Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Ls75MjA9OLYdFqOGhOP2KWEAx00.roa
File: Ls75MjA9OLYdFqOGhOP2KWEAx00.roa (raw, json)
Hash identifier: YlttgydvlUBWjYrc9wWJmifprUyjV7DSQ0Omu1UPwCo=
Subject key identifier: 2E:CE:F9:32:30:3D:38:B6:1D:16:A3:86:84:E3:F6:29:61:00:C7:4D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018431A8164C7A760E048FE81752EFFE19D9
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Ls75MjA9OLYdFqOGhOP2KWEAx00.roa
Signing time: Tue 01 Nov 2022 05:26:50 +0000
ROA not before: Tue 01 Nov 2022 05:26:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.168.0/23 maxlen: 24
94.74.166.0/23 maxlen: 23
176.46.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:31:a8:16:4c:7a:76:0e:04:8f:e8:17:52:ef:fe:19:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Nov 1 05:26:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ecef932303d38b61d16a38684e3f6296100c74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c1:d5:dc:86:10:4f:c9:53:4d:cc:a9:e8:22:
e7:85:74:a9:69:be:2a:fa:e0:c4:ea:da:91:0d:b9:
85:84:0a:68:3c:13:bb:1f:24:69:16:57:6c:a3:fd:
91:2e:c9:2c:ef:e0:d6:84:1e:16:74:46:d0:7a:7a:
da:d6:2d:cc:aa:ae:99:0e:1c:bc:ad:4f:06:35:f6:
4f:ea:d4:88:7f:9a:ab:69:12:8e:6e:9a:a2:4c:c3:
23:bd:9d:a7:0a:97:2f:97:c5:1b:9b:78:a8:28:5d:
5f:e7:cc:8f:7f:ab:b9:c8:64:4d:ca:ae:b7:26:7e:
c2:9f:0d:1e:c7:24:75:00:d2:67:02:16:30:6a:5e:
e3:cc:c5:11:a8:f8:26:d2:f1:36:4f:67:af:b3:29:
55:25:47:bd:89:ed:d6:c4:a2:15:2b:b4:b5:fd:84:
2d:97:98:95:46:5b:5d:54:4d:fd:82:14:c3:20:b4:
5d:d7:2b:c1:58:65:92:12:43:35:b5:33:c6:e0:18:
66:fb:1b:8e:b7:6f:2c:a8:37:4d:a7:df:06:02:a0:
64:11:07:e0:14:33:43:8d:5d:fa:f2:15:ec:ef:05:
de:e5:2d:ab:77:73:74:d5:c6:e6:2f:01:7b:f2:57:
d3:37:2f:72:84:7c:5b:b4:21:3e:65:69:d8:01:bb:
e3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CE:F9:32:30:3D:38:B6:1D:16:A3:86:84:E3:F6:29:61:00:C7:4D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Ls75MjA9OLYdFqOGhOP2KWEAx00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
176.46.128.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
88:52:d3:3b:26:a9:18:aa:d2:7f:69:d5:f7:fa:b0:01:e8:14:
33:03:12:69:39:96:26:ba:a9:ea:f4:cb:80:2e:ad:b1:c3:1d:
24:13:28:61:bd:7f:e9:16:ea:d9:f1:9f:81:23:87:ce:bf:72:
c7:38:74:af:c6:cb:50:02:16:4f:46:51:76:16:d0:0e:e0:dc:
6c:22:f4:cd:f3:71:a4:3f:1e:58:e3:cc:63:5c:de:c1:06:40:
0f:81:12:ee:79:b1:3e:82:23:58:3f:d8:38:b4:d3:4e:ff:5a:
93:5b:fc:b3:ee:72:e1:47:15:c4:b0:53:ad:09:87:69:58:58:
67:a1:18:76:40:d8:42:54:8a:17:4d:b3:f9:83:58:75:fe:70:
4b:96:db:04:61:4b:0f:b4:29:a9:0e:b3:4a:d6:41:86:89:07:
11:ff:ff:a3:dc:69:9f:96:78:f2:04:58:d0:c7:b1:8b:a3:60:
24:e2:2f:de:66:d2:38:84:a7:aa:ba:a1:6e:be:67:58:65:40:
74:16:18:80:7c:d0:33:68:93:64:1b:16:de:d2:b8:c5:fe:66:
67:ed:7b:32:0e:92:e5:b4:d7:bd:49:3f:08:4d:8a:17:d1:f1:
fb:5d:44:ee:04:ad:49:4c:d4:8b:dd:d1:34:0e:07:a2:0e:ae:
b4:4b:3c:58
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQxqBZMenYOBI/oF1Lv/hnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMTAxMDUyNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNlZjkzMjMwM2QzOGI2MWQxNmEzODY4NGUzZjYyOTYxMDBjNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8HV3IYQT8lTTcyp6CLnhXSpab4q
+uDE6tqRDbmFhApoPBO7HyRpFldso/2RLsks7+DWhB4WdEbQenra1i3Mqq6ZDhy8
rU8GNfZP6tSIf5qraRKObpqiTMMjvZ2nCpcvl8Ubm3ioKF1f58yPf6u5yGRNyq63
Jn7Cnw0exyR1ANJnAhYwal7jzMURqPgm0vE2T2evsylVJUe9ie3WxKIVK7S1/YQt
l5iVRltdVE39ghTDILRd1yvBWGWSEkM1tTPG4Bhm+xuOt28sqDdNp98GAqBkEQfg
FDNDjV368hXs7wXe5S2rd3N01cbmLwF78lfTNy9yhHxbtCE+ZWnYAbvjlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC7O+TIwPTi2HRajhoTj9ilhAMdNMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTHM3NU1qQTlPTFlkRnFPR2hPUDJLV0VBeDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEH6owAwQG
XkqAAwQFbcugAwQFsC6AAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQCIUtM7JqkY
qtJ/adX3+rAB6BQzAxJpOZYmuqnq9MuALq2xwx0kEyhhvX/pFurZ8Z+BI4fOv3LH
OHSvxstQAhZPRlF2FtAO4NxsIvTN83GkPx5Y48xjXN7BBkAPgRLuebE+giNYP9g4
tNNO/1qTW/yz7nLhRxXEsFOtCYdpWFhnoRh2QNhCVIoXTbP5g1h1/nBLltsEYUsP
tCmpDrNK1kGGiQcR//+j3GmflnjyBFjQx7GLo2Ak4i/eZtI4hKequqFuvmdYZUB0
FhiAfNAzaJNkGxbe0rjF/mZn7XsyDpLltNe9ST8ITYoX0fH7XUTuBK1JTNSL3dE0
DgeiDq60SzxY
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:05 2025 by rpki-client