Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/7275ea-af7a-4a2f-960e-fbbb5187910a/1/iEOrbot390yg_vhQprlG89Vt-tE.roa
File: iEOrbot390yg_vhQprlG89Vt-tE.roa (raw, json)
Hash identifier: 7IeX7/e60NfWOdNe/UY1/7BihDyOeK9up1h3vFlRjpQ=
Subject key identifier: 88:43:AB:6E:8B:77:F7:4C:A0:FE:F8:50:A6:B9:46:F3:D5:6D:FA:D1
Certificate issuer: /CN=b1a3b0de59596a64edfa659da3b2abe8420668e8
Certificate serial: 07702867
Authority key identifier: B1:A3:B0:DE:59:59:6A:64:ED:FA:65:9D:A3:B2:AB:E8:42:06:68:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saOw3llZamTt-mWdo7Kr6EIGaOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/7275ea-af7a-4a2f-960e-fbbb5187910a/1/iEOrbot390yg_vhQprlG89Vt-tE.roa
Signing time: Mon 17 Jan 2022 17:03:43 +0000
ROA not before: Mon 17 Jan 2022 17:03:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51487
IP address blocks: 185.236.248.0/22 maxlen: 22
185.236.248.0/24 maxlen: 24
185.236.251.0/24 maxlen: 24
185.236.250.0/24 maxlen: 24
185.236.249.0/24 maxlen: 24
45.65.64.0/24 maxlen: 24
193.84.92.0/24 maxlen: 24
193.84.93.0/24 maxlen: 24
185.200.76.0/22 maxlen: 22
185.200.76.0/24 maxlen: 24
185.200.78.0/24 maxlen: 24
185.200.77.0/24 maxlen: 24
185.200.79.0/24 maxlen: 24
193.84.49.0/24 maxlen: 24
193.84.48.0/24 maxlen: 24
45.65.67.0/24 maxlen: 24
45.65.66.0/24 maxlen: 24
45.65.65.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124790887 (0x7702867)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a3b0de59596a64edfa659da3b2abe8420668e8
Validity
Not Before: Jan 17 17:03:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8843ab6e8b77f74ca0fef850a6b946f3d56dfad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c2:40:2a:dc:c9:88:25:ea:23:3b:ba:29:09:
d4:fe:52:30:95:70:fe:42:e9:b8:65:be:9b:b0:68:
fd:48:26:8e:19:0a:87:e6:cf:4e:a8:d1:2e:53:41:
45:5d:82:57:0a:35:38:2f:36:01:87:af:ea:c9:96:
75:54:09:0b:0b:59:33:2c:3c:77:25:5c:77:95:4c:
3b:92:34:3b:55:b5:37:74:91:7a:a3:dc:ef:20:77:
e3:7b:de:be:d7:e8:3a:be:18:82:3b:38:aa:0f:f6:
26:3d:5e:85:dc:03:ff:c6:8d:82:1f:e8:18:f9:29:
08:9b:99:bf:e9:ca:51:e7:c0:37:92:f5:b1:31:1a:
8c:cf:88:87:17:48:95:dc:a2:23:89:f1:61:fc:0b:
57:3b:8e:3f:4f:66:b6:cc:1c:da:11:16:50:aa:c0:
af:e3:de:62:f5:02:ae:0c:8c:1a:44:6a:c3:e0:15:
3c:ac:49:cf:a4:d2:ae:cc:dd:cd:8c:f3:cb:37:6a:
79:b3:22:69:1d:ae:36:8e:8e:fe:66:f5:f5:56:6c:
5b:22:37:14:ea:00:3b:34:ee:ed:e2:19:97:8d:65:
6b:5b:64:90:9b:31:2e:8c:f2:25:71:4f:37:1e:d0:
b8:47:73:e0:41:7b:e2:94:67:17:d3:e3:8d:fe:de:
93:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:43:AB:6E:8B:77:F7:4C:A0:FE:F8:50:A6:B9:46:F3:D5:6D:FA:D1
X509v3 Authority Key Identifier:
keyid:B1:A3:B0:DE:59:59:6A:64:ED:FA:65:9D:A3:B2:AB:E8:42:06:68:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saOw3llZamTt-mWdo7Kr6EIGaOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/7275ea-af7a-4a2f-960e-fbbb5187910a/1/iEOrbot390yg_vhQprlG89Vt-tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/7275ea-af7a-4a2f-960e-fbbb5187910a/1/saOw3llZamTt-mWdo7Kr6EIGaOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.64.0/22
185.200.76.0/22
185.236.248.0/22
193.84.48.0/23
193.84.92.0/23
Signature Algorithm: sha256WithRSAEncryption
20:91:67:e5:1a:0d:6d:2f:6b:f4:72:40:d3:40:3e:68:a9:86:
45:81:0d:c4:bf:58:9d:ec:c2:1e:55:d7:05:19:d4:84:8c:0a:
94:cd:d5:b6:80:29:82:4c:fd:7b:78:5b:51:e9:e3:37:27:b5:
a9:af:56:8e:5a:29:e7:23:c6:c3:b7:22:6c:58:06:95:b6:05:
ba:6f:0f:fb:d0:bc:d5:7e:be:40:44:f2:0a:ac:a3:30:b9:b5:
90:30:d8:76:bc:b6:2e:4f:93:75:f0:46:c2:f6:21:cc:12:0f:
74:38:a3:84:d2:f2:94:50:82:5b:30:68:dd:c5:24:35:ec:92:
36:17:79:75:7c:ed:83:d0:bd:c7:1a:50:d7:67:59:32:e8:2a:
b7:5a:ee:01:e8:3d:a2:87:4a:04:6e:37:38:7e:ff:a8:77:cd:
e3:da:a0:f0:4c:39:bb:24:a1:ff:6c:d5:62:97:45:68:a9:f5:
bd:b3:32:07:40:20:ce:60:ec:9f:aa:27:e9:dd:44:f6:a7:ff:
27:10:00:38:2b:ab:be:d9:9b:e0:4a:11:db:cc:77:20:bf:94:
b4:e9:94:a7:3d:9e:b6:6d:df:92:fa:f2:b6:22:ab:6e:6c:c8:
73:6c:c7:cc:00:55:12:eb:91:a3:56:ae:c1:79:b4:1d:a2:e0:
5d:24:56:18
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEB3AoZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWEzYjBkZTU5NTk2YTY0ZWRmYTY1OWRhM2IyYWJlODQyMDY2OGU4MB4XDTIyMDEx
NzE3MDM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg0M2FiNmU4Yjc3
Zjc0Y2EwZmVmODUwYTZiOTQ2ZjNkNTZkZmFkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzCQCrcyYgl6iM7uikJ1P5SMJVw/kLpuGW+m7Bo/UgmjhkK
h+bPTqjRLlNBRV2CVwo1OC82AYev6smWdVQJCwtZMyw8dyVcd5VMO5I0O1W1N3SR
eqPc7yB343vevtfoOr4Ygjs4qg/2Jj1ehdwD/8aNgh/oGPkpCJuZv+nKUefAN5L1
sTEajM+IhxdIldyiI4nxYfwLVzuOP09mtswc2hEWUKrAr+PeYvUCrgyMGkRqw+AV
PKxJz6TSrszdzYzzyzdqebMiaR2uNo6O/mb19VZsWyI3FOoAOzTu7eIZl41la1tk
kJsxLozyJXFPNx7QuEdz4EF74pRnF9Pjjf7ekw0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSIQ6tui3f3TKD++FCmuUbz1W360TAfBgNVHSMEGDAWgBSxo7DeWVlqZO36
ZZ2jsqvoQgZo6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhT3czbGxaYW1UdC1tV2RvN0tyNkVJR2FPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvNzI3NWVhLWFmN2EtNGEyZi05NjBlLWZiYmI1MTg3OTEwYS8x
L2lFT3Jib3QzOTB5Z192aFFwcmxHODlWdC10RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
NzI3NWVhLWFmN2EtNGEyZi05NjBlLWZiYmI1MTg3OTEwYS8xL3NhT3czbGxaYW1U
dC1tV2RvN0tyNkVJR2FPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi1BQAMEArnITAMEArns+AMEAcFU
MAMEAcFUXDANBgkqhkiG9w0BAQsFAAOCAQEAIJFn5RoNbS9r9HJA00A+aKmGRYEN
xL9YnezCHlXXBRnUhIwKlM3VtoApgkz9e3hbUenjNye1qa9Wjlop5yPGw7cibFgG
lbYFum8P+9C81X6+QETyCqyjMLm1kDDYdry2Lk+TdfBGwvYhzBIPdDijhNLylFCC
WzBo3cUkNeySNhd5dXztg9C9xxpQ12dZMugqt1ruAeg9oodKBG43OH7/qHfN49qg
8Ew5uySh/2zVYpdFaKn1vbMyB0AgzmDsn6on6d1E9qf/JxAAOCurvtmb4EoR28x3
IL+UtOmUpz2etm3fkvrytiKrbmzIc2zHzABVEuuRo1auwXm0HaLgXSRWGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:06 2024 by rpki-client on console-ams.rpki-client.org