Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/4343bf-8e7e-4bc5-8863-61ab65b9264b/1/H74BQql8ZaYf2a1K-LhdgX0B5sA.roa
File: H74BQql8ZaYf2a1K-LhdgX0B5sA.roa (raw, json)
Hash identifier: bqMLjMnRpFzZ/bD/6s/hVMCl1tqv51q9DsEjsYB+nF4=
Subject key identifier: 1F:BE:01:42:A9:7C:65:A6:1F:D9:AD:4A:F8:B8:5D:81:7D:01:E6:C0
Certificate issuer: /CN=24aa605ea9bbac91cc5a7e2522079afb16b7f1f6
Certificate serial: 0757018B
Authority key identifier: 24:AA:60:5E:A9:BB:AC:91:CC:5A:7E:25:22:07:9A:FB:16:B7:F1:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKpgXqm7rJHMWn4lIgea-xa38fY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/4343bf-8e7e-4bc5-8863-61ab65b9264b/1/H74BQql8ZaYf2a1K-LhdgX0B5sA.roa
Signing time: Sat 01 Jan 2022 13:59:10 +0000
ROA not before: Sat 01 Jan 2022 13:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203228
IP address blocks: 185.124.72.0/22 maxlen: 22
185.124.75.0/24 maxlen: 24
2a03:93e0::/32 maxlen: 32
2a03:93e0:1000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123142539 (0x757018b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24aa605ea9bbac91cc5a7e2522079afb16b7f1f6
Validity
Not Before: Jan 1 13:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fbe0142a97c65a61fd9ad4af8b85d817d01e6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f7:95:c3:87:c0:51:04:1b:5d:ba:59:57:b1:
55:8f:db:23:15:fa:be:89:5b:1b:32:ac:88:62:00:
e1:84:c9:a3:88:ad:fd:9e:71:5c:97:b9:b4:13:28:
9b:87:3a:4b:09:5c:1c:ec:98:69:c6:5e:8c:8c:f6:
92:a1:68:a6:50:ef:d4:75:17:0c:eb:2e:c1:4d:cf:
4a:58:6d:03:35:37:20:04:86:7d:81:0b:2b:75:a7:
aa:4c:42:b1:61:4f:7f:46:ee:89:7a:90:34:b8:6c:
97:1b:9e:66:e0:86:03:13:31:9e:53:16:22:7a:7b:
8f:78:48:f1:81:bb:34:cd:d6:05:23:b8:8d:06:f6:
7d:c6:3f:9c:58:59:bf:30:5e:a9:e0:80:b7:13:5f:
9d:92:8e:f8:63:7a:c4:d1:f3:96:c2:37:07:e5:de:
18:4d:06:06:e8:91:07:ef:2d:84:bb:df:3d:05:b2:
3c:4c:c0:a4:9d:12:98:e1:f5:a8:e4:32:cb:1d:f3:
29:a3:e8:f2:95:32:c4:91:a4:8c:31:85:36:15:50:
e4:7e:68:e3:28:54:02:09:ef:2b:b5:d3:bc:b7:f0:
62:79:c1:92:9e:c3:20:0e:9b:0d:48:26:7d:96:d5:
79:9a:87:7f:67:4b:8b:ff:68:3d:8c:cd:2c:e5:b1:
90:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:BE:01:42:A9:7C:65:A6:1F:D9:AD:4A:F8:B8:5D:81:7D:01:E6:C0
X509v3 Authority Key Identifier:
keyid:24:AA:60:5E:A9:BB:AC:91:CC:5A:7E:25:22:07:9A:FB:16:B7:F1:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKpgXqm7rJHMWn4lIgea-xa38fY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4343bf-8e7e-4bc5-8863-61ab65b9264b/1/H74BQql8ZaYf2a1K-LhdgX0B5sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4343bf-8e7e-4bc5-8863-61ab65b9264b/1/JKpgXqm7rJHMWn4lIgea-xa38fY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.72.0/22
IPv6:
2a03:93e0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:2a:3a:ba:53:93:14:9d:ca:9d:78:7f:ef:a4:92:97:6e:8e:
d7:fe:bf:65:8e:90:68:0f:af:cb:5d:17:68:a7:01:97:1c:42:
0d:94:48:69:d6:15:f7:f4:a5:07:ff:91:ab:ed:2b:13:7b:bc:
b3:32:fe:25:11:46:11:2e:7b:fe:e7:12:62:06:bb:ff:df:de:
27:67:21:53:24:15:53:c4:9f:bf:9b:29:f2:de:6f:0a:af:7e:
b8:34:d2:be:66:0d:25:df:9b:59:ba:e7:9c:38:c0:5e:14:8b:
78:8f:fb:2d:af:9e:fe:16:91:ce:fd:46:10:12:90:fc:95:8a:
db:18:c5:f4:bb:43:46:01:9c:7f:c7:34:27:ad:d9:39:2e:26:
d5:a5:a9:4f:ea:1a:55:ea:fd:b8:d9:5e:e7:c8:36:ac:1f:38:
78:f7:39:e6:3b:60:f3:42:e2:70:4b:0e:f7:73:85:26:f5:9c:
9e:54:6b:e3:e4:cb:63:a6:84:49:11:ba:e6:34:53:ad:a1:d1:
5a:59:c2:f9:de:79:e1:fd:1d:d8:1f:c8:35:bc:7c:68:71:ea:
8b:84:8c:0b:3f:1f:4c:3b:3e:c4:d3:bf:6f:2c:0b:a3:42:10:
55:57:93:38:b3:62:55:fd:8c:03:04:47:b2:7c:e4:eb:e1:57:
5a:51:7a:af
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB1cBizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGFhNjA1ZWE5YmJhYzkxY2M1YTdlMjUyMjA3OWFmYjE2YjdmMWY2MB4XDTIyMDEw
MTEzNTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZiZTAxNDJhOTdj
NjVhNjFmZDlhZDRhZjhiODVkODE3ZDAxZTZjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/3lcOHwFEEG126WVexVY/bIxX6volbGzKsiGIA4YTJo4it
/Z5xXJe5tBMom4c6SwlcHOyYacZejIz2kqFoplDv1HUXDOsuwU3PSlhtAzU3IASG
fYELK3WnqkxCsWFPf0buiXqQNLhslxueZuCGAxMxnlMWInp7j3hI8YG7NM3WBSO4
jQb2fcY/nFhZvzBeqeCAtxNfnZKO+GN6xNHzlsI3B+XeGE0GBuiRB+8thLvfPQWy
PEzApJ0SmOH1qOQyyx3zKaPo8pUyxJGkjDGFNhVQ5H5o4yhUAgnvK7XTvLfwYnnB
kp7DIA6bDUgmfZbVeZqHf2dLi/9oPYzNLOWxkI8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQfvgFCqXxlph/ZrUr4uF2BfQHmwDAfBgNVHSMEGDAWgBQkqmBeqbuskcxa
fiUiB5r7Frfx9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pLcGdYcW03ckpITVduNGxJZ2VhLXhhMzhmWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvNDM0M2JmLThlN2UtNGJjNS04ODYzLTYxYWI2NWI5MjY0Yi8x
L0g3NEJRcWw4WmFZZjJhMUstTGhkZ1gwQjVzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
NDM0M2JmLThlN2UtNGJjNS04ODYzLTYxYWI2NWI5MjY0Yi8xL0pLcGdYcW03ckpI
TVduNGxJZ2VhLXhhMzhmWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl8SDANBAIAAjAHAwUAKgOT4DAN
BgkqhkiG9w0BAQsFAAOCAQEAfCo6ulOTFJ3KnXh/76SSl26O1/6/ZY6QaA+vy10X
aKcBlxxCDZRIadYV9/SlB/+Rq+0rE3u8szL+JRFGES57/ucSYga7/9/eJ2chUyQV
U8Sfv5sp8t5vCq9+uDTSvmYNJd+bWbrnnDjAXhSLeI/7La+e/haRzv1GEBKQ/JWK
2xjF9LtDRgGcf8c0J63ZOS4m1aWpT+oaVer9uNle58g2rB84ePc55jtg80LicEsO
93OFJvWcnlRr4+TLY6aESRG65jRTraHRWlnC+d554f0d2B/INbx8aHHqi4SMCz8f
TDs+xNO/bywLo0IQVVeTOLNiVf2MAwRHsnzk6+FXWlF6rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:58 2024 by rpki-client on console-fra.rpki-client.org