Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/On8zYdWF5cY0aBa4C_mhNWcxWRM.roa
File: On8zYdWF5cY0aBa4C_mhNWcxWRM.roa (raw, json)
Hash identifier: M1uCR/gO3PGVnnKKHPKBP9MrxNg2S3p7a4tCzEg+0MA=
Subject key identifier: 3A:7F:33:61:D5:85:E5:C6:34:68:16:B8:0B:F9:A1:35:67:31:59:13
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018330ADDC95B3F412155343B676C5465179
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/On8zYdWF5cY0aBa4C_mhNWcxWRM.roa
Signing time: Mon 12 Sep 2022 07:50:43 +0000
ROA not before: Mon 12 Sep 2022 07:50:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 94.74.191.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.145.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.157.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:ad:dc:95:b3:f4:12:15:53:43:b6:76:c5:46:51:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 12 07:50:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a7f3361d585e5c6346816b80bf9a13567315913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:85:5d:fb:7f:a7:ef:a3:9c:c2:14:52:a3:36:
af:52:60:c6:6b:f7:33:f1:af:ab:b9:82:d4:65:0b:
c1:0b:00:50:8e:f5:ed:c4:ae:97:95:21:06:17:97:
7c:17:0a:4c:87:3e:df:3c:77:26:a1:0d:a7:7a:e8:
22:ea:3c:cb:93:ac:37:d1:46:21:49:be:2b:77:4b:
74:2e:e1:2d:6c:fb:bb:ac:5e:8c:85:a0:98:b5:51:
72:a1:f8:9c:29:7d:44:f3:52:32:7d:9f:8f:63:9e:
5d:81:86:5b:49:23:6c:3d:ed:64:cb:49:bf:30:26:
77:b4:7a:0d:3d:ac:f8:55:35:d9:80:56:1a:50:18:
94:56:33:fb:9a:e1:11:c1:ba:d0:2b:67:ea:51:fe:
6b:14:65:77:17:e8:b2:a8:80:ec:31:fb:8d:da:95:
aa:99:0b:54:a2:7a:b6:e7:4a:12:43:29:24:55:d6:
8f:0b:a3:81:5d:bb:31:44:35:1a:d5:bf:03:af:07:
d4:a9:7d:f9:70:89:09:b7:af:6c:4f:3f:1f:47:34:
7a:aa:62:c9:82:67:8f:d4:79:56:5c:60:04:c9:8f:
d8:6c:55:bf:ef:69:52:02:de:88:3c:c0:4b:4d:a5:
1c:9f:7e:b6:d0:41:be:8b:15:18:b6:52:1a:df:fe:
b6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7F:33:61:D5:85:E5:C6:34:68:16:B8:0B:F9:A1:35:67:31:59:13
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/On8zYdWF5cY0aBa4C_mhNWcxWRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
94.74.140.0/24
94.74.145.0/24
94.74.156.0-94.74.158.255
94.74.168.0/24
94.74.171.0/24
94.74.173.0/24
94.74.182.0/24
94.74.191.0/24
Signature Algorithm: sha256WithRSAEncryption
94:5e:ea:0a:98:30:c5:11:81:94:db:67:54:c6:f0:ad:70:26:
2e:a2:cb:81:76:00:7a:44:cb:16:e0:44:6e:0a:2b:16:6d:9c:
35:e5:b6:db:59:39:1e:ab:a5:37:68:be:03:2d:69:34:c9:72:
bc:40:13:d0:da:a0:e9:4c:34:50:8c:88:5d:54:92:f6:48:ed:
e9:4b:d0:5b:db:55:45:d1:bb:f2:18:81:9b:fc:6b:66:52:86:
8a:c0:c5:fb:28:bc:ef:9e:ce:3d:ae:af:ac:10:52:a8:a2:f6:
96:38:ee:59:9e:ce:be:b5:c3:84:85:10:c0:9d:b6:b4:c7:f4:
a6:04:a8:f8:d4:a9:c6:6f:6d:ac:c8:80:bc:27:06:b1:68:92:
e0:7f:74:70:e8:08:6a:10:c9:fd:48:07:c1:7b:19:ff:c0:78:
f3:61:d6:7e:23:37:a3:c1:1b:d1:78:b9:d1:28:45:6a:2f:48:
59:f3:30:a9:5a:5a:b3:21:a2:01:64:3d:f0:2a:c0:8a:1c:95:
fe:ec:1a:e0:46:31:77:ba:f3:35:11:ba:93:26:8f:f2:c0:05:
bb:18:76:a8:6e:c4:70:74:84:b0:c7:08:f1:09:e6:c6:02:f5:
52:2d:af:c4:d6:e9:ae:df:89:65:b6:03:65:b5:ac:da:cc:b2:
6f:a7:cc:f3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYMwrdyVs/QSFVNDtnbFRlF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIwOTEyMDc1MDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdmMzM2MWQ1ODVlNWM2MzQ2ODE2YjgwYmY5YTEzNTY3MzE1OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYVd+3+n76OcwhRSozavUmDGa/cz
8a+ruYLUZQvBCwBQjvXtxK6XlSEGF5d8FwpMhz7fPHcmoQ2neugi6jzLk6w30UYh
Sb4rd0t0LuEtbPu7rF6MhaCYtVFyoficKX1E81IyfZ+PY55dgYZbSSNsPe1ky0m/
MCZ3tHoNPaz4VTXZgFYaUBiUVjP7muERwbrQK2fqUf5rFGV3F+iyqIDsMfuN2pWq
mQtUonq250oSQykkVdaPC6OBXbsxRDUa1b8DrwfUqX35cIkJt69sTz8fRzR6qmLJ
gmeP1HlWXGAEyY/YbFW/72lSAt6IPMBLTaUcn3620EG+ixUYtlIa3/626wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDp/M2HVheXGNGgWuAv5oTVnMVkTMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvT244ellkV0Y1Y1kwYUJhNENfbWhOV2N4V1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAH6o3AwQA
XkqMAwQAXkqRMAwDBAJeSpwDBABeSp4DBABeSqgDBABeSqsDBABeSq0DBABeSrYD
BABeSr8wDQYJKoZIhvcNAQELBQADggEBAJRe6gqYMMURgZTbZ1TG8K1wJi6iy4F2
AHpEyxbgRG4KKxZtnDXltttZOR6rpTdovgMtaTTJcrxAE9DaoOlMNFCMiF1UkvZI
7elL0FvbVUXRu/IYgZv8a2ZShorAxfsovO+ezj2ur6wQUqii9pY47lmezr61w4SF
EMCdtrTH9KYEqPjUqcZvbazIgLwnBrFokuB/dHDoCGoQyf1IB8F7Gf/AePNh1n4j
N6PBG9F4udEoRWovSFnzMKlaWrMhogFkPfAqwIoclf7sGuBGMXe68zURupMmj/LA
BbsYdqhuxHB0hLDHCPEJ5sYC9VItr8TW6a7fiWW2A2W1rNrMsm+nzPM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:32 2025 by rpki-client