Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/W4zdSWBDoDgPhiOZ2_vQTaprLzI.roa
File: W4zdSWBDoDgPhiOZ2_vQTaprLzI.roa (raw, json)
Hash identifier: EHrI/+qgk9JfAehxcbL+ot05VpiYO4cWHGWnq73uOLA=
Subject key identifier: 5B:8C:DD:49:60:43:A0:38:0F:86:23:99:DB:FB:D0:4D:AA:6B:2F:32
Certificate issuer: /CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Certificate serial: 019053A005434DA3DBD2C5BB489F16B4EEB5
Authority key identifier: A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/W4zdSWBDoDgPhiOZ2_vQTaprLzI.roa
Signing time: Wed 26 Jun 2024 08:18:34 +0000
ROA not before: Wed 26 Jun 2024 08:18:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 37.157.60.0/22 maxlen: 24
62.244.70.0/23 maxlen: 24
62.244.72.0/22 maxlen: 24
62.244.72.0/24 maxlen: 24
62.244.80.0/23 maxlen: 23
62.244.90.0/23 maxlen: 24
62.244.92.0/23 maxlen: 24
103.73.172.0/22 maxlen: 24
185.247.248.0/22 maxlen: 24
193.47.139.0/24 maxlen: 24
193.222.142.0/23 maxlen: 24
193.222.188.0/23 maxlen: 24
2a0d:4240::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:a0:05:43:4d:a3:db:d2:c5:bb:48:9f:16:b4:ee:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8cface114d8cdea6dc5e7a49943f322346cb35d
Validity
Not Before: Jun 26 08:18:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b8cdd496043a0380f862399dbfbd04daa6b2f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ac:8f:47:6f:d0:34:cd:ad:0a:5e:e5:e4:36:
63:c8:2c:f8:fe:36:fd:03:91:b1:ef:b5:e6:b1:b4:
fc:79:cc:3b:65:07:78:d6:a0:5b:79:07:91:04:9b:
3a:21:57:73:38:d2:25:07:98:72:c9:db:74:73:e2:
19:90:f5:f7:81:bf:76:8b:d5:e8:88:74:da:a2:07:
88:0d:6f:f1:8d:4f:44:c0:74:10:ef:29:e4:66:71:
3c:2b:8d:3f:f9:01:22:42:a3:07:df:d7:0c:64:e5:
a2:f6:fb:37:81:7e:7a:7d:b5:af:4f:10:e1:64:53:
a2:26:4c:0b:8e:0a:93:bd:bb:5e:5c:e3:2a:de:50:
cd:4b:0f:07:1d:7c:d3:e6:7b:e8:3a:1b:9e:a1:96:
8a:d4:6e:70:f4:ef:60:ba:f3:fe:a1:1f:cb:df:e4:
6b:b5:0c:a3:42:7a:47:33:f3:e4:4a:a6:f5:e3:15:
2a:0b:97:fa:83:9d:71:f6:a4:ee:1b:91:63:5b:fc:
68:ac:d0:24:50:b1:06:1b:dc:2b:c0:78:3e:22:e3:
30:b7:22:45:54:9b:27:6a:4b:99:03:e8:49:d1:51:
47:ff:f1:6a:f2:e5:3e:23:ce:0a:27:58:88:6a:a2:
ff:e6:d7:f2:61:a7:1b:7d:7b:b7:d0:74:ce:00:1f:
46:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8C:DD:49:60:43:A0:38:0F:86:23:99:DB:FB:D0:4D:AA:6B:2F:32
X509v3 Authority Key Identifier:
keyid:A8:CF:AC:E1:14:D8:CD:EA:6D:C5:E7:A4:99:43:F3:22:34:6C:B3:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qM-s4RTYzeptxeekmUPzIjRss10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/W4zdSWBDoDgPhiOZ2_vQTaprLzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7db802-04ad-4c2d-b11a-64964976f7b3/1/qM-s4RTYzeptxeekmUPzIjRss10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.60.0/22
62.244.70.0-62.244.75.255
62.244.80.0/23
62.244.90.0-62.244.93.255
103.73.172.0/22
185.247.248.0/22
193.47.139.0/24
193.222.142.0/23
193.222.188.0/23
IPv6:
2a0d:4240::/29
Signature Algorithm: sha256WithRSAEncryption
43:06:d3:82:4a:13:b4:cd:9c:b1:0d:bd:9d:ef:d8:53:55:39:
2d:58:ce:28:35:0a:56:dc:59:e7:01:40:97:df:0f:2a:cf:3c:
7f:29:94:67:2a:66:07:ea:ab:ba:63:6f:69:10:71:e2:64:a1:
5e:5f:eb:27:39:fb:d1:35:f3:17:e1:3d:e3:92:81:76:dc:44:
ea:e0:e9:38:a6:f8:9d:3b:7e:26:fb:03:fd:19:3a:37:ce:cb:
94:0a:32:cc:d1:6e:8c:55:3a:62:a0:5e:e9:89:48:c1:7c:a3:
b6:7e:53:d3:69:f9:66:a9:be:90:26:29:07:d6:94:97:04:f2:
0f:89:ab:3b:c8:64:aa:7e:50:77:55:43:0a:71:97:a2:ca:79:
c2:b6:21:23:33:14:bb:19:b6:9e:13:8f:43:c1:81:cc:41:04:
d1:be:25:f1:84:d7:80:10:75:8e:f5:d0:2e:62:51:b3:62:4e:
de:29:d7:e0:f6:1f:62:7d:ab:06:1c:f1:62:3c:17:b4:58:e8:
c6:20:d1:28:f5:3c:76:b0:6a:52:61:73:dc:67:8e:c9:75:5d:
75:b5:04:27:9e:b7:22:04:9a:92:8e:3d:5d:57:d7:2a:8c:58:
cf:d9:fd:b7:10:df:1b:63:53:87:fd:4a:65:6a:b1:e4:e2:cf:
38:3d:f7:0d
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZBToAVDTaPb0sW7SJ8WtO61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4Y2ZhY2UxMTRkOGNkZWE2ZGM1ZTdhNDk5NDNmMzIyMzQ2
Y2IzNWQwHhcNMjQwNjI2MDgxODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjhjZGQ0OTYwNDNhMDM4MGY4NjIzOTlkYmZiZDA0ZGFhNmIyZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnayPR2/QNM2tCl7l5DZjyCz4/jb9
A5Gx77XmsbT8ecw7ZQd41qBbeQeRBJs6IVdzONIlB5hyydt0c+IZkPX3gb92i9Xo
iHTaogeIDW/xjU9EwHQQ7ynkZnE8K40/+QEiQqMH39cMZOWi9vs3gX56fbWvTxDh
ZFOiJkwLjgqTvbteXOMq3lDNSw8HHXzT5nvoOhueoZaK1G5w9O9guvP+oR/L3+Rr
tQyjQnpHM/PkSqb14xUqC5f6g51x9qTuG5FjW/xorNAkULEGG9wrwHg+IuMwtyJF
VJsnakuZA+hJ0VFH//Fq8uU+I84KJ1iIaqL/5tfyYacbfXu30HTOAB9GFwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFFuM3UlgQ6A4D4Yjmdv70E2qay8yMB8GA1UdIwQY
MBaAFKjPrOEU2M3qbcXnpJlD8yI0bLNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEt
NjQ5NjQ5NzZmN2IzLzEvVzR6ZFNXQkRvRGdQaGlPWjJfdlFUYXByTHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83ZGI4MDItMDRhZC00YzJkLWIxMWEtNjQ5NjQ5NzZmN2Iz
LzEvcU0tczRSVFl6ZXB0eGVla21VUHpJalJzczEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQCJZ08MAwD
BAE+9EYDBAI+9EgDBAE+9FAwDAMEAT70WgMEAT70XAMEAmdJrAMEArn3+AMEAMEv
iwMEAcHejgMEAcHevDANBAIAAjAHAwUDKg1CQDANBgkqhkiG9w0BAQsFAAOCAQEA
QwbTgkoTtM2csQ29ne/YU1U5LVjOKDUKVtxZ5wFAl98PKs88fymUZypmB+qrumNv
aRBx4mShXl/rJzn70TXzF+E945KBdtxE6uDpOKb4nTt+JvsD/Rk6N87LlAoyzNFu
jFU6YqBe6YlIwXyjtn5T02n5Zqm+kCYpB9aUlwTyD4mrO8hkqn5Qd1VDCnGXosp5
wrYhIzMUuxm2nhOPQ8GBzEEE0b4l8YTXgBB1jvXQLmJRs2JO3inX4PYfYn2rBhzx
YjwXtFjoxiDRKPU8drBqUmFz3GeOyXVddbUEJ563IgSako49XVfXKoxYz9n9txDf
G2NTh/1KZWqx5OLPOD33DQ==
-----END CERTIFICATE-----
Generated at Wed Aug 14 10:43:37 2024 by rpki-client on console-fra.rpki-client.org