Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/CBtjDXhdpnuWh5btQIYmDcOQiLo.roa
File: CBtjDXhdpnuWh5btQIYmDcOQiLo.roa (raw, json)
Hash identifier: QWsy/pjDLVMfjaszFWYjhZoQZkEj6pT+QNZz/FTSWZQ=
Subject key identifier: 08:1B:63:0D:78:5D:A6:7B:96:87:96:ED:40:86:26:0D:C3:90:88:BA
Certificate issuer: /CN=537b37656cd14d488a70512921875717a0d910b6
Certificate serial: 068E4A23
Authority key identifier: 53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/CBtjDXhdpnuWh5btQIYmDcOQiLo.roa
Signing time: Sun 06 Mar 2022 06:59:07 +0000
ROA not before: Sun 06 Mar 2022 06:59:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12345
IP address blocks: 194.156.112.0/22 maxlen: 24
91.240.163.0/24 maxlen: 24
91.240.89.0/24 maxlen: 24
178.239.22.0/23 maxlen: 23
178.239.21.0/24 maxlen: 24
95.214.84.0/22 maxlen: 22
88.218.144.0/22 maxlen: 24
91.240.128.0/24 maxlen: 24
195.158.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109988387 (0x68e4a23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537b37656cd14d488a70512921875717a0d910b6
Validity
Not Before: Mar 6 06:59:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=081b630d785da67b968796ed4086260dc39088ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ce:1b:92:82:bd:61:7e:d6:8e:27:92:5c:46:
6e:6c:bb:e7:98:d5:70:19:a2:3d:ed:d6:01:b3:f1:
81:3a:01:a3:71:c0:23:57:a1:a2:54:bb:cd:90:d8:
76:46:25:ca:60:05:34:e4:7c:2e:25:5a:a8:da:46:
22:0b:80:fa:8c:f7:31:52:50:fa:60:fd:ba:66:28:
9e:5b:dd:88:25:3f:41:25:56:73:34:3d:e3:30:3c:
22:60:c7:9c:de:d9:c1:43:74:bb:e6:82:43:bc:0d:
ee:f3:91:15:2d:2e:bd:2b:50:86:04:b8:2b:2a:0a:
81:2b:f3:5a:91:83:84:18:b1:24:61:20:22:2b:d4:
61:29:9a:09:c6:82:73:e5:81:6c:43:02:64:8e:94:
a3:29:a5:fb:c2:32:e6:17:66:d5:59:88:e7:bd:cb:
b0:a0:91:7a:85:d2:78:5c:2d:de:22:63:ec:e9:94:
fc:4c:a9:53:11:75:92:df:8b:49:29:96:0a:3f:29:
ae:86:f2:07:02:c9:c5:c6:d1:06:c7:85:63:e4:70:
c9:2f:fa:50:5f:84:14:a5:36:cc:cb:6c:f8:78:cd:
b1:6f:33:91:a5:66:0e:3f:58:94:38:67:72:ec:f9:
17:70:a1:83:5f:f7:b1:45:03:58:9e:5a:c1:5e:7d:
bc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1B:63:0D:78:5D:A6:7B:96:87:96:ED:40:86:26:0D:C3:90:88:BA
X509v3 Authority Key Identifier:
keyid:53:7B:37:65:6C:D1:4D:48:8A:70:51:29:21:87:57:17:A0:D9:10:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3s3ZWzRTUiKcFEpIYdXF6DZELY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/CBtjDXhdpnuWh5btQIYmDcOQiLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/2727b5-4c93-49e7-b7ee-f9895bb85fb1/1/U3s3ZWzRTUiKcFEpIYdXF6DZELY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.144.0/22
91.240.89.0/24
91.240.128.0/24
91.240.163.0/24
95.214.84.0/22
178.239.21.0-178.239.23.255
194.156.112.0/22
195.158.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:c3:8e:22:54:d9:77:2b:23:6b:8a:37:5f:16:79:27:6e:6c:
a1:ed:29:5e:03:3f:bc:3e:ab:87:23:c3:d5:6d:09:d6:b3:db:
de:72:83:3d:b6:e2:11:6f:2b:90:e3:f2:30:c8:69:a0:89:d7:
c1:00:17:90:03:63:e4:40:a1:f6:a5:3c:a9:6a:e4:7a:65:2d:
a3:b3:8b:1a:4f:9f:86:65:1c:03:93:0d:a0:15:b3:a7:f3:d8:
b1:6f:9b:64:b4:98:5b:65:80:61:97:8d:b4:8d:b5:60:4c:aa:
2c:9f:2a:7c:8a:08:7b:d4:e8:04:b0:3e:1b:45:43:6b:f8:38:
e6:68:69:62:c3:ba:ab:90:e2:52:fe:6b:bb:15:ec:0c:1a:68:
dd:b9:4b:8d:ec:68:b1:47:13:8d:91:5b:b5:d4:96:ea:c2:1b:
bc:ee:91:d2:37:97:73:81:db:35:9b:9f:ba:8a:a1:fd:68:4a:
69:63:bd:d6:e5:57:43:9c:5f:f4:05:95:41:6d:02:2b:a8:f1:
c3:c1:3b:09:b9:4f:a7:91:a7:6e:ec:0d:1a:93:87:73:58:df:
17:a4:af:01:48:70:d6:63:5e:2d:af:f1:2b:87:ae:c8:72:de:
92:73:b9:d7:5d:8b:f8:ed:c2:f3:e6:7f:75:6e:cd:bf:fc:5d:
85:b6:62:db
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEBo5KIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MzdiMzc2NTZjZDE0ZDQ4OGE3MDUxMjkyMTg3NTcxN2EwZDkxMGI2MB4XDTIyMDMw
NjA2NTkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgxYjYzMGQ3ODVk
YTY3Yjk2ODc5NmVkNDA4NjI2MGRjMzkwODhiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPLOG5KCvWF+1o4nklxGbmy755jVcBmiPe3WAbPxgToBo3HA
I1eholS7zZDYdkYlymAFNOR8LiVaqNpGIguA+oz3MVJQ+mD9umYonlvdiCU/QSVW
czQ94zA8ImDHnN7ZwUN0u+aCQ7wN7vORFS0uvStQhgS4KyoKgSvzWpGDhBixJGEg
IivUYSmaCcaCc+WBbEMCZI6Uoyml+8Iy5hdm1VmI573LsKCReoXSeFwt3iJj7OmU
/EypUxF1kt+LSSmWCj8probyBwLJxcbRBseFY+RwyS/6UF+EFKU2zMts+HjNsW8z
kaVmDj9YlDhncuz5F3Chg1/3sUUDWJ5awV59vJ8CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQIG2MNeF2me5aHlu1AhiYNw5CIujAfBgNVHSMEGDAWgBRTezdlbNFNSIpw
USkhh1cXoNkQtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1UzczNaV3pSVFVpS2NGRXBJWWRYRjZEWkVMWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvMjcyN2I1LTRjOTMtNDllNy1iN2VlLWY5ODk1YmI4NWZiMS8x
L0NCdGpEWGhkcG51V2g1YnRRSVltRGNPUWlMby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
MjcyN2I1LTRjOTMtNDllNy1iN2VlLWY5ODk1YmI4NWZiMS8xL1UzczNaV3pSVFVp
S2NGRXBJWWRYRjZEWkVMWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAljakAMEAFvwWQMEAFvwgAMEAFvw
owMEAl/WVDAMAwQAsu8VAwQDsu8QAwQCwpxwAwQCw57QMA0GCSqGSIb3DQEBCwUA
A4IBAQC3w44iVNl3KyNrijdfFnknbmyh7SleAz+8PquHI8PVbQnWs9vecoM9tuIR
byuQ4/IwyGmgidfBABeQA2PkQKH2pTypauR6ZS2js4saT5+GZRwDkw2gFbOn89ix
b5tktJhbZYBhl420jbVgTKosnyp8igh71OgEsD4bRUNr+DjmaGliw7qrkOJS/mu7
FewMGmjduUuN7GixRxONkVu11Jbqwhu87pHSN5dzgds1m5+6iqH9aEppY73W5VdD
nF/0BZVBbQIrqPHDwTsJuU+nkadu7A0ak4dzWN8XpK8BSHDWY14tr/Erh67Ict6S
c7nXXYv47cLz5n91bs2//F2FtmLb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:44 2024 by rpki-client on console-fra.rpki-client.org