Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/N2LPX0BG4qvf_bojl1hbyfKv-lA.roa
File: N2LPX0BG4qvf_bojl1hbyfKv-lA.roa (raw, json)
Hash identifier: G4MIDb47gUgvopsemE1TXON/0BWXyrFWyuBms8cbnPk=
Subject key identifier: 37:62:CF:5F:40:46:E2:AB:DF:FD:BA:23:97:58:5B:C9:F2:AF:FA:50
Certificate issuer: /CN=5f864c6019052d30ef3da57646b860fae4a3c76d
Certificate serial: 01881065D5A31C65596F0D636A16E2BBE1FD
Authority key identifier: 5F:86:4C:60:19:05:2D:30:EF:3D:A5:76:46:B8:60:FA:E4:A3:C7:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/N2LPX0BG4qvf_bojl1hbyfKv-lA.roa
Signing time: Fri 12 May 2023 14:38:09 +0000
ROA not before: Fri 12 May 2023 14:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200780
IP address blocks: 91.234.104.0/22 maxlen: 22
194.106.208.0/23 maxlen: 23
95.178.108.0/22 maxlen: 22
185.121.164.0/22 maxlen: 22
195.35.96.0/24 maxlen: 24
88.218.32.0/23 maxlen: 23
195.133.148.0/22 maxlen: 22
77.236.98.0/23 maxlen: 23
2a10:780::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:65:d5:a3:1c:65:59:6f:0d:63:6a:16:e2:bb:e1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f864c6019052d30ef3da57646b860fae4a3c76d
Validity
Not Before: May 12 14:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3762cf5f4046e2abdffdba2397585bc9f2affa50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:07:79:27:da:63:be:29:d5:48:b4:66:02:dc:
28:be:68:c8:56:de:60:4e:59:9a:0d:c4:e1:0a:be:
4b:4e:bf:2f:5e:4f:77:c5:57:90:47:b3:3f:88:44:
5d:87:a8:4d:8f:99:05:46:8b:71:43:88:03:28:57:
49:91:2e:5b:0b:98:9d:11:0e:d1:29:73:6f:db:0d:
2b:e4:22:5d:4d:c7:64:1c:cc:0b:39:01:07:47:28:
28:8d:19:ee:bd:d9:87:6d:51:41:aa:e4:3d:db:68:
a6:86:03:11:6f:09:1a:67:09:8c:ac:f2:34:cb:d9:
a1:f0:44:7b:2b:aa:11:88:11:ed:52:4e:cf:2b:71:
da:f5:7e:08:31:d8:db:9a:48:9c:1c:ec:dd:33:ce:
41:20:f9:b8:cc:e9:33:fb:94:65:f4:1d:aa:ef:34:
11:29:fa:94:9b:cd:13:ae:49:50:7c:0e:b1:4c:bd:
67:86:85:c7:f0:7f:7d:e8:11:d7:8e:8a:4d:fe:1f:
cb:99:21:6c:60:6b:f8:40:09:96:77:33:16:ab:bf:
53:4d:4b:bf:86:d6:a6:bb:a0:fd:9a:7f:7c:dc:52:
29:4d:45:3b:1e:bf:4d:ba:ec:62:98:46:22:13:7a:
2f:59:b5:e6:27:ef:94:aa:a1:11:b0:ce:dc:f9:c1:
4e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:62:CF:5F:40:46:E2:AB:DF:FD:BA:23:97:58:5B:C9:F2:AF:FA:50
X509v3 Authority Key Identifier:
keyid:5F:86:4C:60:19:05:2D:30:EF:3D:A5:76:46:B8:60:FA:E4:A3:C7:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/N2LPX0BG4qvf_bojl1hbyfKv-lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.236.98.0/23
88.218.32.0/23
91.234.104.0/22
95.178.108.0/22
185.121.164.0/22
194.106.208.0/23
195.35.96.0/24
195.133.148.0/22
IPv6:
2a10:780::/32
Signature Algorithm: sha256WithRSAEncryption
93:ac:92:d8:0b:6e:69:17:f2:09:7f:bd:fe:2c:8c:ad:45:61:
48:d0:f6:a0:8b:81:e8:37:80:c8:f8:36:6d:96:35:e9:40:57:
4d:65:b7:46:ec:b6:fd:05:2d:7d:ca:ba:4e:62:45:5d:94:06:
9c:fe:4e:45:c5:14:51:ef:5f:4f:aa:7e:d2:de:32:0d:ed:36:
a1:90:8e:73:28:69:ba:3a:cf:b1:32:11:f2:1b:6f:14:e6:b6:
9b:31:29:a1:93:40:25:e1:72:a2:0d:3b:66:05:b7:11:f7:77:
89:da:f2:a7:6f:be:3a:3e:46:cb:58:f5:14:9d:fc:76:a2:28:
68:a8:a0:ce:30:d8:f0:19:17:5c:20:90:e7:93:1a:a3:08:94:
0e:72:84:2d:d7:3d:ab:fd:d9:77:0d:11:d0:27:c3:1f:d4:16:
e4:12:b0:b4:ab:d2:9e:42:b8:b1:9c:a8:e0:aa:ff:6c:d9:47:
0a:07:87:d7:4b:ef:a8:09:92:0b:b2:d9:38:b1:8e:8d:7e:0e:
c2:0d:8d:05:bf:94:f5:3c:22:7b:fd:67:d2:35:d3:4c:8b:8a:
d6:45:ad:53:91:37:d8:30:b6:36:42:44:45:99:e9:d8:5a:d2:
ae:cf:f6:f0:2a:25:87:a3:8d:0c:f8:44:52:d2:b4:04:8c:05:
26:06:08:fc
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYgQZdWjHGVZbw1jahbiu+H9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmODY0YzYwMTkwNTJkMzBlZjNkYTU3NjQ2Yjg2MGZhZTRh
M2M3NmQwHhcNMjMwNTEyMTQzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzYyY2Y1ZjQwNDZlMmFiZGZmZGJhMjM5NzU4NWJjOWYyYWZmYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ad5J9pjvinVSLRmAtwovmjIVt5g
TlmaDcThCr5LTr8vXk93xVeQR7M/iERdh6hNj5kFRotxQ4gDKFdJkS5bC5idEQ7R
KXNv2w0r5CJdTcdkHMwLOQEHRygojRnuvdmHbVFBquQ922imhgMRbwkaZwmMrPI0
y9mh8ER7K6oRiBHtUk7PK3Ha9X4IMdjbmkicHOzdM85BIPm4zOkz+5Rl9B2q7zQR
KfqUm80TrklQfA6xTL1nhoXH8H996BHXjopN/h/LmSFsYGv4QAmWdzMWq79TTUu/
htamu6D9mn983FIpTUU7Hr9NuuximEYiE3ovWbXmJ++UqqERsM7c+cFOOwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDdiz19ARuKr3/26I5dYW8nyr/pQMB8GA1UdIwQY
MBaAFF+GTGAZBS0w7z2ldka4YPrko8dtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDRaTVlCa0ZMVER2UGFWMlJyaGctdVNqeDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81MjZlY2QtZDU0Yy00Njg2LWFmYzQt
NjE3Yzc5MTA1Y2IyLzEvTjJMUFgwQkc0cXZmX2JvamwxaGJ5Zkt2LWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81MjZlY2QtZDU0Yy00Njg2LWFmYzQtNjE3Yzc5MTA1Y2Iy
LzEvWDRaTVlCa0ZMVER2UGFWMlJyaGctdVNqeDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBTexiAwQB
WNogAwQCW+poAwQCX7JsAwQCuXmkAwQBwmrQAwQAwyNgAwQCw4WUMA0EAgACMAcD
BQAqEAeAMA0GCSqGSIb3DQEBCwUAA4IBAQCTrJLYC25pF/IJf73+LIytRWFI0Pag
i4HoN4DI+DZtljXpQFdNZbdG7Lb9BS19yrpOYkVdlAac/k5FxRRR719Pqn7S3jIN
7TahkI5zKGm6Os+xMhHyG28U5rabMSmhk0Al4XKiDTtmBbcR93eJ2vKnb746PkbL
WPUUnfx2oihoqKDOMNjwGRdcIJDnkxqjCJQOcoQt1z2r/dl3DRHQJ8Mf1BbkErC0
q9KeQrixnKjgqv9s2UcKB4fXS++oCZILstk4sY6Nfg7CDY0Fv5T1PCJ7/WfSNdNM
i4rWRa1TkTfYMLY2QkRFmenYWtKuz/bwKiWHo40M+ERS0rQEjAUmBgj8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org