Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/8jxA-IP7aKimEubXaapDNdq5ap0.roa
File: 8jxA-IP7aKimEubXaapDNdq5ap0.roa (raw, json)
Hash identifier: cXFmcBRd0R4puy4fkbmHaM3csPPAD54Xnhxeiv1XrAQ=
Subject key identifier: F2:3C:40:F8:83:FB:68:A8:A6:12:E6:D7:69:AA:43:35:DA:B9:6A:9D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0184A35BD7A30016CF9BCF1ED1A3B014E230
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/8jxA-IP7aKimEubXaapDNdq5ap0.roa
Signing time: Wed 23 Nov 2022 07:20:15 +0000
ROA not before: Wed 23 Nov 2022 07:20:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.160.0/22 maxlen: 24
37.49.144.0/22 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.145.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.157.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:5b:d7:a3:00:16:cf:9b:cf:1e:d1:a3:b0:14:e2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 23 07:20:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f23c40f883fb68a8a612e6d769aa4335dab96a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9f:d5:a7:30:75:9b:c7:13:6a:ed:2e:e9:89:
b7:67:87:d9:e7:ee:67:89:be:51:66:17:23:46:9c:
e5:9d:b6:d8:54:8b:f1:55:dc:95:9b:29:54:cc:78:
c1:03:55:2b:1f:35:0e:81:74:ec:af:a4:01:2c:a6:
b1:42:24:6c:e3:e6:b1:58:69:76:a4:a2:b3:0b:40:
df:f4:3b:4c:e4:cb:11:4f:f9:48:e7:c7:68:2b:53:
a5:0b:f2:9e:79:e6:1d:2c:fd:e0:1d:70:8f:80:e4:
bd:a7:6e:d8:dc:31:5b:b6:29:50:c8:31:d2:48:0f:
90:18:7b:6d:3d:bc:b3:d9:5d:7a:77:b7:a5:40:38:
77:76:52:9c:37:68:26:6f:fb:df:8b:f1:c3:ef:2d:
63:ed:1d:e9:7a:0f:61:f4:b5:65:67:fd:e2:90:11:
1b:a1:97:5f:8d:c1:66:e0:6e:33:a7:1b:8d:13:55:
b7:ff:e1:1b:aa:07:46:1f:42:dc:93:20:23:ca:fd:
01:34:a3:05:ef:43:cb:f3:49:b0:32:65:df:79:25:
72:a0:d6:2b:37:34:c2:ca:1e:0e:37:bd:82:e9:9b:
65:21:fb:da:ee:b4:af:cf:c7:44:c6:92:24:ac:2b:
c7:4c:d6:d6:ac:93:bf:83:b8:f2:54:f9:8b:f4:7c:
4a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3C:40:F8:83:FB:68:A8:A6:12:E6:D7:69:AA:43:35:DA:B9:6A:9D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/8jxA-IP7aKimEubXaapDNdq5ap0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/21
94.74.137.0/24
94.74.140.0/24
94.74.145.0/24
94.74.147.0/24
94.74.156.0/22
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
Signature Algorithm: sha256WithRSAEncryption
66:c3:8b:62:18:64:65:93:a7:93:3a:41:60:e5:e1:34:92:c6:
ac:ba:67:2f:07:bf:eb:39:e0:e5:ae:f9:0c:9b:03:5f:a5:2f:
0f:33:0a:8d:2f:fe:20:85:18:f1:41:3c:57:1a:ae:f5:de:6c:
bb:96:40:a4:e5:fb:e7:d8:6d:da:bf:df:72:4e:9a:4b:a3:da:
78:5c:59:c0:77:1a:c3:5e:f1:2c:60:98:13:70:e8:ec:95:af:
be:d6:cc:ab:c7:d1:40:01:a3:cb:2b:d6:73:0e:c6:0f:36:9e:
40:45:c2:25:da:7b:8b:00:16:1a:fb:7c:03:d4:40:a9:eb:b6:
5b:02:20:e0:a8:23:0b:66:33:d0:c0:72:b7:57:b6:c7:e5:b6:
1f:fc:78:13:8d:59:0f:e6:93:98:94:ef:cf:62:fb:51:dd:25:
80:51:16:b8:22:cf:93:00:2a:49:d5:12:06:22:ba:8e:9a:d9:
18:e0:bb:f4:e1:f6:e8:10:91:12:40:3e:f3:d5:6f:03:13:ba:
78:f4:ef:ce:09:ea:ae:53:36:52:7d:5e:ec:28:99:46:cf:3a:
8a:59:3f:eb:d3:c0:dc:29:cb:6e:35:8b:e8:08:26:72:32:18:
da:37:a0:49:47:63:4e:c0:82:a5:44:97:4f:70:b6:ec:c5:fb:
f8:18:54:fe
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYSjW9ejABbPm88e0aOwFOIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTIzMDcyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjNjNDBmODgzZmI2OGE4YTYxMmU2ZDc2OWFhNDMzNWRhYjk2YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5/VpzB1m8cTau0u6Ym3Z4fZ5+5n
ib5RZhcjRpzlnbbYVIvxVdyVmylUzHjBA1UrHzUOgXTsr6QBLKaxQiRs4+axWGl2
pKKzC0Df9DtM5MsRT/lI58doK1OlC/KeeeYdLP3gHXCPgOS9p27Y3DFbtilQyDHS
SA+QGHttPbyz2V16d7elQDh3dlKcN2gmb/vfi/HD7y1j7R3peg9h9LVlZ/3ikBEb
oZdfjcFm4G4zpxuNE1W3/+EbqgdGH0LckyAjyv0BNKMF70PL80mwMmXfeSVyoNYr
NzTCyh4ON72C6ZtlIfva7rSvz8dExpIkrCvHTNbWrJO/g7jyVPmL9HxKHwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPI8QPiD+2iophLm12mqQzXauWqdMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvOGp4QS1JUDdhS2ltRXViWGFhcEROZHE1YXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAH6o3AwQD
JTGQAwQAXkqJAwQAXkqMAwQAXkqRAwQAXkqTAwQCXkqcAwQAXkqkAwQBXkqoAwQA
XkqrAwQAXkqtAwQAXkq2AwQAXkq7AwQAXkq/AwQDbcugMA0GCSqGSIb3DQEBCwUA
A4IBAQBmw4tiGGRlk6eTOkFg5eE0ksasumcvB7/rOeDlrvkMmwNfpS8PMwqNL/4g
hRjxQTxXGq713my7lkCk5fvn2G3av99yTppLo9p4XFnAdxrDXvEsYJgTcOjsla++
1syrx9FAAaPLK9ZzDsYPNp5ARcIl2nuLABYa+3wD1ECp67ZbAiDgqCMLZjPQwHK3
V7bH5bYf/HgTjVkP5pOYlO/PYvtR3SWAURa4Is+TACpJ1RIGIrqOmtkY4Lv04fbo
EJESQD7z1W8DE7p49O/OCequUzZSfV7sKJlGzzqKWT/r08DcKctuNYvoCCZyMhja
N6BJR2NOwIKlRJdPcLbsxfv4GFT+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:40 2025 by rpki-client