Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/lziQYa0C3qJA8nKdZ5jS78kBH28.roa
File: lziQYa0C3qJA8nKdZ5jS78kBH28.roa (raw, json)
Hash identifier: 3cn85Vb2lOczQkBt1dMO+tB4G98ProGRBGYvuSIg6U4=
Subject key identifier: 97:38:90:61:AD:02:DE:A2:40:F2:72:9D:67:98:D2:EF:C9:01:1F:6F
Certificate issuer: /CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Certificate serial: 01845DC505504FB283E33D794541934AEF53
Authority key identifier: 82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/lziQYa0C3qJA8nKdZ5jS78kBH28.roa
Signing time: Wed 09 Nov 2022 19:01:43 +0000
ROA not before: Wed 09 Nov 2022 19:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 193.111.125.0/24 maxlen: 24
147.78.122.0/23 maxlen: 24
45.146.81.0/24 maxlen: 24
45.146.80.0/24 maxlen: 24
45.149.186.0/23 maxlen: 24
194.105.21.0/24 maxlen: 24
193.176.128.0/24 maxlen: 24
194.147.6.0/23 maxlen: 24
193.142.4.0/24 maxlen: 24
194.5.148.0/23 maxlen: 24
45.158.8.0/24 maxlen: 24
45.158.8.0/23 maxlen: 23
45.153.4.0/24 maxlen: 24
45.153.4.0/23 maxlen: 24
45.153.6.0/23 maxlen: 24
45.153.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:c5:05:50:4f:b2:83:e3:3d:79:45:41:93:4a:ef:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82ed4a2fb180df5f99d4bf8c77cc9a06ef26058c
Validity
Not Before: Nov 9 19:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97389061ad02dea240f2729d6798d2efc9011f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8c:d7:15:27:fa:d0:f6:eb:2e:05:e4:24:c9:
a2:78:a1:00:94:fe:46:85:fd:51:9d:6f:cb:89:4d:
18:83:cd:7d:41:e3:bb:84:e2:af:0c:01:4f:1a:5a:
65:67:11:88:c5:8d:51:d1:cd:b0:14:9e:f7:db:83:
ad:db:d9:6f:c5:a5:5d:da:7e:fe:fe:d1:f1:db:6f:
ff:e6:e8:9d:87:26:aa:bb:29:47:b1:23:39:c7:b7:
56:ed:01:3c:c2:4e:19:52:a4:4b:c2:04:4b:43:9d:
f5:f2:ee:d4:b5:40:d5:00:fe:aa:ee:ed:2f:20:b4:
cc:d7:51:f6:bc:22:4c:1a:b1:61:a5:6f:4a:ab:05:
fc:f6:5e:89:96:a6:eb:95:58:c1:a4:05:91:fa:2f:
26:75:e1:61:ee:86:9e:2f:40:bc:89:b7:92:14:6b:
58:28:fc:fc:82:3d:a4:22:fc:21:5e:0f:a4:b5:9e:
a2:38:a1:05:05:5c:e5:9b:2a:42:47:66:3e:d6:90:
a9:21:4f:39:f2:24:66:6d:2c:94:60:25:d0:4b:3f:
02:e4:2f:08:ad:f1:9b:91:8d:17:21:1c:73:6a:fc:
bd:07:9f:03:53:40:d8:37:a3:64:b7:d4:7b:c3:7d:
e4:63:5d:a9:be:c9:fe:ec:50:8f:9b:26:5c:a8:4b:
71:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:38:90:61:AD:02:DE:A2:40:F2:72:9D:67:98:D2:EF:C9:01:1F:6F
X509v3 Authority Key Identifier:
keyid:82:ED:4A:2F:B1:80:DF:5F:99:D4:BF:8C:77:CC:9A:06:EF:26:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gu1KL7GA31-Z1L-Md8yaBu8mBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/lziQYa0C3qJA8nKdZ5jS78kBH28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/0301bc-c7fe-46e9-b7a0-4526f6263bce/1/gu1KL7GA31-Z1L-Md8yaBu8mBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.80.0/23
45.149.186.0/23
45.153.4.0/22
45.158.8.0/23
147.78.122.0/23
193.111.125.0/24
193.142.4.0/24
193.176.128.0/24
194.5.148.0/23
194.105.21.0/24
194.147.6.0/23
Signature Algorithm: sha256WithRSAEncryption
97:61:13:4f:af:71:eb:f1:0a:1a:4a:9d:3f:15:e8:4f:56:4f:
a6:fb:51:e4:b2:86:63:8f:cb:57:99:9d:f3:d6:48:20:2c:61:
fb:cd:99:17:d5:aa:d4:56:2f:98:85:a9:c7:59:f3:00:4d:7b:
87:6e:79:80:4c:65:6e:39:b7:61:20:b4:3f:85:ab:fa:8c:17:
e1:8d:5b:96:9b:91:78:78:f6:78:74:0d:86:40:42:54:77:f2:
5e:23:1c:a0:ea:6e:0f:d8:ba:c5:a9:f1:08:c8:c7:ec:80:7e:
69:ce:02:bf:eb:1a:1c:36:ab:85:e3:61:d7:7f:76:42:c7:d4:
e2:0f:49:b5:0e:b4:47:de:69:39:ce:da:08:92:ad:e0:9e:47:
53:ff:ea:85:b8:d6:5b:37:68:66:be:c1:39:72:5f:11:7e:db:
bd:67:fc:fb:03:48:ec:6d:14:b1:e0:dc:47:5a:3a:88:26:3f:
52:2c:a8:b0:5a:8f:e3:a0:0a:77:c6:fd:96:42:ef:e6:d0:5a:
25:9e:6e:bc:36:04:1c:b4:01:fc:d9:58:9f:dc:76:c7:db:cd:
ea:c5:e0:62:c3:6c:2e:b1:1f:97:e8:94:b6:3c:c6:2d:d3:09:
bd:8d:43:09:23:4f:f1:78:21:f2:6d:79:91:f8:80:8e:ff:b5:
55:d6:de:10
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYRdxQVQT7KD4z15RUGTSu9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZWQ0YTJmYjE4MGRmNWY5OWQ0YmY4Yzc3Y2M5YTA2ZWYy
NjA1OGMwHhcNMjIxMTA5MTkwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzM4OTA2MWFkMDJkZWEyNDBmMjcyOWQ2Nzk4ZDJlZmM5MDExZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIzXFSf60PbrLgXkJMmieKEAlP5G
hf1RnW/LiU0Yg819QeO7hOKvDAFPGlplZxGIxY1R0c2wFJ7324Ot29lvxaVd2n7+
/tHx22//5uidhyaquylHsSM5x7dW7QE8wk4ZUqRLwgRLQ5318u7UtUDVAP6q7u0v
ILTM11H2vCJMGrFhpW9KqwX89l6JlqbrlVjBpAWR+i8mdeFh7oaeL0C8ibeSFGtY
KPz8gj2kIvwhXg+ktZ6iOKEFBVzlmypCR2Y+1pCpIU858iRmbSyUYCXQSz8C5C8I
rfGbkY0XIRxzavy9B58DU0DYN6Nkt9R7w33kY12pvsn+7FCPmyZcqEtxvwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJc4kGGtAt6iQPJynWeY0u/JAR9vMB8GA1UdIwQY
MBaAFILtSi+xgN9fmdS/jHfMmgbvJgWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAt
NDUyNmY2MjYzYmNlLzEvbHppUVlhMEMzcUpBOG5LZFo1alM3OGtCSDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMzAxYmMtYzdmZS00NmU5LWI3YTAtNDUyNmY2MjYzYmNl
LzEvZ3UxS0w3R0EzMS1aMUwtTWQ4eWFCdThtQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBLZJQAwQB
LZW6AwQCLZkEAwQBLZ4IAwQBk056AwQAwW99AwQAwY4EAwQAwbCAAwQBwgWUAwQA
wmkVAwQBwpMGMA0GCSqGSIb3DQEBCwUAA4IBAQCXYRNPr3Hr8QoaSp0/FehPVk+m
+1HksoZjj8tXmZ3z1kggLGH7zZkX1arUVi+YhanHWfMATXuHbnmATGVuObdhILQ/
hav6jBfhjVuWm5F4ePZ4dA2GQEJUd/JeIxyg6m4P2LrFqfEIyMfsgH5pzgK/6xoc
NquF42HXf3ZCx9TiD0m1DrRH3mk5ztoIkq3gnkdT/+qFuNZbN2hmvsE5cl8Rftu9
Z/z7A0jsbRSx4NxHWjqIJj9SLKiwWo/joAp3xv2WQu/m0Folnm68NgQctAH82Vif
3HbH283qxeBiw2wusR+X6JS2PMYt0wm9jUMJI0/xeCHybXmR+ICO/7VV1t4Q
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:44 2023 by rpki-client on console-ams.rpki-client.org