Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/_eVISCrMAIcKAXylUC_knTx5SmI.roa
File: _eVISCrMAIcKAXylUC_knTx5SmI.roa (raw, json)
Hash identifier: dvoDtBDh4w5qDOus5/B2dN9LrN8mgFOMPX+MX1t5vVQ=
Subject key identifier: FD:E5:48:48:2A:CC:00:87:0A:01:7C:A5:50:2F:E4:9D:3C:79:4A:62
Certificate issuer: /CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Certificate serial: 018A2A5D1ADE32ECEC3D3CBBDA49F4F1AE34
Authority key identifier: 67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/_eVISCrMAIcKAXylUC_knTx5SmI.roa
Signing time: Fri 25 Aug 2023 01:44:19 +0000
ROA not before: Fri 25 Aug 2023 01:44:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207709
IP address blocks: 195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2a09:cfc0::/29 maxlen: 29
2a07:af80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2a:5d:1a:de:32:ec:ec:3d:3c:bb:da:49:f4:f1:ae:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Validity
Not Before: Aug 25 01:44:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fde548482acc00870a017ca5502fe49d3c794a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7d:54:ef:d3:a4:85:9b:86:4e:15:31:ae:cb:
93:33:f8:f8:a3:d0:36:8b:61:a8:ff:f4:7e:c4:bb:
69:8a:38:4f:7a:f7:ae:8c:59:6b:ad:79:f2:f1:2e:
8b:ba:05:54:2c:89:e7:90:9d:ba:c8:d3:82:57:ea:
2d:0c:1d:ac:d0:df:fa:fd:a5:c3:29:b1:b2:ab:ed:
61:22:4a:68:ab:0d:6e:8e:01:e2:6a:8a:2a:46:0a:
bb:42:d2:ee:6f:22:8c:e6:f1:b2:59:0e:b2:b3:50:
ba:4a:5f:50:c6:7a:eb:4f:e4:e9:1d:3f:74:3f:26:
27:86:4f:f2:2d:a0:8d:02:6f:f8:e8:e5:e8:3c:31:
27:6d:30:44:a0:81:7b:76:0c:08:9c:5c:5f:c5:ce:
54:81:b8:72:77:f1:83:60:0d:5f:f5:1b:3f:48:ba:
fc:cf:5a:7c:de:08:cc:3e:f1:76:a9:bc:80:f7:f7:
c8:13:14:b9:cf:12:25:6e:34:77:03:4f:8c:40:c4:
c6:47:37:0b:63:b9:4f:fb:12:62:c5:48:86:f9:65:
1e:f5:98:5e:80:5a:d3:4e:f9:0d:fb:7f:20:04:a8:
df:da:c5:78:33:6e:e7:c2:7b:31:06:ff:04:6a:28:
fe:fd:cc:d1:3a:b1:b5:3c:f0:d2:32:39:fe:f5:ea:
2b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E5:48:48:2A:CC:00:87:0A:01:7C:A5:50:2F:E4:9D:3C:79:4A:62
X509v3 Authority Key Identifier:
keyid:67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/_eVISCrMAIcKAXylUC_knTx5SmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/Z8_X-uINHTS3edq2abjw8HycNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.216.0/24
IPv6:
2a07:af80::/29
2a09:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
30:ab:3c:56:5a:66:92:a0:86:f1:a7:ea:85:5b:88:1c:01:f1:
ed:00:05:18:e1:35:ba:a5:5a:b4:c3:80:7b:62:27:f7:a4:18:
ac:ff:c1:df:1d:5b:a3:9a:7c:75:a5:a9:de:29:25:1e:1c:f3:
15:b5:11:63:db:f2:4c:cc:b4:b1:a4:a5:70:b2:25:a9:4d:de:
60:e5:42:05:10:d2:ae:92:f3:09:57:9c:49:fa:80:33:8c:b0:
28:b1:f3:c0:a1:bc:a8:c0:61:9b:cf:14:ef:b8:6a:bd:d4:fa:
8b:3a:4e:d9:b5:9d:67:f5:cd:98:aa:52:8e:ab:84:66:67:04:
ed:75:b4:40:33:19:22:67:29:5e:29:d6:06:fd:a4:d9:f5:6e:
95:c8:99:88:76:19:53:2a:b0:ce:b3:84:0d:cc:fd:50:32:98:
f3:f7:04:d8:f5:a0:77:2b:69:06:ab:a0:7f:35:37:d0:2c:41:
a3:33:f2:07:a7:04:35:99:f8:fc:56:5f:ce:48:e2:90:55:16:
ad:4e:ff:21:d8:b7:76:f1:6f:06:e9:f8:bb:67:2d:60:0d:e5:
4d:3c:a2:ef:5e:49:9f:25:55:b3:5e:5b:64:6f:3b:9b:62:2c:
01:ce:82:68:93:98:08:0f:11:7f:73:39:3d:52:d5:8e:8a:7a:
79:6b:43:ba
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYoqXRreMuzsPTy72kn08a40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2ZkN2ZhZTIwZDFkMzRiNzc5ZGFiNjY5YjhmMGYwN2M5
YzM0ZjgwHhcNMjMwODI1MDE0NDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGU1NDg0ODJhY2MwMDg3MGEwMTdjYTU1MDJmZTQ5ZDNjNzk0YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH1U79OkhZuGThUxrsuTM/j4o9A2
i2Go//R+xLtpijhPeveujFlrrXny8S6LugVULInnkJ26yNOCV+otDB2s0N/6/aXD
KbGyq+1hIkpoqw1ujgHiaooqRgq7QtLubyKM5vGyWQ6ys1C6Sl9QxnrrT+TpHT90
PyYnhk/yLaCNAm/46OXoPDEnbTBEoIF7dgwInFxfxc5Ugbhyd/GDYA1f9Rs/SLr8
z1p83gjMPvF2qbyA9/fIExS5zxIlbjR3A0+MQMTGRzcLY7lP+xJixUiG+WUe9Zhe
gFrTTvkN+38gBKjf2sV4M27nwnsxBv8Eaij+/czROrG1PPDSMjn+9eor0wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP3lSEgqzACHCgF8pVAv5J08eUpiMB8GA1UdIwQY
MBaAFGfP1/riDR00t3natmm48PB8nDT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEt
MmI2OGFiMmFkMmU5LzEvX2VWSVNDck1BSWNLQVh5bFVDX2tuVHg1U21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEtMmI2OGFiMmFkMmU5
LzEvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCAjiYAwQC
ufKgAwQAw1XYMBQEAgACMA4DBQMqB6+AAwUDKgnPwDANBgkqhkiG9w0BAQsFAAOC
AQEAMKs8VlpmkqCG8afqhVuIHAHx7QAFGOE1uqVatMOAe2In96QYrP/B3x1bo5p8
daWp3iklHhzzFbURY9vyTMy0saSlcLIlqU3eYOVCBRDSrpLzCVecSfqAM4ywKLHz
wKG8qMBhm88U77hqvdT6izpO2bWdZ/XNmKpSjquEZmcE7XW0QDMZImcpXinWBv2k
2fVulciZiHYZUyqwzrOEDcz9UDKY8/cE2PWgdytpBqugfzU30CxBozPyB6cENZn4
/FZfzkjikFUWrU7/Idi3dvFvBun4u2ctYA3lTTyi715JnyVVs15bZG87m2IsAc6C
aJOYCA8Rf3M5PVLVjop6eWtDug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org