Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/23PiQ4ArvTEgQx2QJ1gV_UBOITM.roa
File: 23PiQ4ArvTEgQx2QJ1gV_UBOITM.roa (raw, json)
Hash identifier: GdgFGrUfzVA2NFbWpEDtTu9IrygDv8GVirTye22ChLw=
Subject key identifier: DB:73:E2:43:80:2B:BD:31:20:43:1D:90:27:58:15:FD:40:4E:21:33
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 01824AA23F2741B5642E6C827533419A62CA
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/23PiQ4ArvTEgQx2QJ1gV_UBOITM.roa
Signing time: Fri 29 Jul 2022 15:45:23 +0000
ROA not before: Fri 29 Jul 2022 15:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.105.21.0/24 maxlen: 24
193.111.125.0/24 maxlen: 24
192.166.83.0/24 maxlen: 24
193.176.128.0/24 maxlen: 24
45.152.240.0/23 maxlen: 24
193.142.4.0/24 maxlen: 24
194.5.148.0/23 maxlen: 24
192.166.114.0/24 maxlen: 24
195.206.230.0/24 maxlen: 24
147.78.122.0/23 maxlen: 24
194.104.156.0/24 maxlen: 24
194.113.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:4a:a2:3f:27:41:b5:64:2e:6c:82:75:33:41:9a:62:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Jul 29 15:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db73e243802bbd3120431d90275815fd404e2133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d8:a0:3b:a7:79:2f:ff:2c:b1:d1:33:bd:7e:
a6:57:44:39:6d:4e:4e:8c:60:0f:c2:92:80:5b:dd:
63:26:c1:cb:47:2e:b6:da:ab:ca:8e:32:5a:99:41:
04:2a:bf:86:cf:a4:09:5d:f1:b8:61:33:7e:8a:63:
18:90:80:a8:98:48:1e:13:c3:2f:11:2d:4b:e1:05:
96:e7:9c:b7:93:7f:35:6d:19:bb:97:62:59:38:5c:
80:e1:c4:d5:0f:ea:35:78:33:c3:5b:35:f9:8e:1a:
11:7e:91:ae:aa:44:d2:19:fe:00:87:ae:e3:15:83:
ac:34:e9:7a:e1:54:df:03:09:36:9a:bf:4d:61:93:
71:12:72:2c:0c:50:41:fe:4f:49:d5:ce:89:ee:70:
1d:a2:1f:7f:70:57:de:5d:5c:df:2c:93:df:ce:fe:
e5:cf:0c:f7:82:74:a1:97:0b:0a:fb:ca:9b:d9:71:
b2:9d:b9:9c:ea:0e:76:8d:af:5d:88:40:34:66:2a:
d3:54:56:8b:d3:57:13:e4:22:56:0f:50:f9:7f:49:
e9:cb:7b:c6:16:ff:67:17:5e:98:06:04:ef:04:3d:
f1:c9:ee:61:58:69:46:5c:bc:71:3a:8c:94:a4:09:
94:e8:3f:5c:a3:63:3f:4d:08:2a:e1:ff:3d:13:34:
53:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:73:E2:43:80:2B:BD:31:20:43:1D:90:27:58:15:FD:40:4E:21:33
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/23PiQ4ArvTEgQx2QJ1gV_UBOITM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.240.0/23
147.78.122.0/23
192.166.83.0/24
192.166.114.0/24
193.111.125.0/24
193.142.4.0/24
193.176.128.0/24
194.5.148.0/23
194.104.156.0/24
194.105.21.0/24
194.113.226.0/24
195.206.230.0/24
Signature Algorithm: sha256WithRSAEncryption
af:d3:ee:45:5f:92:cf:0a:ea:83:d8:22:c7:8b:0e:f1:f1:72:
3d:67:b6:b6:12:a9:31:f5:fa:52:51:52:c3:2d:c2:94:2b:cc:
45:df:09:e9:2b:98:a1:a7:d1:47:3f:8a:67:c3:3e:12:55:80:
cc:5c:28:87:fe:9d:dd:62:09:d6:b0:cb:ba:1b:0b:a5:1f:57:
5c:56:2a:51:53:25:a3:37:5b:57:f8:1e:e2:32:a2:67:db:47:
02:86:73:2e:59:3e:0d:18:9d:73:26:60:d6:5e:95:b9:2f:40:
3d:fc:7c:e6:ef:f3:24:40:00:83:4b:b2:34:74:43:d8:aa:86:
62:f9:25:fa:02:ab:da:6d:0b:eb:bd:46:e7:c9:4c:f9:55:b2:
9c:ef:1b:b0:fa:7d:9a:2c:71:4b:3c:50:35:04:28:ea:77:ed:
0a:e6:88:6d:63:48:3a:15:d7:f5:9e:54:16:4e:45:dd:23:3a:
5a:f1:f4:44:2a:92:d3:3e:0c:08:43:4d:29:c0:81:97:9e:cd:
56:aa:a1:8c:c4:9c:7f:80:d6:f3:6f:bf:e1:85:8f:3c:8a:61:
96:8f:c8:25:9c:0b:3e:35:a1:78:d6:c9:95:b9:cc:39:23:01:
a3:98:0f:dd:9f:0e:6e:9c:e6:e9:7c:31:6b:1f:98:e0:50:4d:
5a:e6:4d:43
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYJKoj8nQbVkLmyCdTNBmmLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIwNzI5MTU0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjczZTI0MzgwMmJiZDMxMjA0MzFkOTAyNzU4MTVmZDQwNGUyMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdigO6d5L/8ssdEzvX6mV0Q5bU5O
jGAPwpKAW91jJsHLRy622qvKjjJamUEEKr+Gz6QJXfG4YTN+imMYkIComEgeE8Mv
ES1L4QWW55y3k381bRm7l2JZOFyA4cTVD+o1eDPDWzX5jhoRfpGuqkTSGf4Ah67j
FYOsNOl64VTfAwk2mr9NYZNxEnIsDFBB/k9J1c6J7nAdoh9/cFfeXVzfLJPfzv7l
zwz3gnShlwsK+8qb2XGynbmc6g52ja9diEA0ZirTVFaL01cT5CJWD1D5f0npy3vG
Fv9nF16YBgTvBD3xye5hWGlGXLxxOoyUpAmU6D9co2M/TQgq4f89EzRT6QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNtz4kOAK70xIEMdkCdYFf1ATiEzMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvMjNQaVE0QXJ2VEVnUXgyUUoxZ1ZfVUJPSVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBLZjwAwQB
k056AwQAwKZTAwQAwKZyAwQAwW99AwQAwY4EAwQAwbCAAwQBwgWUAwQAwmicAwQA
wmkVAwQAwnHiAwQAw87mMA0GCSqGSIb3DQEBCwUAA4IBAQCv0+5FX5LPCuqD2CLH
iw7x8XI9Z7a2Eqkx9fpSUVLDLcKUK8xF3wnpK5ihp9FHP4pnwz4SVYDMXCiH/p3d
YgnWsMu6GwulH1dcVipRUyWjN1tX+B7iMqJn20cChnMuWT4NGJ1zJmDWXpW5L0A9
/Hzm7/MkQACDS7I0dEPYqoZi+SX6AqvabQvrvUbnyUz5VbKc7xuw+n2aLHFLPFA1
BCjqd+0K5ohtY0g6Fdf1nlQWTkXdIzpa8fREKpLTPgwIQ00pwIGXns1WqqGMxJx/
gNbzb7/hhY88imGWj8glnAs+NaF41smVucw5IwGjmA/dnw5unObpfDFrH5jgUE1a
5k1D
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:03 2025 by rpki-client