Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/Yh2qRySb-Y8qS2UkVibx3PzNoas.roa
File: Yh2qRySb-Y8qS2UkVibx3PzNoas.roa (raw, json)
Hash identifier: snP5ZOV0VxjZ7JOSJh+L/U2hAMpMSn/3xLCrjdLZEJE=
Subject key identifier: 62:1D:AA:47:24:9B:F9:8F:2A:4B:65:24:56:26:F1:DC:FC:CD:A1:AB
Certificate issuer: /CN=aa7fa1d876d6c9cf57584456b2094daac5f3f519
Certificate serial: 01856F14AF1175041DA7DA468CCE6F8CA4A3
Authority key identifier: AA:7F:A1:D8:76:D6:C9:CF:57:58:44:56:B2:09:4D:AA:C5:F3:F5:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qn-h2HbWyc9XWERWsglNqsXz9Rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/Yh2qRySb-Y8qS2UkVibx3PzNoas.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 195.178.0.0/23 maxlen: 23
185.8.84.0/23 maxlen: 23
109.75.100.0/22 maxlen: 22
109.75.105.0/24 maxlen: 24
185.65.196.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:af:11:75:04:1d:a7:da:46:8c:ce:6f:8c:a4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa7fa1d876d6c9cf57584456b2094daac5f3f519
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=621daa47249bf98f2a4b65245626f1dcfccda1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c6:21:71:ca:99:fa:75:fe:38:8c:31:40:66:
56:bf:cc:85:16:72:3f:18:4d:6e:49:2a:24:5e:a9:
f5:ad:2f:b3:6e:b1:8d:33:14:51:e7:85:66:73:1b:
a6:a0:54:6c:7f:e7:74:bb:c6:b1:39:8b:81:0d:cd:
55:fe:e5:7f:42:75:ca:d0:bb:f1:27:79:84:f3:f6:
6e:8a:6b:f9:f0:58:f0:2f:9e:d4:d2:20:ab:28:96:
c8:31:68:c3:4a:fe:e1:ad:eb:46:d9:91:28:99:d3:
8e:72:3a:37:09:cb:82:d4:df:b0:28:4a:e0:f3:6c:
7e:7b:88:22:82:52:85:bf:64:cb:8e:07:c2:03:2e:
c5:96:50:27:7e:86:64:35:aa:87:70:2c:2d:d9:41:
8e:c6:09:39:69:f8:02:f4:4e:c5:61:81:f1:26:65:
91:59:9f:b4:e3:57:3b:c7:02:f7:d5:9b:d7:a1:3a:
11:52:82:f7:bc:bd:db:49:5e:4c:4c:98:38:57:bc:
8c:0b:ff:ef:af:ba:53:e7:3b:89:32:48:48:9a:0a:
87:b8:06:a5:2e:cf:70:cd:47:d9:02:48:b5:86:6b:
88:10:99:59:cc:03:00:a0:92:f9:92:9d:09:7c:e9:
55:c4:10:f2:5a:4c:46:64:cf:b1:ae:90:8c:e1:32:
59:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1D:AA:47:24:9B:F9:8F:2A:4B:65:24:56:26:F1:DC:FC:CD:A1:AB
X509v3 Authority Key Identifier:
keyid:AA:7F:A1:D8:76:D6:C9:CF:57:58:44:56:B2:09:4D:AA:C5:F3:F5:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qn-h2HbWyc9XWERWsglNqsXz9Rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/Yh2qRySb-Y8qS2UkVibx3PzNoas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/qn-h2HbWyc9XWERWsglNqsXz9Rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.100.0/22
109.75.105.0/24
185.8.84.0/23
185.65.196.0/23
195.178.0.0/23
Signature Algorithm: sha256WithRSAEncryption
af:06:4d:23:b7:e2:b6:66:12:ed:d1:1a:9f:d9:c6:ac:5c:99:
e2:22:dd:36:18:20:65:da:f4:c7:4f:d7:06:4a:70:5c:62:a9:
ab:37:7e:a2:66:15:b4:7a:2a:f1:a8:5b:1d:3b:ed:05:5f:96:
d6:52:70:f0:62:a9:c6:71:ea:e7:a8:04:25:b0:0a:19:6b:0e:
be:5a:3a:08:53:62:10:13:8b:7d:e1:b7:09:02:be:a5:25:7f:
35:4c:27:9b:b0:78:da:70:71:4f:e4:08:f8:19:81:1b:40:65:
d8:26:33:b8:51:89:54:98:2d:dd:7c:4d:2c:87:91:91:31:4a:
8b:22:81:18:eb:ac:6a:d1:1c:01:e2:66:95:10:58:3f:81:29:
bc:ae:c8:1a:76:96:44:32:c4:af:ef:94:3b:1c:f1:7b:80:5d:
b1:61:28:9a:aa:c1:12:c8:13:b9:74:c4:39:fc:8c:da:a4:0f:
87:fb:bc:a7:7d:6c:31:85:51:e8:0d:20:1e:a9:77:ae:a6:ca:
82:c1:5b:9d:ab:56:43:18:42:3b:2a:97:40:96:65:d3:1a:36:
0c:c1:f7:9b:7a:42:94:b9:9e:4f:b9:66:a5:46:61:68:4b:c3:
f0:4d:c3:fb:5c:e9:4f:26:8f:ac:5a:b7:d4:e3:62:c0:a6:ad:
7f:03:91:33
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvFK8RdQQdp9pGjM5vjKSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2ZhMWQ4NzZkNmM5Y2Y1NzU4NDQ1NmIyMDk0ZGFhYzVm
M2Y1MTkwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjFkYWE0NzI0OWJmOThmMmE0YjY1MjQ1NjI2ZjFkY2ZjY2RhMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcYhccqZ+nX+OIwxQGZWv8yFFnI/
GE1uSSokXqn1rS+zbrGNMxRR54VmcxumoFRsf+d0u8axOYuBDc1V/uV/QnXK0Lvx
J3mE8/Zuimv58FjwL57U0iCrKJbIMWjDSv7hretG2ZEomdOOcjo3CcuC1N+wKErg
82x+e4giglKFv2TLjgfCAy7FllAnfoZkNaqHcCwt2UGOxgk5afgC9E7FYYHxJmWR
WZ+041c7xwL31ZvXoToRUoL3vL3bSV5MTJg4V7yMC//vr7pT5zuJMkhImgqHuAal
Ls9wzUfZAki1hmuIEJlZzAMAoJL5kp0JfOlVxBDyWkxGZM+xrpCM4TJZNwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGIdqkckm/mPKktlJFYm8dz8zaGrMB8GA1UdIwQY
MBaAFKp/odh21snPV1hEVrIJTarF8/UZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW4taDJIYld5YzlYV0VSV3NnbE5xc1h6OVJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xZGY4ZTUtNzA1Yi00NDI1LThiNDct
ZjU1MzAwMDIyN2JkLzEvWWgycVJ5U2ItWThxUzJVa1ZpYngzUHpOb2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8xZGY4ZTUtNzA1Yi00NDI1LThiNDctZjU1MzAwMDIyN2Jk
LzEvcW4taDJIYld5YzlYV0VSV3NnbE5xc1h6OVJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCbUtkAwQA
bUtpAwQBuQhUAwQBuUHEAwQBw7IAMA0GCSqGSIb3DQEBCwUAA4IBAQCvBk0jt+K2
ZhLt0Rqf2casXJniIt02GCBl2vTHT9cGSnBcYqmrN36iZhW0eirxqFsdO+0FX5bW
UnDwYqnGcernqAQlsAoZaw6+WjoIU2IQE4t94bcJAr6lJX81TCebsHjacHFP5Aj4
GYEbQGXYJjO4UYlUmC3dfE0sh5GRMUqLIoEY66xq0RwB4maVEFg/gSm8rsgadpZE
MsSv75Q7HPF7gF2xYSiaqsESyBO5dMQ5/IzapA+H+7ynfWwxhVHoDSAeqXeupsqC
wVudq1ZDGEI7KpdAlmXTGjYMwfebekKUuZ5PuWalRmFoS8PwTcP7XOlPJo+sWrfU
42LApq1/A5Ez
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:47 2024 by rpki-client on console-ams.rpki-client.org