Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/VOrd2qId5HIIKorCPPV6KraQpMU.roa
File: VOrd2qId5HIIKorCPPV6KraQpMU.roa (raw, json)
Hash identifier: CzBvzrUOvYdtl7CH+CMUyN9m4Zlux78NIrFZmp+Yhr8=
Subject key identifier: 54:EA:DD:DA:A2:1D:E4:72:08:2A:8A:C2:3C:F5:7A:2A:B6:90:A4:C5
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0183379E138D9134571BB8735CD6B5228C6F
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/VOrd2qId5HIIKorCPPV6KraQpMU.roa
Signing time: Tue 13 Sep 2022 16:10:49 +0000
ROA not before: Tue 13 Sep 2022 16:10:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 94.74.187.0/24 maxlen: 24
109.203.160.0/21 maxlen: 24
37.49.144.0/21 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:9e:13:8d:91:34:57:1b:b8:73:5c:d6:b5:22:8c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 13 16:10:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54eadddaa21de472082a8ac23cf57a2ab690a4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c8:c0:1a:cb:05:19:a6:83:d5:c5:af:e4:e6:
fc:c1:fc:6e:ed:0a:6f:7e:52:e9:76:c0:07:63:75:
65:59:45:7e:f8:02:b9:1e:39:52:22:50:50:7f:47:
cf:b5:57:73:67:99:31:bc:d3:5a:d1:d8:1b:b4:88:
a6:1b:41:70:ad:2c:42:cc:06:a7:01:e6:62:e5:7f:
bf:06:ec:48:80:2a:84:2f:a4:20:93:90:e2:ab:09:
fc:66:88:42:90:b2:1d:55:55:ac:c2:40:eb:a9:5a:
4c:c5:1e:bf:5c:81:1b:83:bf:eb:f5:49:45:6e:33:
3a:2a:06:de:1b:96:2f:18:b9:ef:f8:7b:18:62:e2:
16:1e:a9:34:f4:00:d5:93:c9:f3:65:60:2c:b0:b7:
95:b9:1b:3f:12:3c:af:f4:51:32:9e:3d:4a:81:af:
40:df:f4:fa:ee:19:83:55:39:44:73:7f:0b:55:60:
f5:8f:fa:58:aa:bc:5c:66:49:a5:5e:a8:92:6d:86:
8e:58:cc:ce:53:74:b0:fe:87:b9:1b:76:a0:70:46:
58:58:9d:19:47:e4:a8:67:9e:a9:d3:40:3e:25:55:
da:fa:b1:b5:69:12:52:86:88:1b:e9:8b:44:1c:e4:
e8:ac:ec:20:54:9f:3f:cc:b1:e5:e0:23:4a:2d:10:
0b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:EA:DD:DA:A2:1D:E4:72:08:2A:8A:C2:3C:F5:7A:2A:B6:90:A4:C5
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/VOrd2qId5HIIKorCPPV6KraQpMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/21
94.74.137.0/24
94.74.147.0/24
94.74.159.0/24
94.74.164.0/24
94.74.169.0/24
94.74.187.0/24
109.203.160.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:a4:2d:c1:76:04:71:4f:77:ee:e3:7b:7a:ed:38:d2:74:ab:
7e:6b:33:f8:08:75:fe:a6:da:01:6f:46:36:9a:78:dd:13:fa:
09:c8:bb:12:8a:12:78:2a:da:74:47:7f:8c:9d:0e:54:f0:60:
bc:61:ec:74:48:ac:ce:33:16:75:0d:b0:77:93:47:11:38:5e:
f8:c2:47:8a:f6:0f:0b:15:a1:0c:30:10:f3:5e:55:23:22:81:
6f:68:92:02:de:2b:c1:e3:36:0e:48:35:25:bf:a8:a8:94:da:
9f:e9:5a:84:2e:ea:7d:64:1a:c1:e8:0b:4f:ee:a5:61:92:6e:
a1:52:64:54:1f:d0:40:50:b0:e7:50:66:42:ab:db:1e:f2:5e:
96:04:53:d4:33:e4:a0:c1:92:37:87:46:42:5b:aa:bd:99:c6:
37:9c:69:31:70:e6:e9:a3:2c:ee:0b:f9:60:8d:9d:c7:21:9a:
53:06:0b:85:7f:04:03:6a:cd:fb:69:97:e5:50:72:6f:6e:49:
c2:52:92:cb:7c:21:70:72:fd:8d:bb:32:8c:47:0e:74:5a:c0:
e0:4f:ba:8d:71:50:84:b5:82:1a:76:f5:1a:07:d6:8c:67:65:
ce:e9:68:62:c5:de:4c:e4:f1:5d:ab:7e:4a:8f:ef:31:3e:1f:
af:26:1d:d1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYM3nhONkTRXG7hzXNa1IoxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIwOTEzMTYxMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGVhZGRkYWEyMWRlNDcyMDgyYThhYzIzY2Y1N2EyYWI2OTBhNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosjAGssFGaaD1cWv5Ob8wfxu7Qpv
flLpdsAHY3VlWUV++AK5HjlSIlBQf0fPtVdzZ5kxvNNa0dgbtIimG0FwrSxCzAan
AeZi5X+/BuxIgCqEL6Qgk5Diqwn8ZohCkLIdVVWswkDrqVpMxR6/XIEbg7/r9UlF
bjM6KgbeG5YvGLnv+HsYYuIWHqk09ADVk8nzZWAssLeVuRs/Ejyv9FEynj1Kga9A
3/T67hmDVTlEc38LVWD1j/pYqrxcZkmlXqiSbYaOWMzOU3Sw/oe5G3agcEZYWJ0Z
R+SoZ56p00A+JVXa+rG1aRJShogb6YtEHOTorOwgVJ8/zLHl4CNKLRAL6wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFTq3dqiHeRyCCqKwjz1eiq2kKTFMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvVk9yZDJxSWQ1SElJS29yQ1BQVjZLcmFRcE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDJTGQAwQA
XkqJAwQAXkqTAwQAXkqfAwQAXkqkAwQAXkqpAwQAXkq7AwQDbcugMA0GCSqGSIb3
DQEBCwUAA4IBAQA8pC3BdgRxT3fu43t67TjSdKt+azP4CHX+ptoBb0Y2mnjdE/oJ
yLsSihJ4Ktp0R3+MnQ5U8GC8Yex0SKzOMxZ1DbB3k0cROF74wkeK9g8LFaEMMBDz
XlUjIoFvaJIC3ivB4zYOSDUlv6iolNqf6VqELup9ZBrB6AtP7qVhkm6hUmRUH9BA
ULDnUGZCq9se8l6WBFPUM+SgwZI3h0ZCW6q9mcY3nGkxcObpoyzuC/lgjZ3HIZpT
BguFfwQDas37aZflUHJvbknCUpLLfCFwcv2NuzKMRw50WsDgT7qNcVCEtYIadvUa
B9aMZ2XO6Whixd5M5PFdq35Kj+8xPh+vJh3R
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:40 2025 by rpki-client