Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/xNxoa2xOHubLlIYDwifnSLe5WBU.roa
File: xNxoa2xOHubLlIYDwifnSLe5WBU.roa (raw, json)
Hash identifier: xxRGZJHacEZgkwYYKoOjfxoTS1DcN3+bcLBO/SKYkXE=
Subject key identifier: C4:DC:68:6B:6C:4E:1E:E6:CB:94:86:03:C2:27:E7:48:B7:B9:58:15
Certificate issuer: /CN=af44e855a654ec155a6868907a6b8fc17416d6a4
Certificate serial: 0D26163C
Authority key identifier: AF:44:E8:55:A6:54:EC:15:5A:68:68:90:7A:6B:8F:C1:74:16:D6:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0ToVaZU7BVaaGiQemuPwXQW1qQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/xNxoa2xOHubLlIYDwifnSLe5WBU.roa
Signing time: Fri 03 Jun 2022 11:52:20 +0000
ROA not before: Fri 03 Jun 2022 11:52:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13273
IP address blocks: 185.114.208.0/22 maxlen: 24
195.54.62.0/23 maxlen: 24
91.216.209.0/24 maxlen: 24
213.162.32.0/20 maxlen: 24
213.91.0.0/18 maxlen: 24
185.21.152.0/22 maxlen: 24
213.162.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220599868 (0xd26163c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af44e855a654ec155a6868907a6b8fc17416d6a4
Validity
Not Before: Jun 3 11:52:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4dc686b6c4e1ee6cb948603c227e748b7b95815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9c:d7:6c:0c:16:f8:35:56:13:36:56:6b:42:
28:06:50:0f:80:87:0e:9a:7d:e0:47:89:e2:96:1e:
e5:44:e9:7e:c9:07:13:34:83:c1:66:3a:5d:73:1c:
bd:d5:12:06:d9:03:c5:07:57:99:9d:b3:c8:c9:89:
00:90:fd:b6:8f:67:17:82:58:6b:20:3e:52:aa:78:
4c:dc:49:fb:fa:ab:95:ca:74:ae:1f:ec:ef:bf:26:
e0:00:53:7c:0d:e7:a0:6c:c7:43:2e:96:f8:58:b8:
18:fe:6e:22:8a:37:2c:6a:cf:9f:4b:08:46:5d:cd:
7f:23:96:13:6d:cb:7e:5b:ee:23:6a:f3:f3:9e:84:
1a:ac:21:1b:09:75:71:b1:71:cc:92:ac:30:14:96:
57:ee:c6:a4:b6:57:9f:7e:59:a4:38:60:a9:4e:c1:
ae:df:af:78:2e:9f:07:41:9c:23:90:1d:28:0b:ca:
aa:5f:37:69:a5:ce:4d:bf:d5:c2:9f:50:26:b2:12:
a1:2e:6b:79:39:9c:ff:40:a4:d3:54:63:08:a5:67:
bc:da:c6:78:8b:e3:22:8f:0d:31:76:be:75:21:39:
5c:a6:e5:c5:f0:cd:e7:f5:ac:47:3e:6a:1f:0f:fe:
a5:36:92:6b:8b:81:bd:55:98:a4:50:3a:8d:c3:07:
01:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DC:68:6B:6C:4E:1E:E6:CB:94:86:03:C2:27:E7:48:B7:B9:58:15
X509v3 Authority Key Identifier:
keyid:AF:44:E8:55:A6:54:EC:15:5A:68:68:90:7A:6B:8F:C1:74:16:D6:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0ToVaZU7BVaaGiQemuPwXQW1qQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/xNxoa2xOHubLlIYDwifnSLe5WBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/d98f5d-a276-425a-963f-ec5e23660fbc/1/r0ToVaZU7BVaaGiQemuPwXQW1qQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.209.0/24
185.21.152.0/22
185.114.208.0/22
195.54.62.0/23
213.91.0.0/18
213.162.32.0/20
213.162.62.0/24
Signature Algorithm: sha256WithRSAEncryption
47:18:a7:7d:54:bc:61:f4:d9:b1:29:f1:69:90:64:92:44:97:
86:07:cc:be:66:7b:d4:d4:09:78:5a:4d:95:a1:bc:71:9d:76:
6f:9d:3c:f1:5b:c8:82:9d:fe:f6:7b:0a:5f:b2:c1:f1:1b:59:
b8:4d:6c:b7:8c:49:c4:bf:a8:1a:61:d7:3c:4d:c8:96:86:92:
4e:12:21:70:66:92:fe:9c:21:cb:24:39:85:eb:6c:1f:dd:63:
31:d6:a7:d4:40:4b:df:94:ad:e8:f4:4b:27:48:58:5b:7a:65:
1b:91:0c:0d:cc:2b:2a:73:77:8a:e6:f7:82:19:72:dd:ab:61:
15:21:ba:de:cb:7c:1e:74:cd:32:7a:f9:6f:02:09:fe:c6:0a:
6f:c4:35:1b:9b:c5:f9:a1:08:11:67:e3:cc:b5:a8:78:a8:2a:
d3:2f:ab:a2:d3:e6:9c:fa:d7:24:2e:7d:f8:a9:4c:d0:73:64:
c4:8d:5f:e8:88:7b:3b:f3:5a:dc:b5:1f:47:b2:88:d6:b2:8e:
06:5c:5d:95:db:ac:4b:3c:b5:95:31:87:be:5f:a8:ff:d1:fd:
9c:ab:67:91:39:b8:96:85:46:cc:25:50:e8:ff:41:ec:ca:a3:
aa:49:54:20:01:05:ef:98:13:0a:9a:da:5d:a7:90:00:47:d8:
00:70:f8:70
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDSYWPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjQ0ZTg1NWE2NTRlYzE1NWE2ODY4OTA3YTZiOGZjMTc0MTZkNmE0MB4XDTIyMDYw
MzExNTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRkYzY4NmI2YzRl
MWVlNmNiOTQ4NjAzYzIyN2U3NDhiN2I5NTgxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIyc12wMFvg1VhM2VmtCKAZQD4CHDpp94EeJ4pYe5UTpfskH
EzSDwWY6XXMcvdUSBtkDxQdXmZ2zyMmJAJD9to9nF4JYayA+Uqp4TNxJ+/qrlcp0
rh/s778m4ABTfA3noGzHQy6W+Fi4GP5uIoo3LGrPn0sIRl3NfyOWE23LflvuI2rz
856EGqwhGwl1cbFxzJKsMBSWV+7GpLZXn35ZpDhgqU7Brt+veC6fB0GcI5AdKAvK
ql83aaXOTb/Vwp9QJrISoS5reTmc/0Ck01RjCKVnvNrGeIvjIo8NMXa+dSE5XKbl
xfDN5/WsRz5qHw/+pTaSa4uBvVWYpFA6jcMHARcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTE3GhrbE4e5suUhgPCJ+dIt7lYFTAfBgNVHSMEGDAWgBSvROhVplTsFVpo
aJB6a4/BdBbWpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IwVG9WYVpVN0JWYWFHaVFlbXVQd1hRVzFxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvZDk4ZjVkLWEyNzYtNDI1YS05NjNmLWVjNWUyMzY2MGZiYy8x
L3hOeG9hMnhPSHViTGxJWUR3aWZuU0xlNVdCVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ZDk4ZjVkLWEyNzYtNDI1YS05NjNmLWVjNWUyMzY2MGZiYy8xL3IwVG9WYVpVN0JW
YWFHaVFlbXVQd1hRVzFxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFvY0QMEArkVmAMEArly0AMEAcM2
PgMEBtVbAAMEBNWiIAMEANWiPjANBgkqhkiG9w0BAQsFAAOCAQEARxinfVS8YfTZ
sSnxaZBkkkSXhgfMvmZ71NQJeFpNlaG8cZ12b5088VvIgp3+9nsKX7LB8RtZuE1s
t4xJxL+oGmHXPE3IloaSThIhcGaS/pwhyyQ5hetsH91jMdan1EBL35St6PRLJ0hY
W3plG5EMDcwrKnN3iub3ghly3athFSG63st8HnTNMnr5bwIJ/sYKb8Q1G5vF+aEI
EWfjzLWoeKgq0y+rotPmnPrXJC59+KlM0HNkxI1f6Ih7O/Na3LUfR7KI1rKOBlxd
ldusSzy1lTGHvl+o/9H9nKtnkTm4loVGzCVQ6P9B7MqjqklUIAEF75gTCpraXaeQ
AEfYAHD4cA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:30 2024 by rpki-client on console-ams.rpki-client.org