Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/pecUCyUkWM6O26yUZniTSGZNjnE.roa
File: pecUCyUkWM6O26yUZniTSGZNjnE.roa (raw, json)
Hash identifier: zDMz9w8I0frOcECv1Rp6ESxEecswcKN6IE3R2pqVpNY=
Subject key identifier: A5:E7:14:0B:25:24:58:CE:8E:DB:AC:94:66:78:93:48:66:4D:8E:71
Certificate issuer: /CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Certificate serial: 018571CC27000E556CFB7C7DCD19D1B5592C
Authority key identifier: 67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/pecUCyUkWM6O26yUZniTSGZNjnE.roa
Signing time: Mon 02 Jan 2023 09:24:42 +0000
ROA not before: Mon 02 Jan 2023 09:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207709
IP address blocks: 195.85.207.0/24 maxlen: 24
195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:27:00:0e:55:6c:fb:7c:7d:cd:19:d1:b5:59:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Validity
Not Before: Jan 2 09:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5e7140b252458ce8edbac9466789348664d8e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ed:58:4d:83:41:02:1f:cd:2b:84:6b:42:34:
52:6a:ca:54:da:68:b5:82:92:28:37:c2:3b:eb:82:
01:d4:cd:68:a3:e6:d8:03:21:2d:cc:a0:f7:d1:87:
45:ee:87:60:68:ea:cd:03:9c:9b:3d:89:9e:42:0d:
46:ec:cd:a5:f3:4f:35:cd:12:87:7f:61:67:71:93:
e1:8b:a0:5c:d5:d3:16:85:92:86:9f:71:91:1c:ea:
49:e9:ba:ee:57:2b:5a:21:af:c9:b1:66:8d:f5:57:
bb:28:2f:d0:85:8e:b3:a6:4b:b8:3d:85:f8:ab:4b:
b6:ff:97:fe:3b:7d:82:2d:cd:c6:3b:d7:c8:76:3b:
13:b8:7d:12:1f:2b:3f:f0:fb:a9:5d:6a:22:b0:e9:
59:8a:66:c6:e0:e7:67:a8:02:64:3c:f9:23:97:19:
83:33:f1:f4:01:20:e9:8e:2a:7d:f2:d7:da:87:fe:
00:33:40:2e:e7:5e:35:c3:ec:0a:9a:76:3a:4c:b0:
a0:e7:7b:48:b9:40:b9:84:98:4e:8a:49:cb:31:f3:
c8:e3:49:55:9d:7e:5e:57:d0:02:fb:c9:3b:da:bf:
b2:03:3c:f4:27:bf:8d:8e:16:76:90:72:26:f9:24:
6c:f9:5a:05:42:a6:46:01:e8:1e:53:cc:67:57:2b:
1c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E7:14:0B:25:24:58:CE:8E:DB:AC:94:66:78:93:48:66:4D:8E:71
X509v3 Authority Key Identifier:
keyid:67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/pecUCyUkWM6O26yUZniTSGZNjnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/Z8_X-uINHTS3edq2abjw8HycNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.207.0/24
195.85.216.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:c0:82:49:85:f4:90:ff:cd:33:18:46:6b:83:c3:43:76:60:
86:ad:91:ff:c2:59:44:15:db:6d:4d:33:65:d0:9f:f1:b7:37:
69:05:57:e1:52:e0:23:1d:0b:7b:cb:f9:c0:b5:2a:d5:b7:b8:
fe:79:7e:09:04:d3:83:3a:46:8b:e2:ad:6b:38:29:6b:be:00:
57:b4:41:8a:0c:b3:4a:85:3d:43:48:0a:a3:ab:7c:cd:54:09:
70:39:51:1f:b6:bc:31:94:40:13:83:a5:a6:e9:8f:26:fb:46:
e0:3a:c4:a6:29:77:77:dc:d9:0d:dc:45:c0:e9:67:45:98:c2:
09:f0:84:13:c0:1e:77:eb:2a:ab:17:ce:09:27:e9:97:83:98:
08:7a:ad:93:d7:a5:12:09:75:7b:5f:05:91:d0:5b:88:fa:19:
5c:4c:9f:72:02:99:27:d0:4e:1c:55:93:df:ca:0e:75:a1:53:
cc:3c:fa:5c:2b:06:0f:1c:94:0c:82:53:44:c6:df:b8:17:97:
b0:48:12:48:5d:55:09:b4:c4:c6:b8:2a:19:15:3c:06:89:5a:
e3:a2:5c:63:bc:6b:a4:12:f8:74:05:6a:b2:7c:11:5f:be:61:
e7:19:c3:b2:e6:b3:6e:d7:f5:d8:3b:8d:8f:93:94:6c:15:34:
c4:a9:77:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxzCcADlVs+3x9zRnRtVksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2ZkN2ZhZTIwZDFkMzRiNzc5ZGFiNjY5YjhmMGYwN2M5
YzM0ZjgwHhcNMjMwMTAyMDkyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU3MTQwYjI1MjQ1OGNlOGVkYmFjOTQ2Njc4OTM0ODY2NGQ4ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u1YTYNBAh/NK4RrQjRSaspU2mi1
gpIoN8I764IB1M1oo+bYAyEtzKD30YdF7odgaOrNA5ybPYmeQg1G7M2l8081zRKH
f2FncZPhi6Bc1dMWhZKGn3GRHOpJ6bruVytaIa/JsWaN9Ve7KC/QhY6zpku4PYX4
q0u2/5f+O32CLc3GO9fIdjsTuH0SHys/8PupXWoisOlZimbG4OdnqAJkPPkjlxmD
M/H0ASDpjip98tfah/4AM0Au5141w+wKmnY6TLCg53tIuUC5hJhOiknLMfPI40lV
nX5eV9AC+8k72r+yAzz0J7+NjhZ2kHIm+SRs+VoFQqZGAegeU8xnVyscKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKXnFAslJFjOjtuslGZ4k0hmTY5xMB8GA1UdIwQY
MBaAFGfP1/riDR00t3natmm48PB8nDT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEt
MmI2OGFiMmFkMmU5LzEvcGVjVUN5VWtXTTZPMjZ5VVpuaVRTR1pOam5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEtMmI2OGFiMmFkMmU5
LzEvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjiYAwQC
ufKgAwQAw1XPAwQAw1XYMA0GCSqGSIb3DQEBCwUAA4IBAQCmwIJJhfSQ/80zGEZr
g8NDdmCGrZH/wllEFdttTTNl0J/xtzdpBVfhUuAjHQt7y/nAtSrVt7j+eX4JBNOD
OkaL4q1rOClrvgBXtEGKDLNKhT1DSAqjq3zNVAlwOVEftrwxlEATg6Wm6Y8m+0bg
OsSmKXd33NkN3EXA6WdFmMIJ8IQTwB536yqrF84JJ+mXg5gIeq2T16USCXV7XwWR
0FuI+hlcTJ9yApkn0E4cVZPfyg51oVPMPPpcKwYPHJQMglNExt+4F5ewSBJIXVUJ
tMTGuCoZFTwGiVrjolxjvGukEvh0BWqyfBFfvmHnGcOy5rNu1/XYO42Pk5RsFTTE
qXdA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org