Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/x1Tw-OeQ2mihLTZk89vw5BfiU70.roa
File: x1Tw-OeQ2mihLTZk89vw5BfiU70.roa (raw, json)
Hash identifier: w2uP/5km+asdGgw/0lYboAHismQ7/QjvHQbuk9NNKi0=
Subject key identifier: C7:54:F0:F8:E7:90:DA:68:A1:2D:36:64:F3:DB:F0:E4:17:E2:53:BD
Certificate issuer: /CN=03d4c874a8fbaf51c9ec43ca009b22dc1d503976
Certificate serial: 02FF0E0C
Authority key identifier: 03:D4:C8:74:A8:FB:AF:51:C9:EC:43:CA:00:9B:22:DC:1D:50:39:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A9TIdKj7r1HJ7EPKAJsi3B1QOXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/x1Tw-OeQ2mihLTZk89vw5BfiU70.roa
Signing time: Sat 01 Jan 2022 13:07:51 +0000
ROA not before: Sat 01 Jan 2022 13:07:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25228
IP address blocks: 213.255.212.0/22 maxlen: 22
213.255.220.0/22 maxlen: 22
78.138.4.0/22 maxlen: 22
213.255.232.0/22 maxlen: 22
83.229.101.0/24 maxlen: 24
83.229.102.0/24 maxlen: 24
83.229.100.0/24 maxlen: 24
213.255.236.0/22 maxlen: 22
213.255.252.0/22 maxlen: 22
78.138.36.0/22 maxlen: 22
83.229.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50269708 (0x2ff0e0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03d4c874a8fbaf51c9ec43ca009b22dc1d503976
Validity
Not Before: Jan 1 13:07:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c754f0f8e790da68a12d3664f3dbf0e417e253bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d8:8b:bd:9c:9b:fb:04:52:93:f9:92:24:90:
7e:7b:2c:d1:32:50:1a:ef:f6:9a:a7:14:db:19:03:
9f:77:1d:ca:c7:ee:34:31:6c:92:5c:79:f7:00:84:
29:0f:4c:36:6a:ef:51:0c:24:d7:45:f8:6c:b0:ac:
94:0c:a0:94:a2:fe:cb:7f:b7:26:4f:b5:9d:02:3e:
03:d6:13:9d:2f:d5:74:ce:65:4e:b2:8a:16:f1:ee:
ba:86:53:c4:8c:ac:1b:c4:8e:61:05:35:2a:c5:11:
43:75:e7:29:4b:8b:ce:17:bb:67:27:6c:aa:11:1e:
e7:d7:f5:13:84:23:d7:30:2b:11:96:27:8c:f5:73:
0a:23:16:ce:7c:ea:b4:b2:02:96:54:8e:d3:0c:86:
b5:3a:83:cc:bf:64:6c:26:1a:15:6d:c9:35:71:55:
6c:6b:b9:e7:30:b7:0d:35:e2:bc:7d:58:af:6e:01:
d0:69:ca:2f:53:b7:9d:73:02:f9:7a:f9:c6:e9:a3:
34:94:2e:43:f0:16:9f:6b:b3:6c:4b:69:99:1e:82:
d7:f3:fd:6c:c0:ce:4c:a9:45:30:14:1e:96:0a:24:
21:49:6a:64:1a:56:e7:2e:4b:12:13:a1:ac:42:e3:
5c:88:81:2d:36:bf:38:05:a0:eb:e1:92:78:12:b8:
4d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:54:F0:F8:E7:90:DA:68:A1:2D:36:64:F3:DB:F0:E4:17:E2:53:BD
X509v3 Authority Key Identifier:
keyid:03:D4:C8:74:A8:FB:AF:51:C9:EC:43:CA:00:9B:22:DC:1D:50:39:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9TIdKj7r1HJ7EPKAJsi3B1QOXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/x1Tw-OeQ2mihLTZk89vw5BfiU70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d09a6e-5081-4674-aa57-244d84094c0f/1/A9TIdKj7r1HJ7EPKAJsi3B1QOXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.4.0/22
78.138.36.0/22
83.229.52.0/22
83.229.100.0-83.229.102.255
213.255.212.0/22
213.255.220.0/22
213.255.232.0/21
213.255.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:fc:84:f6:3c:66:d6:83:e2:b0:1c:27:73:74:94:d7:4c:7c:
44:1e:d2:ff:b4:d9:3f:79:1f:e5:fc:58:c7:c2:b2:92:72:73:
83:85:56:69:9d:17:60:82:42:cd:05:6c:b0:1e:fb:54:f6:66:
9c:11:d2:79:41:76:2f:4e:6c:1f:d5:1c:b8:68:9b:c0:e4:a1:
09:0e:5c:6b:ba:78:ce:b1:80:09:80:66:8b:a2:83:6f:c9:d5:
3b:da:f6:03:8d:98:cc:04:9c:07:45:13:f5:39:8f:ce:84:bf:
1a:d0:e6:f8:90:72:05:01:84:4f:11:c1:a6:d5:ec:ae:48:9a:
ca:6b:a9:25:51:61:85:2c:1f:bc:0a:ee:29:38:74:cd:e0:db:
dd:06:86:2b:f5:c7:c4:ed:f4:45:84:c9:74:6f:9b:2b:51:07:
43:fb:99:d4:2e:cf:ab:55:0d:23:34:84:52:94:c1:27:25:3e:
ec:0f:2c:7a:b5:9f:ed:62:10:d6:03:26:e3:a8:6d:be:2b:f5:
8a:b3:a0:ef:f2:17:26:1e:82:53:e3:5b:3e:88:2e:32:c0:26:
26:7a:47:e1:79:71:36:89:3b:94:2c:54:d2:40:30:17:a6:27:
60:38:7a:11:2a:e7:fa:f5:b0:cc:67:88:ba:3b:4f:fe:84:41:
61:7a:e8:47
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEAv8ODDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
M2Q0Yzg3NGE4ZmJhZjUxYzllYzQzY2EwMDliMjJkYzFkNTAzOTc2MB4XDTIyMDEw
MTEzMDc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc1NGYwZjhlNzkw
ZGE2OGExMmQzNjY0ZjNkYmYwZTQxN2UyNTNiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTYi72cm/sEUpP5kiSQfnss0TJQGu/2mqcU2xkDn3cdysfu
NDFsklx59wCEKQ9MNmrvUQwk10X4bLCslAyglKL+y3+3Jk+1nQI+A9YTnS/VdM5l
TrKKFvHuuoZTxIysG8SOYQU1KsURQ3XnKUuLzhe7ZydsqhEe59f1E4Qj1zArEZYn
jPVzCiMWznzqtLICllSO0wyGtTqDzL9kbCYaFW3JNXFVbGu55zC3DTXivH1Yr24B
0GnKL1O3nXMC+Xr5xumjNJQuQ/AWn2uzbEtpmR6C1/P9bMDOTKlFMBQelgokIUlq
ZBpW5y5LEhOhrELjXIiBLTa/OAWg6+GSeBK4TfcCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBTHVPD455DaaKEtNmTz2/DkF+JTvTAfBgNVHSMEGDAWgBQD1Mh0qPuvUcns
Q8oAmyLcHVA5djAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0E5VElkS2o3cjFISjdFUEtBSnNpM0IxUU9YWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvZDA5YTZlLTUwODEtNDY3NC1hYTU3LTI0NGQ4NDA5NGMwZi8x
L3gxVHctT2VRMm1paExUWms4OXZ3NUJmaVU3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
ZDA5YTZlLTUwODEtNDY3NC1hYTU3LTI0NGQ4NDA5NGMwZi8xL0E5VElkS2o3cjFI
SjdFUEtBSnNpM0IxUU9YWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAk6KBAMEAk6KJAMEAlPlNDAMAwQC
U+VkAwQAU+VmAwQC1f/UAwQC1f/cAwQD1f/oAwQC1f/8MA0GCSqGSIb3DQEBCwUA
A4IBAQA7/IT2PGbWg+KwHCdzdJTXTHxEHtL/tNk/eR/l/FjHwrKScnODhVZpnRdg
gkLNBWywHvtU9macEdJ5QXYvTmwf1Ry4aJvA5KEJDlxrunjOsYAJgGaLooNvydU7
2vYDjZjMBJwHRRP1OY/OhL8a0Ob4kHIFAYRPEcGm1eyuSJrKa6klUWGFLB+8Cu4p
OHTN4NvdBoYr9cfE7fRFhMl0b5srUQdD+5nULs+rVQ0jNIRSlMEnJT7sDyx6tZ/t
YhDWAybjqG2+K/WKs6Dv8hcmHoJT41s+iC4ywCYmekfheXE2iTuULFTSQDAXpidg
OHoRKuf69bDMZ4i6O0/+hEFheuhH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:33 2024 by rpki-client on console-ams.rpki-client.org