Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/0Ig4HsyboizsPeN0WTQDeuiYZU0.roa
File: 0Ig4HsyboizsPeN0WTQDeuiYZU0.roa (raw, json)
Hash identifier: ufqeMhEYiI7W3RPw7/gbKX3V8NHVwShwfCYFhvMEpzg=
Subject key identifier: D0:88:38:1E:CC:9B:A2:2C:EC:3D:E3:74:59:34:03:7A:E8:98:65:4D
Certificate issuer: /CN=7fe33668972dffb7ec8628ae8c3c26bede1cab9a
Certificate serial: 0185708CE37BAF212D4394AA687DFFACE724
Authority key identifier: 7F:E3:36:68:97:2D:FF:B7:EC:86:28:AE:8C:3C:26:BE:DE:1C:AB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-M2aJct_7fshiiujDwmvt4cq5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/0Ig4HsyboizsPeN0WTQDeuiYZU0.roa
Signing time: Mon 02 Jan 2023 03:35:59 +0000
ROA not before: Mon 02 Jan 2023 03:35:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59460
IP address blocks: 91.241.32.0/22 maxlen: 22
91.241.32.0/24 maxlen: 24
91.241.33.0/24 maxlen: 24
91.241.34.0/24 maxlen: 24
91.241.35.0/24 maxlen: 24
194.146.4.0/24 maxlen: 24
194.146.4.0/22 maxlen: 22
185.135.192.0/22 maxlen: 22
185.135.192.0/24 maxlen: 24
185.135.193.0/24 maxlen: 24
185.135.194.0/24 maxlen: 24
185.135.195.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e3:7b:af:21:2d:43:94:aa:68:7d:ff:ac:e7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe33668972dffb7ec8628ae8c3c26bede1cab9a
Validity
Not Before: Jan 2 03:35:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d088381ecc9ba22cec3de3745934037ae898654d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:69:b9:dc:44:2a:b2:ef:41:df:13:17:78:7c:
8f:e1:9f:88:71:9c:e1:2d:1f:f7:99:83:5d:10:65:
84:2b:7c:1f:ab:85:d9:6b:1b:32:82:3b:d7:11:97:
e5:60:c0:4d:ad:3f:f9:a1:5f:b2:77:25:1c:39:d1:
7a:97:89:8c:d9:58:b9:fa:ca:12:e4:1e:b6:99:0b:
8d:c9:81:56:97:49:8a:aa:40:ca:5c:4c:86:cb:9d:
52:15:e9:d0:e3:4f:88:3e:f5:50:58:74:80:9e:63:
8d:05:f2:3f:80:de:d8:65:2b:8e:b1:5f:48:43:30:
8d:91:da:71:0b:2a:be:8b:3a:51:a1:79:ae:e3:a0:
4e:12:8f:76:d2:f5:00:67:83:25:bf:17:0b:62:2e:
f8:e6:df:a8:5f:29:6e:64:72:ac:33:3e:91:d8:48:
84:8f:80:fe:51:c9:6a:79:96:e6:88:ee:51:ed:eb:
c7:70:81:42:3f:c0:30:50:26:34:32:08:80:1c:f1:
72:aa:78:67:4c:91:37:2c:4d:36:f3:0f:c6:f1:0a:
b5:33:d4:6e:b1:65:fe:57:6c:de:98:21:b6:d4:82:
33:3c:52:b7:28:b1:93:4b:32:cc:43:1d:0f:15:79:
ad:99:ff:7c:9a:00:1e:0d:35:c2:99:37:e2:c5:b8:
ef:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:88:38:1E:CC:9B:A2:2C:EC:3D:E3:74:59:34:03:7A:E8:98:65:4D
X509v3 Authority Key Identifier:
keyid:7F:E3:36:68:97:2D:FF:B7:EC:86:28:AE:8C:3C:26:BE:DE:1C:AB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-M2aJct_7fshiiujDwmvt4cq5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/0Ig4HsyboizsPeN0WTQDeuiYZU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9c928d-8326-42c5-8a71-73a3a40bdc30/1/f-M2aJct_7fshiiujDwmvt4cq5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.32.0/22
185.135.192.0/22
194.146.4.0/22
Signature Algorithm: sha256WithRSAEncryption
46:e7:7b:61:31:7c:93:23:60:6b:86:27:e9:ae:f2:23:bd:77:
04:44:43:71:56:4b:c7:ed:0b:87:30:7b:7d:cc:d7:a9:df:4a:
22:79:43:38:1a:90:fd:34:80:ab:ce:39:97:78:97:03:ec:74:
0b:de:d9:4b:ea:f7:af:c9:9c:d5:31:7f:67:19:59:85:44:72:
89:f8:78:2f:80:79:93:d3:61:b0:d4:25:30:fb:5a:7b:3e:61:
8b:e7:2f:74:d9:b9:d2:ac:e0:56:7a:15:98:84:de:63:e3:84:
9a:eb:1e:0c:48:ea:b0:c2:e1:3e:75:b1:1f:d3:22:d2:9f:bc:
06:50:7e:87:a5:2a:0d:72:c0:cd:79:2f:70:bc:9f:69:f0:28:
52:38:b0:f2:43:ba:68:45:c2:47:5a:79:1d:15:99:dd:b0:55:
87:42:3c:f6:87:51:6a:95:60:b1:f8:05:4e:bc:2e:08:e4:4f:
f7:eb:f3:cd:82:12:17:bb:16:0e:29:da:ae:5c:66:34:dc:2e:
0a:cd:1b:69:59:51:0f:68:8b:7b:0c:ca:64:d4:93:55:43:3f:
0e:a1:96:15:16:1a:d6:22:cf:d8:bf:4c:59:83:cb:cf:79:3d:
07:f5:dc:e4:a3:ea:aa:56:c7:ef:3d:af:e1:fc:28:d1:01:79:
52:67:9c:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwjON7ryEtQ5SqaH3/rOckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTMzNjY4OTcyZGZmYjdlYzg2MjhhZThjM2MyNmJlZGUx
Y2FiOWEwHhcNMjMwMTAyMDMzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDg4MzgxZWNjOWJhMjJjZWMzZGUzNzQ1OTM0MDM3YWU4OTg2NTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWm53EQqsu9B3xMXeHyP4Z+IcZzh
LR/3mYNdEGWEK3wfq4XZaxsygjvXEZflYMBNrT/5oV+ydyUcOdF6l4mM2Vi5+soS
5B62mQuNyYFWl0mKqkDKXEyGy51SFenQ40+IPvVQWHSAnmONBfI/gN7YZSuOsV9I
QzCNkdpxCyq+izpRoXmu46BOEo920vUAZ4MlvxcLYi745t+oXyluZHKsMz6R2EiE
j4D+UclqeZbmiO5R7evHcIFCP8AwUCY0MgiAHPFyqnhnTJE3LE028w/G8Qq1M9Ru
sWX+V2zemCG21IIzPFK3KLGTSzLMQx0PFXmtmf98mgAeDTXCmTfixbjvJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNCIOB7Mm6Is7D3jdFk0A3romGVNMB8GA1UdIwQY
MBaAFH/jNmiXLf+37IYorow8Jr7eHKuaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1NMmFKY3RfN2ZzaGlpdWpEd212dDRjcTVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85YzkyOGQtODMyNi00MmM1LThhNzEt
NzNhM2E0MGJkYzMwLzEvMElnNEhzeWJvaXpzUGVOMFdUUURldWlZWlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85YzkyOGQtODMyNi00MmM1LThhNzEtNzNhM2E0MGJkYzMw
LzEvZi1NMmFKY3RfN2ZzaGlpdWpEd212dDRjcTVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW/EgAwQC
uYfAAwQCwpIEMA0GCSqGSIb3DQEBCwUAA4IBAQBG53thMXyTI2BrhifprvIjvXcE
RENxVkvH7QuHMHt9zNep30oieUM4GpD9NICrzjmXeJcD7HQL3tlL6vevyZzVMX9n
GVmFRHKJ+HgvgHmT02Gw1CUw+1p7PmGL5y902bnSrOBWehWYhN5j44Sa6x4MSOqw
wuE+dbEf0yLSn7wGUH6HpSoNcsDNeS9wvJ9p8ChSOLDyQ7poRcJHWnkdFZndsFWH
Qjz2h1FqlWCx+AVOvC4I5E/36/PNghIXuxYOKdquXGY03C4KzRtpWVEPaIt7DMpk
1JNVQz8OoZYVFhrWIs/Yv0xZg8vPeT0H9dzko+qqVsfvPa/h/CjRAXlSZ5wr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:22 2025 by rpki-client