Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/_bf5jD7GcgQhvd_A4netESlWkOQ.roa
File: _bf5jD7GcgQhvd_A4netESlWkOQ.roa (raw, json)
Hash identifier: iDBP9ybAxzutcs6tAjsxTSqJ1eG9bvFGObIyHNccOf0=
Subject key identifier: FD:B7:F9:8C:3E:C6:72:04:21:BD:DF:C0:E2:77:AD:11:29:56:90:E4
Certificate issuer: /CN=2914e77de53b835c0e2150c6153b23f555ff6e64
Certificate serial: 0183CD415CEED42E8DB955A9EF2D2BA931ED
Authority key identifier: 29:14:E7:7D:E5:3B:83:5C:0E:21:50:C6:15:3B:23:F5:55:FF:6E:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRTnfeU7g1wOIVDGFTsj9VX_bmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/_bf5jD7GcgQhvd_A4netESlWkOQ.roa
Signing time: Wed 12 Oct 2022 17:32:36 +0000
ROA not before: Wed 12 Oct 2022 17:32:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400302
IP address blocks: 185.37.219.0/24 maxlen: 24
2a04:7341:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cd:41:5c:ee:d4:2e:8d:b9:55:a9:ef:2d:2b:a9:31:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2914e77de53b835c0e2150c6153b23f555ff6e64
Validity
Not Before: Oct 12 17:32:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdb7f98c3ec6720421bddfc0e277ad11295690e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d4:c6:a7:10:15:d8:d3:1c:f9:25:de:46:cd:
d9:35:f0:8b:fb:04:37:92:1e:ba:79:51:91:5c:46:
dd:2b:a6:c7:34:30:17:01:5a:24:6d:b9:f4:cd:40:
6c:8a:9e:01:5c:fc:fe:9a:69:37:c4:98:d2:fc:8d:
8b:f7:36:ca:63:bf:e5:2d:2c:aa:52:6e:87:4f:35:
d3:f2:20:1c:6c:fa:34:5a:0c:84:dc:8d:4f:57:4d:
e5:a9:d7:ed:fb:79:52:b7:17:f5:0e:a8:97:89:fc:
f9:0c:ae:9a:08:ef:a9:91:11:a9:30:bd:f5:d2:dc:
01:17:a9:b7:ce:ab:f3:4d:fb:da:08:0f:4e:63:57:
84:b2:41:9b:33:db:4b:b5:46:ea:d0:77:02:0a:ab:
42:52:54:79:2b:cf:92:2f:b7:8d:82:70:e2:05:07:
f5:05:68:fd:9c:53:ea:b3:84:25:35:92:f3:d8:30:
a5:7a:68:73:d6:72:fe:86:a1:ef:54:bd:82:54:05:
d0:1b:89:b2:ca:7c:e1:40:49:24:d1:fc:1b:e2:48:
91:b2:2c:48:ea:e9:15:21:a7:6d:df:c3:7d:3a:f6:
d2:54:3e:b4:79:d3:cf:5a:2a:2b:00:32:e5:fd:88:
2b:8e:98:d6:6c:e9:d3:a9:7f:2e:41:68:8a:cf:89:
16:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B7:F9:8C:3E:C6:72:04:21:BD:DF:C0:E2:77:AD:11:29:56:90:E4
X509v3 Authority Key Identifier:
keyid:29:14:E7:7D:E5:3B:83:5C:0E:21:50:C6:15:3B:23:F5:55:FF:6E:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRTnfeU7g1wOIVDGFTsj9VX_bmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/_bf5jD7GcgQhvd_A4netESlWkOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/KRTnfeU7g1wOIVDGFTsj9VX_bmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.219.0/24
IPv6:
2a04:7341:1::/48
Signature Algorithm: sha256WithRSAEncryption
5f:46:17:69:26:21:d8:28:53:f6:e3:8b:89:48:1b:1b:3e:c0:
26:60:de:cc:c0:90:3b:5c:a0:d2:32:f2:c1:0c:c7:02:7b:19:
c1:24:1a:47:31:75:c3:5c:28:fb:1d:41:58:ba:39:42:b5:64:
05:17:48:89:07:8b:db:0b:db:2c:23:91:82:bf:d6:67:ff:9d:
db:83:1b:28:02:ad:22:d3:13:e2:7c:c8:f1:80:1d:8f:96:1f:
ea:9f:53:7c:6b:8c:ed:ae:29:fa:3d:dd:7e:ae:e7:a7:60:fb:
4a:a8:39:13:c5:8c:34:0b:02:57:70:5b:96:f4:3c:8e:46:37:
a1:4b:68:a5:3b:33:7e:5e:6e:4e:d5:da:15:e8:a1:b7:17:9e:
25:6b:a1:2b:59:2b:70:06:a7:6f:47:be:64:cc:09:b8:58:88:
08:65:b4:ec:14:8f:b3:f2:23:0c:c5:ee:42:7e:e2:2a:84:6c:
0f:29:05:26:89:cd:94:2c:6a:ce:44:98:3f:26:e9:c6:1a:11:
5f:f9:24:14:cb:8b:75:0b:a6:a1:e6:e3:79:28:cd:66:ab:e9:
4e:30:07:9d:19:0d:66:90:98:fd:a9:93:44:e8:8a:8a:6a:c1:
a3:b4:9e:5a:52:f3:3f:21:75:c1:f1:55:00:d7:88:1f:1c:ae:
ff:47:95:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPNQVzu1C6NuVWp7y0rqTHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTRlNzdkZTUzYjgzNWMwZTIxNTBjNjE1M2IyM2Y1NTVm
ZjZlNjQwHhcNMjIxMDEyMTczMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGI3Zjk4YzNlYzY3MjA0MjFiZGRmYzBlMjc3YWQxMTI5NTY5MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldTGpxAV2NMc+SXeRs3ZNfCL+wQ3
kh66eVGRXEbdK6bHNDAXAVokbbn0zUBsip4BXPz+mmk3xJjS/I2L9zbKY7/lLSyq
Um6HTzXT8iAcbPo0WgyE3I1PV03lqdft+3lStxf1DqiXifz5DK6aCO+pkRGpML31
0twBF6m3zqvzTfvaCA9OY1eEskGbM9tLtUbq0HcCCqtCUlR5K8+SL7eNgnDiBQf1
BWj9nFPqs4QlNZLz2DClemhz1nL+hqHvVL2CVAXQG4myynzhQEkk0fwb4kiRsixI
6ukVIadt38N9OvbSVD60edPPWiorADLl/YgrjpjWbOnTqX8uQWiKz4kW9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP23+Yw+xnIEIb3fwOJ3rREpVpDkMB8GA1UdIwQY
MBaAFCkU533lO4NcDiFQxhU7I/VV/25kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JUbmZlVTdnMXdPSVZER0ZUc2o5VlhfYm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85NDczM2QtMWJiNS00N2ZmLWI0MDUt
OGE4MTFhODZkMmU4LzEvX2JmNWpEN0djZ1FodmRfQTRuZXRFU2xXa09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85NDczM2QtMWJiNS00N2ZmLWI0MDUtOGE4MTFhODZkMmU4
LzEvS1JUbmZlVTdnMXdPSVZER0ZUc2o5VlhfYm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuSXbMA8E
AgACMAkDBwAqBHNBAAEwDQYJKoZIhvcNAQELBQADggEBAF9GF2kmIdgoU/bji4lI
Gxs+wCZg3szAkDtcoNIy8sEMxwJ7GcEkGkcxdcNcKPsdQVi6OUK1ZAUXSIkHi9sL
2ywjkYK/1mf/nduDGygCrSLTE+J8yPGAHY+WH+qfU3xrjO2uKfo93X6u56dg+0qo
ORPFjDQLAldwW5b0PI5GN6FLaKU7M35ebk7V2hXoobcXniVroStZK3AGp29HvmTM
CbhYiAhltOwUj7PyIwzF7kJ+4iqEbA8pBSaJzZQsas5EmD8m6cYaEV/5JBTLi3UL
pqHm43kozWar6U4wB50ZDWaQmP2pk0ToiopqwaO0nlpS8z8hdcHxVQDXiB8crv9H
lZ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org