Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/JA3CU0L5gByLvjMyW4jR99nwkjA.roa
File: JA3CU0L5gByLvjMyW4jR99nwkjA.roa (raw, json)
Hash identifier: hqLco8dALJIT7NabGOzJ3t0le8T+UY6C/x2ei7WfnbA=
Subject key identifier: 24:0D:C2:53:42:F9:80:1C:8B:BE:33:32:5B:88:D1:F7:D9:F0:92:30
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 0184CD21949109A7E7A6BB8F9D43DAB63CF6
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/JA3CU0L5gByLvjMyW4jR99nwkjA.roa
Signing time: Thu 01 Dec 2022 10:00:40 +0000
ROA not before: Thu 01 Dec 2022 10:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 85.209.228.0/22 maxlen: 24
5.181.186.0/23 maxlen: 24
5.181.184.0/23 maxlen: 24
45.95.212.0/23 maxlen: 24
45.95.212.0/22 maxlen: 24
45.95.214.0/23 maxlen: 24
2.59.60.0/22 maxlen: 24
45.8.218.0/23 maxlen: 24
45.8.216.0/23 maxlen: 24
194.31.196.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:21:94:91:09:a7:e7:a6:bb:8f:9d:43:da:b6:3c:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Dec 1 10:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=240dc25342f9801c8bbe33325b88d1f7d9f09230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b3:f3:6c:21:6b:f3:d5:a4:22:d2:76:45:93:
cf:ea:e0:4f:c8:7f:9d:52:49:82:eb:cf:ef:16:40:
ad:0f:f2:f6:bd:b4:af:ff:01:f6:25:cd:2c:e3:49:
1f:5d:ee:5a:8c:f6:e3:c2:0c:3f:d8:08:76:3f:3b:
05:42:a0:4a:37:63:f8:ed:e6:09:93:fc:51:10:8c:
67:cb:60:0f:aa:b4:2a:55:d2:ec:bb:96:c9:76:07:
66:c0:3f:33:22:da:09:b4:e8:b4:42:c0:ff:af:c8:
e3:f9:28:ba:f8:64:02:4b:06:b5:08:a8:da:21:45:
e1:1a:79:ee:db:6a:de:50:c6:04:56:8c:f6:2c:c5:
d0:63:8e:b6:26:3e:be:c3:4d:c4:82:d2:e6:02:26:
0f:dc:b8:84:c0:1c:a3:de:8d:06:78:29:a6:3e:64:
54:f2:d0:d3:43:e7:66:1e:32:44:6b:54:6b:67:75:
db:ff:a2:85:ba:d0:9d:73:54:fb:c4:6e:bd:2a:bc:
a1:46:c3:5c:2e:16:d7:99:c9:63:27:9a:17:8e:67:
91:25:37:0d:f7:b4:34:24:e8:61:9d:8c:bb:53:b1:
ec:bd:8d:2d:f3:d7:2d:38:47:d6:6f:36:f9:a7:4a:
98:f9:07:57:80:01:e9:ea:dc:28:ad:45:8d:09:a7:
46:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0D:C2:53:42:F9:80:1C:8B:BE:33:32:5B:88:D1:F7:D9:F0:92:30
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/JA3CU0L5gByLvjMyW4jR99nwkjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.60.0/22
5.181.184.0/22
45.8.216.0/22
45.95.212.0/22
85.209.228.0/22
194.31.196.0/23
Signature Algorithm: sha256WithRSAEncryption
96:58:ff:06:c7:75:ec:99:57:3c:d8:6f:7f:7f:d6:62:01:ac:
e7:69:0b:82:f0:b3:a6:68:85:46:d8:cf:56:31:f2:3b:6d:21:
59:26:44:63:ed:a4:18:05:94:44:77:59:e9:a6:e2:2d:e3:81:
e3:18:c0:dd:0f:a9:5a:22:4c:1e:4d:85:75:42:ec:86:5f:f6:
22:68:98:06:f4:74:fe:63:dc:85:10:57:c5:db:ee:fa:ac:05:
be:97:55:43:6c:af:19:7f:65:e9:ef:ec:57:2c:a4:5f:bf:45:
51:26:be:d4:76:84:d3:47:28:ae:80:65:72:70:6a:40:fc:53:
3b:92:f2:bc:73:7b:cc:37:b6:24:73:e5:8c:58:4a:ac:e8:d4:
a8:32:2d:cf:52:73:07:87:17:1a:b1:69:d3:29:8a:8b:f2:cb:
8a:ed:50:88:af:e4:6e:2c:73:8c:0e:b0:59:c5:99:db:99:34:
25:b2:6c:09:0c:15:e6:2b:2a:9b:1d:79:1d:a2:0e:39:70:d4:
49:4b:c2:c1:d5:69:2f:a1:e0:ea:c9:d1:88:1d:53:f0:52:e5:
5b:91:3f:93:3f:07:34:2c:4f:df:d1:5d:19:0e:6f:06:9f:4c:
27:46:64:6c:2b:a2:6a:08:f9:d0:61:89:e5:ba:3b:23:6f:10:
61:c8:17:fc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTNIZSRCafnpruPnUPatjz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNDAzOTM5OTAxN2ZhMDkzZGM4ZDUwMzc5OWY2Y2E0MDNm
MGJkMDUwHhcNMjIxMjAxMTAwMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDBkYzI1MzQyZjk4MDFjOGJiZTMzMzI1Yjg4ZDFmN2Q5ZjA5MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7PzbCFr89WkItJ2RZPP6uBPyH+d
UkmC68/vFkCtD/L2vbSv/wH2Jc0s40kfXe5ajPbjwgw/2Ah2PzsFQqBKN2P47eYJ
k/xREIxny2APqrQqVdLsu5bJdgdmwD8zItoJtOi0QsD/r8jj+Si6+GQCSwa1CKja
IUXhGnnu22reUMYEVoz2LMXQY462Jj6+w03EgtLmAiYP3LiEwByj3o0GeCmmPmRU
8tDTQ+dmHjJEa1RrZ3Xb/6KFutCdc1T7xG69KryhRsNcLhbXmcljJ5oXjmeRJTcN
97Q0JOhhnYy7U7HsvY0t89ctOEfWbzb5p0qY+QdXgAHp6tworUWNCadGLwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCQNwlNC+YAci74zMluI0ffZ8JIwMB8GA1UdIwQY
MBaAFGJAOTmQF/oJPcjVA3mfbKQD8L0FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYt
MzI1OTQ5NmU3YzVmLzEvSkEzQ1UwTDVnQnlMdmpNeVc0alI5OW53a2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lYjIzOWEtMzNjOC00ZGJkLWJjOTYtMzI1OTQ5NmU3YzVm
LzEvWWtBNU9aQVgtZ2s5eU5VRGVaOXNwQVB3dlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjs8AwQC
BbW4AwQCLQjYAwQCLV/UAwQCVdHkAwQBwh/EMA0GCSqGSIb3DQEBCwUAA4IBAQCW
WP8Gx3XsmVc82G9/f9ZiAaznaQuC8LOmaIVG2M9WMfI7bSFZJkRj7aQYBZREd1np
puIt44HjGMDdD6laIkweTYV1QuyGX/YiaJgG9HT+Y9yFEFfF2+76rAW+l1VDbK8Z
f2Xp7+xXLKRfv0VRJr7UdoTTRyiugGVycGpA/FM7kvK8c3vMN7Ykc+WMWEqs6NSo
Mi3PUnMHhxcasWnTKYqL8suK7VCIr+RuLHOMDrBZxZnbmTQlsmwJDBXmKyqbHXkd
og45cNRJS8LB1WkvoeDqydGIHVPwUuVbkT+TPwc0LE/f0V0ZDm8Gn0wnRmRsK6Jq
CPnQYYnlujsjbxBhyBf8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:32 2025 by rpki-client