Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/9T8SGFob8mM9oTB5wiat4WBBXok.roa
File: 9T8SGFob8mM9oTB5wiat4WBBXok.roa (raw, json)
Hash identifier: f7kqgiEBRUvZG4G6hbE4WBYgunZMy33Uod+cHy0N+7k=
Subject key identifier: F5:3F:12:18:5A:1B:F2:63:3D:A1:30:79:C2:26:AD:E1:60:41:5E:89
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 01856FE6FA746D6C5E95C1DF880BF0478F45
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/9T8SGFob8mM9oTB5wiat4WBBXok.roa
Signing time: Mon 02 Jan 2023 00:34:46 +0000
ROA not before: Mon 02 Jan 2023 00:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.122.202.0/24 maxlen: 24
185.122.200.0/24 maxlen: 24
185.122.201.0/24 maxlen: 24
185.122.203.0/24 maxlen: 24
185.198.72.0/24 maxlen: 24
185.198.75.0/24 maxlen: 24
185.198.74.0/24 maxlen: 24
185.130.57.0/24 maxlen: 24
185.130.58.0/24 maxlen: 24
185.130.59.0/24 maxlen: 24
2a07:cd00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:fa:74:6d:6c:5e:95:c1:df:88:0b:f0:47:8f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Jan 2 00:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f53f12185a1bf2633da13079c226ade160415e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9d:55:8c:d2:78:1b:d8:db:1e:6f:19:63:17:
6d:f5:38:2b:f1:69:41:89:41:53:98:96:37:3f:d2:
05:41:89:ef:11:3d:58:92:4c:62:77:c6:ff:47:97:
af:23:d2:19:ee:4d:c4:e1:8d:df:d5:66:43:b5:e3:
04:eb:af:8f:3a:1e:df:b3:7a:6a:a0:f4:f0:2d:dd:
99:7f:60:b8:df:84:bd:8b:2d:03:08:78:44:ed:6b:
c2:57:8b:c6:84:bf:8f:df:a4:d3:5b:9e:59:c3:9b:
a4:74:12:15:ed:c1:47:9c:d7:1b:08:6e:f7:af:df:
fa:85:ac:19:1f:fe:ec:7a:ad:08:61:10:05:2c:9a:
f8:17:4a:80:f0:c4:a2:25:26:52:c3:6c:1d:0f:ab:
76:42:50:59:af:b7:b9:ad:a9:59:80:67:95:24:80:
3c:20:2a:fc:3d:ce:a6:bd:0c:88:f0:4d:2f:d6:87:
fa:b5:e3:a7:f6:4e:f2:2d:e5:7c:5d:a2:84:9f:0c:
ed:5b:29:df:33:38:19:b6:8f:de:f4:81:a4:d5:07:
09:3a:23:a0:5f:58:8c:ec:aa:9b:35:b6:1a:1f:36:
b3:a1:7b:be:5d:56:cf:3c:b2:c6:77:ad:74:eb:bc:
06:d6:ac:16:1a:5a:87:8d:69:04:62:0e:c0:e9:b1:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3F:12:18:5A:1B:F2:63:3D:A1:30:79:C2:26:AD:E1:60:41:5E:89
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/9T8SGFob8mM9oTB5wiat4WBBXok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.200.0/22
185.130.57.0-185.130.59.255
185.198.72.0/24
185.198.74.0/23
IPv6:
2a07:cd00::/48
Signature Algorithm: sha256WithRSAEncryption
3d:f1:76:02:37:f6:19:e1:df:e1:53:20:48:7d:b1:34:23:31:
88:38:9e:20:cf:f7:84:e8:ec:87:8a:f0:2b:e5:2d:32:d1:ed:
f3:b4:2e:e2:36:98:93:2f:50:2b:e9:0d:a0:8e:02:e7:2a:12:
d6:ef:b6:51:14:93:15:d6:65:cb:03:8f:aa:47:2d:c8:83:a9:
f4:9d:86:ce:e2:e5:42:62:cc:a9:c9:8f:56:44:cd:55:e6:f7:
84:4c:a3:08:df:97:59:58:6a:5b:a6:0d:18:61:93:d6:f2:ed:
8c:0f:70:ff:63:30:13:3a:ae:e9:19:3f:cd:e6:b0:f3:ba:e3:
a7:5e:12:c9:a8:bd:41:15:67:33:5e:72:99:d0:e2:eb:03:8e:
e8:8a:27:16:dd:b6:dd:6f:b4:38:79:d9:03:b9:1a:a3:ab:c4:
60:86:30:49:2c:eb:a4:d0:71:03:15:80:8e:e7:d1:be:1c:45:
f8:c9:65:9e:5d:4b:07:8f:c5:df:62:c1:09:8f:fb:52:fe:eb:
4f:01:1f:4d:a8:88:dc:09:ca:e0:de:fd:75:db:06:88:f5:59:
bd:cd:4f:0c:72:11:4d:02:02:e9:9a:09:cd:c0:89:be:95:6e:
17:48:9e:6e:5d:6a:2c:8d:01:02:f8:91:db:87:ff:fb:03:5f:
a9:5e:45:2b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVv5vp0bWxelcHfiAvwR49FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjMwMTAyMDAzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNmMTIxODVhMWJmMjYzM2RhMTMwNzljMjI2YWRlMTYwNDE1ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop1VjNJ4G9jbHm8ZYxdt9Tgr8WlB
iUFTmJY3P9IFQYnvET1Ykkxid8b/R5evI9IZ7k3E4Y3f1WZDteME66+POh7fs3pq
oPTwLd2Zf2C434S9iy0DCHhE7WvCV4vGhL+P36TTW55Zw5ukdBIV7cFHnNcbCG73
r9/6hawZH/7seq0IYRAFLJr4F0qA8MSiJSZSw2wdD6t2QlBZr7e5ralZgGeVJIA8
ICr8Pc6mvQyI8E0v1of6teOn9k7yLeV8XaKEnwztWynfMzgZto/e9IGk1QcJOiOg
X1iM7KqbNbYaHzazoXu+XVbPPLLGd61067wG1qwWGlqHjWkEYg7A6bF4BwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPU/EhhaG/JjPaEwecImreFgQV6JMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvOVQ4U0dGb2I4bU05b1RCNXdpYXQ0V0JCWG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQCuXrIMAwD
BAC5gjkDBAK5gjgDBAC5xkgDBAG5xkowDwQCAAIwCQMHACoHzQAAADANBgkqhkiG
9w0BAQsFAAOCAQEAPfF2Ajf2GeHf4VMgSH2xNCMxiDieIM/3hOjsh4rwK+UtMtHt
87Qu4jaYky9QK+kNoI4C5yoS1u+2URSTFdZlywOPqkctyIOp9J2GzuLlQmLMqcmP
VkTNVeb3hEyjCN+XWVhqW6YNGGGT1vLtjA9w/2MwEzqu6Rk/zeaw87rjp14Syai9
QRVnM15ymdDi6wOO6IonFt223W+0OHnZA7kao6vEYIYwSSzrpNBxAxWAjufRvhxF
+Mllnl1LB4/F32LBCY/7Uv7rTwEfTaiI3AnK4N79ddsGiPVZvc1PDHIRTQIC6ZoJ
zcCJvpVuF0iebl1qLI0BAviR24f/+wNfqV5FKw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:36 2025 by rpki-client