Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/b2uaiQYgsh1T0U_JHBtvUsSjTrI.roa
File: b2uaiQYgsh1T0U_JHBtvUsSjTrI.roa (raw, json)
Hash identifier: nxfCgC6dsnplLFkJXlK9ZL1ckIq+cA6iMxJ5lq+za1g=
Subject key identifier: 6F:6B:9A:89:06:20:B2:1D:53:D1:4F:C9:1C:1B:6F:52:C4:A3:4E:B2
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018C7D3A9133B776B5A90EDF1CD177583099
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/b2uaiQYgsh1T0U_JHBtvUsSjTrI.roa
Signing time: Mon 18 Dec 2023 14:00:39 +0000
ROA not before: Mon 18 Dec 2023 14:00:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:3a:91:33:b7:76:b5:a9:0e:df:1c:d1:77:58:30:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 18 14:00:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f6b9a890620b21d53d14fc91c1b6f52c4a34eb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:43:27:44:76:93:be:02:62:d7:7c:1d:a5:
e4:47:ff:2c:06:c1:a4:69:b2:ec:bb:41:9c:57:bd:
59:61:f0:7a:ce:cd:2b:cb:45:ac:bf:f0:b0:54:87:
4d:00:eb:92:fb:a1:6b:58:44:d6:dc:c6:09:a8:a5:
5c:9e:3e:47:f0:32:52:2a:55:35:8f:cb:f1:8c:43:
2e:d3:c8:a0:98:df:80:39:0f:ac:8e:0d:0b:e1:a4:
a8:52:4b:4d:73:dc:75:5b:5a:31:b1:ce:e4:1f:4e:
70:81:02:a3:e0:d4:cb:77:9a:42:2d:36:3a:2f:1e:
e4:79:2e:ee:1e:3e:55:bc:3e:5e:6b:6e:f4:3b:f7:
44:29:bf:4e:6a:98:cc:b7:0a:25:33:01:e6:b4:df:
b6:7e:49:05:8c:36:9f:34:af:fc:d7:7f:c4:7f:57:
c9:26:72:ef:f6:14:9f:8e:94:0b:1f:1b:d4:e1:88:
44:43:bb:3f:98:2c:7b:d9:71:5b:55:81:4e:bd:42:
20:bb:6a:eb:81:d2:8c:94:fb:1f:d8:17:eb:c0:ba:
06:e0:a3:1f:cc:56:eb:30:d0:7e:45:46:68:ea:2d:
52:7d:a0:d3:b5:b4:3a:80:b2:c0:f5:09:ab:ee:da:
fb:44:f0:7d:58:22:d4:5b:80:9d:b4:01:19:94:c5:
bd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:6B:9A:89:06:20:B2:1D:53:D1:4F:C9:1C:1B:6F:52:C4:A3:4E:B2
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/b2uaiQYgsh1T0U_JHBtvUsSjTrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.163.0/24
Signature Algorithm: sha256WithRSAEncryption
12:69:86:45:d6:48:13:40:fb:b1:b5:c9:03:c9:95:3b:b4:52:
8b:5b:24:61:8f:9c:54:84:4a:ea:58:51:61:ba:54:3b:08:16:
79:12:29:00:50:6d:a7:9e:88:50:5a:ef:54:37:48:6b:0f:9b:
53:68:53:ca:f1:b2:25:ae:17:02:07:9d:9d:f3:3f:56:da:4c:
7f:45:4a:ec:7c:5f:6b:7f:6d:a7:01:94:3d:c0:e1:72:84:a8:
d2:51:9e:72:37:1c:16:85:e7:0d:ae:94:63:95:20:03:4c:50:
3f:be:80:2e:35:44:9f:91:f3:3f:75:93:c2:9f:55:11:6f:49:
d5:96:ef:e7:cb:4d:61:b0:36:d2:5d:1b:f2:6a:91:1a:68:cd:
fa:a8:ec:ce:89:2f:fd:a7:2f:d5:66:0a:63:66:8a:14:f8:41:
60:20:f5:8b:3e:a0:3c:8c:77:56:3c:6c:29:39:e1:52:af:c0:
6f:c1:bd:a7:7c:28:c9:9d:a5:c8:95:7d:01:ee:f5:d2:3c:56:
a4:1a:c1:c7:f9:d3:db:0c:6b:7a:d9:94:0a:ce:18:49:0a:02:
41:20:48:11:d2:3b:61:22:67:6f:64:f6:3a:e7:d0:38:fc:ae:
8a:57:e8:53:33:94:05:c0:77:cf:d1:50:00:3a:c3:78:7c:96:
3f:d0:bf:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx9OpEzt3a1qQ7fHNF3WDCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMxMjE4MTQwMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjZiOWE4OTA2MjBiMjFkNTNkMTRmYzkxYzFiNmY1MmM0YTM0ZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG5DJ0R2k74CYtd8HaXkR/8sBsGk
abLsu0GcV71ZYfB6zs0ry0Wsv/CwVIdNAOuS+6FrWETW3MYJqKVcnj5H8DJSKlU1
j8vxjEMu08igmN+AOQ+sjg0L4aSoUktNc9x1W1oxsc7kH05wgQKj4NTLd5pCLTY6
Lx7keS7uHj5VvD5ea270O/dEKb9OapjMtwolMwHmtN+2fkkFjDafNK/813/Ef1fJ
JnLv9hSfjpQLHxvU4YhEQ7s/mCx72XFbVYFOvUIgu2rrgdKMlPsf2BfrwLoG4KMf
zFbrMNB+RUZo6i1SfaDTtbQ6gLLA9Qmr7tr7RPB9WCLUW4CdtAEZlMW93wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG9rmokGILIdU9FPyRwbb1LEo06yMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvYjJ1YWlRWWdzaDFUMFVfSkhCdHZVc1NqVHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEH6owAwQG
XkqAAwQAbcujMA0GCSqGSIb3DQEBCwUAA4IBAQASaYZF1kgTQPuxtckDyZU7tFKL
WyRhj5xUhErqWFFhulQ7CBZ5EikAUG2nnohQWu9UN0hrD5tTaFPK8bIlrhcCB52d
8z9W2kx/RUrsfF9rf22nAZQ9wOFyhKjSUZ5yNxwWhecNrpRjlSADTFA/voAuNUSf
kfM/dZPCn1URb0nVlu/ny01hsDbSXRvyapEaaM36qOzOiS/9py/VZgpjZooU+EFg
IPWLPqA8jHdWPGwpOeFSr8Bvwb2nfCjJnaXIlX0B7vXSPFakGsHH+dPbDGt62ZQK
zhhJCgJBIEgR0jthImdvZPY659A4/K6KV+hTM5QFwHfP0VAAOsN4fJY/0L8h
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:00 2025 by rpki-client