Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/1-9hNGkWM0hAoLtv-B--6BDqBkq4.roa
File: 1-9hNGkWM0hAoLtv-B--6BDqBkq4.roa (raw, json)
Hash identifier: yI7CBHsmoqigxHnlnD8GWPulEp4sIgEkUNHqPxm2qWQ=
Subject key identifier: FB:D8:4D:1A:45:8C:D2:10:28:2E:DB:FE:07:EF:BA:04:3A:81:92:AE
Certificate issuer: /CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Certificate serial: 0184F65B62AE4CF56EA3D81828AECB3A8EF1
Authority key identifier: 67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/1-9hNGkWM0hAoLtv-B--6BDqBkq4.roa
Signing time: Fri 09 Dec 2022 10:08:14 +0000
ROA not before: Fri 09 Dec 2022 10:08:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207709
IP address blocks: 195.85.207.0/24 maxlen: 24
195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2a09:cfc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:5b:62:ae:4c:f5:6e:a3:d8:18:28:ae:cb:3a:8e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Validity
Not Before: Dec 9 10:08:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbd84d1a458cd210282edbfe07efba043a8192ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0d:b7:fe:45:61:12:df:8b:98:02:a8:6a:da:
2e:16:db:7d:47:3a:6d:09:fc:b7:75:bb:65:0f:af:
01:62:bc:a1:38:a6:62:8a:50:49:07:6b:5a:5f:f6:
94:ec:19:65:66:ac:14:5a:bc:f0:6c:6a:c8:32:e5:
1e:04:b7:e9:54:4b:db:d3:da:ae:d3:17:4e:b3:4e:
50:a1:81:c9:d9:67:28:3b:79:d2:14:f4:40:a1:79:
82:36:05:d3:6c:66:bd:47:b1:30:65:a3:4e:6d:5a:
ea:4e:54:df:d3:05:af:82:84:af:02:36:3d:ea:8c:
cf:df:91:3a:54:c3:59:7f:ba:63:12:44:62:85:7b:
a7:39:07:4f:01:df:cf:7a:41:38:18:43:15:81:7a:
a4:95:97:52:ca:f1:63:f4:f9:bb:8c:62:a0:82:50:
90:b4:59:54:6a:60:32:41:a7:44:26:e2:9c:f9:83:
b7:5e:76:6f:6e:66:dd:b1:90:d3:54:3c:41:64:fd:
d1:77:b7:c7:fe:58:ce:2c:31:71:5d:0c:19:75:4c:
1e:8a:64:c8:3e:6c:ba:4e:45:1d:7a:08:1f:41:cc:
5e:f8:07:16:35:8b:08:4c:23:89:5c:79:2e:53:8d:
11:18:89:e2:65:ec:b9:a1:be:39:46:b9:11:1a:f5:
f8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D8:4D:1A:45:8C:D2:10:28:2E:DB:FE:07:EF:BA:04:3A:81:92:AE
X509v3 Authority Key Identifier:
keyid:67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/1-9hNGkWM0hAoLtv-B--6BDqBkq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/Z8_X-uINHTS3edq2abjw8HycNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.207.0/24
195.85.216.0/24
IPv6:
2a09:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
10:58:cd:00:bb:46:f7:80:72:85:cf:05:5d:d8:74:e8:5e:e5:
94:4b:d2:70:9d:fa:12:c1:c2:af:05:f1:68:57:67:9b:51:0d:
ed:03:4c:70:89:e5:f3:cd:06:fd:82:7e:64:03:46:c7:11:01:
90:88:70:3e:79:65:cd:e4:df:25:a8:5d:64:51:e6:4c:59:ae:
e7:82:a5:09:86:69:14:f9:92:90:78:a4:35:1c:38:92:64:ab:
e6:39:6c:fa:8e:ec:1e:9c:b8:74:27:b0:ab:9c:73:17:9a:ca:
af:bd:75:68:32:d2:37:68:e7:d7:22:fb:35:67:c4:fa:ac:25:
99:4c:9f:52:e7:27:08:2d:f7:90:76:59:be:3f:92:ec:e2:0f:
da:c0:aa:a8:30:96:25:73:d2:71:7a:e6:46:d5:07:88:a1:10:
95:a1:ec:fc:ae:0b:6b:a8:4c:a2:fe:95:31:61:99:ad:b5:c5:
da:e5:c5:54:db:3d:14:a9:b7:2c:ad:5c:68:9f:64:ee:94:0b:
82:d2:45:41:75:70:1a:a5:54:ba:f5:76:67:59:57:db:b1:74:
4d:2e:84:95:34:82:14:4f:62:e5:a2:2b:8f:5e:84:0d:53:53:
1f:c9:c9:0a:bb:69:b3:95:47:d3:b6:87:14:0e:eb:6d:0c:7d:
10:07:49:fe
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYT2W2KuTPVuo9gYKK7LOo7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2ZkN2ZhZTIwZDFkMzRiNzc5ZGFiNjY5YjhmMGYwN2M5
YzM0ZjgwHhcNMjIxMjA5MTAwODE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQ4NGQxYTQ1OGNkMjEwMjgyZWRiZmUwN2VmYmEwNDNhODE5MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA23/kVhEt+LmAKoatouFtt9Rzpt
Cfy3dbtlD68BYryhOKZiilBJB2taX/aU7BllZqwUWrzwbGrIMuUeBLfpVEvb09qu
0xdOs05QoYHJ2WcoO3nSFPRAoXmCNgXTbGa9R7EwZaNObVrqTlTf0wWvgoSvAjY9
6ozP35E6VMNZf7pjEkRihXunOQdPAd/PekE4GEMVgXqklZdSyvFj9Pm7jGKgglCQ
tFlUamAyQadEJuKc+YO3XnZvbmbdsZDTVDxBZP3Rd7fH/ljOLDFxXQwZdUweimTI
Pmy6TkUdeggfQcxe+AcWNYsITCOJXHkuU40RGIniZey5ob45RrkRGvX4eQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPvYTRpFjNIQKC7b/gfvugQ6gZKuMB8GA1UdIwQY
MBaAFGfP1/riDR00t3natmm48PB8nDT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEt
MmI2OGFiMmFkMmU5LzEvMS05aE5Ha1dNMGhBb0x0di1CLS02QkRxQmtxNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvNjIzNDNkLWQ5MjQtNDM3OC1hMTIxLTJiNjhhYjJhZDJl
OS8xL1o4X1gtdUlOSFRTM2VkcTJhYmp3OEh5Y05QZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAgI4mAME
ArnyoAMEAMNVzwMEAMNV2DANBAIAAjAHAwUDKgnPwDANBgkqhkiG9w0BAQsFAAOC
AQEAEFjNALtG94Byhc8FXdh06F7llEvScJ36EsHCrwXxaFdnm1EN7QNMcInl880G
/YJ+ZANGxxEBkIhwPnllzeTfJahdZFHmTFmu54KlCYZpFPmSkHikNRw4kmSr5jls
+o7sHpy4dCewq5xzF5rKr711aDLSN2jn1yL7NWfE+qwlmUyfUucnCC33kHZZvj+S
7OIP2sCqqDCWJXPScXrmRtUHiKEQlaHs/K4La6hMov6VMWGZrbXF2uXFVNs9FKm3
LK1caJ9k7pQLgtJFQXVwGqVUuvV2Z1lX27F0TS6ElTSCFE9i5aIrj16EDVNTH8nJ
Crtps5VH07aHFA7rbQx9EAdJ/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org