Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/4nPJNwNCcnjFn42KpraPVohptlk.roa
File: 4nPJNwNCcnjFn42KpraPVohptlk.roa (raw, json)
Hash identifier: swhhQrpFc7FXuDM1xRCj6xOmToViUDjfOZTY0OOY2Oc=
Subject key identifier: E2:73:C9:37:03:42:72:78:C5:9F:8D:8A:A6:B6:8F:56:88:69:B6:59
Certificate issuer: /CN=5f864c6019052d30ef3da57646b860fae4a3c76d
Certificate serial: 0182FDDF8D84A3D21573237870F3A791DF8B
Authority key identifier: 5F:86:4C:60:19:05:2D:30:EF:3D:A5:76:46:B8:60:FA:E4:A3:C7:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/4nPJNwNCcnjFn42KpraPVohptlk.roa
Signing time: Fri 02 Sep 2022 11:04:22 +0000
ROA not before: Fri 02 Sep 2022 11:04:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200780
IP address blocks: 91.234.104.0/22 maxlen: 22
194.106.208.0/23 maxlen: 23
95.178.108.0/22 maxlen: 22
195.35.96.0/24 maxlen: 24
195.133.148.0/22 maxlen: 22
2a10:780::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fd:df:8d:84:a3:d2:15:73:23:78:70:f3:a7:91:df:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f864c6019052d30ef3da57646b860fae4a3c76d
Validity
Not Before: Sep 2 11:04:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e273c93703427278c59f8d8aa6b68f568869b659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c7:d4:b6:20:13:ba:59:7b:af:38:aa:13:ec:
52:4b:75:81:64:68:de:84:73:93:ce:fd:fd:31:a8:
93:1a:b3:cb:f6:a8:1b:72:46:a6:03:e1:c1:8f:f2:
34:e5:d3:f0:c5:ff:c3:bd:5b:a9:48:de:28:70:89:
c2:34:85:0d:ff:21:4b:c1:55:51:de:93:ee:c0:82:
86:24:1a:bb:6f:57:64:8f:98:bc:43:0c:6f:a4:52:
34:c5:39:3f:b3:7a:42:df:a7:10:f2:4b:72:3a:02:
41:3c:fd:20:9a:fa:02:ec:78:67:d1:36:46:7e:c1:
60:7a:be:17:73:3e:ee:99:2c:93:18:77:1a:4d:1f:
f7:a8:59:a2:fe:30:83:cd:d5:5f:06:5d:69:9b:47:
b6:7c:ec:05:b0:c4:eb:23:16:9a:f5:bc:a1:ea:8c:
d9:d2:1c:ce:4c:6a:0f:53:5c:c1:03:cf:cd:ab:ef:
a9:19:c6:ac:83:6a:ab:0a:8c:b8:93:80:17:fa:c6:
dc:69:ba:d0:2e:1e:13:73:fb:9b:40:cc:a9:a5:29:
7b:62:8a:31:1d:32:e3:88:fe:a0:4c:24:70:35:9b:
cb:3e:fa:cf:b6:52:9a:01:ba:fb:56:a5:8d:8d:65:
52:b5:0a:1a:a9:2e:05:65:82:e9:dc:da:dc:28:be:
27:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:73:C9:37:03:42:72:78:C5:9F:8D:8A:A6:B6:8F:56:88:69:B6:59
X509v3 Authority Key Identifier:
keyid:5F:86:4C:60:19:05:2D:30:EF:3D:A5:76:46:B8:60:FA:E4:A3:C7:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/4nPJNwNCcnjFn42KpraPVohptlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.104.0/22
95.178.108.0/22
194.106.208.0/23
195.35.96.0/24
195.133.148.0/22
IPv6:
2a10:780::/32
Signature Algorithm: sha256WithRSAEncryption
54:85:76:9c:b5:d2:9d:8d:6f:f9:3b:c4:be:9f:66:cd:a2:05:
9c:79:8f:b7:f5:40:05:63:bd:40:e3:d7:7a:1e:8f:8c:e6:55:
bd:8b:29:5b:49:98:26:ce:56:45:3b:72:d6:87:3e:c3:e9:37:
da:2b:30:ab:b3:65:19:5e:ca:e9:4b:cc:cb:b0:4f:cf:20:63:
a2:e9:b8:13:fd:05:3e:9c:0c:00:d9:c6:55:8d:28:d8:b9:53:
f5:27:42:77:a5:92:a5:47:08:8c:ec:d7:8f:8e:8f:9e:85:82:
b9:58:4c:bf:47:eb:db:cc:61:dc:e7:67:8b:67:3b:10:71:d8:
63:f6:fd:16:5b:33:6d:49:7d:03:57:53:7d:aa:15:4b:1b:0b:
69:35:23:78:01:22:3d:f5:7d:92:ab:28:20:e8:f0:f9:7c:61:
68:41:95:0d:53:70:18:bc:71:23:4e:ea:53:92:2c:d8:de:49:
23:eb:e0:d8:0c:c8:c5:4b:fe:eb:ce:15:5e:be:fa:b6:30:f7:
63:6f:43:48:38:22:1e:dc:4e:c2:04:8e:46:d2:89:36:2d:04:
7a:8b:a5:25:6c:65:81:c5:35:02:97:3a:ca:da:75:85:f9:c6:
31:59:bf:5b:df:9d:f7:34:fc:d1:a3:f5:07:9c:ee:67:11:9d:
27:ec:58:50
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYL9342Eo9IVcyN4cPOnkd+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmODY0YzYwMTkwNTJkMzBlZjNkYTU3NjQ2Yjg2MGZhZTRh
M2M3NmQwHhcNMjIwOTAyMTEwNDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjczYzkzNzAzNDI3Mjc4YzU5ZjhkOGFhNmI2OGY1Njg4NjliNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsfUtiATull7rziqE+xSS3WBZGje
hHOTzv39MaiTGrPL9qgbckamA+HBj/I05dPwxf/DvVupSN4ocInCNIUN/yFLwVVR
3pPuwIKGJBq7b1dkj5i8QwxvpFI0xTk/s3pC36cQ8ktyOgJBPP0gmvoC7Hhn0TZG
fsFger4Xcz7umSyTGHcaTR/3qFmi/jCDzdVfBl1pm0e2fOwFsMTrIxaa9byh6ozZ
0hzOTGoPU1zBA8/Nq++pGcasg2qrCoy4k4AX+sbcabrQLh4Tc/ubQMyppSl7Yoox
HTLjiP6gTCRwNZvLPvrPtlKaAbr7VqWNjWVStQoaqS4FZYLp3NrcKL4nxQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOJzyTcDQnJ4xZ+Niqa2j1aIabZZMB8GA1UdIwQY
MBaAFF+GTGAZBS0w7z2ldka4YPrko8dtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDRaTVlCa0ZMVER2UGFWMlJyaGctdVNqeDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81MjZlY2QtZDU0Yy00Njg2LWFmYzQt
NjE3Yzc5MTA1Y2IyLzEvNG5QSk53TkNjbmpGbjQyS3ByYVBWb2hwdGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81MjZlY2QtZDU0Yy00Njg2LWFmYzQtNjE3Yzc5MTA1Y2Iy
LzEvWDRaTVlCa0ZMVER2UGFWMlJyaGctdVNqeDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW+poAwQC
X7JsAwQBwmrQAwQAwyNgAwQCw4WUMA0EAgACMAcDBQAqEAeAMA0GCSqGSIb3DQEB
CwUAA4IBAQBUhXactdKdjW/5O8S+n2bNogWceY+39UAFY71A49d6Ho+M5lW9iylb
SZgmzlZFO3LWhz7D6TfaKzCrs2UZXsrpS8zLsE/PIGOi6bgT/QU+nAwA2cZVjSjY
uVP1J0J3pZKlRwiM7NePjo+ehYK5WEy/R+vbzGHc52eLZzsQcdhj9v0WWzNtSX0D
V1N9qhVLGwtpNSN4ASI99X2Sqygg6PD5fGFoQZUNU3AYvHEjTupTkizY3kkj6+DY
DMjFS/7rzhVevvq2MPdjb0NIOCIe3E7CBI5G0ok2LQR6i6UlbGWBxTUClzrK2nWF
+cYxWb9b3533NPzRo/UHnO5nEZ0n7FhQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org