Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/38996f-9363-443a-8479-95b8986e433f/1/KXJHS2pRvydCEfaqsTQQ-SQQ81U.roa
File: KXJHS2pRvydCEfaqsTQQ-SQQ81U.roa (raw, json)
Hash identifier: IKnBOs9+DeBpAuXs82e5ffDZXGtsUH3r8rCdaxWSKBE=
Subject key identifier: 29:72:47:4B:6A:51:BF:27:42:11:F6:AA:B1:34:10:F9:24:10:F3:55
Certificate issuer: /CN=ffbadec4ac7c3f015c40b72da7f2d5e0dbd4d3da
Certificate serial: 02649D99
Authority key identifier: FF:BA:DE:C4:AC:7C:3F:01:5C:40:B7:2D:A7:F2:D5:E0:DB:D4:D3:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7rexKx8PwFcQLctp_LV4NvU09o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/38996f-9363-443a-8479-95b8986e433f/1/KXJHS2pRvydCEfaqsTQQ-SQQ81U.roa
Signing time: Sat 01 Jan 2022 06:56:57 +0000
ROA not before: Sat 01 Jan 2022 06:56:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41175
IP address blocks: 185.114.104.0/22 maxlen: 22
81.201.208.0/20 maxlen: 20
2a00:e900::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40148377 (0x2649d99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffbadec4ac7c3f015c40b72da7f2d5e0dbd4d3da
Validity
Not Before: Jan 1 06:56:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2972474b6a51bf274211f6aab13410f92410f355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:a0:a9:0d:d7:df:26:2a:76:60:bd:44:27:
5d:3d:90:20:ec:75:b8:6c:59:ce:bb:e3:01:0b:23:
18:2b:fb:d5:62:59:bf:7c:47:18:10:8f:8e:ab:84:
e3:a3:1f:19:b3:bf:16:4e:21:15:75:2a:58:01:b4:
da:62:9d:5c:07:4a:75:71:6a:57:8d:a6:0b:ad:d2:
d5:f4:48:8d:e7:53:fa:73:15:ed:3e:ff:34:0c:be:
76:6f:bc:4a:b7:23:57:bd:80:01:64:3f:14:8d:b6:
49:74:b7:d0:5e:87:70:87:99:b5:94:6e:07:46:c3:
18:18:64:fc:6b:2a:f4:04:ef:ae:31:14:6b:26:26:
5c:ff:8e:83:d8:3e:da:00:04:0d:90:5c:b6:30:50:
7e:74:8e:f4:0e:b0:f8:d7:1c:96:07:06:70:57:5e:
34:1f:45:a6:de:36:45:83:4e:a6:36:70:a9:ed:fd:
38:b4:7d:15:b7:f4:56:c6:17:b1:50:22:63:4e:cc:
1a:d2:2a:8f:ff:dd:a3:ce:32:30:7d:24:04:d5:1e:
c0:3b:78:ba:e1:08:99:fb:d3:2c:bd:b8:3e:71:e8:
8c:fa:a4:55:30:f3:f1:e9:8f:b8:75:67:a3:29:fa:
2b:a1:bc:79:6a:7a:78:19:ea:6d:b2:98:5c:2c:0d:
a3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:72:47:4B:6A:51:BF:27:42:11:F6:AA:B1:34:10:F9:24:10:F3:55
X509v3 Authority Key Identifier:
keyid:FF:BA:DE:C4:AC:7C:3F:01:5C:40:B7:2D:A7:F2:D5:E0:DB:D4:D3:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7rexKx8PwFcQLctp_LV4NvU09o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/38996f-9363-443a-8479-95b8986e433f/1/KXJHS2pRvydCEfaqsTQQ-SQQ81U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/38996f-9363-443a-8479-95b8986e433f/1/_7rexKx8PwFcQLctp_LV4NvU09o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.201.208.0/20
185.114.104.0/22
IPv6:
2a00:e900::/29
Signature Algorithm: sha256WithRSAEncryption
93:f8:b2:bd:ee:88:40:7a:4a:23:90:0d:16:49:20:34:e2:49:
51:32:76:ed:b0:39:97:a2:7b:38:46:4f:18:98:51:51:0d:30:
aa:06:34:be:ed:bd:2c:a7:9c:bd:b5:89:44:02:42:06:4b:c9:
17:31:93:a8:ba:6d:c0:ae:86:84:31:77:bb:bf:db:94:8a:4f:
1d:73:97:c5:28:ba:35:2b:c9:f6:23:a4:be:65:ef:e4:99:4c:
f1:5c:80:0c:53:f1:ce:af:61:2e:e2:c7:2a:6c:09:35:5a:32:
63:99:0a:7e:53:7f:24:7f:75:ff:cf:75:f3:f5:3e:5c:9f:ab:
ac:09:34:65:62:1c:03:d6:e2:b9:2f:18:26:a4:f0:02:81:c7:
27:1c:ad:5c:a5:1d:ff:93:dc:85:0e:0e:94:d3:ad:4b:ea:22:
7b:4c:c4:d9:c4:6b:74:b2:fd:dc:db:30:8d:d7:f0:eb:a8:28:
f3:18:5f:ba:b4:fc:df:c3:c8:9d:c4:07:6b:99:03:b7:ab:99:
1d:c0:f8:a5:70:7f:2f:43:e6:b4:d7:7b:c7:3d:ef:b3:9a:85:
7e:ba:9f:4e:a4:8c:aa:d0:1b:9e:5e:96:ae:4a:f9:ac:a1:09:
ec:9a:a2:b5:a7:0e:a4:e8:18:6a:73:e7:19:92:b6:8c:14:6e:
be:00:9d:ae
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAmSdmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmJhZGVjNGFjN2MzZjAxNWM0MGI3MmRhN2YyZDVlMGRiZDRkM2RhMB4XDTIyMDEw
MTA2NTY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk3MjQ3NGI2YTUx
YmYyNzQyMTFmNmFhYjEzNDEwZjkyNDEwZjM1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbnoKkN198mKnZgvUQnXT2QIOx1uGxZzrvjAQsjGCv71WJZ
v3xHGBCPjquE46MfGbO/Fk4hFXUqWAG02mKdXAdKdXFqV42mC63S1fRIjedT+nMV
7T7/NAy+dm+8SrcjV72AAWQ/FI22SXS30F6HcIeZtZRuB0bDGBhk/Gsq9ATvrjEU
ayYmXP+Og9g+2gAEDZBctjBQfnSO9A6w+NcclgcGcFdeNB9Fpt42RYNOpjZwqe39
OLR9Fbf0VsYXsVAiY07MGtIqj//do84yMH0kBNUewDt4uuEImfvTLL24PnHojPqk
VTDz8emPuHVnoyn6K6G8eWp6eBnqbbKYXCwNo9sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQpckdLalG/J0IR9qqxNBD5JBDzVTAfBgNVHSMEGDAWgBT/ut7ErHw/AVxA
ty2n8tXg29TT2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L183cmV4S3g4UHdGY1FMY3RwX0xWNE52VTA5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvMzg5OTZmLTkzNjMtNDQzYS04NDc5LTk1Yjg5ODZlNDMzZi8x
L0tYSkhTMnBSdnlkQ0VmYXFzVFFRLVNRUTgxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
Mzg5OTZmLTkzNjMtNDQzYS04NDc5LTk1Yjg5ODZlNDMzZi8xL183cmV4S3g4UHdG
Y1FMY3RwX0xWNE52VTA5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFHJ0AMEArlyaDANBAIAAjAHAwUD
KgDpADANBgkqhkiG9w0BAQsFAAOCAQEAk/iyve6IQHpKI5ANFkkgNOJJUTJ27bA5
l6J7OEZPGJhRUQ0wqgY0vu29LKecvbWJRAJCBkvJFzGTqLptwK6GhDF3u7/blIpP
HXOXxSi6NSvJ9iOkvmXv5JlM8VyADFPxzq9hLuLHKmwJNVoyY5kKflN/JH91/891
8/U+XJ+rrAk0ZWIcA9biuS8YJqTwAoHHJxytXKUd/5PchQ4OlNOtS+oie0zE2cRr
dLL93Nswjdfw66go8xhfurT838PIncQHa5kDt6uZHcD4pXB/L0PmtNd7xz3vs5qF
frqfTqSMqtAbnl6Wrkr5rKEJ7JqitacOpOgYanPnGZK2jBRuvgCdrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:32 2024 by rpki-client on console-fra.rpki-client.org