Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/PGVyPhgeiMTQRHRM7-fQ84r5p5A.roa
File: PGVyPhgeiMTQRHRM7-fQ84r5p5A.roa (raw, json)
Hash identifier: M2gaJvtShFVTEBRBPk0tj50XE7T/wMFIyf9bTR5GHhE=
Subject key identifier: 3C:65:72:3E:18:1E:88:C4:D0:44:74:4C:EF:E7:D0:F3:8A:F9:A7:90
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 07F5E508
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/PGVyPhgeiMTQRHRM7-fQ84r5p5A.roa
Signing time: Wed 18 May 2022 09:38:17 +0000
ROA not before: Wed 18 May 2022 09:38:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.145.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.157.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133555464 (0x7f5e508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 18 09:38:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c65723e181e88c4d044744cefe7d0f38af9a790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bb:10:ba:98:77:7e:99:c6:55:79:e7:e3:48:
9c:df:6f:89:49:67:78:69:bb:82:bd:51:d4:05:ee:
40:13:3a:d5:5a:2d:0a:d1:0a:16:ca:65:49:65:56:
d3:7e:06:03:a8:91:93:5d:37:04:f9:3f:8f:91:63:
db:4f:f4:ed:d8:d6:d2:9e:84:ad:51:a6:1f:a9:78:
4a:5e:3d:ff:72:cc:c7:8b:5f:b2:41:47:62:f9:55:
47:7f:d1:7b:c4:b6:d6:f8:0d:14:29:8c:64:0d:36:
76:ec:6e:10:f2:fc:b3:30:89:43:01:72:c3:7e:ed:
5f:15:75:62:80:bd:e1:bb:40:de:21:5b:46:77:8c:
11:06:ab:34:10:92:1e:d6:bc:f3:69:52:8c:b0:e6:
22:b2:f0:a3:0d:45:28:e4:4c:7c:92:ea:38:c2:d7:
49:f2:b8:58:90:fb:04:72:07:74:43:59:6e:af:6d:
1b:65:3d:79:41:ca:0d:33:d0:77:c5:01:81:22:8b:
41:e8:2b:43:0f:69:fe:8f:5f:5a:cb:18:71:53:87:
a3:0c:ed:3b:14:8e:9a:ad:9e:67:14:91:78:15:5b:
ff:5a:16:3c:eb:6c:86:4f:d6:3c:58:7a:1b:2e:d7:
22:03:b1:29:81:46:db:8d:fc:50:8f:b4:88:b7:25:
e1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:65:72:3E:18:1E:88:C4:D0:44:74:4C:EF:E7:D0:F3:8A:F9:A7:90
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/PGVyPhgeiMTQRHRM7-fQ84r5p5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.137.0/24
94.74.140.0/24
94.74.145.0/24
94.74.147.0/24
94.74.156.0/22
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c8:0c:d6:17:cb:c9:9f:0d:bb:64:12:08:7b:1e:62:5a:75:
a8:9d:e0:d4:a9:be:a5:2e:19:bd:de:92:59:a7:e4:d0:a2:d6:
51:9d:ca:95:e1:cc:d3:7e:5c:e0:d8:be:96:56:cc:46:c5:a3:
59:21:1e:cd:03:5e:8b:e0:c8:14:5a:56:1a:01:02:a5:78:25:
4b:bb:c5:e5:9d:fe:23:e8:95:5b:b8:f2:ac:04:bc:db:b6:87:
88:4f:b0:e1:65:d5:53:e0:01:f6:d0:24:04:ac:8e:95:5f:d8:
23:3e:fc:6e:81:28:0e:c1:95:4a:be:26:e5:db:71:c0:80:17:
2a:31:11:6b:f2:25:20:f4:f6:54:e4:5f:ed:9c:c6:ed:f0:e7:
fc:d5:03:a1:6a:80:0c:38:82:85:7e:24:e7:a8:41:f6:ee:d1:
21:5f:21:4e:4d:26:3c:41:05:18:da:58:e0:e0:a1:c5:15:dc:
71:7f:38:13:19:fa:ea:41:66:aa:98:97:33:da:80:ba:77:c9:
54:71:c7:90:aa:e8:b3:46:38:eb:51:56:72:9e:74:0e:75:f0:
76:f1:1e:a8:35:57:db:82:91:d8:70:74:7b:3c:e5:66:32:1f:
33:e7:ba:b4:c0:88:ee:35:c3:4b:52:fc:dc:a1:71:cc:5f:8c:
54:11:ca:34
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEB/XlCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjA0NzVlYmU3ZjA3ZDc0MTUzY2IxY2NhMzM4YzE2ZDgwMWY0NWY3MB4XDTIyMDUx
ODA5MzgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M2NTcyM2UxODFl
ODhjNGQwNDQ3NDRjZWZlN2QwZjM4YWY5YTc5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+7ELqYd36ZxlV55+NInN9viUlneGm7gr1R1AXuQBM61Vot
CtEKFsplSWVW034GA6iRk103BPk/j5Fj20/07djW0p6ErVGmH6l4Sl49/3LMx4tf
skFHYvlVR3/Re8S21vgNFCmMZA02duxuEPL8szCJQwFyw37tXxV1YoC94btA3iFb
RneMEQarNBCSHta882lSjLDmIrLwow1FKORMfJLqOMLXSfK4WJD7BHIHdENZbq9t
G2U9eUHKDTPQd8UBgSKLQegrQw9p/o9fWssYcVOHowztOxSOmq2eZxSReBVb/1oW
POtshk/WPFh6Gy7XIgOxKYFG2438UI+0iLcl4Z0CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQ8ZXI+GB6IxNBEdEzv59DzivmnkDAfBgNVHSMEGDAWgBTWBHXr5/B9dBU8
scyjOMFtgB9F9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFnUjE2LWZ3ZlhRVlBMSE1vempCYllBZlJmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8x
L1BHVnlQaGdlaU1UUVJIUk03LWZRODRyNXA1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NTJlYmFlLWUwMDYtNDc3OC1hYzNjLTQ5NmY4ZWJiMmQ2MS8xLzFnUjE2LWZ3ZlhR
VlBMSE1vempCYllBZlJmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAF5KiQMEAF5KjAMEAF5KkQMEAF5K
kwMEAl5KnAMEAF5KpAMEAV5KqAMEAF5KqwMEAF5KrQMEAF5KtgMEAF5KuwMEAF5K
vzANBgkqhkiG9w0BAQsFAAOCAQEAVcgM1hfLyZ8Nu2QSCHseYlp1qJ3g1Km+pS4Z
vd6SWafk0KLWUZ3KleHM035c4Ni+llbMRsWjWSEezQNei+DIFFpWGgECpXglS7vF
5Z3+I+iVW7jyrAS827aHiE+w4WXVU+AB9tAkBKyOlV/YIz78boEoDsGVSr4m5dtx
wIAXKjERa/IlIPT2VORf7ZzG7fDn/NUDoWqADDiChX4k56hB9u7RIV8hTk0mPEEF
GNpY4OChxRXccX84Exn66kFmqpiXM9qAunfJVHHHkKros0Y461FWcp50DnXwdvEe
qDVX24KR2HB0ezzlZjIfM+e6tMCI7jXDS1L83KFxzF+MVBHKNA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:10 2025 by rpki-client