Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eCvyGHyJioRHQbdZzu4hIQKH0z8.roa
File: eCvyGHyJioRHQbdZzu4hIQKH0z8.roa (raw, json)
Hash identifier: atxnyH8OjwmKZbLhWFitNH7GALGhZF8LHM8tw9kW8RA=
Subject key identifier: 78:2B:F2:18:7C:89:8A:84:47:41:B7:59:CE:EE:21:21:02:87:D3:3F
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0182D0A4C9BC70934DCEE3970BAC50DAADCE
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eCvyGHyJioRHQbdZzu4hIQKH0z8.roa
Signing time: Wed 24 Aug 2022 16:17:16 +0000
ROA not before: Wed 24 Aug 2022 16:17:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 109.203.172.0/22 maxlen: 24
109.203.168.0/22 maxlen: 24
109.203.176.0/22 maxlen: 24
109.203.180.0/22 maxlen: 24
109.203.184.0/21 maxlen: 24
94.74.152.0/22 maxlen: 24
185.34.162.0/24 maxlen: 24
185.34.160.0/23 maxlen: 24
185.34.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d0:a4:c9:bc:70:93:4d:ce:e3:97:0b:ac:50:da:ad:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Aug 24 16:17:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=782bf2187c898a844741b759ceee21210287d33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:b3:a3:68:3e:25:d8:d4:aa:05:b1:4d:65:
5e:57:7b:73:1a:10:89:ff:78:fa:2f:aa:c0:67:68:
2e:55:1f:92:bf:7f:68:4a:ed:54:5f:02:7b:1c:56:
db:b5:f2:42:ad:44:a9:95:dc:47:94:75:f8:d3:5e:
d5:aa:94:fc:86:b1:6a:50:cc:01:42:e1:ed:fa:93:
59:b8:22:b4:47:4a:48:b2:17:e0:29:f0:e3:58:a1:
75:5c:70:98:fb:34:fe:68:3e:95:67:75:a4:ec:ff:
aa:9d:43:24:35:8f:e1:1d:d4:cb:93:8e:5e:67:b8:
fd:d7:aa:52:a0:c5:fe:4b:67:16:34:14:b5:ee:3d:
71:74:c8:2f:86:6f:90:48:14:1e:c4:3c:56:a7:bb:
7e:b8:28:95:73:75:91:83:64:63:a7:dc:c6:ef:8a:
cf:0f:1a:2c:e1:0e:6a:45:59:1e:ac:b9:3a:4f:60:
b1:74:a7:25:16:02:78:59:d6:20:82:f2:60:e8:82:
0e:7a:0b:99:e0:e3:33:8b:21:c2:79:fb:67:c5:9f:
08:43:71:a4:c7:8c:fe:d7:dc:a2:95:40:74:90:d1:
b4:8f:95:0b:c4:41:99:23:e1:18:59:af:8e:c5:a7:
c9:69:5e:e6:7e:d1:4c:3b:b5:db:ce:79:24:50:8e:
7b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:2B:F2:18:7C:89:8A:84:47:41:B7:59:CE:EE:21:21:02:87:D3:3F
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eCvyGHyJioRHQbdZzu4hIQKH0z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.152.0/22
109.203.168.0-109.203.191.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:02:f3:f3:45:58:9b:a3:e0:74:fa:9a:3b:df:2b:40:18:ba:
b1:7c:6b:bd:8b:fb:6f:7e:7e:cf:29:5f:8d:f7:0d:0e:d3:88:
33:17:e3:8a:5d:2d:e0:38:4c:9a:60:e9:37:03:da:e6:27:d5:
13:96:31:8e:8e:54:72:c3:43:65:91:50:fe:12:d5:8a:fb:aa:
8c:07:e4:05:bb:4b:2c:52:ac:9c:54:8b:39:00:3b:f2:84:a9:
c4:e2:e3:7c:5e:5f:19:1e:75:3a:ae:9b:05:e2:b2:5b:27:f8:
10:e1:0b:ea:1d:80:01:d8:05:2a:17:a8:67:ba:e0:b9:dd:3f:
ef:d6:66:27:a8:9a:cc:ed:3a:aa:23:16:f5:01:bc:83:7b:db:
96:5d:0b:4a:48:8a:5f:a7:86:26:e4:66:74:70:f0:b0:e9:a9:
76:f9:b4:5c:fe:df:54:9a:45:4b:7f:3e:3d:ea:9c:7e:cf:c9:
83:2a:af:b8:83:9c:f0:de:d7:d5:7f:6a:e6:94:c8:cc:ab:72:
78:4e:d7:1a:7e:db:f6:02:7c:41:4a:1e:99:f0:2d:4f:ce:9c:
d9:9c:5b:10:d8:f8:79:ac:24:3c:bb:52:36:20:96:49:66:24:
cb:11:a3:7a:b9:11:7c:ae:ad:0d:a2:b8:6a:24:cf:39:39:bc:
ae:9f:1d:66
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYLQpMm8cJNNzuOXC6xQ2q3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIwODI0MTYxNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODJiZjIxODdjODk4YTg0NDc0MWI3NTljZWVlMjEyMTAyODdkMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtryzo2g+JdjUqgWxTWVeV3tzGhCJ
/3j6L6rAZ2guVR+Sv39oSu1UXwJ7HFbbtfJCrUSpldxHlHX4017VqpT8hrFqUMwB
QuHt+pNZuCK0R0pIshfgKfDjWKF1XHCY+zT+aD6VZ3Wk7P+qnUMkNY/hHdTLk45e
Z7j916pSoMX+S2cWNBS17j1xdMgvhm+QSBQexDxWp7t+uCiVc3WRg2Rjp9zG74rP
Dxos4Q5qRVkerLk6T2CxdKclFgJ4WdYggvJg6IIOeguZ4OMziyHCeftnxZ8IQ3Gk
x4z+19yilUB0kNG0j5ULxEGZI+EYWa+OxafJaV7mftFMO7XbznkkUI57dQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHgr8hh8iYqER0G3Wc7uISECh9M/MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZUN2eUdIeUppb1JIUWJkWnp1NGhJUUtIMHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCXkqYMAwD
BANty6gDBAZty4ADBAK5IqAwDQYJKoZIhvcNAQELBQADggEBADwC8/NFWJuj4HT6
mjvfK0AYurF8a72L+29+fs8pX433DQ7TiDMX44pdLeA4TJpg6TcD2uYn1ROWMY6O
VHLDQ2WRUP4S1Yr7qowH5AW7SyxSrJxUizkAO/KEqcTi43xeXxkedTqumwXislsn
+BDhC+odgAHYBSoXqGe64LndP+/WZieomsztOqojFvUBvIN725ZdC0pIil+nhibk
ZnRw8LDpqXb5tFz+31SaRUt/Pj3qnH7PyYMqr7iDnPDe19V/auaUyMyrcnhO1xp+
2/YCfEFKHpnwLU/OnNmcWxDY+HmsJDy7UjYglklmJMsRo3q5EXyurQ2iuGokzzk5
vK6fHWY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:41 2025 by rpki-client