Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e19744-dabe-4096-8e67-ff65ae2c1032/1/KllXnhL7-N-kPDP-6gZvxLyvp5c.roa
File: KllXnhL7-N-kPDP-6gZvxLyvp5c.roa (raw, json)
Hash identifier: gr6Mbi2F54vF+3scqga2QoZN7RE9cFVEnGO1FYo2tKY=
Subject key identifier: 2A:59:57:9E:12:FB:F8:DF:A4:3C:33:FE:EA:06:6F:C4:BC:AF:A7:97
Certificate issuer: /CN=041f2ec8e276c17d76f95c78d4a92a2b87ef2542
Certificate serial: 0189E410451CD1A2CE4E373E79BF57F9AC5B
Authority key identifier: 04:1F:2E:C8:E2:76:C1:7D:76:F9:5C:78:D4:A9:2A:2B:87:EF:25:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BB8uyOJ2wX12-Vx41KkqK4fvJUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/e19744-dabe-4096-8e67-ff65ae2c1032/1/KllXnhL7-N-kPDP-6gZvxLyvp5c.roa
Signing time: Fri 11 Aug 2023 10:06:58 +0000
ROA not before: Fri 11 Aug 2023 10:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209858
IP address blocks: 213.184.73.0/24 maxlen: 24
213.184.72.0/24 maxlen: 24
185.186.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:10:45:1c:d1:a2:ce:4e:37:3e:79:bf:57:f9:ac:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=041f2ec8e276c17d76f95c78d4a92a2b87ef2542
Validity
Not Before: Aug 11 10:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a59579e12fbf8dfa43c33feea066fc4bcafa797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:25:71:e2:9a:eb:96:7c:ea:b4:db:25:a7:a0:
42:7e:81:48:80:6a:f4:9b:cd:a6:af:69:35:94:f5:
2e:2d:14:47:9a:84:c0:12:19:bd:de:1c:a4:5c:e1:
7b:3f:bf:f1:07:05:f4:31:37:9e:98:da:0f:45:67:
48:d6:81:60:bc:33:4e:4b:dd:ae:80:f3:9d:42:28:
ca:e1:f6:51:f7:3a:a3:5a:95:00:c3:5c:13:19:32:
41:69:03:6f:a1:3a:93:18:e6:6d:ca:28:51:b4:86:
55:62:87:74:65:80:59:e8:22:ad:a6:9e:d6:d2:f4:
b5:50:ce:18:62:fa:0c:d7:10:3c:ef:9e:3f:e6:5f:
5b:d7:ce:eb:90:8f:1c:c5:69:72:e8:bb:f5:8a:8c:
cf:09:82:a9:d3:93:66:47:9c:4d:22:59:ee:0a:2f:
9d:6d:11:8a:da:38:8e:21:3c:d3:b8:f7:58:7c:8f:
1e:29:dc:54:ce:70:b9:54:31:76:35:ce:03:7d:aa:
ef:2d:54:bc:68:e4:5b:c7:73:59:8b:25:51:10:0b:
dd:56:e0:f8:3f:e1:a5:67:68:1e:f9:df:00:86:52:
49:34:69:b7:bc:6a:44:f1:54:5c:6c:d4:67:c1:50:
9c:7d:2a:aa:17:90:6f:1a:df:2a:4c:5d:a2:05:93:
d0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:59:57:9E:12:FB:F8:DF:A4:3C:33:FE:EA:06:6F:C4:BC:AF:A7:97
X509v3 Authority Key Identifier:
keyid:04:1F:2E:C8:E2:76:C1:7D:76:F9:5C:78:D4:A9:2A:2B:87:EF:25:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BB8uyOJ2wX12-Vx41KkqK4fvJUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e19744-dabe-4096-8e67-ff65ae2c1032/1/KllXnhL7-N-kPDP-6gZvxLyvp5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e19744-dabe-4096-8e67-ff65ae2c1032/1/BB8uyOJ2wX12-Vx41KkqK4fvJUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.183.0/24
213.184.72.0/23
Signature Algorithm: sha256WithRSAEncryption
22:2b:1b:47:19:c8:7f:48:d2:41:f0:4c:d4:df:9b:db:7e:e4:
4b:ba:e9:d0:9c:7c:69:68:ed:b1:b2:cf:49:eb:bf:44:40:e1:
2c:43:8d:c7:3c:c8:7c:d5:ae:81:51:3a:90:6b:fd:a8:1f:3f:
2a:53:82:33:99:65:60:92:c3:49:d9:f3:10:55:91:2b:72:44:
44:8d:4b:0e:81:76:b6:4f:48:a2:4f:c3:39:dd:68:1c:be:08:
79:c9:ea:a8:d6:9a:50:52:16:1a:54:73:51:fa:d9:d7:9e:98:
f1:80:4f:0d:5d:bc:dc:6c:7f:dd:8b:de:37:ef:4b:53:73:47:
a4:a1:21:b1:3c:bf:34:fa:33:de:b3:4e:88:b7:4a:f6:14:3b:
14:4a:2e:1f:4e:3b:fc:29:65:6a:82:89:a3:16:8e:c4:74:30:
b2:bb:60:a4:f6:cc:15:a4:38:e6:5a:92:a2:23:6f:ba:dc:c8:
91:d5:ce:34:c9:8e:42:ec:77:9b:ee:4f:f9:eb:c5:e7:f7:3f:
fc:10:3b:4c:e6:9a:65:53:70:9f:90:bb:00:6d:66:d9:66:a5:
a8:b4:68:75:32:5b:04:e4:8b:a0:93:6f:15:e3:b8:48:01:8c:
77:c9:3e:49:e9:e0:ae:7f:3f:c2:e8:93:07:6e:51:cd:dd:16:
fc:b1:0b:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnkEEUc0aLOTjc+eb9X+axbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MWYyZWM4ZTI3NmMxN2Q3NmY5NWM3OGQ0YTkyYTJiODdl
ZjI1NDIwHhcNMjMwODExMTAwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU5NTc5ZTEyZmJmOGRmYTQzYzMzZmVlYTA2NmZjNGJjYWZhNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyVx4prrlnzqtNslp6BCfoFIgGr0
m82mr2k1lPUuLRRHmoTAEhm93hykXOF7P7/xBwX0MTeemNoPRWdI1oFgvDNOS92u
gPOdQijK4fZR9zqjWpUAw1wTGTJBaQNvoTqTGOZtyihRtIZVYod0ZYBZ6CKtpp7W
0vS1UM4YYvoM1xA8754/5l9b187rkI8cxWly6Lv1iozPCYKp05NmR5xNIlnuCi+d
bRGK2jiOITzTuPdYfI8eKdxUznC5VDF2Nc4DfarvLVS8aORbx3NZiyVREAvdVuD4
P+GlZ2ge+d8AhlJJNGm3vGpE8VRcbNRnwVCcfSqqF5BvGt8qTF2iBZPQCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpZV54S+/jfpDwz/uoGb8S8r6eXMB8GA1UdIwQY
MBaAFAQfLsjidsF9dvlceNSpKiuH7yVCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkI4dXlPSjJ3WDEyLVZ4NDFLa3FLNGZ2SlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lMTk3NDQtZGFiZS00MDk2LThlNjct
ZmY2NWFlMmMxMDMyLzEvS2xsWG5oTDctTi1rUERQLTZnWnZ4THl2cDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lMTk3NDQtZGFiZS00MDk2LThlNjctZmY2NWFlMmMxMDMy
LzEvQkI4dXlPSjJ3WDEyLVZ4NDFLa3FLNGZ2SlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAubq3AwQB
1bhIMA0GCSqGSIb3DQEBCwUAA4IBAQAiKxtHGch/SNJB8EzU35vbfuRLuunQnHxp
aO2xss9J679EQOEsQ43HPMh81a6BUTqQa/2oHz8qU4IzmWVgksNJ2fMQVZErckRE
jUsOgXa2T0iiT8M53Wgcvgh5yeqo1ppQUhYaVHNR+tnXnpjxgE8NXbzcbH/di943
70tTc0ekoSGxPL80+jPes06It0r2FDsUSi4fTjv8KWVqgomjFo7EdDCyu2Ck9swV
pDjmWpKiI2+63MiR1c40yY5C7Heb7k/568Xn9z/8EDtM5pplU3CfkLsAbWbZZqWo
tGh1MlsE5Iugk28V47hIAYx3yT5J6eCufz/C6JMHblHN3Rb8sQuA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:34 2024 by rpki-client on console-fra.rpki-client.org