Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/XvWGVcfsYha6PPevZQhwtYkhMHo.roa
File: XvWGVcfsYha6PPevZQhwtYkhMHo.roa (raw, json)
Hash identifier: Myy4fD76PB+r+zo0cvhtfCU6XW5QZ71tJGrCTaE2JOc=
Subject key identifier: 5E:F5:86:55:C7:EC:62:16:BA:3C:F7:AF:65:08:70:B5:89:21:30:7A
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018DD9F01CA26294C814668574FBCB23C956
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/XvWGVcfsYha6PPevZQhwtYkhMHo.roa
Signing time: Sat 24 Feb 2024 07:06:48 +0000
ROA not before: Sat 24 Feb 2024 07:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.190.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d9:f0:1c:a2:62:94:c8:14:66:85:74:fb:cb:23:c9:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 24 07:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ef58655c7ec6216ba3cf7af650870b58921307a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:89:b2:6b:82:96:4a:0c:4e:c0:ac:d0:47:e3:
6e:96:86:e6:a1:82:0e:0f:fe:20:61:f2:df:d2:0c:
8e:1b:ec:26:50:d9:80:22:80:4e:77:03:0f:be:37:
93:d2:5d:e1:04:de:e9:37:d1:04:ed:30:50:53:b5:
2a:ab:8f:ab:9e:37:7f:a5:38:2b:73:3c:78:57:08:
af:28:81:7b:a9:96:0a:07:5b:91:30:98:78:2a:87:
24:e5:31:06:d2:e6:b6:a6:a4:ea:c3:aa:e1:e4:61:
90:f9:93:ec:d3:61:7c:35:52:dc:f9:3d:93:74:63:
6a:4b:a8:23:db:ec:46:81:a7:d9:f5:38:58:bb:57:
f2:58:ee:14:2f:bd:bd:f9:30:fb:8b:12:99:9a:d7:
52:c5:0d:42:bd:91:e2:4f:40:30:a6:7b:3c:7e:73:
35:6a:aa:d7:e8:40:28:09:00:a9:63:e1:ea:cf:cd:
25:cb:75:95:0b:2d:1f:d7:b0:0c:20:d3:ab:26:5b:
67:6b:74:25:d4:8a:ed:f9:53:2b:f5:5a:8a:ed:07:
a3:f3:0e:c2:4d:1b:b9:68:f5:36:90:5b:f0:9e:7d:
6d:92:49:6d:d5:91:a6:71:bc:9f:18:66:95:cb:a5:
4d:79:1f:11:86:60:d5:38:b0:1d:fc:b5:0f:58:57:
ed:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F5:86:55:C7:EC:62:16:BA:3C:F7:AF:65:08:70:B5:89:21:30:7A
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/XvWGVcfsYha6PPevZQhwtYkhMHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.166.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:28:9a:85:5c:d2:18:36:6b:8a:4f:0f:48:64:ca:aa:c3:c0:
73:59:46:74:be:2b:af:df:88:e3:ee:b0:5a:e6:df:51:7c:6e:
75:e5:23:a0:fc:6c:d9:c5:a4:b4:56:60:61:6c:58:42:f2:e5:
c7:15:7e:a4:e1:2f:c7:eb:30:66:54:cd:4c:40:2e:c6:e5:db:
07:f0:75:ca:9d:5d:7a:a9:6c:a4:05:af:c1:be:32:92:69:09:
35:1b:0d:7f:eb:7d:16:55:2d:ed:b8:55:13:cc:0c:23:db:ee:
f5:6c:2c:7f:eb:0c:04:98:00:f0:cf:49:4b:5e:a8:e9:50:e3:
24:17:5a:68:f5:4f:48:04:9c:52:76:8d:df:4f:2e:58:15:8f:
04:bd:97:e5:b1:75:f6:2d:40:54:4a:a3:15:fb:27:71:07:4c:
fd:bc:92:e5:8a:0b:bc:08:2b:f1:32:31:3c:d7:4a:24:ab:04:
aa:a5:17:d2:d5:fc:2d:5d:14:99:af:e7:75:fc:62:31:8e:c4:
67:4a:0f:37:8c:d0:59:ba:14:05:d6:8a:c3:55:32:e8:a9:b1:
e4:86:e8:0f:19:e0:17:8b:dd:a8:5e:e1:f8:af:35:d3:a9:b1:
5d:7b:a0:ec:ef:74:54:65:97:0c:43:52:c5:5c:2b:cb:3c:61:
f1:88:4b:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3Z8ByiYpTIFGaFdPvLI8lWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMjI0MDcwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY1ODY1NWM3ZWM2MjE2YmEzY2Y3YWY2NTA4NzBiNTg5MjEzMDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4mya4KWSgxOwKzQR+NulobmoYIO
D/4gYfLf0gyOG+wmUNmAIoBOdwMPvjeT0l3hBN7pN9EE7TBQU7Uqq4+rnjd/pTgr
czx4VwivKIF7qZYKB1uRMJh4Kock5TEG0ua2pqTqw6rh5GGQ+ZPs02F8NVLc+T2T
dGNqS6gj2+xGgafZ9ThYu1fyWO4UL729+TD7ixKZmtdSxQ1CvZHiT0Awpns8fnM1
aqrX6EAoCQCpY+Hqz80ly3WVCy0f17AMINOrJltna3Ql1Irt+VMr9VqK7Qej8w7C
TRu5aPU2kFvwnn1tkklt1ZGmcbyfGGaVy6VNeR8RhmDVOLAd/LUPWFft/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF71hlXH7GIWujz3r2UIcLWJITB6MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWHZXR1ZjZnNZaGE2UFBldlpRaHd0WWtoTUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEH6owAwQG
XkqAAwQAbcumMA0GCSqGSIb3DQEBCwUAA4IBAQCKKJqFXNIYNmuKTw9IZMqqw8Bz
WUZ0viuv34jj7rBa5t9RfG515SOg/GzZxaS0VmBhbFhC8uXHFX6k4S/H6zBmVM1M
QC7G5dsH8HXKnV16qWykBa/BvjKSaQk1Gw1/630WVS3tuFUTzAwj2+71bCx/6wwE
mADwz0lLXqjpUOMkF1po9U9IBJxSdo3fTy5YFY8EvZflsXX2LUBUSqMV+ydxB0z9
vJLligu8CCvxMjE810okqwSqpRfS1fwtXRSZr+d1/GIxjsRnSg83jNBZuhQF1orD
VTLoqbHkhugPGeAXi92oXuH4rzXTqbFde6Ds73RUZZcMQ1LFXCvLPGHxiEsP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:48 2025 by rpki-client