Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/rClb-Eu5onsqkKz3UlQxkCrWyoE.roa
File: rClb-Eu5onsqkKz3UlQxkCrWyoE.roa (raw, json)
Hash identifier: GWq+Xl0/WKKnVSlGWmZzb5zCGVQfRPcWRz9+XrAIc/M=
Subject key identifier: AC:29:5B:F8:4B:B9:A2:7B:2A:90:AC:F7:52:54:31:90:2A:D6:CA:81
Certificate issuer: /CN=2914e77de53b835c0e2150c6153b23f555ff6e64
Certificate serial: 01856F5DE13B6076B7B3C8E6D876210D6111
Authority key identifier: 29:14:E7:7D:E5:3B:83:5C:0E:21:50:C6:15:3B:23:F5:55:FF:6E:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRTnfeU7g1wOIVDGFTsj9VX_bmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/rClb-Eu5onsqkKz3UlQxkCrWyoE.roa
Signing time: Sun 01 Jan 2023 22:05:01 +0000
ROA not before: Sun 01 Jan 2023 22:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400302
IP address blocks: 185.37.219.0/24 maxlen: 24
2a04:7341:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e1:3b:60:76:b7:b3:c8:e6:d8:76:21:0d:61:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2914e77de53b835c0e2150c6153b23f555ff6e64
Validity
Not Before: Jan 1 22:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac295bf84bb9a27b2a90acf7525431902ad6ca81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8f:94:60:b9:50:8a:7b:3e:f0:14:5e:e2:ee:
dc:93:e3:e2:2a:82:5b:31:05:c0:8e:f9:a5:b8:fb:
db:ee:7d:21:05:0e:17:0f:f9:68:98:ab:7b:5a:11:
1e:00:58:fb:f7:c2:06:b1:11:64:80:7d:36:cb:20:
19:11:40:09:fd:38:1c:71:de:0d:1b:5c:14:44:1e:
51:61:11:b2:ee:32:b9:b5:75:eb:9f:19:b4:c2:61:
d6:82:fa:0c:6f:96:47:82:a4:b9:1a:36:90:4a:12:
88:7d:b0:d1:99:10:bf:2f:c2:3a:da:ed:79:45:d8:
17:dc:10:d9:54:aa:8f:a6:fa:a1:30:ab:70:b4:55:
34:c9:b9:30:d3:14:5b:15:19:13:98:18:4a:96:63:
da:db:73:0c:45:f3:33:97:13:1e:d7:a1:97:0e:8b:
cd:3b:30:27:e6:50:10:83:d7:a6:33:8d:1a:5a:38:
62:aa:c5:96:bf:6a:33:6c:fd:7c:4c:83:35:21:13:
86:f1:23:ad:cb:1f:fa:80:8d:de:38:3e:5d:74:07:
15:0c:55:9b:5a:77:32:f2:17:f8:91:a8:2a:46:b4:
ff:6f:92:97:fa:1d:09:18:f7:51:57:16:e6:08:4a:
36:8c:bd:9d:8c:8c:21:1e:07:36:fa:d0:41:65:24:
dd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:29:5B:F8:4B:B9:A2:7B:2A:90:AC:F7:52:54:31:90:2A:D6:CA:81
X509v3 Authority Key Identifier:
keyid:29:14:E7:7D:E5:3B:83:5C:0E:21:50:C6:15:3B:23:F5:55:FF:6E:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRTnfeU7g1wOIVDGFTsj9VX_bmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/rClb-Eu5onsqkKz3UlQxkCrWyoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/94733d-1bb5-47ff-b405-8a811a86d2e8/1/KRTnfeU7g1wOIVDGFTsj9VX_bmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.219.0/24
IPv6:
2a04:7341:1::/48
Signature Algorithm: sha256WithRSAEncryption
a3:de:d2:23:52:79:55:22:ef:95:a7:d6:ff:16:77:56:67:72:
89:26:4c:09:ba:1f:61:70:20:38:51:5b:da:44:53:82:45:76:
44:a1:ea:7a:ae:3a:5c:0e:f6:c9:10:5d:e4:c4:4c:0c:50:fc:
fd:ee:20:27:96:a2:89:97:2a:a8:50:74:eb:b0:9c:05:e8:da:
ff:e2:f6:b5:97:f2:2a:a4:a5:04:b0:80:86:c6:a2:6d:ce:2d:
1f:74:56:04:9d:30:a1:8c:cf:91:e0:dd:e9:d3:d0:c1:41:a9:
33:81:5d:22:71:51:15:aa:c3:ad:94:3d:b5:95:37:a0:22:bd:
89:6f:f4:74:26:04:23:b0:a7:31:26:a1:83:96:d3:fa:e6:cf:
9e:43:03:7e:17:98:66:1b:3e:ec:3c:25:f9:65:2a:eb:95:11:
70:a0:8c:2e:db:df:8a:95:2e:a0:fc:02:00:4a:5d:78:79:1c:
7a:fd:6a:90:ba:40:87:8f:a1:ae:0d:f4:f6:ab:06:27:be:31:
29:8a:4d:3b:e1:c4:80:89:e5:dd:8a:4e:63:f2:0d:77:fe:42:
92:0e:81:61:68:7d:c3:3f:f0:df:eb:ce:86:9b:5c:75:3c:63:
56:28:5f:8e:b0:23:fd:46:d1:b9:29:2c:71:c7:d2:8f:b1:f8:
66:6c:0e:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvXeE7YHa3s8jm2HYhDWERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTRlNzdkZTUzYjgzNWMwZTIxNTBjNjE1M2IyM2Y1NTVm
ZjZlNjQwHhcNMjMwMTAxMjIwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzI5NWJmODRiYjlhMjdiMmE5MGFjZjc1MjU0MzE5MDJhZDZjYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY+UYLlQins+8BRe4u7ck+PiKoJb
MQXAjvmluPvb7n0hBQ4XD/lomKt7WhEeAFj798IGsRFkgH02yyAZEUAJ/Tgccd4N
G1wURB5RYRGy7jK5tXXrnxm0wmHWgvoMb5ZHgqS5GjaQShKIfbDRmRC/L8I62u15
RdgX3BDZVKqPpvqhMKtwtFU0ybkw0xRbFRkTmBhKlmPa23MMRfMzlxMe16GXDovN
OzAn5lAQg9emM40aWjhiqsWWv2ozbP18TIM1IROG8SOtyx/6gI3eOD5ddAcVDFWb
Wncy8hf4kagqRrT/b5KX+h0JGPdRVxbmCEo2jL2djIwhHgc2+tBBZSTd8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKwpW/hLuaJ7KpCs91JUMZAq1sqBMB8GA1UdIwQY
MBaAFCkU533lO4NcDiFQxhU7I/VV/25kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JUbmZlVTdnMXdPSVZER0ZUc2o5VlhfYm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85NDczM2QtMWJiNS00N2ZmLWI0MDUt
OGE4MTFhODZkMmU4LzEvckNsYi1FdTVvbnNxa0t6M1VsUXhrQ3JXeW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85NDczM2QtMWJiNS00N2ZmLWI0MDUtOGE4MTFhODZkMmU4
LzEvS1JUbmZlVTdnMXdPSVZER0ZUc2o5VlhfYm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuSXbMA8E
AgACMAkDBwAqBHNBAAEwDQYJKoZIhvcNAQELBQADggEBAKPe0iNSeVUi75Wn1v8W
d1ZncokmTAm6H2FwIDhRW9pEU4JFdkSh6nquOlwO9skQXeTETAxQ/P3uICeWoomX
KqhQdOuwnAXo2v/i9rWX8iqkpQSwgIbGom3OLR90VgSdMKGMz5Hg3enT0MFBqTOB
XSJxURWqw62UPbWVN6AivYlv9HQmBCOwpzEmoYOW0/rmz55DA34XmGYbPuw8Jfll
KuuVEXCgjC7b34qVLqD8AgBKXXh5HHr9apC6QIePoa4N9ParBie+MSmKTTvhxICJ
5d2KTmPyDXf+QpIOgWFofcM/8N/rzoabXHU8Y1YoX46wI/1G0bkpLHHH0o+x+GZs
DlA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org