Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/QTSJx4DluC0TevBAa0alh1sTKMY.roa
File: QTSJx4DluC0TevBAa0alh1sTKMY.roa (raw, json)
Hash identifier: Sd3NwT8S7tsl4uUYADz5qo+0GlM2e7WEkM//Hzi+g58=
Subject key identifier: 41:34:89:C7:80:E5:B8:2D:13:7A:F0:40:6B:46:A5:87:5B:13:28:C6
Certificate issuer: /CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Certificate serial: 018571CC259B44F6BC1F0B9C369069D0E10E
Authority key identifier: 67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/QTSJx4DluC0TevBAa0alh1sTKMY.roa
Signing time: Mon 02 Jan 2023 09:24:42 +0000
ROA not before: Mon 02 Jan 2023 09:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57152
IP address blocks: 195.85.207.0/24 maxlen: 24
195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2a09:cfc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:25:9b:44:f6:bc:1f:0b:9c:36:90:69:d0:e1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Validity
Not Before: Jan 2 09:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=413489c780e5b82d137af0406b46a5875b1328c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d0:05:dd:19:3a:20:17:52:42:fa:e9:ff:9d:
ab:99:ed:3d:8a:51:1c:c1:30:7b:0f:3c:c7:8c:2f:
77:54:06:84:b1:a1:d3:eb:b2:9a:eb:9c:2a:4b:40:
54:62:12:2e:d2:88:f5:37:94:1e:00:fa:71:fa:f4:
b9:e0:40:16:b2:aa:10:11:a7:72:ea:f3:fc:9c:3a:
1b:b5:91:c1:30:9c:7d:12:22:fc:73:0f:73:0a:9a:
09:92:48:ff:28:57:d0:d1:1b:a8:cf:02:43:b4:d7:
93:b6:34:d2:b8:f6:e4:7f:fc:50:9d:86:84:49:76:
02:a8:69:3f:2a:f3:5c:42:15:1c:37:6c:b7:3c:39:
c9:f3:0c:79:85:d5:4b:cb:f8:45:04:55:8f:4d:fe:
f4:46:ba:30:a2:37:c1:25:bf:f5:1b:82:b2:21:d1:
1d:62:90:23:cd:67:0c:95:ce:c3:4c:2f:79:a6:f8:
67:7a:8c:6b:b1:60:04:e2:9c:94:b8:3a:b5:84:ef:
c9:20:05:80:44:cf:8b:80:9d:54:0a:fc:37:87:06:
fa:8d:6e:ae:bc:18:30:6e:8a:66:45:17:ad:f9:a0:
5b:cc:ad:88:ff:fc:d7:d6:a4:5f:75:67:90:74:df:
bf:8d:e4:2c:40:d0:16:0e:97:76:ea:44:72:36:93:
da:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:34:89:C7:80:E5:B8:2D:13:7A:F0:40:6B:46:A5:87:5B:13:28:C6
X509v3 Authority Key Identifier:
keyid:67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/QTSJx4DluC0TevBAa0alh1sTKMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/Z8_X-uINHTS3edq2abjw8HycNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.207.0/24
195.85.216.0/24
IPv6:
2a09:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
39:44:ee:c5:b0:45:00:96:d5:fb:87:5c:13:02:7e:94:5a:f8:
60:77:fd:66:4f:e9:42:5a:52:3a:be:a0:ad:e7:91:76:0e:e8:
5b:fc:23:2a:de:ed:91:61:97:a2:d6:15:03:b4:9c:34:31:49:
b1:72:46:93:80:97:16:f9:fc:ed:42:ec:88:13:a0:4b:4a:f2:
96:e2:e6:74:77:28:aa:df:bf:ff:d6:a7:cf:96:42:6a:9e:87:
a2:06:8c:0a:c5:ad:a9:9c:83:9e:88:31:74:11:9f:3f:6c:8d:
cd:3c:65:43:4e:5e:0e:f9:37:06:ba:b8:e4:8e:21:5b:93:0d:
05:d9:48:3b:54:fe:b1:0e:32:bf:53:e2:93:14:1a:e3:bc:33:
45:cb:71:80:25:29:04:7d:c1:42:cf:77:38:4f:9c:c0:91:fb:
28:98:3b:5c:50:15:62:de:14:b8:c0:ad:4f:9e:8b:21:46:dc:
2c:12:80:0f:37:75:37:8f:08:21:59:f0:cb:de:08:c9:1e:9e:
13:ff:59:5d:b1:17:33:ec:06:d4:a5:93:7f:89:5d:2f:27:11:
2f:30:67:db:ee:e0:0e:69:b3:c7:a7:36:4f:3e:67:60:10:80:
3a:1d:50:db:b0:dc:6b:7e:ec:93:74:16:ce:06:55:a1:cf:71:
ce:e2:25:7f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxzCWbRPa8HwucNpBp0OEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2ZkN2ZhZTIwZDFkMzRiNzc5ZGFiNjY5YjhmMGYwN2M5
YzM0ZjgwHhcNMjMwMTAyMDkyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTM0ODljNzgwZTViODJkMTM3YWYwNDA2YjQ2YTU4NzViMTMyOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldAF3Rk6IBdSQvrp/52rme09ilEc
wTB7DzzHjC93VAaEsaHT67Ka65wqS0BUYhIu0oj1N5QeAPpx+vS54EAWsqoQEady
6vP8nDobtZHBMJx9EiL8cw9zCpoJkkj/KFfQ0RuozwJDtNeTtjTSuPbkf/xQnYaE
SXYCqGk/KvNcQhUcN2y3PDnJ8wx5hdVLy/hFBFWPTf70RrowojfBJb/1G4KyIdEd
YpAjzWcMlc7DTC95pvhneoxrsWAE4pyUuDq1hO/JIAWARM+LgJ1UCvw3hwb6jW6u
vBgwbopmRRet+aBbzK2I//zX1qRfdWeQdN+/jeQsQNAWDpd26kRyNpPazQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEE0iceA5bgtE3rwQGtGpYdbEyjGMB8GA1UdIwQY
MBaAFGfP1/riDR00t3natmm48PB8nDT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEt
MmI2OGFiMmFkMmU5LzEvUVRTSng0RGx1QzBUZXZCQWEwYWxoMXNUS01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEtMmI2OGFiMmFkMmU5
LzEvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCAjiYAwQC
ufKgAwQAw1XPAwQAw1XYMA0EAgACMAcDBQMqCc/AMA0GCSqGSIb3DQEBCwUAA4IB
AQA5RO7FsEUAltX7h1wTAn6UWvhgd/1mT+lCWlI6vqCt55F2Duhb/CMq3u2RYZei
1hUDtJw0MUmxckaTgJcW+fztQuyIE6BLSvKW4uZ0dyiq37//1qfPlkJqnoeiBowK
xa2pnIOeiDF0EZ8/bI3NPGVDTl4O+TcGurjkjiFbkw0F2Ug7VP6xDjK/U+KTFBrj
vDNFy3GAJSkEfcFCz3c4T5zAkfsomDtcUBVi3hS4wK1PnoshRtwsEoAPN3U3jwgh
WfDL3gjJHp4T/1ldsRcz7AbUpZN/iV0vJxEvMGfb7uAOabPHpzZPPmdgEIA6HVDb
sNxrfuyTdBbOBlWhz3HO4iV/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org