Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/lUBqw3xCwI3aFVKgkvDO53Dpfgs.roa
File: lUBqw3xCwI3aFVKgkvDO53Dpfgs.roa (raw, json)
Hash identifier: /JtAzGpU+QaV0BSIRXGk0Wn4fXt7VRBEkf/2/+/Xk98=
Subject key identifier: 95:40:6A:C3:7C:42:C0:8D:DA:15:52:A0:92:F0:CE:E7:70:E9:7E:0B
Certificate issuer: /CN=5f864c6019052d30ef3da57646b860fae4a3c76d
Certificate serial: 018CC725AD866E955C3F05240F74FE5D96EE
Authority key identifier: 5F:86:4C:60:19:05:2D:30:EF:3D:A5:76:46:B8:60:FA:E4:A3:C7:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/lUBqw3xCwI3aFVKgkvDO53Dpfgs.roa
Signing time: Mon 01 Jan 2024 22:29:44 +0000
ROA not before: Mon 01 Jan 2024 22:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200780
IP address blocks: 91.234.104.0/22 maxlen: 22
194.106.208.0/23 maxlen: 23
95.178.108.0/22 maxlen: 22
185.121.164.0/22 maxlen: 22
195.35.96.0/24 maxlen: 24
88.218.32.0/23 maxlen: 23
195.133.148.0/22 maxlen: 22
77.236.98.0/23 maxlen: 23
2a10:780::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:ad:86:6e:95:5c:3f:05:24:0f:74:fe:5d:96:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f864c6019052d30ef3da57646b860fae4a3c76d
Validity
Not Before: Jan 1 22:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95406ac37c42c08dda1552a092f0cee770e97e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8c:d8:11:e6:64:97:81:0a:f4:47:89:69:36:
d0:c7:53:a1:43:fd:c4:38:3a:68:7d:10:a6:72:67:
68:fa:e9:11:e4:b7:06:01:06:64:bd:12:c7:f7:08:
ff:ea:02:d7:c1:f7:5e:b7:ab:3b:8d:ad:1b:ba:76:
91:cb:e5:da:ef:56:4d:c7:b9:1a:cc:68:09:ce:2d:
51:2b:9c:af:2f:ae:d1:85:0e:a7:64:1a:ee:7d:e4:
6b:5f:1e:97:3d:cc:0f:6f:6c:87:af:43:a5:67:cb:
70:b3:e6:49:bc:15:99:3e:40:5b:10:5c:f2:3e:23:
65:e5:ca:53:25:ec:e4:87:3a:3d:3c:3b:45:7d:69:
ae:21:66:0f:02:21:b6:bb:d8:5b:c0:85:d3:c0:1e:
e1:ee:85:c8:b8:f0:bc:af:aa:cc:f1:a7:9c:c5:82:
33:8f:07:e0:cc:7d:61:12:f7:96:e1:e7:84:4e:a6:
fa:7f:85:96:df:4d:06:45:53:66:29:f4:93:bd:1e:
82:9b:ff:42:71:1e:36:be:7f:70:c0:66:88:a4:32:
26:55:35:c0:cc:13:ef:fc:6d:dc:95:b2:9d:ef:53:
e0:0f:01:2f:a0:2a:a4:c0:81:63:ff:d7:50:d5:44:
a6:41:8b:7e:c8:19:2f:50:e1:88:ae:d9:ac:32:cc:
ab:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:40:6A:C3:7C:42:C0:8D:DA:15:52:A0:92:F0:CE:E7:70:E9:7E:0B
X509v3 Authority Key Identifier:
keyid:5F:86:4C:60:19:05:2D:30:EF:3D:A5:76:46:B8:60:FA:E4:A3:C7:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/lUBqw3xCwI3aFVKgkvDO53Dpfgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/526ecd-d54c-4686-afc4-617c79105cb2/1/X4ZMYBkFLTDvPaV2Rrhg-uSjx20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.236.98.0/23
88.218.32.0/23
91.234.104.0/22
95.178.108.0/22
185.121.164.0/22
194.106.208.0/23
195.35.96.0/24
195.133.148.0/22
IPv6:
2a10:780::/32
Signature Algorithm: sha256WithRSAEncryption
45:a2:50:66:78:45:8f:d1:d4:a9:b9:73:64:9f:65:f7:a1:e2:
64:81:77:67:59:f3:5c:fd:a4:f1:dd:39:61:8e:f6:de:17:6b:
8f:ea:2d:6b:71:45:1e:4f:6b:f5:be:55:f2:b5:5d:de:ff:e8:
5f:4b:af:15:f0:b6:a4:39:9c:03:63:5e:bb:01:ca:4c:01:3f:
83:1c:5e:b4:41:36:e2:35:9a:22:9f:36:e8:1e:82:84:cd:7f:
47:db:85:f4:7f:6a:94:c3:dc:f7:2e:ce:72:13:9c:6e:83:06:
ed:23:a1:79:88:0d:0f:b0:52:a3:41:8a:e5:c0:4f:1d:05:59:
82:aa:48:c9:22:0e:ac:c0:bc:58:e2:39:1c:14:53:c0:66:d5:
92:15:28:20:20:29:6c:80:d5:ad:5d:c9:d1:ec:0b:95:2a:9f:
87:b0:60:d8:fc:ed:c9:53:c9:70:ae:d9:fd:22:e5:83:48:43:
06:7f:b9:1f:51:fe:fc:79:d5:17:fa:6e:50:38:9d:75:48:59:
4a:a7:91:76:dd:59:ac:be:50:52:21:42:7f:f2:e8:d3:12:a8:
54:13:19:e6:ab:06:f5:c8:df:8f:22:b2:2b:4f:e0:97:63:81:
84:a3:3f:c2:2d:4f:82:79:e1:f0:c6:0f:a7:19:01:44:23:3e:
ea:7d:fd:ab
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzHJa2GbpVcPwUkD3T+XZbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmODY0YzYwMTkwNTJkMzBlZjNkYTU3NjQ2Yjg2MGZhZTRh
M2M3NmQwHhcNMjQwMTAxMjIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTQwNmFjMzdjNDJjMDhkZGExNTUyYTA5MmYwY2VlNzcwZTk3ZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYzYEeZkl4EK9EeJaTbQx1OhQ/3E
ODpofRCmcmdo+ukR5LcGAQZkvRLH9wj/6gLXwfdet6s7ja0bunaRy+Xa71ZNx7ka
zGgJzi1RK5yvL67RhQ6nZBrufeRrXx6XPcwPb2yHr0OlZ8tws+ZJvBWZPkBbEFzy
PiNl5cpTJezkhzo9PDtFfWmuIWYPAiG2u9hbwIXTwB7h7oXIuPC8r6rM8aecxYIz
jwfgzH1hEveW4eeETqb6f4WW300GRVNmKfSTvR6Cm/9CcR42vn9wwGaIpDImVTXA
zBPv/G3clbKd71PgDwEvoCqkwIFj/9dQ1USmQYt+yBkvUOGIrtmsMsyrawIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJVAasN8QsCN2hVSoJLwzudw6X4LMB8GA1UdIwQY
MBaAFF+GTGAZBS0w7z2ldka4YPrko8dtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDRaTVlCa0ZMVER2UGFWMlJyaGctdVNqeDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81MjZlY2QtZDU0Yy00Njg2LWFmYzQt
NjE3Yzc5MTA1Y2IyLzEvbFVCcXczeEN3STNhRlZLZ2t2RE81M0RwZmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81MjZlY2QtZDU0Yy00Njg2LWFmYzQtNjE3Yzc5MTA1Y2Iy
LzEvWDRaTVlCa0ZMVER2UGFWMlJyaGctdVNqeDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBTexiAwQB
WNogAwQCW+poAwQCX7JsAwQCuXmkAwQBwmrQAwQAwyNgAwQCw4WUMA0EAgACMAcD
BQAqEAeAMA0GCSqGSIb3DQEBCwUAA4IBAQBFolBmeEWP0dSpuXNkn2X3oeJkgXdn
WfNc/aTx3TlhjvbeF2uP6i1rcUUeT2v1vlXytV3e/+hfS68V8LakOZwDY167AcpM
AT+DHF60QTbiNZoinzboHoKEzX9H24X0f2qUw9z3Ls5yE5xugwbtI6F5iA0PsFKj
QYrlwE8dBVmCqkjJIg6swLxY4jkcFFPAZtWSFSggIClsgNWtXcnR7AuVKp+HsGDY
/O3JU8lwrtn9IuWDSEMGf7kfUf78edUX+m5QOJ11SFlKp5F23VmsvlBSIUJ/8ujT
EqhUExnmqwb1yN+PIrIrT+CXY4GEoz/CLU+CeeHwxg+nGQFEIz7qff2r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org