Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/SXqP9XGVmYvndT-d9dOSAWaoeJs.roa
File: SXqP9XGVmYvndT-d9dOSAWaoeJs.roa (raw, json)
Hash identifier: hqvp+/QonkrTI4lkAzSG9arDScqB9hUZfLNYoJuKAB4=
Subject key identifier: 49:7A:8F:F5:71:95:99:8B:E7:75:3F:9D:F5:D3:92:01:66:A8:78:9B
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 018534C6F133CA72C4D9537EC1B1B7748405
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/SXqP9XGVmYvndT-d9dOSAWaoeJs.roa
Signing time: Wed 21 Dec 2022 13:02:11 +0000
ROA not before: Wed 21 Dec 2022 13:02:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 193.29.97.0/24 maxlen: 24
45.152.240.0/23 maxlen: 24
193.176.129.0/24 maxlen: 24
45.152.242.0/24 maxlen: 24
45.152.243.0/24 maxlen: 24
195.20.99.0/24 maxlen: 24
195.206.234.0/24 maxlen: 24
194.113.226.0/24 maxlen: 24
194.113.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:c6:f1:33:ca:72:c4:d9:53:7e:c1:b1:b7:74:84:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Dec 21 13:02:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=497a8ff57195998be7753f9df5d3920166a8789b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:23:b1:86:3f:2c:f4:93:b7:d1:d4:0e:87:64:
cc:80:f6:97:66:b8:2d:33:21:2d:d7:f7:19:92:5b:
49:5c:e5:8e:6a:b5:27:89:68:d4:af:27:f6:07:60:
c9:8c:32:0d:e7:cc:2e:c8:97:56:3a:b9:6a:fd:45:
6b:d9:76:8d:ad:aa:a6:3b:96:d3:7e:46:97:8e:c2:
0a:78:28:07:fa:c2:17:44:bf:3a:4c:2f:5c:05:70:
c3:0b:63:8b:d4:c7:35:88:87:93:c2:e6:c6:9a:eb:
40:d1:ad:c3:c2:5c:fc:62:0d:ad:ae:32:dd:51:52:
80:da:97:82:16:f9:f6:1c:ad:57:95:cb:e5:22:33:
43:66:13:78:6f:7e:fa:fa:86:a0:7b:cb:59:55:79:
9b:b8:ab:ee:94:81:99:9c:0e:79:11:f1:1b:2b:09:
d2:ef:4f:33:6a:81:9f:6a:bb:99:fa:ad:d3:2f:cd:
fe:64:ab:14:c7:37:a4:bf:96:0f:e0:27:56:86:e5:
41:8c:08:40:76:b6:75:2a:82:8e:59:19:4f:30:9e:
ad:73:42:77:43:d3:ad:96:f0:99:31:49:39:bd:37:
bd:64:34:52:07:0c:cf:96:55:c0:8d:67:c2:9e:7f:
5a:c3:bc:5d:4f:9b:0d:41:2d:d6:da:b7:88:83:3e:
5b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7A:8F:F5:71:95:99:8B:E7:75:3F:9D:F5:D3:92:01:66:A8:78:9B
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/SXqP9XGVmYvndT-d9dOSAWaoeJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.240.0/22
193.29.97.0/24
193.176.129.0/24
194.113.223.0/24
194.113.226.0/24
195.20.99.0/24
195.206.234.0/24
Signature Algorithm: sha256WithRSAEncryption
be:58:e3:49:74:b8:a9:37:95:0b:ae:ef:53:08:1b:be:62:56:
18:04:5f:f6:87:8c:dd:8d:f9:b1:5a:45:3e:9d:88:8d:01:8f:
78:5b:42:ed:ab:67:6b:d0:d5:e1:95:86:90:18:df:42:f1:f0:
af:98:f4:35:3e:2b:16:06:36:df:d5:ac:28:a8:63:50:23:5f:
67:f7:5c:a3:76:6a:5f:c5:9c:21:3e:57:d1:e7:f7:ef:cf:cb:
15:ec:e6:cd:95:8e:c4:0b:42:d6:f5:43:75:b9:49:57:48:66:
71:1f:0b:f3:f4:a5:24:24:b5:4e:b8:fb:64:1f:83:f1:27:98:
36:e2:01:6b:47:b5:ef:16:bf:c9:ed:a7:36:e5:8b:0d:98:28:
9f:a7:72:ae:06:4f:78:8d:ad:0a:48:4d:91:7c:3d:02:65:5d:
c1:01:bf:db:6d:b1:a4:84:32:48:4f:58:90:3e:1f:1f:02:95:
44:62:db:8e:d2:33:33:73:9f:4c:01:23:14:80:6a:4a:a3:b8:
31:a5:1a:8c:ee:a0:46:6d:cc:e5:a9:77:d2:15:2f:5b:d8:a0:
2a:f5:06:ab:44:12:bd:ab:8f:d0:56:bb:d4:b2:a4:75:13:a9:
b7:f5:2a:a9:ce:d6:ec:2c:7f:90:1e:63:d5:d1:34:10:bc:8f:
3e:c1:93:43
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYU0xvEzynLE2VN+wbG3dIQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMjIxMTMwMjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTdhOGZmNTcxOTU5OThiZTc3NTNmOWRmNWQzOTIwMTY2YTg3ODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSOxhj8s9JO30dQOh2TMgPaXZrgt
MyEt1/cZkltJXOWOarUniWjUryf2B2DJjDIN58wuyJdWOrlq/UVr2XaNraqmO5bT
fkaXjsIKeCgH+sIXRL86TC9cBXDDC2OL1Mc1iIeTwubGmutA0a3Dwlz8Yg2trjLd
UVKA2peCFvn2HK1XlcvlIjNDZhN4b376+oage8tZVXmbuKvulIGZnA55EfEbKwnS
708zaoGfaruZ+q3TL83+ZKsUxzekv5YP4CdWhuVBjAhAdrZ1KoKOWRlPMJ6tc0J3
Q9OtlvCZMUk5vTe9ZDRSBwzPllXAjWfCnn9aw7xdT5sNQS3W2reIgz5bWwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEl6j/VxlZmL53U/nfXTkgFmqHibMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvU1hxUDlYR1ZtWXZuZFQtZDlkT1NBV2FvZUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZjwAwQA
wR1hAwQAwbCBAwQAwnHfAwQAwnHiAwQAwxRjAwQAw87qMA0GCSqGSIb3DQEBCwUA
A4IBAQC+WONJdLipN5ULru9TCBu+YlYYBF/2h4zdjfmxWkU+nYiNAY94W0Ltq2dr
0NXhlYaQGN9C8fCvmPQ1PisWBjbf1awoqGNQI19n91yjdmpfxZwhPlfR5/fvz8sV
7ObNlY7EC0LW9UN1uUlXSGZxHwvz9KUkJLVOuPtkH4PxJ5g24gFrR7XvFr/J7ac2
5YsNmCifp3KuBk94ja0KSE2RfD0CZV3BAb/bbbGkhDJIT1iQPh8fApVEYtuO0jMz
c59MASMUgGpKo7gxpRqM7qBGbczlqXfSFS9b2KAq9QarRBK9q4/QVrvUsqR1E6m3
9SqpztbsLH+QHmPV0TQQvI8+wZND
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:58 2023 by rpki-client on console-fra.rpki-client.org