ1q59NCMzsjZbY0l+1XQZ
yEiSvexD7iNPjcyQlnV5q/B/Jq3wEBDXwGHWEUECJ4bfC7mX9Ya5VmGMaZCB+3+M
cINt/b+xzOyiQdaOzDpP78/5rnQp6NqHlN20KLtFi0PaoT2h5WR3w3G/A0krdZsJ
JUJfZU3r9ur5xWclxIg6t2Pku32y9ji4EvORE2b3FjCHoNUuth2SoGXUW/DDlKpA
u5WIliqa/y2AlsCHQpbdLrM1yK5otjZ6sNJxqc6Ge9kmaxvncf7QIMHqOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHmypqF61c9JslLxXN5ARdCwLUJVMB8GA1UdIwQY
MBaAFAQwbe4CnYnU04fIDYGIuwTILxLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRCdDdnS2RpZFRUaDhnTmdZaTdCTWd2RXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hYzdiMTUtYzY5NS00YmYzLWJkYzgt
NjNhNjhlOTQ3M2UxLzEvZWJLbW9YclZ6MG15VXZGYzNrQkYwTEF0UWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hYzdiMTUtYzY5NS00YmYzLWJkYzgtNjNhNjhlOTQ3M2Ux
LzEvQkRCdDdnS2RpZFRUaDhnTmdZaTdCTWd2RXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRfkAwQD
vEHoAwQCw4fsMA0GCSqGSIb3DQEBCwUAA4IBAQAtZ/p/OtTpM6woll3TPdq0et23
eKh74Czr3Mg93+kUzOXfmPd04zhhTszh9ZVCAfcV54YU6CxqRPPmdB5DvrvW6yN4
vrJwYnX4JUvtJZ/VmXp9AksvEZr1kZ0+lWcJc2jIIJBX0pHOnJlm4Jl/i8IzbmN5
6MdaUkpDDjAbUarBix0vY3NtgJcQl9k0QiUjae2qQ3Dy+gXApWBXJgFXJJd+PIkf
8E/LyiWqQdYF1JpSn0CYdSe3o5jCqskYJ2/qNs4Q35OAd0ruW6/n6C1JZaAK4hZx
brhTnRwCgTDnWFuBJa/u36Yos9sFaVxSN1b0z9K40z1Jq7w/ulIsxTurZZe6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org