Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/gQ9zRjMhrCpG0gHM2I0HOBox5m4.roa
File: gQ9zRjMhrCpG0gHM2I0HOBox5m4.roa (raw, json)
Hash identifier: 8Pf7DEgefSNMp2W8RC0qUmLdxtBwTMIc4ES6SI3ywZA=
Subject key identifier: 81:0F:73:46:33:21:AC:2A:46:D2:01:CC:D8:8D:07:38:1A:31:E6:6E
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01899BFFEABC01336AE3A5300B710A27206B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/gQ9zRjMhrCpG0gHM2I0HOBox5m4.roa
Signing time: Fri 28 Jul 2023 10:16:27 +0000
ROA not before: Fri 28 Jul 2023 10:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 176.46.140.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.144.0/20 maxlen: 24
31.170.55.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
176.46.132.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
37.49.144.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:ff:ea:bc:01:33:6a:e3:a5:30:0b:71:0a:27:20:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 28 10:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=810f73463321ac2a46d201ccd88d07381a31e66e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:76:51:64:f8:e0:2f:55:0a:5c:14:93:5e:cb:
0e:1c:06:a5:d2:a4:27:1a:3d:0a:c7:c1:8d:15:c9:
8d:85:df:05:3d:4e:1d:e4:61:1f:d7:3d:af:0c:bc:
d3:87:ce:86:73:1c:1a:e8:be:0f:bb:5c:21:4b:f7:
c5:14:e9:e3:0f:85:ec:69:7c:a9:19:d6:9d:60:c5:
75:ed:69:d2:7c:71:ab:73:8c:e0:5c:31:c6:02:8b:
46:93:2f:72:a2:3b:24:33:22:4a:53:d4:ff:57:f3:
8d:40:3b:c4:0a:3e:90:af:43:35:97:0a:32:06:2b:
1a:a8:77:10:c3:a2:9e:be:4f:fd:21:72:b1:c6:14:
98:98:64:c4:11:ec:77:eb:9b:aa:51:49:4f:d5:a8:
7b:3d:e3:68:2b:c3:ca:9b:44:f1:f8:3e:ce:ed:45:
1f:e9:25:16:bf:44:2d:69:b7:67:0d:0d:10:63:f9:
6b:94:da:e5:b0:3b:8e:00:38:a7:98:45:c2:b2:c9:
57:50:1d:8b:c7:ee:bb:ee:74:5d:00:96:57:ab:59:
50:c8:19:5b:4c:72:43:46:6c:d7:88:61:ed:af:d9:
93:07:1b:14:cf:f6:84:72:e7:ea:ec:f2:4b:bb:84:
ec:ab:18:cd:9f:26:0c:8d:a9:3c:58:8c:6b:79:3e:
ac:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:0F:73:46:33:21:AC:2A:46:D2:01:CC:D8:8D:07:38:1A:31:E6:6E
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/gQ9zRjMhrCpG0gHM2I0HOBox5m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.144.0/24
94.74.140.0/24
94.74.147.0/24
94.74.164.0/24
94.74.171.0/24
94.74.187.0/24
109.203.164.0/24
109.203.166.0/24
176.46.128.0/24
176.46.131.0-176.46.132.255
176.46.140.0/24
176.46.143.0-176.46.159.255
Signature Algorithm: sha256WithRSAEncryption
67:75:ed:74:f1:4b:8b:7d:ab:10:c3:dc:20:fb:fb:29:ef:6d:
52:98:3f:bc:29:b0:39:a7:0a:50:87:1b:c6:73:09:41:d1:cc:
6a:8e:7b:6d:50:fa:1c:50:1f:1f:18:aa:a3:9e:11:31:ab:03:
2d:ab:0a:3f:7c:90:ec:56:9b:5c:90:5e:a7:56:30:bd:d6:1b:
0b:10:d7:02:31:53:67:86:1d:67:9b:12:61:48:14:13:36:24:
82:4f:0a:8e:67:42:47:be:85:86:a5:8b:9e:59:13:ad:91:79:
56:fe:d4:0a:5a:75:f9:e6:21:99:5f:85:8a:b6:05:72:73:9b:
29:91:ad:a4:02:4d:85:a2:42:f1:15:96:80:7b:e4:69:f5:0c:
dc:3c:fd:fd:7b:9a:d5:10:b8:5b:4f:bb:f7:c7:04:c2:52:77:
8d:bc:ba:3c:20:24:3f:6c:bd:26:86:31:ab:12:f6:72:98:04:
7b:0e:c1:ec:76:ec:10:59:ba:ae:30:03:9c:97:bb:37:a9:b3:
20:b0:29:62:9d:c3:d2:0f:0c:4f:5c:06:6b:2c:03:b8:48:b6:
39:04:3f:59:3a:d6:ce:29:93:a5:b2:a2:66:03:86:e9:0e:0a:
93:0e:e1:27:ff:88:50:ae:cb:f6:a1:d9:7b:71:aa:c8:44:d9:
05:bb:2f:6b
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYmb/+q8ATNq46UwC3EKJyBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjMwNzI4MTAxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTBmNzM0NjMzMjFhYzJhNDZkMjAxY2NkODhkMDczODFhMzFlNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XZRZPjgL1UKXBSTXssOHAal0qQn
Gj0Kx8GNFcmNhd8FPU4d5GEf1z2vDLzTh86Gcxwa6L4Pu1whS/fFFOnjD4XsaXyp
GdadYMV17WnSfHGrc4zgXDHGAotGky9yojskMyJKU9T/V/ONQDvECj6Qr0M1lwoy
BisaqHcQw6Kevk/9IXKxxhSYmGTEEex365uqUUlP1ah7PeNoK8PKm0Tx+D7O7UUf
6SUWv0QtabdnDQ0QY/lrlNrlsDuOADinmEXCsslXUB2Lx+677nRdAJZXq1lQyBlb
THJDRmzXiGHtr9mTBxsUz/aEcufq7PJLu4TsqxjNnyYMjak8WIxreT6s8wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFIEPc0YzIawqRtIBzNiNBzgaMeZuMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZ1E5elJqTWhyQ3BHMGdITTJJMEhPQm94NW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAH6o3AwQA
JTGQAwQAXkqMAwQAXkqTAwQAXkqkAwQAXkqrAwQAXkq7AwQAbcukAwQAbcumAwQA
sC6AMAwDBACwLoMDBACwLoQDBACwLowwDAMEALAujwMEBbAugDANBgkqhkiG9w0B
AQsFAAOCAQEAZ3XtdPFLi32rEMPcIPv7Ke9tUpg/vCmwOacKUIcbxnMJQdHMao57
bVD6HFAfHxiqo54RMasDLasKP3yQ7FabXJBep1YwvdYbCxDXAjFTZ4YdZ5sSYUgU
EzYkgk8KjmdCR76FhqWLnlkTrZF5Vv7UClp1+eYhmV+FirYFcnObKZGtpAJNhaJC
8RWWgHvkafUM3Dz9/Xua1RC4W0+798cEwlJ3jby6PCAkP2y9JoYxqxL2cpgEew7B
7HbsEFm6rjADnJe7N6mzILApYp3D0g8MT1wGaywDuEi2OQQ/WTrWzimTpbKiZgOG
6Q4Kkw7hJ/+IUK7L9qHZe3GqyETZBbsvaw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:51 2025 by rpki-client