Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/CAxnmYaS-DgDqFQ_sg7syTu5LJU.roa
File: CAxnmYaS-DgDqFQ_sg7syTu5LJU.roa (raw, json)
Hash identifier: pMpNxL++RLYpm8TaPaHTT69kgaqQ/FeQIilFZVWdYE0=
Subject key identifier: 08:0C:67:99:86:92:F8:38:03:A8:54:3F:B2:0E:EC:C9:3B:B9:2C:95
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018BCCE5D9E6EB8C816AF9610307A850768B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/CAxnmYaS-DgDqFQ_sg7syTu5LJU.roa
Signing time: Tue 14 Nov 2023 08:14:57 +0000
ROA not before: Tue 14 Nov 2023 08:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 176.46.145.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
109.203.162.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.165.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.167.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:e5:d9:e6:eb:8c:81:6a:f9:61:03:07:a8:50:76:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 14 08:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=080c67998692f83803a8543fb20eecc93bb92c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b8:d9:2a:58:e6:88:66:1f:bb:72:ff:0b:ed:
d7:14:1a:43:b2:87:36:dd:f1:98:19:66:33:ea:58:
63:f3:a3:b7:7a:51:f8:82:c0:cd:ca:c4:ff:a5:ec:
82:d8:d6:fb:89:a7:77:9f:7b:cb:1a:6f:52:d7:39:
e1:3d:2e:aa:4c:48:9f:9e:4f:19:df:6f:bd:b5:e8:
66:89:73:2a:d5:b3:82:23:b9:bd:0a:f9:01:28:74:
94:8b:a0:a7:7b:e5:71:d5:e3:99:33:b1:0a:7d:94:
7a:c9:42:14:63:7c:a8:bb:35:5c:38:69:1d:f8:3b:
a2:a2:8f:65:a6:ca:11:1f:61:4c:4d:8b:62:21:f0:
45:5e:65:03:a3:58:76:d5:ea:f4:15:be:5a:f6:32:
da:53:f1:3c:4e:c0:c8:fb:97:90:89:cf:43:c6:17:
69:22:d6:82:c0:b9:6e:c0:07:3a:d7:4e:90:27:dc:
02:a6:6d:f4:c9:db:9c:39:b2:8b:09:82:b4:42:70:
27:84:ef:7d:32:c2:31:d4:0c:9f:bd:36:d9:23:62:
52:3a:1a:23:5b:9a:09:c5:12:65:10:88:8b:48:aa:
81:d4:84:2d:81:1f:30:e2:83:19:11:8c:a8:85:21:
41:e5:d6:94:a1:f0:dc:3f:e2:ed:ef:61:f5:93:5b:
3b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0C:67:99:86:92:F8:38:03:A8:54:3F:B2:0E:EC:C9:3B:B9:2C:95
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/CAxnmYaS-DgDqFQ_sg7syTu5LJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
37.49.146.0/24
37.49.148.0/22
94.74.137.0/24
94.74.147.0/24
94.74.158.0/23
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.162.0-109.203.167.255
176.46.145.0/24
176.46.147.0/24
Signature Algorithm: sha256WithRSAEncryption
52:78:b7:fa:8b:35:0e:20:76:a7:1c:93:ed:4d:4d:9d:b4:2f:
1f:55:2e:39:6f:10:e2:21:20:f3:70:4a:71:3d:d3:7a:d9:cd:
77:17:21:40:78:43:9b:c2:2a:40:26:a5:42:ed:50:e8:e5:b2:
d4:e6:ba:d2:b7:03:0a:3c:aa:f1:43:0a:4f:22:8b:6a:58:cb:
55:66:d0:7c:f4:17:6c:f3:d6:21:6f:0c:ff:03:74:ec:c7:4d:
e0:71:8e:5d:0d:52:89:f1:a3:f1:fd:7f:cd:87:96:81:6a:b8:
fc:1a:26:a9:8c:db:14:e2:b5:ce:14:84:ba:29:3b:7a:af:94:
dd:80:3b:09:3b:76:f6:7b:d1:0e:91:da:6b:7b:83:7e:8d:37:
42:14:08:79:86:b6:a9:89:9e:82:1f:39:19:0e:c6:10:c6:31:
3a:38:e1:27:72:6b:83:cc:a7:ee:74:9b:b6:91:cb:93:32:d5:
48:cc:a7:9c:8e:ab:e3:1c:13:af:01:54:4d:ee:45:39:de:8f:
c4:ca:36:6a:1b:a9:b1:41:2b:04:3b:1e:df:c2:00:59:bd:1a:
9c:99:dd:8a:5d:9a:72:01:2f:ef:c4:18:2d:26:1b:90:00:ca:
13:30:89:38:40:1b:4a:ad:6e:4f:79:e9:83:3a:95:61:e8:ba:
2b:8d:ea:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYvM5dnm64yBavlhAweoUHaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMTE0MDgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODBjNjc5OTg2OTJmODM4MDNhODU0M2ZiMjBlZWNjOTNiYjkyYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbjZKljmiGYfu3L/C+3XFBpDsoc2
3fGYGWYz6lhj86O3elH4gsDNysT/peyC2Nb7iad3n3vLGm9S1znhPS6qTEifnk8Z
32+9tehmiXMq1bOCI7m9CvkBKHSUi6Cne+Vx1eOZM7EKfZR6yUIUY3youzVcOGkd
+Duioo9lpsoRH2FMTYtiIfBFXmUDo1h21er0Fb5a9jLaU/E8TsDI+5eQic9Dxhdp
ItaCwLluwAc6106QJ9wCpm30yducObKLCYK0QnAnhO99MsIx1AyfvTbZI2JSOhoj
W5oJxRJlEIiLSKqB1IQtgR8w4oMZEYyohSFB5daUofDcP+Lt72H1k1s7xQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFAgMZ5mGkvg4A6hUP7IO7Mk7uSyVMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvQ0F4bm1ZYVMtRGdEcUZRX3NnN3N5VHU1TEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAB+qNwME
ACUxkAMEACUxkgMEAiUxlAMEAF5KiQMEAF5KkwMEAV5KngMEAF5KpAMEAV5KqAME
AF5KqwMEAF5KrQMEAF5KuwMEAF5KvzAMAwQBbcuiAwQDbcugAwQAsC6RAwQAsC6T
MA0GCSqGSIb3DQEBCwUAA4IBAQBSeLf6izUOIHanHJPtTU2dtC8fVS45bxDiISDz
cEpxPdN62c13FyFAeEObwipAJqVC7VDo5bLU5rrStwMKPKrxQwpPIotqWMtVZtB8
9Bds89Yhbwz/A3Tsx03gcY5dDVKJ8aPx/X/Nh5aBarj8GiapjNsU4rXOFIS6KTt6
r5TdgDsJO3b2e9EOkdpre4N+jTdCFAh5hrapiZ6CHzkZDsYQxjE6OOEncmuDzKfu
dJu2kcuTMtVIzKecjqvjHBOvAVRN7kU53o/EyjZqG6mxQSsEOx7fwgBZvRqcmd2K
XZpyAS/vxBgtJhuQAMoTMIk4QBtKrW5PeemDOpVh6Lorjep8
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:05 2025 by rpki-client