Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/5jqOniso354jksNAFt9oFguBYtw.roa
File: 5jqOniso354jksNAFt9oFguBYtw.roa (raw, json)
Hash identifier: kMIPeOBnKgW4xbJk6ue/NfNtp+wharixvPnyPRl4E+U=
Subject key identifier: E6:3A:8E:9E:2B:28:DF:9E:23:92:C3:40:16:DF:68:16:0B:81:62:DC
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0186E54EBB0B2C97A6EEAA4886635C75F508
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/5jqOniso354jksNAFt9oFguBYtw.roa
Signing time: Wed 15 Mar 2023 12:46:27 +0000
ROA not before: Wed 15 Mar 2023 12:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.133.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.137.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.160.0/22 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
37.49.144.0/22 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:4e:bb:0b:2c:97:a6:ee:aa:48:86:63:5c:75:f5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 15 12:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e63a8e9e2b28df9e2392c34016df68160b8162dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:53:63:e1:4c:ad:66:8b:24:b6:ee:e8:a6:82:
1c:16:c2:c7:eb:ac:2a:8d:26:2b:01:0c:61:e5:d8:
09:eb:f5:9c:7f:8a:fc:92:77:f7:7b:8f:43:40:17:
73:4c:5b:f8:da:1a:4c:81:be:d4:24:9b:cf:3c:b4:
c2:ba:b2:53:bf:3e:10:64:e4:29:ee:b4:85:51:67:
e5:97:03:9e:d2:ac:86:70:15:6d:75:c9:06:48:04:
f5:9d:10:d4:bd:fd:f0:50:f0:7b:0f:46:ab:36:cb:
1c:5c:8b:91:88:f4:d0:2a:b8:71:2f:e4:33:81:d2:
d4:61:2a:72:4e:6d:62:ce:c7:95:a8:f6:72:7f:3c:
0a:5e:2a:da:28:d2:84:19:2c:35:23:de:33:fd:39:
37:b3:f4:37:47:21:d4:29:20:ee:b6:bf:1f:ec:44:
12:9c:82:42:3b:eb:aa:ff:09:9b:de:70:7a:37:56:
3a:fa:06:a7:88:40:0f:c4:c0:02:f2:d3:72:47:94:
a7:82:a8:63:f9:be:ac:2a:54:99:30:b2:a9:1b:00:
0f:f3:e9:19:aa:2a:e0:90:f3:b1:cd:a9:2a:d9:9d:
d8:56:b5:ce:85:cf:5e:25:5b:8e:3d:a0:1d:74:61:
b5:a1:3f:f6:e4:7f:61:a9:ce:75:00:3f:5a:9f:57:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:3A:8E:9E:2B:28:DF:9E:23:92:C3:40:16:DF:68:16:0B:81:62:DC
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/5jqOniso354jksNAFt9oFguBYtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/21
94.74.140.0/24
94.74.147.0/24
94.74.156.0/24
94.74.158.0/23
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
176.46.128.0-176.46.137.255
Signature Algorithm: sha256WithRSAEncryption
22:91:0b:0d:ef:f8:b3:3c:de:b0:1c:91:97:c8:92:af:f9:32:
33:f7:6f:52:70:7a:9a:fc:86:2d:ae:fd:2c:9b:e0:15:44:14:
d5:f9:c0:cf:2a:dc:d4:92:4f:45:76:76:a4:fa:6f:5b:d8:b1:
45:fb:c7:64:86:87:cb:08:da:b8:19:d8:06:ef:dd:a9:b8:18:
50:da:df:41:02:59:21:7d:13:86:d6:71:e0:cb:64:9a:ee:3d:
7c:09:28:77:5d:a7:69:e9:0a:e2:b9:9f:71:b1:b7:50:dc:0b:
25:a0:7c:be:f4:c5:03:b0:22:da:3c:5d:4c:f3:95:59:a5:a5:
ff:49:90:a7:da:73:54:83:2c:1d:ac:49:70:1f:62:91:0d:8d:
3b:b0:ff:2a:3f:3d:80:a0:f5:4a:21:fc:3b:8e:1a:82:2a:57:
7b:02:17:9b:aa:9f:eb:7f:4a:28:d0:0f:e1:71:bd:cf:2a:2b:
4c:d6:a5:5f:2c:2a:f1:3d:82:63:91:99:fc:c3:a4:64:ce:5e:
d4:ea:94:7f:2a:bc:39:c5:87:19:c2:b8:19:69:8b:e6:cc:b2:
64:00:10:99:c9:79:e5:1a:61:ec:56:de:c7:75:7a:ef:ac:8d:
d3:d0:48:59:85:8b:83:7d:41:12:33:83:45:ef:86:76:01:08:
0b:2d:53:27
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYblTrsLLJem7qpIhmNcdfUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMzE1MTI0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjNhOGU5ZTJiMjhkZjllMjM5MmMzNDAxNmRmNjgxNjBiODE2MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlNj4UytZosktu7opoIcFsLH66wq
jSYrAQxh5dgJ6/Wcf4r8knf3e49DQBdzTFv42hpMgb7UJJvPPLTCurJTvz4QZOQp
7rSFUWfllwOe0qyGcBVtdckGSAT1nRDUvf3wUPB7D0arNsscXIuRiPTQKrhxL+Qz
gdLUYSpyTm1izseVqPZyfzwKXiraKNKEGSw1I94z/Tk3s/Q3RyHUKSDutr8f7EQS
nIJCO+uq/wmb3nB6N1Y6+ganiEAPxMAC8tNyR5Sngqhj+b6sKlSZMLKpGwAP8+kZ
qirgkPOxzakq2Z3YVrXOhc9eJVuOPaAddGG1oT/25H9hqc51AD9an1dENQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOY6jp4rKN+eI5LDQBbfaBYLgWLcMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvNWpxT25pc28zNTRqa3NOQUZ0OW9GZ3VCWXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAH6o3AwQD
JTGQAwQAXkqMAwQAXkqTAwQAXkqcAwQBXkqeAwQAXkqkAwQBXkqoAwQAXkqrAwQA
XkqtAwQAXkq7AwQAXkq/AwQDbcugMAwDBAewLoADBAGwLogwDQYJKoZIhvcNAQEL
BQADggEBACKRCw3v+LM83rAckZfIkq/5MjP3b1Jwepr8hi2u/Syb4BVEFNX5wM8q
3NSST0V2dqT6b1vYsUX7x2SGh8sI2rgZ2Abv3am4GFDa30ECWSF9E4bWceDLZJru
PXwJKHddp2npCuK5n3Gxt1DcCyWgfL70xQOwIto8XUzzlVmlpf9JkKfac1SDLB2s
SXAfYpENjTuw/yo/PYCg9Uoh/DuOGoIqV3sCF5uqn+t/SijQD+Fxvc8qK0zWpV8s
KvE9gmORmfzDpGTOXtTqlH8qvDnFhxnCuBlpi+bMsmQAEJnJeeUaYexW3sd1eu+s
jdPQSFmFi4N9QRIzg0XvhnYBCAstUyc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:23 2025 by rpki-client