Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/iQFd2em6GcMMKeTIEvj8Tjbbt4Q.roa
File: iQFd2em6GcMMKeTIEvj8Tjbbt4Q.roa (raw, json)
Hash identifier: yipyAsGU9BS76SwPUGHxquUPYOJN0nsMEOO85BlzuC4=
Subject key identifier: 89:01:5D:D9:E9:BA:19:C3:0C:29:E4:C8:12:F8:FC:4E:36:DB:B7:84
Certificate issuer: /CN=aa7fa1d876d6c9cf57584456b2094daac5f3f519
Certificate serial: 018949806578DD6889CF46BCB7D4941470EC
Authority key identifier: AA:7F:A1:D8:76:D6:C9:CF:57:58:44:56:B2:09:4D:AA:C5:F3:F5:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qn-h2HbWyc9XWERWsglNqsXz9Rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/iQFd2em6GcMMKeTIEvj8Tjbbt4Q.roa
Signing time: Wed 12 Jul 2023 09:48:18 +0000
ROA not before: Wed 12 Jul 2023 09:48:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 185.8.84.0/23 maxlen: 23
109.75.100.0/22 maxlen: 22
109.75.105.0/24 maxlen: 24
185.65.196.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:80:65:78:dd:68:89:cf:46:bc:b7:d4:94:14:70:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa7fa1d876d6c9cf57584456b2094daac5f3f519
Validity
Not Before: Jul 12 09:48:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89015dd9e9ba19c30c29e4c812f8fc4e36dbb784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:21:0b:2e:3e:85:65:5a:87:af:cf:97:5e:64:
7a:32:b8:53:9d:58:47:f5:59:ad:6e:83:62:36:8f:
0b:da:f2:59:28:10:93:36:c8:8e:cc:d8:da:7a:6c:
9c:18:a2:fd:53:9a:89:88:3a:27:a2:70:f1:84:7e:
e1:89:84:68:4b:a3:cd:f2:c0:58:43:46:4f:e7:12:
ed:a8:7e:65:da:eb:89:ab:d7:8d:ac:d7:ef:45:18:
87:bc:d4:f7:c4:54:c2:03:21:e3:1a:ad:79:34:36:
2b:e1:26:0a:78:07:5e:81:2e:d8:3d:9f:bf:91:9e:
51:ea:f0:5c:1e:53:19:ae:25:6d:4a:3b:63:60:94:
fb:15:ff:8f:15:40:2e:1e:43:3c:e4:7d:13:57:63:
21:f3:57:7f:99:fa:2e:ae:6b:46:6d:ba:20:a0:cf:
c0:4e:62:e4:77:84:9d:f4:49:a5:f3:9e:87:81:34:
08:01:0c:a3:44:28:bc:94:78:64:da:b7:d1:8d:55:
f7:32:e1:6e:fd:02:fd:21:41:21:a6:dd:7c:2e:0c:
76:2d:04:44:6d:34:da:55:8c:ae:c7:01:6c:eb:20:
6c:c3:9a:10:be:3c:db:1e:6f:6f:80:2a:a2:b0:39:
a9:45:99:04:84:9a:fb:41:2c:e7:15:07:e1:46:0f:
c6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:01:5D:D9:E9:BA:19:C3:0C:29:E4:C8:12:F8:FC:4E:36:DB:B7:84
X509v3 Authority Key Identifier:
keyid:AA:7F:A1:D8:76:D6:C9:CF:57:58:44:56:B2:09:4D:AA:C5:F3:F5:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qn-h2HbWyc9XWERWsglNqsXz9Rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/iQFd2em6GcMMKeTIEvj8Tjbbt4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/1df8e5-705b-4425-8b47-f553000227bd/1/qn-h2HbWyc9XWERWsglNqsXz9Rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.100.0/22
109.75.105.0/24
185.8.84.0/23
185.65.196.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:4f:12:06:57:31:fc:10:96:8f:72:b0:58:0f:02:ca:de:8e:
09:c3:01:e1:43:7c:11:eb:c7:1c:c7:24:23:02:81:0e:a2:b9:
b3:dd:57:8f:1d:bf:95:74:12:f5:56:f8:9a:5b:4b:1e:90:63:
ae:ac:43:2f:0e:c4:90:72:27:00:65:b2:f3:5f:fa:ef:bd:69:
ef:7b:2b:0b:2a:62:ce:7f:bd:cd:ce:96:2a:18:2c:58:39:69:
12:f2:16:35:12:03:86:13:18:43:a9:38:d9:85:85:88:48:14:
bd:76:2a:65:42:46:ba:0e:a8:e1:8f:28:18:92:74:36:0a:6d:
47:ce:92:9c:4d:a0:18:01:e9:97:47:fa:80:bf:ce:86:51:f7:
68:60:4e:ec:d2:15:9d:41:4d:64:ef:54:1c:66:a0:4e:a5:05:
ff:9c:be:29:67:56:6c:8e:cf:32:00:d0:04:6a:3e:7a:2b:af:
68:bd:09:18:b8:8f:05:55:4c:33:10:9b:5e:c7:c0:f5:1c:ca:
95:38:b3:08:a2:46:d4:dc:43:d4:93:e5:52:8c:a1:5a:49:b8:
04:13:8e:c6:27:6b:a8:68:a3:ff:db:7d:f8:2a:a6:9f:d6:f1:
0f:8c:a4:a3:16:6b:59:6d:4c:bf:94:ed:a3:96:77:69:c9:c4:
97:f4:48:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlJgGV43WiJz0a8t9SUFHDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2ZhMWQ4NzZkNmM5Y2Y1NzU4NDQ1NmIyMDk0ZGFhYzVm
M2Y1MTkwHhcNMjMwNzEyMDk0ODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTAxNWRkOWU5YmExOWMzMGMyOWU0YzgxMmY4ZmM0ZTM2ZGJiNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSELLj6FZVqHr8+XXmR6MrhTnVhH
9VmtboNiNo8L2vJZKBCTNsiOzNjaemycGKL9U5qJiDononDxhH7hiYRoS6PN8sBY
Q0ZP5xLtqH5l2uuJq9eNrNfvRRiHvNT3xFTCAyHjGq15NDYr4SYKeAdegS7YPZ+/
kZ5R6vBcHlMZriVtSjtjYJT7Ff+PFUAuHkM85H0TV2Mh81d/mfourmtGbbogoM/A
TmLkd4Sd9Eml856HgTQIAQyjRCi8lHhk2rfRjVX3MuFu/QL9IUEhpt18Lgx2LQRE
bTTaVYyuxwFs6yBsw5oQvjzbHm9vgCqisDmpRZkEhJr7QSznFQfhRg/G7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIkBXdnpuhnDDCnkyBL4/E4227eEMB8GA1UdIwQY
MBaAFKp/odh21snPV1hEVrIJTarF8/UZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW4taDJIYld5YzlYV0VSV3NnbE5xc1h6OVJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xZGY4ZTUtNzA1Yi00NDI1LThiNDct
ZjU1MzAwMDIyN2JkLzEvaVFGZDJlbTZHY01NS2VUSUV2ajhUamJidDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8xZGY4ZTUtNzA1Yi00NDI1LThiNDctZjU1MzAwMDIyN2Jk
LzEvcW4taDJIYld5YzlYV0VSV3NnbE5xc1h6OVJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCbUtkAwQA
bUtpAwQBuQhUAwQBuUHEMA0GCSqGSIb3DQEBCwUAA4IBAQBMTxIGVzH8EJaPcrBY
DwLK3o4JwwHhQ3wR68ccxyQjAoEOormz3VePHb+VdBL1VviaW0sekGOurEMvDsSQ
cicAZbLzX/rvvWnveysLKmLOf73NzpYqGCxYOWkS8hY1EgOGExhDqTjZhYWISBS9
diplQka6DqjhjygYknQ2Cm1HzpKcTaAYAemXR/qAv86GUfdoYE7s0hWdQU1k71Qc
ZqBOpQX/nL4pZ1Zsjs8yANAEaj56K69ovQkYuI8FVUwzEJtex8D1HMqVOLMIokbU
3EPUk+VSjKFaSbgEE47GJ2uoaKP/2334Kqaf1vEPjKSjFmtZbUy/lO2jlndpycSX
9Ejq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:47 2024 by rpki-client on console-ams.rpki-client.org