Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/xWtUFfRH0syWTf9KYcuYxBq-Scg.roa
File: xWtUFfRH0syWTf9KYcuYxBq-Scg.roa (raw, json)
Hash identifier: Z0P2NSE6BoCEUsRQfWTgAL8+08qO7gUWnjZBAqKJbaM=
Subject key identifier: C5:6B:54:15:F4:47:D2:CC:96:4D:FF:4A:61:CB:98:C4:1A:BE:49:C8
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0182D0A4C8E2A7CA322B5F138043517B3910
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/xWtUFfRH0syWTf9KYcuYxBq-Scg.roa
Signing time: Wed 24 Aug 2022 16:17:16 +0000
ROA not before: Wed 24 Aug 2022 16:17:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/21 maxlen: 24
37.49.144.0/21 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
176.46.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d0:a4:c8:e2:a7:ca:32:2b:5f:13:80:43:51:7b:39:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Aug 24 16:17:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c56b5415f447d2cc964dff4a61cb98c41abe49c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2f:2f:34:8f:83:9a:c8:27:4c:71:11:90:4f:
25:12:71:d5:af:f3:1d:ab:69:ed:89:b8:98:e7:23:
c3:78:01:61:8b:ef:64:8c:fd:9e:07:1c:88:45:1f:
54:13:3c:e8:b5:bb:6d:cd:35:c2:d1:93:57:28:4d:
cd:ee:80:73:36:d7:f1:f1:08:0e:17:b5:22:5a:94:
2f:8d:9e:5f:9e:c4:e7:49:28:f8:4a:ab:fd:5d:84:
95:a0:ce:7d:36:d1:00:a7:3c:fb:bf:50:13:de:c6:
ea:61:80:34:8e:c9:7c:3f:18:35:48:5f:75:82:ca:
6f:52:d6:84:72:df:6c:2e:7b:fe:48:ee:7d:76:70:
93:66:4c:d2:f7:bb:b0:fb:97:a0:68:6a:e5:dd:dd:
79:2d:d0:88:49:21:35:41:59:f8:ec:bc:38:36:15:
bf:49:51:e9:e7:09:2e:b9:97:5f:1f:1f:71:31:95:
dd:7f:a3:3a:fd:24:87:78:5d:b5:9c:5e:e7:33:2e:
73:d5:fe:8c:57:98:92:30:ad:fd:b2:a1:9b:2a:79:
a2:04:3e:aa:42:5d:7a:79:5b:1d:ca:35:98:40:91:
d5:86:de:42:f8:81:d1:f0:98:2e:92:b5:2d:d6:37:
3d:51:ab:80:a9:2e:4d:32:11:76:c7:ba:2c:cc:62:
3d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6B:54:15:F4:47:D2:CC:96:4D:FF:4A:61:CB:98:C4:1A:BE:49:C8
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/xWtUFfRH0syWTf9KYcuYxBq-Scg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
37.49.144.0/21
94.74.128.0/18
109.203.160.0/21
176.46.128.0/19
Signature Algorithm: sha256WithRSAEncryption
78:5b:95:62:36:19:ac:29:14:04:f8:a7:28:6b:a7:d3:27:c5:
79:d0:28:27:5d:70:5d:85:f3:97:33:88:a2:47:d8:c0:9e:26:
ef:43:d6:70:0e:3a:09:48:fb:01:27:b1:ec:59:66:a2:0e:b7:
57:74:87:ab:46:53:9b:9b:aa:89:84:63:3d:c2:6f:9a:10:f2:
b1:ea:ad:27:17:f6:97:2c:4a:38:f9:2b:4f:2d:4b:18:8d:35:
e2:b5:48:b8:f1:c8:2d:be:ae:05:bc:90:a9:d0:25:7d:fb:1e:
8c:d0:c1:56:65:c3:2e:7f:5d:0e:29:48:95:3a:c7:c8:79:a9:
63:be:89:f6:04:7e:9c:99:3f:4a:a8:7d:79:f9:50:c1:f9:8e:
e6:7f:97:c8:23:17:63:36:c5:c5:d3:3c:60:11:16:64:79:82:
fb:75:2b:73:d1:fa:e6:9c:92:c4:c1:38:e4:e5:53:8c:b4:f7:
71:8b:5a:c8:0e:e7:99:06:c8:17:5e:e6:cc:04:7b:35:2a:e5:
95:b0:3d:80:e6:7b:60:32:d5:85:03:52:a8:e6:00:dc:b6:f5:
b8:c5:e6:24:81:ae:f8:6b:e1:c7:82:a8:80:f3:69:a2:91:a9:
a7:0d:42:bd:ed:97:e1:21:7c:3e:a7:9c:21:e8:9e:f8:38:1b:
0b:06:fd:e6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYLQpMjip8oyK18TgENRezkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIwODI0MTYxNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZiNTQxNWY0NDdkMmNjOTY0ZGZmNGE2MWNiOThjNDFhYmU0OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC8vNI+DmsgnTHERkE8lEnHVr/Md
q2ntibiY5yPDeAFhi+9kjP2eBxyIRR9UEzzotbttzTXC0ZNXKE3N7oBzNtfx8QgO
F7UiWpQvjZ5fnsTnSSj4Sqv9XYSVoM59NtEApzz7v1AT3sbqYYA0jsl8Pxg1SF91
gspvUtaEct9sLnv+SO59dnCTZkzS97uw+5egaGrl3d15LdCISSE1QVn47Lw4NhW/
SVHp5wkuuZdfHx9xMZXdf6M6/SSHeF21nF7nMy5z1f6MV5iSMK39sqGbKnmiBD6q
Ql16eVsdyjWYQJHVht5C+IHR8JgukrUt1jc9UauAqS5NMhF2x7oszGI9hQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMVrVBX0R9LMlk3/SmHLmMQavknIMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEveFd0VUZmUkgwc3lXVGY5S1ljdVl4QnEtU2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEH6owAwQD
JTGQAwQGXkqAAwQDbcugAwQFsC6AMA0GCSqGSIb3DQEBCwUAA4IBAQB4W5ViNhms
KRQE+Kcoa6fTJ8V50CgnXXBdhfOXM4iiR9jAnibvQ9ZwDjoJSPsBJ7HsWWaiDrdX
dIerRlObm6qJhGM9wm+aEPKx6q0nF/aXLEo4+StPLUsYjTXitUi48cgtvq4FvJCp
0CV9+x6M0MFWZcMuf10OKUiVOsfIealjvon2BH6cmT9KqH15+VDB+Y7mf5fIIxdj
NsXF0zxgERZkeYL7dStz0frmnJLEwTjk5VOMtPdxi1rIDueZBsgXXubMBHs1KuWV
sD2A5ntgMtWFA1Ko5gDctvW4xeYkga74a+HHgqiA82mikamnDUK97ZfhIXw+p5wh
6J74OBsLBv3m
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:53 2025 by rpki-client