Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/yI8z8cQz7EMEF7bkYJJosWYPqS8.roa
File: yI8z8cQz7EMEF7bkYJJosWYPqS8.roa (raw, json)
Hash identifier: ZkYV/umLpw1fVZsRSjkvTvPOOCvj1er/97BanWH9so0=
Subject key identifier: C8:8F:33:F1:C4:33:EC:43:04:17:B6:E4:60:92:68:B1:66:0F:A9:2F
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0184155BC3B81C7DB94BC1263D95B9DD4976
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/yI8z8cQz7EMEF7bkYJJosWYPqS8.roa
Signing time: Wed 26 Oct 2022 17:34:06 +0000
ROA not before: Wed 26 Oct 2022 17:34:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.160.0/19 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
185.34.160.0/22 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.168.0/23 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:15:5b:c3:b8:1c:7d:b9:4b:c1:26:3d:95:b9:dd:49:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 26 17:34:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c88f33f1c433ec430417b6e4609268b1660fa92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:fe:5a:b6:5f:aa:aa:d0:eb:92:8c:c7:c5:
61:e1:a9:4f:08:da:b9:07:f2:d7:2e:26:6b:d2:3a:
01:4f:8f:bc:ee:2b:2c:dc:a2:f2:ab:5d:bb:7e:41:
87:26:a2:9b:24:aa:24:a2:ca:84:94:2c:52:86:7a:
9f:4e:21:37:15:65:62:14:37:8f:3b:66:9e:58:3f:
8e:dc:67:1b:9a:98:89:4a:84:dd:87:76:60:be:31:
2a:88:58:ea:2b:0f:a0:d8:5e:ca:0a:e5:93:ed:30:
f9:43:e7:80:e4:fe:9d:56:5b:81:56:62:f5:0d:d4:
8f:10:fc:3f:a4:81:08:5b:7a:f7:e6:04:94:0c:be:
ed:24:16:1d:b8:bf:af:26:1d:89:c3:0b:2f:65:87:
5d:b9:19:a8:0b:15:90:15:87:da:d0:9d:74:10:7b:
19:82:31:54:d1:f5:af:47:3b:dd:0c:3c:0c:99:03:
f2:d2:c9:b3:da:9b:16:2f:aa:a9:88:36:27:f4:cf:
1b:cc:b8:2a:db:99:70:09:94:07:93:47:c5:29:2b:
f1:b6:0d:47:0e:f1:07:74:0b:b4:30:ed:8e:67:e3:
93:92:5c:ab:62:0e:54:1b:fd:46:12:87:61:df:1d:
a0:48:c5:bb:5b:5a:b3:5f:81:16:ba:bf:31:3a:93:
7b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:8F:33:F1:C4:33:EC:43:04:17:B6:E4:60:92:68:B1:66:0F:A9:2F
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/yI8z8cQz7EMEF7bkYJJosWYPqS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.160.0/19
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:48:6c:08:34:49:de:5f:4c:b6:1c:c2:ba:2e:3e:8a:75:c8:
e5:51:b7:2a:68:59:ef:a4:7d:75:6c:ba:f7:24:76:2f:a2:d4:
31:cf:75:f5:2f:ef:5c:5d:3d:b4:cd:0a:d8:9c:b4:3b:43:b0:
bb:4e:57:a9:92:e6:d9:f2:b2:85:c9:f0:9d:f0:1f:16:71:7f:
68:32:ce:c7:c5:bb:40:4c:cc:cc:1b:bf:c9:af:79:be:17:6f:
2d:3d:9c:a5:7e:03:02:23:1f:60:76:8f:fe:de:1b:4f:11:c0:
d5:75:20:91:87:cd:a5:c4:5e:55:97:a2:d6:15:06:7f:7d:de:
df:88:86:2e:38:8f:29:df:53:52:26:98:31:e7:aa:32:a6:d3:
66:8a:06:00:c5:ee:46:88:73:ce:b5:0f:39:9f:71:35:10:19:
9c:71:c2:11:d7:71:c7:28:ed:1b:f1:46:3a:45:78:95:bb:9a:
2d:ca:c5:c1:42:76:58:96:2a:83:80:73:d3:dd:71:26:6e:a6:
71:57:0e:26:f4:a6:be:d4:93:4c:2e:ce:66:10:6d:a8:45:e3:
27:57:e9:77:92:cb:d4:f0:73:c6:a0:7c:1a:e5:c5:ed:bc:5a:
37:e9:9a:2f:20:89:38:79:cf:d1:4b:a7:77:a0:36:28:5f:d0:
2e:cc:fb:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQVW8O4HH25S8EmPZW53Ul2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjIxMDI2MTczNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODhmMzNmMWM0MzNlYzQzMDQxN2I2ZTQ2MDkyNjhiMTY2MGZhOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3P+WrZfqqrQ65KMx8Vh4alPCNq5
B/LXLiZr0joBT4+87iss3KLyq127fkGHJqKbJKokosqElCxShnqfTiE3FWViFDeP
O2aeWD+O3GcbmpiJSoTdh3ZgvjEqiFjqKw+g2F7KCuWT7TD5Q+eA5P6dVluBVmL1
DdSPEPw/pIEIW3r35gSUDL7tJBYduL+vJh2JwwsvZYdduRmoCxWQFYfa0J10EHsZ
gjFU0fWvRzvdDDwMmQPy0smz2psWL6qpiDYn9M8bzLgq25lwCZQHk0fFKSvxtg1H
DvEHdAu0MO2OZ+OTklyrYg5UG/1GEodh3x2gSMW7W1qzX4EWur8xOpN7fQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMiPM/HEM+xDBBe25GCSaLFmD6kvMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEveUk4ejhjUXo3RU1FRjdia1lKSm9zV1lQcVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEH6owAwQG
XkqAAwQFbcugAwQCuSKgMA0GCSqGSIb3DQEBCwUAA4IBAQBKSGwINEneX0y2HMK6
Lj6KdcjlUbcqaFnvpH11bLr3JHYvotQxz3X1L+9cXT20zQrYnLQ7Q7C7TlepkubZ
8rKFyfCd8B8WcX9oMs7HxbtATMzMG7/Jr3m+F28tPZylfgMCIx9gdo/+3htPEcDV
dSCRh82lxF5Vl6LWFQZ/fd7fiIYuOI8p31NSJpgx56oyptNmigYAxe5GiHPOtQ85
n3E1EBmcccIR13HHKO0b8UY6RXiVu5otysXBQnZYliqDgHPT3XEmbqZxVw4m9Ka+
1JNMLs5mEG2oReMnV+l3ksvU8HPGoHwa5cXtvFo36ZovIIk4ec/RS6d3oDYoX9Au
zPtj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:31 2025 by rpki-client