Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/tsm8tncSc5hmps9TzZR1uwdLbXA.roa
File: tsm8tncSc5hmps9TzZR1uwdLbXA.roa (raw, json)
Hash identifier: tbSY/+TUNXqkz30pf8nmBkPCfe6VgIAMB9YPj3EBtoM=
Subject key identifier: B6:C9:BC:B6:77:12:73:98:66:A6:CF:53:CD:94:75:BB:07:4B:6D:70
Certificate issuer: /CN=4354d70a988e257ec57c3408159dc8b504f5723a
Certificate serial: 0821B491
Authority key identifier: 43:54:D7:0A:98:8E:25:7E:C5:7C:34:08:15:9D:C8:B5:04:F5:72:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/tsm8tncSc5hmps9TzZR1uwdLbXA.roa
Signing time: Sat 01 Jan 2022 15:58:37 +0000
ROA not before: Sat 01 Jan 2022 15:58:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204997
IP address blocks: 185.255.132.0/24 maxlen: 24
185.255.133.0/24 maxlen: 24
185.255.135.0/24 maxlen: 24
185.255.134.0/24 maxlen: 24
185.252.147.0/24 maxlen: 24
185.252.146.0/24 maxlen: 24
185.244.172.0/24 maxlen: 24
185.244.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136426641 (0x821b491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354d70a988e257ec57c3408159dc8b504f5723a
Validity
Not Before: Jan 1 15:58:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6c9bcb67712739866a6cf53cd9475bb074b6d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ad:20:4f:93:e1:00:24:ed:7b:7f:a6:30:93:
a7:af:17:b8:13:6c:db:06:8d:25:62:93:c8:8f:11:
8d:e9:76:94:bd:7e:3b:9d:e8:6d:79:5b:4b:fc:9b:
b8:f1:9d:9b:e4:01:13:f8:8c:8d:81:91:83:89:8c:
19:c3:12:e6:df:66:50:55:5c:36:e7:99:07:c3:6f:
10:1a:20:4d:6e:45:6e:53:10:11:41:4e:11:a3:5a:
84:3a:9d:45:77:8d:12:2d:e4:c8:02:bc:69:e8:30:
2b:47:c6:57:b2:b7:8e:db:7e:96:45:a2:35:2f:51:
cc:6d:fc:b0:92:f1:a1:72:b4:86:32:17:91:1d:6b:
6b:25:0a:6e:a8:20:73:db:56:04:cd:c7:1a:c4:38:
a1:dc:33:68:10:1d:51:dd:a9:bb:43:f1:1f:b5:7d:
cc:bd:88:ab:28:06:27:ee:24:12:af:6e:b2:99:b4:
e1:ec:8c:2e:6e:52:97:9d:d6:96:e7:53:c1:03:f1:
5a:21:94:9d:ab:02:fe:ce:ba:f0:9b:cb:d8:94:75:
a4:50:28:d5:f1:95:5a:83:b0:14:ee:7c:cb:fd:e1:
9b:ca:99:3d:e7:56:f3:69:9a:9e:58:fe:42:61:b6:
97:e4:5f:35:b8:d5:3b:7f:a1:e1:40:04:4c:13:74:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C9:BC:B6:77:12:73:98:66:A6:CF:53:CD:94:75:BB:07:4B:6D:70
X509v3 Authority Key Identifier:
keyid:43:54:D7:0A:98:8E:25:7E:C5:7C:34:08:15:9D:C8:B5:04:F5:72:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/tsm8tncSc5hmps9TzZR1uwdLbXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/c5c016-4f1c-4f33-acf0-27498f874d4f/1/Q1TXCpiOJX7FfDQIFZ3ItQT1cjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.172.0/23
185.252.146.0/23
185.255.132.0/22
Signature Algorithm: sha256WithRSAEncryption
03:ed:b2:ec:0e:28:bf:cd:99:ef:3a:e6:ef:48:b5:7b:72:a0:
23:a8:5d:b0:47:a3:79:f7:62:08:58:00:06:b7:2b:83:9f:89:
f7:cc:88:a6:f0:59:f3:cd:d7:53:54:22:05:16:24:48:2f:78:
73:00:36:48:02:96:07:b2:00:f8:94:fd:0b:fb:83:86:40:ab:
1b:6f:c9:dc:08:ab:63:57:42:84:c0:7f:47:40:bb:cb:1e:89:
0e:46:7d:60:53:45:37:38:6b:15:8d:2d:aa:d2:74:25:a4:c2:
fe:ca:07:e5:7e:19:c1:be:28:9b:4e:1e:3b:26:68:5d:b1:c8:
76:ef:fe:53:82:7e:61:1d:c4:85:df:f3:15:f1:08:d5:1c:7c:
c2:c3:89:78:5f:12:03:76:71:03:49:f0:d5:56:30:9b:17:cc:
db:02:b7:a9:77:15:f5:f6:13:8a:c1:76:ce:b5:fa:5d:fb:7a:
b1:3f:64:19:b4:ce:5b:7c:6c:6e:78:78:cc:74:c7:4f:a6:1a:
c2:41:7b:c2:31:b0:6a:b3:b0:a2:1e:c1:1e:c0:6e:00:c2:b6:
62:ab:ca:30:20:8f:44:59:ca:61:5b:d3:9d:76:c6:a8:03:8b:
80:4c:d1:90:c4:f5:c7:bf:c2:44:4a:06:12:bb:46:fe:3c:38:
93:9f:28:30
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECCG0kTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzU0ZDcwYTk4OGUyNTdlYzU3YzM0MDgxNTlkYzhiNTA0ZjU3MjNhMB4XDTIyMDEw
MTE1NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZjOWJjYjY3NzEy
NzM5ODY2YTZjZjUzY2Q5NDc1YmIwNzRiNmQ3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKtIE+T4QAk7Xt/pjCTp68XuBNs2waNJWKTyI8Rjel2lL1+
O53obXlbS/ybuPGdm+QBE/iMjYGRg4mMGcMS5t9mUFVcNueZB8NvEBogTW5FblMQ
EUFOEaNahDqdRXeNEi3kyAK8aegwK0fGV7K3jtt+lkWiNS9RzG38sJLxoXK0hjIX
kR1rayUKbqggc9tWBM3HGsQ4odwzaBAdUd2pu0PxH7V9zL2IqygGJ+4kEq9uspm0
4eyMLm5Sl53WludTwQPxWiGUnasC/s668JvL2JR1pFAo1fGVWoOwFO58y/3hm8qZ
PedW82manlj+QmG2l+RfNbjVO3+h4UAETBN0dQsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS2yby2dxJzmGamz1PNlHW7B0ttcDAfBgNVHSMEGDAWgBRDVNcKmI4lfsV8
NAgVnci1BPVyOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ExVFhDcGlPSlg3RmZEUUlGWjNJdFFUMWNqby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvYzVjMDE2LTRmMWMtNGYzMy1hY2YwLTI3NDk4Zjg3NGQ0Zi8x
L3RzbTh0bmNTYzVobXBzOVR6WlIxdXdkTGJYQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
YzVjMDE2LTRmMWMtNGYzMy1hY2YwLTI3NDk4Zjg3NGQ0Zi8xL1ExVFhDcGlPSlg3
RmZEUUlGWjNJdFFUMWNqby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAbn0rAMEAbn8kgMEArn/hDANBgkq
hkiG9w0BAQsFAAOCAQEAA+2y7A4ov82Z7zrm70i1e3KgI6hdsEejefdiCFgABrcr
g5+J98yIpvBZ883XU1QiBRYkSC94cwA2SAKWB7IA+JT9C/uDhkCrG2/J3AirY1dC
hMB/R0C7yx6JDkZ9YFNFNzhrFY0tqtJ0JaTC/soH5X4Zwb4om04eOyZoXbHIdu/+
U4J+YR3Ehd/zFfEI1Rx8wsOJeF8SA3ZxA0nw1VYwmxfM2wK3qXcV9fYTisF2zrX6
Xft6sT9kGbTOW3xsbnh4zHTHT6YawkF7wjGwarOwoh7BHsBuAMK2YqvKMCCPRFnK
YVvTnXbGqAOLgEzRkMT1x7/CREoGErtG/jw4k58oMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:21 2024 by rpki-client on console-ams.rpki-client.org