Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/43c73c-327f-4da5-b14d-c77f64ab302b/1/shAfDCG7Hk8H5Emsnk1O4sDOd8c.roa
File: shAfDCG7Hk8H5Emsnk1O4sDOd8c.roa (raw, json)
Hash identifier: RPK+yvD1oMxhx+JCXjlGbjVFvgt7k98VMP4V3gyLzvg=
Subject key identifier: B2:10:1F:0C:21:BB:1E:4F:07:E4:49:AC:9E:4D:4E:E2:C0:CE:77:C7
Certificate issuer: /CN=671ef78adc0c4fbc70babd3d36b63ce130b90935
Certificate serial: 2FFDE85B
Authority key identifier: 67:1E:F7:8A:DC:0C:4F:BC:70:BA:BD:3D:36:B6:3C:E1:30:B9:09:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zx73itwMT7xwur09NrY84TC5CTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/43c73c-327f-4da5-b14d-c77f64ab302b/1/shAfDCG7Hk8H5Emsnk1O4sDOd8c.roa
Signing time: Sat 01 Jan 2022 04:59:09 +0000
ROA not before: Sat 01 Jan 2022 04:59:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199608
IP address blocks: 185.9.37.0/24 maxlen: 24
185.9.36.0/24 maxlen: 24
185.9.38.0/24 maxlen: 24
185.9.39.0/24 maxlen: 24
185.244.145.0/24 maxlen: 24
185.244.144.0/24 maxlen: 24
185.244.147.0/24 maxlen: 24
185.244.146.0/24 maxlen: 24
2a03:48c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 805169243 (0x2ffde85b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=671ef78adc0c4fbc70babd3d36b63ce130b90935
Validity
Not Before: Jan 1 04:59:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2101f0c21bb1e4f07e449ac9e4d4ee2c0ce77c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5b:02:9e:29:aa:09:2b:52:61:40:a9:d2:f9:
de:cc:de:ec:48:1c:d5:98:30:20:be:a8:42:de:db:
84:31:72:3d:99:54:f9:32:93:e1:95:da:a9:89:20:
9b:70:58:d7:27:f1:97:98:ab:0e:21:31:18:16:fe:
df:62:ce:ba:21:29:24:48:f3:7f:09:af:41:fe:0f:
3e:bd:ee:5e:2f:fc:dc:41:98:23:6c:0f:85:57:78:
c5:99:b8:81:e8:ce:e6:6e:69:b5:b5:2e:41:fd:07:
33:d5:5c:06:01:77:9b:2d:23:ba:f9:84:74:cf:dd:
12:da:17:4e:a8:fb:1a:15:32:b0:5e:97:6e:52:43:
be:be:70:63:9b:b9:5e:38:b4:7c:45:93:39:d2:2d:
d8:f2:32:0b:2a:ea:62:e8:65:04:6a:39:a1:7e:42:
28:22:a9:07:07:82:58:2b:04:9c:d4:0a:c7:3e:fb:
1e:e8:9b:88:e3:a2:75:40:b2:7a:46:6f:cd:a7:6a:
d2:18:60:29:2b:cb:92:ee:1e:8c:48:f3:9b:0c:79:
33:94:42:46:f5:30:f1:33:ec:4e:cc:fc:1b:77:64:
b2:b7:83:75:1d:30:13:b6:af:b1:36:e9:83:83:9d:
49:9b:5a:2d:fa:68:1f:dc:83:a8:dd:73:99:33:22:
15:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:10:1F:0C:21:BB:1E:4F:07:E4:49:AC:9E:4D:4E:E2:C0:CE:77:C7
X509v3 Authority Key Identifier:
keyid:67:1E:F7:8A:DC:0C:4F:BC:70:BA:BD:3D:36:B6:3C:E1:30:B9:09:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zx73itwMT7xwur09NrY84TC5CTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/43c73c-327f-4da5-b14d-c77f64ab302b/1/shAfDCG7Hk8H5Emsnk1O4sDOd8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/43c73c-327f-4da5-b14d-c77f64ab302b/1/Zx73itwMT7xwur09NrY84TC5CTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.36.0/22
185.244.144.0/22
IPv6:
2a03:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:f4:a8:18:28:8b:b6:14:72:22:d1:c7:7e:69:ea:63:a0:2b:
a6:93:85:5c:49:5b:02:67:1d:1f:b2:5e:3a:d6:bc:4a:9e:e1:
5d:0a:69:b0:66:e8:1b:eb:84:b0:a5:69:55:24:ce:04:96:8c:
50:5c:34:5a:86:2a:ab:56:9e:29:8b:db:0f:2c:c7:57:dc:bc:
6e:b4:da:00:22:e5:be:74:ac:8b:cc:dd:c6:3d:3d:73:32:98:
2a:f8:1e:89:14:bb:a9:56:d4:04:d6:7c:a8:0a:a5:03:df:2b:
25:9b:be:70:6e:e7:ce:57:d3:1c:f9:e4:91:f1:47:97:7f:17:
3b:80:b1:f8:c1:6f:cf:d2:6e:e2:15:74:85:58:4c:fc:55:1e:
a2:5f:3d:82:83:72:e8:40:c9:3c:35:c7:51:eb:47:4e:37:9d:
74:41:e3:4d:b3:d5:e8:d3:ba:00:a0:5a:bd:3f:6f:54:c9:41:
fb:90:0a:fd:42:0a:73:98:d7:1d:11:1f:be:30:06:24:83:44:
27:96:8c:4a:12:39:d7:d1:0d:6a:e8:8d:4f:49:85:23:4c:5b:
37:7b:68:1c:13:f1:6c:4c:37:f2:d3:fa:bd:1e:66:14:d9:17:
c7:8e:5e:5e:02:d5:5d:cf:e6:7c:a2:1f:8c:7b:00:a1:0a:34:
5b:d0:1f:f2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEL/3oWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzFlZjc4YWRjMGM0ZmJjNzBiYWJkM2QzNmI2M2NlMTMwYjkwOTM1MB4XDTIyMDEw
MTA0NTkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjIxMDFmMGMyMWJi
MWU0ZjA3ZTQ0OWFjOWU0ZDRlZTJjMGNlNzdjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJbAp4pqgkrUmFAqdL53sze7Egc1ZgwIL6oQt7bhDFyPZlU
+TKT4ZXaqYkgm3BY1yfxl5irDiExGBb+32LOuiEpJEjzfwmvQf4PPr3uXi/83EGY
I2wPhVd4xZm4gejO5m5ptbUuQf0HM9VcBgF3my0juvmEdM/dEtoXTqj7GhUysF6X
blJDvr5wY5u5Xji0fEWTOdIt2PIyCyrqYuhlBGo5oX5CKCKpBweCWCsEnNQKxz77
HuibiOOidUCyekZvzadq0hhgKSvLku4ejEjzmwx5M5RCRvUw8TPsTsz8G3dksreD
dR0wE7avsTbpg4OdSZtaLfpoH9yDqN1zmTMiFdcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSyEB8MIbseTwfkSayeTU7iwM53xzAfBgNVHSMEGDAWgBRnHveK3AxPvHC6
vT02tjzhMLkJNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p4NzNpdHdNVDd4d3VyMDlOclk4NFRDNUNUVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNDNjNzNjLTMyN2YtNGRhNS1iMTRkLWM3N2Y2NGFiMzAyYi8x
L3NoQWZEQ0c3SGs4SDVFbXNuazFPNHNET2Q4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NDNjNzNjLTMyN2YtNGRhNS1iMTRkLWM3N2Y2NGFiMzAyYi8xL1p4NzNpdHdNVDd4
d3VyMDlOclk4NFRDNUNUVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkJJAMEArn0kDANBAIAAjAHAwUA
KgNIwDANBgkqhkiG9w0BAQsFAAOCAQEAi/SoGCiLthRyItHHfmnqY6ArppOFXElb
AmcdH7JeOta8Sp7hXQppsGboG+uEsKVpVSTOBJaMUFw0WoYqq1aeKYvbDyzHV9y8
brTaACLlvnSsi8zdxj09czKYKvgeiRS7qVbUBNZ8qAqlA98rJZu+cG7nzlfTHPnk
kfFHl38XO4Cx+MFvz9Ju4hV0hVhM/FUeol89goNy6EDJPDXHUetHTjeddEHjTbPV
6NO6AKBavT9vVMlB+5AK/UIKc5jXHREfvjAGJINEJ5aMShI519ENauiNT0mFI0xb
N3toHBPxbEw38tP6vR5mFNkXx45eXgLVXc/mfKIfjHsAoQo0W9Af8g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:26 2025 by rpki-client