Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/SXZzhgryqPVWmBNi4nEgDYCR0ao.roa
File: SXZzhgryqPVWmBNi4nEgDYCR0ao.roa (raw, json)
Hash identifier: tQvo+HVRS8zCd2piAqFX0UbYmxlXGX+HDy7jR7yIdr0=
Subject key identifier: 49:76:73:86:0A:F2:A8:F5:56:98:13:62:E2:71:20:0D:80:91:D1:AA
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01869B81E06AD74AD76C9D5DE10152E0B04A
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/SXZzhgryqPVWmBNi4nEgDYCR0ao.roa
Signing time: Wed 01 Mar 2023 04:50:25 +0000
ROA not before: Wed 01 Mar 2023 04:50:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 176.46.133.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.137.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
109.203.164.0/22 maxlen: 24
109.203.163.0/24 maxlen: 24
109.203.160.0/22 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
37.49.144.0/22 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.148.0/22 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:81:e0:6a:d7:4a:d7:6c:9d:5d:e1:01:52:e0:b0:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 1 04:50:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=497673860af2a8f556981362e271200d8091d1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f6:e4:8b:0e:5e:ee:c0:00:41:b0:4c:56:5d:
e2:95:bd:74:41:b8:18:f0:0f:52:b1:bd:a1:2a:c2:
29:5b:8f:f4:bd:fb:73:3c:69:bb:a3:fc:b2:9d:44:
44:3d:6a:a6:bf:ec:04:25:36:51:04:36:4c:97:48:
1f:f5:17:1e:40:2f:2c:f2:e2:f7:66:74:bf:ca:a4:
35:90:bc:6b:53:54:95:99:df:11:23:d8:1a:84:70:
05:4b:3d:65:86:c2:48:ea:12:7c:9b:6d:67:a0:62:
65:42:e4:f7:50:32:1c:ff:9b:0e:55:fc:88:3f:84:
e0:21:b2:5b:a2:48:15:67:77:4e:5e:10:68:44:a3:
16:5f:cb:c6:f6:02:a4:28:90:bb:6e:38:10:7d:ad:
17:c7:a6:de:41:6a:40:6d:b1:b5:02:0d:3a:e8:a5:
44:67:11:6f:1d:3d:2d:72:b3:07:54:3b:43:22:83:
89:0d:10:d7:5a:fa:80:b1:3c:d7:4f:25:67:49:11:
24:4d:e2:9e:dd:d9:20:1d:02:a3:86:da:ca:c8:bb:
da:88:c5:66:70:f8:c8:0a:27:cd:c1:5a:7b:17:b5:
de:cb:e5:26:91:f7:3a:56:61:6f:6f:35:b6:7f:10:
7a:3d:19:53:3a:52:ad:0d:54:61:b9:b5:95:0c:f9:
27:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:76:73:86:0A:F2:A8:F5:56:98:13:62:E2:71:20:0D:80:91:D1:AA
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/SXZzhgryqPVWmBNi4nEgDYCR0ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/21
94.74.147.0/24
94.74.156.0/24
94.74.158.0/23
94.74.164.0/24
94.74.168.0/23
94.74.171.0/24
94.74.173.0/24
94.74.187.0/24
94.74.191.0/24
109.203.160.0/21
176.46.128.0-176.46.137.255
Signature Algorithm: sha256WithRSAEncryption
08:70:18:e8:e9:49:30:a5:30:95:5a:79:db:96:22:58:f6:5b:
85:d0:6e:49:8c:24:38:f7:ad:6d:11:32:9a:18:d3:0e:cc:09:
b4:30:e9:05:2a:61:2d:0d:b7:d2:3d:a0:a6:d8:0e:d5:a7:c2:
c9:e9:91:08:f4:29:be:41:df:ab:fe:85:80:52:75:d2:a9:6b:
77:f6:8a:03:15:a2:fb:97:6c:89:a7:b5:ee:c6:44:dc:35:00:
8e:bf:ef:fa:30:89:62:6e:e8:af:81:b0:18:d0:15:8b:39:62:
d1:fc:ed:2d:8e:72:af:9b:e4:ae:a4:d9:a7:a0:9c:7b:a2:39:
d6:f0:77:dc:a6:ed:ec:e1:af:a1:a5:db:91:64:db:22:62:d4:
f5:09:f0:2a:cb:c5:6d:71:04:76:af:29:5d:61:97:2b:75:77:
ed:a6:9d:0a:59:36:ff:af:7c:f4:04:bf:ac:4b:96:37:6c:61:
2e:93:f6:c9:42:78:73:6f:3b:ce:ca:bd:6e:ca:b3:34:f8:6b:
e1:24:77:c2:2f:3c:13:68:19:00:7d:50:cf:c0:5f:bb:86:4d:
08:a8:66:37:a4:6b:c6:9c:54:48:5f:13:63:ce:f3:35:0f:5d:
ad:dd:20:07:36:49:24:51:59:1b:57:5e:40:c9:b1:85:96:15:
6a:e7:68:f2
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYabgeBq10rXbJ1d4QFS4LBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwMzAxMDQ1MDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc2NzM4NjBhZjJhOGY1NTY5ODEzNjJlMjcxMjAwZDgwOTFkMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/bkiw5e7sAAQbBMVl3ilb10QbgY
8A9Ssb2hKsIpW4/0vftzPGm7o/yynUREPWqmv+wEJTZRBDZMl0gf9RceQC8s8uL3
ZnS/yqQ1kLxrU1SVmd8RI9gahHAFSz1lhsJI6hJ8m21noGJlQuT3UDIc/5sOVfyI
P4TgIbJbokgVZ3dOXhBoRKMWX8vG9gKkKJC7bjgQfa0Xx6beQWpAbbG1Ag066KVE
ZxFvHT0tcrMHVDtDIoOJDRDXWvqAsTzXTyVnSREkTeKe3dkgHQKjhtrKyLvaiMVm
cPjICifNwVp7F7Xey+Umkfc6VmFvbzW2fxB6PRlTOlKtDVRhubWVDPknUwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFEl2c4YK8qj1VpgTYuJxIA2AkdGqMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvU1haemhncnlxUFZXbUJOaTRuRWdEWUNSMGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAH6o3AwQD
JTGQAwQAXkqTAwQAXkqcAwQBXkqeAwQAXkqkAwQBXkqoAwQAXkqrAwQAXkqtAwQA
Xkq7AwQAXkq/AwQDbcugMAwDBAewLoADBAGwLogwDQYJKoZIhvcNAQELBQADggEB
AAhwGOjpSTClMJVaeduWIlj2W4XQbkmMJDj3rW0RMpoY0w7MCbQw6QUqYS0Nt9I9
oKbYDtWnwsnpkQj0Kb5B36v+hYBSddKpa3f2igMVovuXbImnte7GRNw1AI6/7/ow
iWJu6K+BsBjQFYs5YtH87S2Ocq+b5K6k2aegnHuiOdbwd9ym7ezhr6Gl25Fk2yJi
1PUJ8CrLxW1xBHavKV1hlyt1d+2mnQpZNv+vfPQEv6xLljdsYS6T9slCeHNvO87K
vW7KszT4a+Ekd8IvPBNoGQB9UM/AX7uGTQioZjeka8acVEhfE2PO8zUPXa3dIAc2
SSRRWRtXXkDJsYWWFWrnaPI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:42 2025 by rpki-client