Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/f4f2bd-9621-4624-89de-e8858fd8b4ca/1/hDqTfo_ojBFG5ngYFxDB8_w7vwM.roa
File: hDqTfo_ojBFG5ngYFxDB8_w7vwM.roa (raw, json)
Hash identifier: pH1EdNzUfwvJV8bulbgjUmazNRK8u8N81Bk4EFbGpAw=
Subject key identifier: 84:3A:93:7E:8F:E8:8C:11:46:E6:78:18:17:10:C1:F3:FC:3B:BF:03
Certificate issuer: /CN=a65e61591857073d7b8766a734c9b566aaab3e95
Certificate serial: 01B08D08
Authority key identifier: A6:5E:61:59:18:57:07:3D:7B:87:66:A7:34:C9:B5:66:AA:AB:3E:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pl5hWRhXBz17h2anNMm1ZqqrPpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/f4f2bd-9621-4624-89de-e8858fd8b4ca/1/hDqTfo_ojBFG5ngYFxDB8_w7vwM.roa
Signing time: Sat 01 Jan 2022 13:02:39 +0000
ROA not before: Sat 01 Jan 2022 13:02:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 46.19.64.0/22 maxlen: 22
46.19.68.0/23 maxlen: 23
185.166.196.0/23 maxlen: 23
37.220.80.0/22 maxlen: 22
94.198.216.0/22 maxlen: 22
37.220.84.0/23 maxlen: 23
81.200.144.0/21 maxlen: 21
94.198.220.0/23 maxlen: 23
81.200.152.0/22 maxlen: 22
81.200.156.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28347656 (0x1b08d08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65e61591857073d7b8766a734c9b566aaab3e95
Validity
Not Before: Jan 1 13:02:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=843a937e8fe88c1146e678181710c1f3fc3bbf03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:3f:f3:34:7a:5d:f8:8b:09:86:9c:29:07:79:
cb:26:12:9e:2a:b5:68:84:31:40:48:d8:80:4a:d1:
ac:fb:c8:6b:3f:b6:2a:a6:05:27:11:21:d2:08:95:
3d:c3:c3:39:64:9c:aa:f1:87:33:79:39:6b:9d:2c:
65:9f:17:fa:6c:4c:33:86:77:95:f1:1c:46:bc:0a:
fe:d8:71:43:cc:95:38:d1:ac:e7:80:5d:49:bb:8d:
51:97:d5:42:57:9c:96:c5:42:a0:be:83:dc:78:ad:
66:ed:a5:fe:bd:ed:de:7f:2c:a2:12:ea:d4:46:09:
63:8f:64:64:9a:3e:b5:8c:bb:28:94:0b:bc:1d:31:
7a:59:61:c3:16:ae:d9:d8:30:f3:46:ee:3e:c1:b1:
c8:5e:c3:86:29:0a:39:1e:69:60:10:89:20:85:6f:
e2:51:1a:be:78:ec:ed:1a:30:a0:85:61:fb:18:3d:
8d:df:02:28:3c:4a:76:62:3c:45:1e:05:9e:29:43:
b8:34:3a:18:1b:c6:f6:4a:b0:9b:b1:ad:67:ef:bb:
c6:91:3c:fe:97:b0:37:6e:99:fc:a5:57:95:85:df:
4c:43:97:11:18:e0:be:f9:b0:2b:a9:80:58:19:3b:
43:cb:b9:d1:d7:4f:e2:5a:95:e4:27:d3:bf:b1:5f:
58:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3A:93:7E:8F:E8:8C:11:46:E6:78:18:17:10:C1:F3:FC:3B:BF:03
X509v3 Authority Key Identifier:
keyid:A6:5E:61:59:18:57:07:3D:7B:87:66:A7:34:C9:B5:66:AA:AB:3E:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pl5hWRhXBz17h2anNMm1ZqqrPpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f4f2bd-9621-4624-89de-e8858fd8b4ca/1/hDqTfo_ojBFG5ngYFxDB8_w7vwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f4f2bd-9621-4624-89de-e8858fd8b4ca/1/pl5hWRhXBz17h2anNMm1ZqqrPpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.80.0-37.220.85.255
46.19.64.0-46.19.69.255
81.200.144.0-81.200.157.255
94.198.216.0-94.198.221.255
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:a8:80:79:07:40:0b:5d:05:23:72:63:e6:fa:86:d9:fd:dc:
7b:f0:fe:13:d8:c7:e4:34:a7:58:28:65:00:00:bf:37:24:dc:
a5:a7:ef:6a:c7:ad:19:51:df:e2:62:ac:c5:49:b3:04:7b:c9:
65:f5:2c:58:47:32:d5:9f:b0:bc:d6:4e:54:d3:f7:0f:4c:9d:
d7:02:48:8b:1f:64:09:4b:ac:bb:b5:29:85:bd:3d:0e:49:e6:
0a:51:ad:60:67:ec:f9:25:d7:ac:32:a0:7b:b0:7e:c3:47:f9:
e5:74:0c:06:9d:f3:03:ac:3e:f2:db:b3:11:b0:e5:83:f8:a0:
e6:7a:79:07:c5:bd:cf:81:b6:f0:6f:94:91:6e:c2:ba:aa:c0:
03:ff:d8:30:b5:eb:94:8d:9a:82:51:c0:fd:bc:41:67:5f:aa:
11:1d:8d:7d:47:df:a7:46:c2:63:e3:e8:81:27:de:c7:9f:30:
ac:8b:42:0d:23:9b:f4:8a:66:0c:73:20:6d:36:35:a9:fb:7d:
46:20:55:f5:98:09:c7:1c:82:53:3d:c6:c6:fd:30:4a:85:56:
65:da:4b:3f:25:8d:07:bd:50:d1:56:91:ca:af:54:e7:53:53:
38:0d:5d:ba:2e:21:4e:30:ad:0b:b4:43:12:30:a8:d5:01:c2:
11:f8:3c:28
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEAbCNCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjVlNjE1OTE4NTcwNzNkN2I4NzY2YTczNGM5YjU2NmFhYWIzZTk1MB4XDTIyMDEw
MTEzMDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQzYTkzN2U4ZmU4
OGMxMTQ2ZTY3ODE4MTcxMGMxZjNmYzNiYmYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOk/8zR6XfiLCYacKQd5yyYSniq1aIQxQEjYgErRrPvIaz+2
KqYFJxEh0giVPcPDOWScqvGHM3k5a50sZZ8X+mxMM4Z3lfEcRrwK/thxQ8yVONGs
54BdSbuNUZfVQleclsVCoL6D3HitZu2l/r3t3n8sohLq1EYJY49kZJo+tYy7KJQL
vB0xellhwxau2dgw80buPsGxyF7DhikKOR5pYBCJIIVv4lEavnjs7RowoIVh+xg9
jd8CKDxKdmI8RR4FnilDuDQ6GBvG9kqwm7GtZ++7xpE8/pewN26Z/KVXlYXfTEOX
ERjgvvmwK6mAWBk7Q8u50ddP4lqV5CfTv7FfWCUCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBSEOpN+j+iMEUbmeBgXEMHz/Du/AzAfBgNVHSMEGDAWgBSmXmFZGFcHPXuH
Zqc0ybVmqqs+lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BsNWhXUmhYQnoxN2gyYW5OTW0xWnFxclBwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvZjRmMmJkLTk2MjEtNDYyNC04OWRlLWU4ODU4ZmQ4YjRjYS8x
L2hEcVRmb19vakJGRzVuZ1lGeERCOF93N3Z3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
ZjRmMmJkLTk2MjEtNDYyNC04OWRlLWU4ODU4ZmQ4YjRjYS8xL3BsNWhXUmhYQnox
N2gyYW5OTW0xWnFxclBwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPjAMAwQEJdxQAwQBJdxUMAwDBAYuE0AD
BAEuE0QwDAMEBFHIkAMEAVHInDAMAwQDXsbYAwQBXsbcAwQBuabEMA0GCSqGSIb3
DQEBCwUAA4IBAQBuqIB5B0ALXQUjcmPm+obZ/dx78P4T2MfkNKdYKGUAAL83JNyl
p+9qx60ZUd/iYqzFSbMEe8ll9SxYRzLVn7C81k5U0/cPTJ3XAkiLH2QJS6y7tSmF
vT0OSeYKUa1gZ+z5JdesMqB7sH7DR/nldAwGnfMDrD7y27MRsOWD+KDmenkHxb3P
gbbwb5SRbsK6qsAD/9gwteuUjZqCUcD9vEFnX6oRHY19R9+nRsJj4+iBJ97HnzCs
i0INI5v0imYMcyBtNjWp+31GIFX1mAnHHIJTPcbG/TBKhVZl2ks/JY0HvVDRVpHK
r1TnU1M4DV26LiFOMK0LtEMSMKjVAcIR+Dwo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:59 2024 by rpki-client on console-ams.rpki-client.org