Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/A4l7yoncS0mpz5yZXmz4DiGMlX8.roa
File: A4l7yoncS0mpz5yZXmz4DiGMlX8.roa (raw, json)
Hash identifier: CNYTYfh1aOH8zAtuw1O2KIwM6u6YxhAxYcv9rS9sJ6s=
Subject key identifier: 03:89:7B:CA:89:DC:4B:49:A9:CF:9C:99:5E:6C:F8:0E:21:8C:95:7F
Certificate issuer: /CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
Certificate serial: 0CCA3565
Authority key identifier: F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/A4l7yoncS0mpz5yZXmz4DiGMlX8.roa
Signing time: Tue 22 Feb 2022 11:49:10 +0000
ROA not before: Tue 22 Feb 2022 11:49:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41937
IP address blocks: 109.122.113.0/24 maxlen: 24
87.250.32.0/19 maxlen: 24
185.112.20.0/22 maxlen: 24
62.240.24.0/21 maxlen: 24
62.240.24.0/23 maxlen: 24
109.198.0.0/19 maxlen: 24
185.179.136.0/22 maxlen: 24
109.122.64.0/18 maxlen: 24
178.79.0.0/18 maxlen: 24
178.79.10.0/23 maxlen: 24
178.250.136.0/21 maxlen: 24
46.235.96.0/21 maxlen: 24
5.134.104.0/21 maxlen: 24
185.26.172.0/22 maxlen: 24
109.72.48.0/20 maxlen: 24
92.244.128.0/19 maxlen: 24
178.237.208.0/20 maxlen: 24
178.237.216.0/21 maxlen: 24
91.185.96.0/19 maxlen: 24
185.34.92.0/22 maxlen: 24
185.103.136.0/22 maxlen: 24
91.204.52.0/22 maxlen: 24
185.10.140.0/22 maxlen: 24
185.10.142.0/23 maxlen: 24
176.67.215.0/24 maxlen: 24
109.94.232.0/21 maxlen: 24
109.94.228.0/22 maxlen: 24
2a06:63c0::/29 maxlen: 48
2a02:61a0::/32 maxlen: 48
2a00:cf00::/32 maxlen: 48
2a00:8720::/32 maxlen: 48
2a03:fc40::/32 maxlen: 48
2a06:5b00::/29 maxlen: 48
2a04:1dc0::/29 maxlen: 48
2a01:b800::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214578533 (0xcca3565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
Validity
Not Before: Feb 22 11:49:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03897bca89dc4b49a9cf9c995e6cf80e218c957f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:eb:56:9f:84:c7:9b:42:25:3a:f9:23:22:a1:
04:b2:eb:8f:f2:dd:78:ca:6e:08:88:7d:58:79:bd:
d9:93:f9:6e:b1:ad:2c:bd:bd:79:9c:68:65:0b:9c:
cc:4b:36:75:1f:27:c6:e7:ad:a6:12:a5:54:e5:25:
47:41:3f:c9:09:40:05:a0:20:6d:71:81:2b:72:76:
f0:0e:56:71:7e:e4:e7:52:dd:85:81:ca:8a:37:6e:
35:8e:5e:4d:e3:5a:a3:ff:fd:e0:49:7a:c3:10:27:
7f:e0:74:87:8a:2c:65:3f:f6:4c:e9:68:e3:87:93:
cb:a9:e4:fe:14:23:c7:58:ed:01:14:1f:f3:0f:40:
c3:0a:78:c2:46:59:74:4f:d1:54:3f:c4:e7:4d:f3:
4d:36:5c:3d:da:ec:3c:5f:52:4a:62:eb:c7:6b:75:
3b:11:5e:5c:2d:58:ec:bd:a4:9a:01:26:d3:9c:7c:
6f:8b:db:fc:9e:eb:17:48:8b:06:10:fd:fc:83:7d:
fb:f1:01:8b:3c:70:2c:22:ca:b6:e9:9b:23:6f:ef:
0b:69:98:85:eb:bb:f8:28:15:3f:b5:28:fe:91:0c:
73:a4:9a:ad:ef:46:46:b3:9b:bf:b5:fd:18:7d:a8:
48:95:bd:ae:e0:e0:ed:80:3e:c9:d1:33:72:3f:a7:
94:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:89:7B:CA:89:DC:4B:49:A9:CF:9C:99:5E:6C:F8:0E:21:8C:95:7F
X509v3 Authority Key Identifier:
keyid:F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/A4l7yoncS0mpz5yZXmz4DiGMlX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/9x-b3axMNAeNjQ-rnhTRdqQW-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.104.0/21
46.235.96.0/21
62.240.24.0/21
87.250.32.0/19
91.185.96.0/19
91.204.52.0/22
92.244.128.0/19
109.72.48.0/20
109.94.228.0-109.94.239.255
109.122.64.0/18
109.198.0.0/19
176.67.215.0/24
178.79.0.0/18
178.237.208.0/20
178.250.136.0/21
185.10.140.0/22
185.26.172.0/22
185.34.92.0/22
185.103.136.0/22
185.112.20.0/22
185.179.136.0/22
IPv6:
2a00:8720::/32
2a00:cf00::/32
2a01:b800::/32
2a02:61a0::/32
2a03:fc40::/32
2a04:1dc0::/29
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
24:58:7d:3d:d0:49:4d:b0:01:1c:19:df:fb:b7:ad:36:51:73:
27:57:30:19:02:46:29:54:a9:62:35:e5:dc:2e:a7:60:54:8d:
71:c7:a8:4a:ce:b2:3f:23:ed:fa:e4:a7:39:98:38:a0:66:db:
96:e6:2c:2a:bf:91:26:ca:fd:63:b4:e7:bf:de:b1:7f:82:35:
05:50:f6:65:5d:35:00:f1:66:ee:7f:ed:e8:c9:ad:43:42:40:
8e:dc:6c:d5:64:38:b3:54:d4:77:b8:da:45:02:6e:55:9c:f4:
a9:7f:89:93:f6:74:bd:d3:20:39:c1:5f:e0:8e:58:6c:23:89:
cb:68:fd:bc:4c:65:05:d1:8c:24:47:af:77:8c:4f:e3:74:df:
36:04:b5:98:e9:3a:94:33:8f:2e:39:5c:1f:90:ec:46:f7:b7:
a9:5b:1f:a0:b3:04:c8:c5:9f:77:49:e8:50:31:1b:97:f8:7a:
6b:fd:12:1a:4e:40:9a:52:18:b5:1e:b5:53:c3:54:f3:df:e0:
bf:32:8c:4e:c0:05:ae:c5:2b:4c:11:4e:ae:33:f8:11:28:e4:
7b:4c:e8:fb:2c:90:b8:4c:5e:e4:14:bb:54:64:ad:ac:8c:02:
5f:2f:16:77:92:01:ac:a1:31:7f:df:6b:90:0a:db:7d:a2:87:
56:1a:a2:8b
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIEDMo1ZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzFmOWJkZGFjNGMzNDA3OGQ4ZDBmYWI5ZTE0ZDE3NmE0MTZmOTYzMB4XDTIyMDIy
MjExNDkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM4OTdiY2E4OWRj
NGI0OWE5Y2Y5Yzk5NWU2Y2Y4MGUyMThjOTU3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbrVp+Ex5tCJTr5IyKhBLLrj/LdeMpuCIh9WHm92ZP5brGt
LL29eZxoZQuczEs2dR8nxuetphKlVOUlR0E/yQlABaAgbXGBK3J28A5WcX7k51Ld
hYHKijduNY5eTeNao//94El6wxAnf+B0h4osZT/2TOlo44eTy6nk/hQjx1jtARQf
8w9Awwp4wkZZdE/RVD/E503zTTZcPdrsPF9SSmLrx2t1OxFeXC1Y7L2kmgEm05x8
b4vb/J7rF0iLBhD9/IN9+/EBizxwLCLKtumbI2/vC2mYheu7+CgVP7Uo/pEMc6Sa
re9GRrObv7X9GH2oSJW9ruDg7YA+ydEzcj+nlPsCAwEAAaOCAs4wggLKMB0GA1Ud
DgQWBBQDiXvKidxLSanPnJlebPgOIYyVfzAfBgNVHSMEGDAWgBT3H5vdrEw0B42N
D6ueFNF2pBb5YzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl4LWIzYXhNTkFlTmpRLXJuaFRSZHFRVy1XTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvNTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8x
L0E0bDd5b25jUzBtcHo1eVpYbXo0RGlHTWxYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
NTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8xLzl4LWIzYXhNTkFl
TmpRLXJuaFRSZHFRVy1XTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
4wYIKwYBBQUHAQcBAf8EgdMwgdAwgY0EAgABMIGGAwQDBYZoAwQDLutgAwQDPvAY
AwQFV/ogAwQFW7lgAwQCW8w0AwQFXPSAAwQEbUgwMAwDBAJtXuQDBARtXuADBAZt
ekADBAVtxgADBACwQ9cDBAayTwADBASy7dADBAOy+ogDBAK5CowDBAK5GqwDBAK5
IlwDBAK5Z4gDBAK5cBQDBAK5s4gwPgQCAAIwOAMFACoAhyADBQAqAM8AAwUAKgG4
AAMFACoCYaADBQAqA/xAAwUDKgQdwAMFAyoGWwADBQMqBmPAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkWH090ElNsAEcGd/7t602UXMnVzAZAkYpVKliNeXcLqdgVI1xx6hK
zrI/I+365Kc5mDigZtuW5iwqv5Emyv1jtOe/3rF/gjUFUPZlXTUA8Wbuf+3oya1D
QkCO3GzVZDizVNR3uNpFAm5VnPSpf4mT9nS90yA5wV/gjlhsI4nLaP28TGUF0Ywk
R693jE/jdN82BLWY6TqUM48uOVwfkOxG97epWx+gswTIxZ93SehQMRuX+Hpr/RIa
TkCaUhi1HrVTw1Tz3+C/MoxOwAWuxStMEU6uM/gRKOR7TOj7LJC4TF7kFLtUZK2s
jAJfLxZ3kgGsoTF/32uQCtt9oodWGqKL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:33 2023 by rpki-client on console-ams.rpki-client.org