Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/_v9m_6-AzRKESuBC0qX3BAdYLaw.roa
File: _v9m_6-AzRKESuBC0qX3BAdYLaw.roa (raw, json)
Hash identifier: hOQmy094LkBdQ/Kb4gntqEGnwRcIp1TZUPE24NQKvEw=
Subject key identifier: FE:FF:66:FF:AF:80:CD:12:84:4A:E0:42:D2:A5:F7:04:07:58:2D:AC
Certificate issuer: /CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Certificate serial: 018878D0874E03B380C63032903DBBDFE219
Authority key identifier: 67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/_v9m_6-AzRKESuBC0qX3BAdYLaw.roa
Signing time: Thu 01 Jun 2023 21:15:11 +0000
ROA not before: Thu 01 Jun 2023 21:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207709
IP address blocks: 195.85.207.0/24 maxlen: 24
195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2a09:cfc0::/29 maxlen: 29
2a07:af80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:78:d0:87:4e:03:b3:80:c6:30:32:90:3d:bb:df:e2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Validity
Not Before: Jun 1 21:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feff66ffaf80cd12844ae042d2a5f70407582dac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:08:ec:9f:13:6b:89:20:42:c9:81:a2:ea:72:
85:fb:7f:18:f1:4b:bb:d0:b9:37:ad:dd:05:b1:c1:
14:c0:73:21:a8:92:6d:c4:ae:36:10:da:4d:d6:92:
f3:d0:5d:b8:d1:fb:5d:99:d7:2a:0f:19:33:bb:1f:
ba:c7:9f:69:b5:8c:07:3b:6e:86:b7:9e:3a:42:27:
78:ce:0b:11:db:d1:9f:2d:3e:cd:00:a5:c6:78:d3:
3a:81:83:ab:06:07:3a:3f:89:14:43:da:85:42:2b:
d6:61:d2:3f:08:f5:80:76:2c:24:09:6a:11:8a:37:
c0:2f:17:3a:e4:52:e5:99:17:39:41:9b:61:88:f3:
7f:53:63:a7:10:fc:24:e9:c6:4b:47:ec:e6:41:4d:
5a:95:b3:1e:ee:84:bc:2e:40:d0:20:7c:49:ee:b8:
1a:4b:34:3f:1e:9a:c0:23:96:b1:50:4e:ac:47:56:
e3:83:d8:e1:c3:ff:a6:ab:aa:78:20:b5:5c:77:7a:
1b:c2:10:f4:a8:09:f8:32:42:c5:6a:ce:bb:88:84:
5d:11:bd:3d:dd:26:b8:fd:fe:a4:bb:a4:bb:6c:8d:
a9:98:4c:84:0c:21:23:ea:a4:6e:8f:69:ac:78:db:
03:07:ff:be:d4:11:f6:dc:6d:1a:1b:b0:2b:01:dc:
02:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:FF:66:FF:AF:80:CD:12:84:4A:E0:42:D2:A5:F7:04:07:58:2D:AC
X509v3 Authority Key Identifier:
keyid:67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/_v9m_6-AzRKESuBC0qX3BAdYLaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/Z8_X-uINHTS3edq2abjw8HycNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.207.0/24
195.85.216.0/24
IPv6:
2a07:af80::/29
2a09:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
55:1f:b0:b3:92:8d:82:4a:1a:96:39:2e:f1:db:3b:1d:6e:51:
14:c6:84:90:18:e6:49:86:70:6a:e0:12:21:1e:7a:3d:87:61:
22:aa:2b:bc:4a:be:77:a6:5c:99:5b:02:d2:37:0b:9a:5f:c1:
67:1a:98:21:f2:0e:ac:9e:1c:7b:77:12:35:10:e3:1f:45:a9:
bb:c9:b9:3c:45:f8:06:a7:4c:b7:ec:b7:0a:21:42:46:e8:74:
31:70:d9:4f:e9:18:0c:8a:6e:93:0e:6a:13:2f:cc:d2:85:3e:
ef:56:65:ce:1e:0d:2d:e8:08:59:b2:53:8b:15:6c:f9:86:fd:
9a:c6:a1:71:7e:26:7c:4c:87:e9:ec:dd:23:80:c3:fb:e5:60:
79:16:40:d0:ce:34:72:25:af:bf:87:59:4c:80:05:d4:80:28:
62:c0:db:5a:64:6b:d1:f5:47:54:91:e5:09:9a:16:fc:04:f3:
63:7b:95:94:18:7e:8f:96:7f:82:73:13:29:8a:f6:89:d2:2f:
e0:ca:0f:54:0f:20:c0:64:40:78:8b:c8:77:51:25:22:fb:86:
0f:c1:b2:f1:95:c4:c5:d0:1f:a7:7d:3e:71:7e:f1:4e:4c:a5:
d6:0b:72:0d:b7:50:b8:08:ec:a7:12:81:db:89:77:62:5e:54:
9f:b4:2c:95
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYh40IdOA7OAxjAykD273+IZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2ZkN2ZhZTIwZDFkMzRiNzc5ZGFiNjY5YjhmMGYwN2M5
YzM0ZjgwHhcNMjMwNjAxMjExNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWZmNjZmZmFmODBjZDEyODQ0YWUwNDJkMmE1ZjcwNDA3NTgyZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgjsnxNriSBCyYGi6nKF+38Y8Uu7
0Lk3rd0FscEUwHMhqJJtxK42ENpN1pLz0F240ftdmdcqDxkzux+6x59ptYwHO26G
t546Qid4zgsR29GfLT7NAKXGeNM6gYOrBgc6P4kUQ9qFQivWYdI/CPWAdiwkCWoR
ijfALxc65FLlmRc5QZthiPN/U2OnEPwk6cZLR+zmQU1albMe7oS8LkDQIHxJ7rga
SzQ/HprAI5axUE6sR1bjg9jhw/+mq6p4ILVcd3obwhD0qAn4MkLFas67iIRdEb09
3Sa4/f6ku6S7bI2pmEyEDCEj6qRuj2mseNsDB/++1BH23G0aG7ArAdwC/wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFP7/Zv+vgM0ShErgQtKl9wQHWC2sMB8GA1UdIwQY
MBaAFGfP1/riDR00t3natmm48PB8nDT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEt
MmI2OGFiMmFkMmU5LzEvX3Y5bV82LUF6UktFU3VCQzBxWDNCQWRZTGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEtMmI2OGFiMmFkMmU5
LzEvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCAjiYAwQC
ufKgAwQAw1XPAwQAw1XYMBQEAgACMA4DBQMqB6+AAwUDKgnPwDANBgkqhkiG9w0B
AQsFAAOCAQEAVR+ws5KNgkoaljku8ds7HW5RFMaEkBjmSYZwauASIR56PYdhIqor
vEq+d6ZcmVsC0jcLml/BZxqYIfIOrJ4ce3cSNRDjH0Wpu8m5PEX4BqdMt+y3CiFC
Ruh0MXDZT+kYDIpukw5qEy/M0oU+71Zlzh4NLegIWbJTixVs+Yb9msahcX4mfEyH
6ezdI4DD++VgeRZA0M40ciWvv4dZTIAF1IAoYsDbWmRr0fVHVJHlCZoW/ATzY3uV
lBh+j5Z/gnMTKYr2idIv4MoPVA8gwGRAeIvId1ElIvuGD8Gy8ZXExdAfp30+cX7x
Tkyl1gtyDbdQuAjspxKB24l3Yl5Un7QslQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:18 2024 by rpki-client on console-ams.rpki-client.org