Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d1a822-a12c-4381-a0e3-ac43f72a6329/1/FqSJNUqPqomvdglcJebobGrtZX8.roa
File: FqSJNUqPqomvdglcJebobGrtZX8.roa (raw, json)
Hash identifier: kERg58/Jzcaedbie+XwXS7nLuDVrcWu5WpDYixDIcrU=
Subject key identifier: 16:A4:89:35:4A:8F:AA:89:AF:76:09:5C:25:E6:E8:6C:6A:ED:65:7F
Certificate issuer: /CN=69a3aeec186ca96321c5cef7fd96b9ab01f5cab5
Certificate serial: 01856F26D896BD662610B03E4C9C758A9D43
Authority key identifier: 69:A3:AE:EC:18:6C:A9:63:21:C5:CE:F7:FD:96:B9:AB:01:F5:CA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaOu7BhsqWMhxc73_Za5qwH1yrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d1a822-a12c-4381-a0e3-ac43f72a6329/1/FqSJNUqPqomvdglcJebobGrtZX8.roa
Signing time: Sun 01 Jan 2023 21:04:54 +0000
ROA not before: Sun 01 Jan 2023 21:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39216
IP address blocks: 185.222.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:d8:96:bd:66:26:10:b0:3e:4c:9c:75:8a:9d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a3aeec186ca96321c5cef7fd96b9ab01f5cab5
Validity
Not Before: Jan 1 21:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16a489354a8faa89af76095c25e6e86c6aed657f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5f:22:7a:1d:31:c5:ac:2c:a4:77:7d:a0:1f:
f2:9b:a9:fd:93:1e:5a:c0:e3:d9:63:56:7f:c0:77:
30:ae:a8:51:b9:30:75:65:bb:f9:3e:d8:12:51:65:
7b:2c:2e:7e:0d:c3:ba:31:95:ba:f2:25:e7:c7:df:
5d:bc:3d:86:66:60:56:99:d5:bb:cb:76:ae:79:73:
da:87:3f:4d:8e:c7:b7:d5:69:4c:2f:a0:4f:71:0d:
7d:08:5d:d4:b2:56:06:d3:cb:ee:b1:64:56:78:da:
4a:3d:2e:a4:d2:e8:83:06:c8:05:db:75:9f:ca:2f:
73:d1:7a:73:bd:1e:06:d8:e6:3f:4a:73:f7:ea:c3:
1a:ce:04:73:96:3b:e9:db:9a:5a:be:eb:a9:07:3e:
70:1f:6d:ba:82:74:7c:ff:32:9a:85:ff:bc:21:b6:
0b:cb:66:d6:51:f7:58:f1:e4:42:7e:be:e5:ac:a2:
c5:89:99:9e:ce:dd:c2:b5:22:be:72:58:71:c3:91:
8d:82:ee:66:52:42:14:18:11:58:0f:6e:b2:12:b6:
d1:e2:70:08:f9:58:82:6b:bf:ce:80:56:ed:5e:83:
28:13:e5:81:d9:36:44:59:a0:aa:85:96:59:2d:eb:
46:14:96:ce:a0:a2:2d:85:d6:92:ff:2a:63:dc:65:
b5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A4:89:35:4A:8F:AA:89:AF:76:09:5C:25:E6:E8:6C:6A:ED:65:7F
X509v3 Authority Key Identifier:
keyid:69:A3:AE:EC:18:6C:A9:63:21:C5:CE:F7:FD:96:B9:AB:01:F5:CA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaOu7BhsqWMhxc73_Za5qwH1yrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d1a822-a12c-4381-a0e3-ac43f72a6329/1/FqSJNUqPqomvdglcJebobGrtZX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d1a822-a12c-4381-a0e3-ac43f72a6329/1/aaOu7BhsqWMhxc73_Za5qwH1yrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.20.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:00:f4:3d:85:9b:ba:c5:96:46:70:4e:59:58:5f:94:f3:60:
82:76:07:76:dd:90:6c:d8:2d:1c:c4:c8:c5:3b:f1:f6:dd:ea:
fe:e2:50:b2:12:67:46:15:54:69:31:db:21:df:d7:98:40:23:
c8:9e:12:e5:28:a7:27:43:94:f6:55:81:d4:eb:d6:40:7c:5f:
54:f4:fc:ce:0c:53:1b:13:c2:91:b3:3c:23:4d:37:bf:dd:f1:
5a:62:5b:f0:e7:3a:ad:98:88:79:b7:f6:11:96:c4:ae:62:e5:
7c:f2:00:f9:ce:b3:fb:f3:9b:4e:d9:e9:db:01:0b:86:47:1c:
84:b4:d1:5f:4f:68:9c:f2:38:6b:a1:e0:7d:29:4a:20:2c:ba:
e3:04:ee:ee:53:95:9b:b0:27:ba:d8:4d:28:6c:0e:77:63:b5:
03:14:f3:8d:e9:4d:81:58:a0:25:1a:73:90:c7:fe:79:19:e0:
54:44:91:36:07:ef:3c:01:7b:bc:ac:6c:28:3f:92:b5:b9:99:
85:2f:c1:71:d3:50:82:bf:84:85:88:0d:86:c0:2c:d2:64:cb:
6b:81:d1:bf:6e:93:40:70:c2:d0:fa:ed:8b:af:5f:52:b0:bc:
9a:ca:55:8e:fc:91:38:91:87:16:e6:88:85:81:7a:1a:68:5a:
49:01:1b:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvJtiWvWYmELA+TJx1ip1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTNhZWVjMTg2Y2E5NjMyMWM1Y2VmN2ZkOTZiOWFiMDFm
NWNhYjUwHhcNMjMwMTAxMjEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmE0ODkzNTRhOGZhYTg5YWY3NjA5NWMyNWU2ZTg2YzZhZWQ2NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql8ieh0xxawspHd9oB/ym6n9kx5a
wOPZY1Z/wHcwrqhRuTB1Zbv5PtgSUWV7LC5+DcO6MZW68iXnx99dvD2GZmBWmdW7
y3aueXPahz9Njse31WlML6BPcQ19CF3UslYG08vusWRWeNpKPS6k0uiDBsgF23Wf
yi9z0XpzvR4G2OY/SnP36sMazgRzljvp25pavuupBz5wH226gnR8/zKahf+8IbYL
y2bWUfdY8eRCfr7lrKLFiZmezt3CtSK+clhxw5GNgu5mUkIUGBFYD26yErbR4nAI
+ViCa7/OgFbtXoMoE+WB2TZEWaCqhZZZLetGFJbOoKIthdaS/ypj3GW14QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBakiTVKj6qJr3YJXCXm6Gxq7WV/MB8GA1UdIwQY
MBaAFGmjruwYbKljIcXO9/2WuasB9cq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFPdTdCaHNxV01oeGM3M19aYTVxd0gxeXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kMWE4MjItYTEyYy00MzgxLWEwZTMt
YWM0M2Y3MmE2MzI5LzEvRnFTSk5VcVBxb212ZGdsY0plYm9iR3J0Wlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kMWE4MjItYTEyYy00MzgxLWEwZTMtYWM0M2Y3MmE2MzI5
LzEvYWFPdTdCaHNxV01oeGM3M19aYTVxd0gxeXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud4UMA0G
CSqGSIb3DQEBCwUAA4IBAQANAPQ9hZu6xZZGcE5ZWF+U82CCdgd23ZBs2C0cxMjF
O/H23er+4lCyEmdGFVRpMdsh39eYQCPInhLlKKcnQ5T2VYHU69ZAfF9U9PzODFMb
E8KRszwjTTe/3fFaYlvw5zqtmIh5t/YRlsSuYuV88gD5zrP785tO2enbAQuGRxyE
tNFfT2ic8jhroeB9KUogLLrjBO7uU5WbsCe62E0obA53Y7UDFPON6U2BWKAlGnOQ
x/55GeBURJE2B+88AXu8rGwoP5K1uZmFL8Fx01CCv4SFiA2GwCzSZMtrgdG/bpNA
cMLQ+u2Lr19SsLyaylWO/JE4kYcW5oiFgXoaaFpJARsm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:29 2024 by rpki-client on console-ams.rpki-client.org