Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/hVhTmBFH3YyT3Tnca25lucK2qQY.roa
File: hVhTmBFH3YyT3Tnca25lucK2qQY.roa (raw, json)
Hash identifier: ViGAwxO0Ypnrarnp7aZcc5npbdR7AnV79ZzR0L6MDHY=
Subject key identifier: 85:58:53:98:11:47:DD:8C:93:DD:39:DC:6B:6E:65:B9:C2:B6:A9:06
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 0584404F
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/hVhTmBFH3YyT3Tnca25lucK2qQY.roa
Signing time: Fri 03 Jun 2022 17:57:20 +0000
ROA not before: Fri 03 Jun 2022 17:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 85.209.228.0/22 maxlen: 24
45.95.212.0/22 maxlen: 24
45.95.212.0/23 maxlen: 24
45.95.214.0/23 maxlen: 24
2.59.60.0/22 maxlen: 24
194.31.196.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92553295 (0x584404f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Jun 3 17:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=855853981147dd8c93dd39dc6b6e65b9c2b6a906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:08:09:2d:1d:43:04:43:4f:27:02:39:14:73:
ee:3f:35:8e:2d:e5:69:a4:7a:57:cf:40:08:14:7f:
c0:40:89:de:4b:fd:d6:da:e9:fa:b2:30:06:2d:4b:
1c:d4:d5:1f:1a:76:e1:f4:5f:2e:1c:20:d8:c0:12:
0f:c9:86:32:6e:2a:59:fa:51:e5:27:19:2f:1e:31:
00:25:f1:cc:a3:74:b1:7e:7e:4b:8f:89:74:fa:d5:
fb:e9:03:ae:a4:a1:8c:32:a8:6c:63:fb:2f:10:b2:
90:c6:d9:ce:d1:ec:7c:43:c4:3b:6c:5a:3e:96:15:
f1:62:71:74:26:48:68:79:f9:56:45:0e:42:c1:7b:
f8:7d:2b:c2:38:4c:f7:6e:66:47:58:e1:6a:7a:e7:
ee:58:d2:1f:2d:74:d7:ca:93:a3:7d:86:2c:12:e2:
f1:ff:27:a8:8b:29:10:58:2e:fe:c6:fc:3a:eb:78:
29:05:5f:d1:27:0d:37:d5:89:b3:20:9c:e4:c6:7a:
2c:3c:ff:18:79:7c:ba:b8:ad:d3:a8:b4:a8:9d:15:
27:89:2f:67:a8:9e:06:6f:17:eb:8f:8b:5f:7b:a7:
c4:1d:8a:90:5e:52:5a:ae:76:62:1f:14:be:ea:09:
2f:96:57:88:49:d7:99:81:c0:df:1b:27:7c:73:fb:
b0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:58:53:98:11:47:DD:8C:93:DD:39:DC:6B:6E:65:B9:C2:B6:A9:06
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/hVhTmBFH3YyT3Tnca25lucK2qQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.60.0/22
45.95.212.0/22
85.209.228.0/22
194.31.196.0/23
Signature Algorithm: sha256WithRSAEncryption
26:98:e8:d6:10:42:50:f3:45:ac:85:07:89:5d:58:b2:b2:77:
02:b1:eb:9a:9a:6a:6e:e4:2c:f8:aa:4e:cb:3b:57:b4:4d:cc:
7f:eb:f5:e4:00:6b:1e:87:fb:fb:98:1a:7b:fe:0e:b3:20:a2:
fa:45:97:63:0c:3d:2d:7f:47:9e:65:a8:04:c6:68:cf:8c:8c:
a1:a7:cc:73:b9:de:df:54:72:c7:d0:a6:47:b4:97:11:e3:f9:
c3:4a:0c:e3:25:06:6b:2d:1c:8b:33:27:08:73:03:61:4e:2b:
f0:54:48:27:60:a4:b8:fa:08:9a:9f:9e:c1:27:95:89:1d:3b:
34:42:45:dc:b1:04:82:bf:38:b5:fc:32:4e:4e:61:04:f3:db:
1f:ec:89:d2:5f:ed:f4:d0:69:a0:32:f4:51:e2:5c:ac:5c:00:
9f:1b:7c:c9:ad:5b:e6:7e:5e:c3:85:0f:e5:0f:f2:fe:22:ac:
89:40:dd:ed:63:dc:27:71:e6:f2:83:a0:c2:f0:87:f3:1b:73:
1c:4a:fa:b0:25:59:53:39:ad:2d:20:fd:bb:6a:06:47:55:91:
b7:83:e3:e7:41:e7:64:fd:3c:79:9a:2f:26:f2:ea:ea:3b:67:
71:c3:76:d6:83:07:5f:65:5b:93:11:93:20:ba:c5:8f:86:ea:
e3:1a:ea:d8
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBYRATzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjQwMzkzOTkwMTdmYTA5M2RjOGQ1MDM3OTlmNmNhNDAzZjBiZDA1MB4XDTIyMDYw
MzE3NTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU1ODUzOTgxMTQ3
ZGQ4YzkzZGQzOWRjNmI2ZTY1YjljMmI2YTkwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIICS0dQwRDTycCORRz7j81ji3laaR6V89ACBR/wECJ3kv9
1trp+rIwBi1LHNTVHxp24fRfLhwg2MASD8mGMm4qWfpR5ScZLx4xACXxzKN0sX5+
S4+JdPrV++kDrqShjDKobGP7LxCykMbZztHsfEPEO2xaPpYV8WJxdCZIaHn5VkUO
QsF7+H0rwjhM925mR1jhanrn7ljSHy1018qTo32GLBLi8f8nqIspEFgu/sb8Out4
KQVf0ScNN9WJsyCc5MZ6LDz/GHl8urit06i0qJ0VJ4kvZ6ieBm8X64+LX3unxB2K
kF5SWq52Yh8UvuoJL5ZXiEnXmYHA3xsnfHP7sOkCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSFWFOYEUfdjJPdOdxrbmW5wrapBjAfBgNVHSMEGDAWgBRiQDk5kBf6CT3I
1QN5n2ykA/C9BTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lrQTVPWkFYLWdrOXlOVURlWjlzcEFQd3ZRVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvZWIyMzlhLTMzYzgtNGRiZC1iYzk2LTMyNTk0OTZlN2M1Zi8x
L2hWaFRtQkZIM1l5VDNUbmNhMjVsdWNLMnFRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
ZWIyMzlhLTMzYzgtNGRiZC1iYzk2LTMyNTk0OTZlN2M1Zi8xL1lrQTVPWkFYLWdr
OXlOVURlWjlzcEFQd3ZRVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgI7PAMEAi1f1AMEAlXR5AMEAcIf
xDANBgkqhkiG9w0BAQsFAAOCAQEAJpjo1hBCUPNFrIUHiV1YsrJ3ArHrmppqbuQs
+KpOyztXtE3Mf+v15ABrHof7+5gae/4OsyCi+kWXYww9LX9HnmWoBMZoz4yMoafM
c7ne31Ryx9CmR7SXEeP5w0oM4yUGay0cizMnCHMDYU4r8FRIJ2CkuPoImp+ewSeV
iR07NEJF3LEEgr84tfwyTk5hBPPbH+yJ0l/t9NBpoDL0UeJcrFwAnxt8ya1b5n5e
w4UP5Q/y/iKsiUDd7WPcJ3Hm8oOgwvCH8xtzHEr6sCVZUzmtLSD9u2oGR1WRt4Pj
50HnZP08eZovJvLq6jtnccN21oMHX2VbkxGTILrFj4bq4xrq2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:42 2024 by rpki-client on console-fra.rpki-client.org