Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HerEVjBGT8goUj-xlZcwHXVEMwk.roa
File: HerEVjBGT8goUj-xlZcwHXVEMwk.roa (raw, json)
Hash identifier: ZTSCLDyEqRRkzTISJ2pDyeo5XHxYnnoyR9Ju+MrRN6A=
Subject key identifier: 1D:EA:C4:56:30:46:4F:C8:28:52:3F:B1:95:97:30:1D:75:44:33:09
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01842D0017F2ABC7B5451AAC83B873282531
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HerEVjBGT8goUj-xlZcwHXVEMwk.roa
Signing time: Mon 31 Oct 2022 07:44:51 +0000
ROA not before: Mon 31 Oct 2022 07:44:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.168.0/23 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:00:17:f2:ab:c7:b5:45:1a:ac:83:b8:73:28:25:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 31 07:44:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1deac45630464fc828523fb19597301d75443309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d0:d6:e3:33:49:8e:17:d1:c7:bd:29:d7:7f:
ac:69:a7:38:f6:a2:80:92:74:ee:ea:80:76:b8:3f:
38:29:16:e1:03:3b:21:c0:ff:bd:b0:db:4e:be:20:
4d:ae:6e:00:5c:34:76:9f:76:26:c7:43:e6:a3:da:
2f:d9:20:16:5a:81:12:21:bd:e2:0b:4d:ce:bd:51:
be:91:2f:e0:c1:43:15:90:f1:03:3a:55:67:fc:08:
f8:6b:0c:9f:07:42:78:01:be:55:4f:54:c8:62:cf:
f5:96:ed:61:51:30:2e:57:8e:86:27:3a:1f:9d:d1:
4d:90:e5:72:f5:ff:ed:24:cd:ca:69:13:bb:5e:82:
74:36:d8:e0:0e:57:38:b0:61:31:10:d5:97:95:ea:
46:7d:1f:53:a9:1b:46:aa:37:3b:67:46:58:01:c2:
db:c7:1f:bf:f8:6b:36:3c:48:0c:71:dd:51:d4:06:
be:f8:5f:2c:bb:49:d3:dc:c2:73:34:6c:6b:85:1e:
fe:8e:38:d9:09:59:05:c6:9b:a2:e9:fe:30:99:4b:
30:70:64:a6:ac:7d:ad:26:d4:07:8e:a7:a9:df:3d:
df:a8:a4:0c:06:95:a7:86:08:28:0e:2f:c2:8e:9a:
ae:a6:e7:78:8a:81:cb:bf:de:e1:27:fc:da:91:eb:
ce:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EA:C4:56:30:46:4F:C8:28:52:3F:B1:95:97:30:1D:75:44:33:09
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HerEVjBGT8goUj-xlZcwHXVEMwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
34:92:62:da:8f:34:67:95:00:bf:74:a8:dd:00:16:75:57:a7:
c7:8f:61:ad:92:2a:0b:3e:8e:6e:c1:12:5f:ac:49:0d:4d:88:
0d:f0:73:01:03:14:73:ec:50:2c:76:79:35:1f:01:47:3b:9d:
aa:d4:0b:2a:f3:10:0a:0f:78:69:13:ae:42:97:65:52:d6:f9:
56:77:6b:76:47:46:d7:46:e0:20:f7:92:79:5e:db:1e:21:74:
ca:dd:8e:c6:f6:8f:9a:62:5e:37:0a:fc:fe:ef:71:7d:36:08:
0e:fc:16:51:62:dc:a3:09:6f:48:2a:58:f5:fa:5c:7d:0e:10:
71:ba:2e:03:d6:2f:51:4b:a6:0b:2a:2a:fc:2d:1d:f7:30:2a:
f1:68:92:f8:34:62:cc:f9:17:43:65:6d:67:53:92:4c:e8:3d:
3d:97:59:a7:8d:2c:81:57:e4:ed:fa:01:79:48:d2:52:d8:23:
f6:92:73:6d:d3:2a:06:bc:16:cc:09:8d:a8:97:f9:d0:27:ed:
f5:62:03:dc:3d:6a:fb:50:da:92:53:29:ae:d3:08:1b:f5:12:
c0:b9:6e:11:c5:67:f2:71:97:ad:0d:c2:69:db:b5:84:cb:80:
b2:29:00:4f:f9:93:8d:8e:0f:af:56:2b:3f:34:d5:d5:a7:15:
20:79:38:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQtABfyq8e1RRqsg7hzKCUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDMxMDc0NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGVhYzQ1NjMwNDY0ZmM4Mjg1MjNmYjE5NTk3MzAxZDc1NDQzMzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdDW4zNJjhfRx70p13+saac49qKA
knTu6oB2uD84KRbhAzshwP+9sNtOviBNrm4AXDR2n3Ymx0Pmo9ov2SAWWoESIb3i
C03OvVG+kS/gwUMVkPEDOlVn/Aj4awyfB0J4Ab5VT1TIYs/1lu1hUTAuV46GJzof
ndFNkOVy9f/tJM3KaRO7XoJ0NtjgDlc4sGExENWXlepGfR9TqRtGqjc7Z0ZYAcLb
xx+/+Gs2PEgMcd1R1Aa++F8su0nT3MJzNGxrhR7+jjjZCVkFxpui6f4wmUswcGSm
rH2tJtQHjqep3z3fqKQMBpWnhggoDi/Cjpqupud4ioHLv97hJ/zakevOfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB3qxFYwRk/IKFI/sZWXMB11RDMJMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSGVyRVZqQkdUOGdvVWoteGxaY3dIWFZFTXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEH6owAwQG
XkqAAwQFbcugAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQA0kmLajzRnlQC/dKjd
ABZ1V6fHj2GtkioLPo5uwRJfrEkNTYgN8HMBAxRz7FAsdnk1HwFHO52q1Asq8xAK
D3hpE65Cl2VS1vlWd2t2R0bXRuAg95J5XtseIXTK3Y7G9o+aYl43Cvz+73F9NggO
/BZRYtyjCW9IKlj1+lx9DhBxui4D1i9RS6YLKir8LR33MCrxaJL4NGLM+RdDZW1n
U5JM6D09l1mnjSyBV+Tt+gF5SNJS2CP2knNt0yoGvBbMCY2ol/nQJ+31YgPcPWr7
UNqSUymu0wgb9RLAuW4RxWfycZetDcJp27WEy4CyKQBP+ZONjg+vVis/NNXVpxUg
eTgx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:20 2025 by rpki-client