Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/nX-vVkbA7hyS0v0ADjNp_f9lfPo.roa
File: nX-vVkbA7hyS0v0ADjNp_f9lfPo.roa (raw, json)
Hash identifier: NOpmO8lwn3BPqCzxv/Jcd6A/PIgYYbTJpmoXquj9yCg=
Subject key identifier: 9D:7F:AF:56:46:C0:EE:1C:92:D2:FD:00:0E:33:69:FD:FF:65:7C:FA
Certificate issuer: /CN=624039399017fa093dc8d503799f6ca403f0bd05
Certificate serial: 0577D21E
Authority key identifier: 62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/nX-vVkbA7hyS0v0ADjNp_f9lfPo.roa
Signing time: Thu 02 Jun 2022 17:23:21 +0000
ROA not before: Thu 02 Jun 2022 17:23:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 85.209.228.0/22 maxlen: 24
2.59.60.0/22 maxlen: 24
194.31.194.0/23 maxlen: 24
194.31.196.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91738654 (0x577d21e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624039399017fa093dc8d503799f6ca403f0bd05
Validity
Not Before: Jun 2 17:23:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d7faf5646c0ee1c92d2fd000e3369fdff657cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:75:b4:a4:12:01:fe:84:36:61:c7:8c:3d:25:
ac:f6:48:19:68:e7:8c:dd:43:cb:46:7e:80:66:d0:
6a:48:b9:6b:16:60:81:95:31:67:fe:c1:e3:ff:6b:
f8:4b:d2:33:8b:c1:72:00:45:08:09:7b:c5:74:c7:
46:bd:bf:ec:04:85:26:aa:d0:e3:2e:2c:9b:6e:4d:
a3:74:98:53:1e:32:e8:e0:1a:31:c1:5d:aa:19:f1:
87:74:0b:e7:1b:d8:f8:dc:70:b7:6f:f5:09:67:f6:
97:aa:fe:99:0f:c1:05:36:0f:dc:0a:83:8d:24:87:
65:cf:4f:85:a6:6c:8f:08:a5:f5:67:50:7b:d4:51:
b1:b8:3d:42:23:2c:19:bb:79:3d:52:5e:97:19:fb:
68:2d:ae:7b:fb:46:fa:f8:2d:f1:81:d2:16:e3:d2:
c3:68:b9:3a:c6:c0:08:f5:40:76:26:88:84:be:33:
b1:c5:8f:39:d8:e8:9e:cd:d1:7b:51:a6:66:9c:3b:
9e:75:e6:38:3f:de:bd:03:9e:c5:1f:7b:e0:a1:de:
97:df:69:24:3d:2e:9f:a5:55:63:50:14:01:8a:7e:
57:ea:da:44:6b:44:26:13:f2:ea:d3:af:fa:3f:20:
1b:38:c5:d4:a3:ee:2f:84:46:b5:32:32:74:54:59:
3a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7F:AF:56:46:C0:EE:1C:92:D2:FD:00:0E:33:69:FD:FF:65:7C:FA
X509v3 Authority Key Identifier:
keyid:62:40:39:39:90:17:FA:09:3D:C8:D5:03:79:9F:6C:A4:03:F0:BD:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkA5OZAX-gk9yNUDeZ9spAPwvQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/nX-vVkbA7hyS0v0ADjNp_f9lfPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/eb239a-33c8-4dbd-bc96-3259496e7c5f/1/YkA5OZAX-gk9yNUDeZ9spAPwvQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.60.0/22
85.209.228.0/22
194.31.194.0-194.31.197.255
Signature Algorithm: sha256WithRSAEncryption
4a:46:11:99:3c:1f:62:f5:ca:d6:5e:47:7c:74:a2:be:d3:19:
2f:ba:73:fd:80:d6:e0:b9:67:73:93:ef:da:43:02:f5:ef:d2:
ad:6e:b0:41:9a:74:44:dc:5a:db:be:88:3a:c7:cf:8b:bd:c6:
36:3e:71:cb:84:9b:16:ef:24:e1:f0:d8:b3:b0:19:c7:50:dc:
7d:b3:d1:95:72:f0:bf:cf:b4:85:9f:1e:a6:26:d4:c6:54:7d:
b1:02:ab:5c:60:fa:0b:97:ae:d1:6e:eb:b4:d7:85:57:2a:4d:
20:e9:0a:10:02:f8:a6:ee:ba:fc:87:a5:a1:42:6c:eb:4c:94:
df:32:fa:4e:fe:54:01:42:b4:58:45:b0:6a:5b:db:c2:3a:b8:
05:e8:0e:65:8c:13:ce:3b:44:00:7b:e6:79:57:dc:c8:03:3e:
63:70:c3:32:91:56:3a:e0:c6:ce:8d:47:c3:ce:96:1f:11:fa:
b5:32:07:50:c3:ec:60:bb:c5:45:96:66:1a:9b:24:09:84:46:
a2:3d:c3:67:96:2c:bc:b6:ef:f3:6a:85:3d:94:63:94:8e:17:
1b:ba:be:9e:e1:3d:3b:bd:f1:3e:40:c8:4b:7c:eb:42:db:39:
98:29:62:21:81:2c:91:62:8d:2b:bf:95:fd:88:97:61:f2:36:
8a:c6:dc:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBXfSHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjQwMzkzOTkwMTdmYTA5M2RjOGQ1MDM3OTlmNmNhNDAzZjBiZDA1MB4XDTIyMDYw
MjE3MjMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ3ZmFmNTY0NmMw
ZWUxYzkyZDJmZDAwMGUzMzY5ZmRmZjY1N2NmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJh1tKQSAf6ENmHHjD0lrPZIGWjnjN1Dy0Z+gGbQaki5axZg
gZUxZ/7B4/9r+EvSM4vBcgBFCAl7xXTHRr2/7ASFJqrQ4y4sm25No3SYUx4y6OAa
McFdqhnxh3QL5xvY+Nxwt2/1CWf2l6r+mQ/BBTYP3AqDjSSHZc9PhaZsjwil9WdQ
e9RRsbg9QiMsGbt5PVJelxn7aC2ue/tG+vgt8YHSFuPSw2i5OsbACPVAdiaIhL4z
scWPOdjons3Re1GmZpw7nnXmOD/evQOexR974KHel99pJD0un6VVY1AUAYp+V+ra
RGtEJhPy6tOv+j8gGzjF1KPuL4RGtTIydFRZOsECAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSdf69WRsDuHJLS/QAOM2n9/2V8+jAfBgNVHSMEGDAWgBRiQDk5kBf6CT3I
1QN5n2ykA/C9BTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lrQTVPWkFYLWdrOXlOVURlWjlzcEFQd3ZRVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvZWIyMzlhLTMzYzgtNGRiZC1iYzk2LTMyNTk0OTZlN2M1Zi8x
L25YLXZWa2JBN2h5UzB2MEFEak5wX2Y5bGZQby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
ZWIyMzlhLTMzYzgtNGRiZC1iYzk2LTMyNTk0OTZlN2M1Zi8xL1lrQTVPWkFYLWdr
OXlOVURlWjlzcEFQd3ZRVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAgI7PAMEAlXR5DAMAwQBwh/CAwQB
wh/EMA0GCSqGSIb3DQEBCwUAA4IBAQBKRhGZPB9i9crWXkd8dKK+0xkvunP9gNbg
uWdzk+/aQwL179KtbrBBmnRE3Frbvog6x8+LvcY2PnHLhJsW7yTh8NizsBnHUNx9
s9GVcvC/z7SFnx6mJtTGVH2xAqtcYPoLl67Rbuu014VXKk0g6QoQAvim7rr8h6Wh
QmzrTJTfMvpO/lQBQrRYRbBqW9vCOrgF6A5ljBPOO0QAe+Z5V9zIAz5jcMMykVY6
4MbOjUfDzpYfEfq1MgdQw+xgu8VFlmYamyQJhEaiPcNnliy8tu/zaoU9lGOUjhcb
ur6e4T07vfE+QMhLfOtC2zmYKWIhgSyRYo0rv5X9iJdh8jaKxtzl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:42 2024 by rpki-client on console-fra.rpki-client.org