Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/x4mZP8rbqlGASbUj3ZMPeJ3FTwM.roa
File: x4mZP8rbqlGASbUj3ZMPeJ3FTwM.roa (raw, json)
Hash identifier: kzZJOxFiF58CVfQj+m6S46amoFU0u6CMRhpYLRY7PoQ=
Subject key identifier: C7:89:99:3F:CA:DB:AA:51:80:49:B5:23:DD:93:0F:78:9D:C5:4F:03
Certificate issuer: /CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
Certificate serial: 0C48AAC6
Authority key identifier: F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/x4mZP8rbqlGASbUj3ZMPeJ3FTwM.roa
Signing time: Sat 01 Jan 2022 15:01:34 +0000
ROA not before: Sat 01 Jan 2022 15:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35573
IP address blocks: 87.250.37.0/24 maxlen: 24
87.250.44.0/24 maxlen: 24
87.250.41.0/24 maxlen: 24
87.250.40.0/24 maxlen: 24
87.250.42.0/24 maxlen: 24
87.250.46.0/24 maxlen: 24
87.250.45.0/24 maxlen: 24
87.250.48.0/24 maxlen: 24
87.250.47.0/24 maxlen: 24
87.250.50.0/24 maxlen: 24
87.250.51.0/24 maxlen: 24
87.250.53.0/24 maxlen: 24
87.250.52.0/24 maxlen: 24
87.250.55.0/24 maxlen: 24
87.250.54.0/24 maxlen: 24
87.250.63.0/24 maxlen: 24
109.72.52.0/24 maxlen: 24
109.72.54.0/24 maxlen: 24
109.72.53.0/24 maxlen: 24
109.72.58.0/24 maxlen: 24
178.250.137.0/24 maxlen: 24
178.250.136.0/24 maxlen: 24
178.250.139.0/24 maxlen: 24
46.235.101.0/24 maxlen: 24
178.250.142.0/24 maxlen: 24
178.250.141.0/24 maxlen: 24
178.250.143.0/24 maxlen: 24
109.72.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206088902 (0xc48aac6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71f9bddac4c34078d8d0fab9e14d176a416f963
Validity
Not Before: Jan 1 15:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c789993fcadbaa518049b523dd930f789dc54f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ee:40:43:3a:26:8c:9c:d1:04:93:12:6e:1f:
92:fb:14:82:7a:82:1e:b2:ea:96:6e:f5:d0:a3:3d:
11:df:79:74:c7:b0:4c:81:22:f9:23:52:ec:a7:1a:
37:b1:99:98:2c:01:fc:de:2b:b0:8a:77:27:ad:1c:
29:92:d3:07:5b:3e:6b:6d:16:68:22:ec:4b:99:22:
e2:a2:67:d0:85:45:04:c7:26:26:ab:cd:ee:12:35:
9b:fb:de:01:80:8d:0f:bd:57:63:1e:0e:ef:bc:fb:
c2:a9:94:24:d0:af:50:e9:ce:c8:88:87:d2:f8:bd:
00:54:99:aa:1f:76:5c:6f:8b:48:96:08:1c:8e:42:
10:90:72:cc:69:bc:0b:cf:aa:30:e9:31:83:48:dd:
29:aa:5f:a9:95:95:ca:db:90:c4:09:47:3e:4a:0b:
4b:be:64:02:00:ed:51:85:a3:a1:b7:3f:a3:c9:78:
b4:a7:5c:b1:ec:41:a1:ff:89:2f:fb:09:5b:35:60:
64:7b:ed:b3:3b:ec:f0:44:d1:de:db:db:48:b4:47:
42:6f:29:c3:63:79:30:2f:37:f6:d0:0b:ec:3c:20:
62:7f:6b:5f:b6:26:1b:d5:0c:b6:b2:4f:cd:0a:72:
ee:2d:e8:32:32:7e:99:f3:ff:6b:4d:37:71:3e:4b:
05:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:89:99:3F:CA:DB:AA:51:80:49:B5:23:DD:93:0F:78:9D:C5:4F:03
X509v3 Authority Key Identifier:
keyid:F7:1F:9B:DD:AC:4C:34:07:8D:8D:0F:AB:9E:14:D1:76:A4:16:F9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x-b3axMNAeNjQ-rnhTRdqQW-WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/x4mZP8rbqlGASbUj3ZMPeJ3FTwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/514d67-ba6c-415e-bebc-0f1f3cb08b75/1/9x-b3axMNAeNjQ-rnhTRdqQW-WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.101.0/24
87.250.37.0/24
87.250.40.0-87.250.42.255
87.250.44.0-87.250.48.255
87.250.50.0-87.250.55.255
87.250.63.0/24
109.72.48.0/24
109.72.52.0-109.72.54.255
109.72.58.0/24
178.250.136.0/23
178.250.139.0/24
178.250.141.0-178.250.143.255
Signature Algorithm: sha256WithRSAEncryption
40:81:67:ac:b6:52:d9:1b:9e:55:ba:c0:df:70:15:8a:89:f7:
99:bd:f2:77:9d:5f:99:5c:d1:26:79:a5:90:6c:ca:cb:1b:75:
e5:d7:d1:8a:ea:3c:9b:f8:98:42:f9:a3:10:f4:f2:76:67:0b:
2b:4e:b0:65:0f:44:39:d3:09:ea:69:49:33:58:91:f4:ae:fc:
bd:bc:10:f7:87:74:ef:dc:39:98:dc:cd:fb:63:ed:69:b0:91:
64:c7:ba:0c:b2:c9:16:26:34:54:87:78:f4:ba:0b:42:b0:82:
60:0c:a8:4c:bb:d8:89:be:e0:54:ba:e4:92:86:a6:6c:58:6b:
ff:7b:cc:1b:b5:6f:37:84:7a:6f:dc:86:aa:a1:ad:ca:9c:eb:
3c:1f:fb:33:c7:97:ac:fc:f1:e0:b1:8b:f9:c8:29:c2:ae:36:
a1:61:d8:ab:bc:88:42:68:21:8e:01:38:a5:73:6f:ad:fa:ff:
87:4b:9b:6c:47:f8:b4:92:b4:16:b6:d8:64:cb:88:bf:c9:b1:
b6:41:4c:97:75:29:5d:04:0d:61:12:16:93:e2:39:71:16:6f:
10:44:6d:a8:32:79:28:2a:01:3e:48:6f:68:8a:ef:4b:f7:6d:
08:53:d3:3e:c0:6b:98:3a:ec:63:69:f1:91:f5:e9:6e:12:50:
75:3d:ed:d6
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIEDEiqxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzFmOWJkZGFjNGMzNDA3OGQ4ZDBmYWI5ZTE0ZDE3NmE0MTZmOTYzMB4XDTIyMDEw
MTE1MDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc4OTk5M2ZjYWRi
YWE1MTgwNDliNTIzZGQ5MzBmNzg5ZGM1NGYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMruQEM6Joyc0QSTEm4fkvsUgnqCHrLqlm710KM9Ed95dMew
TIEi+SNS7KcaN7GZmCwB/N4rsIp3J60cKZLTB1s+a20WaCLsS5ki4qJn0IVFBMcm
JqvN7hI1m/veAYCND71XYx4O77z7wqmUJNCvUOnOyIiH0vi9AFSZqh92XG+LSJYI
HI5CEJByzGm8C8+qMOkxg0jdKapfqZWVytuQxAlHPkoLS75kAgDtUYWjobc/o8l4
tKdcsexBof+JL/sJWzVgZHvtszvs8ETR3tvbSLRHQm8pw2N5MC839tAL7DwgYn9r
X7YmG9UMtrJPzQpy7i3oMjJ+mfP/a003cT5LBf8CAwEAAaOCAnQwggJwMB0GA1Ud
DgQWBBTHiZk/ytuqUYBJtSPdkw94ncVPAzAfBgNVHSMEGDAWgBT3H5vdrEw0B42N
D6ueFNF2pBb5YzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzl4LWIzYXhNTkFlTmpRLXJuaFRSZHFRVy1XTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvNTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8x
L3g0bVpQOHJicWxHQVNiVWozWk1QZUozRlR3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
NTE0ZDY3LWJhNmMtNDE1ZS1iZWJjLTBmMWYzY2IwOGI3NS8xLzl4LWIzYXhNTkFl
TmpRLXJuaFRSZHFRVy1XTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iQYIKwYBBQUHAQcBAf8EejB4MHYEAgABMHADBAAu62UDBABX+iUwDAMEA1f6KAME
AFf6KjAMAwQCV/osAwQAV/owMAwDBAFX+jIDBANX+jADBABX+j8DBABtSDAwDAME
Am1INAMEAG1INgMEAG1IOgMEAbL6iAMEALL6izAMAwQAsvqNAwQEsvqAMA0GCSqG
SIb3DQEBCwUAA4IBAQBAgWestlLZG55VusDfcBWKifeZvfJ3nV+ZXNEmeaWQbMrL
G3Xl19GK6jyb+JhC+aMQ9PJ2ZwsrTrBlD0Q50wnqaUkzWJH0rvy9vBD3h3Tv3DmY
3M37Y+1psJFkx7oMsskWJjRUh3j0ugtCsIJgDKhMu9iJvuBUuuSShqZsWGv/e8wb
tW83hHpv3Iaqoa3KnOs8H/szx5es/PHgsYv5yCnCrjahYdirvIhCaCGOATilc2+t
+v+HS5tsR/i0krQWtthky4i/ybG2QUyXdSldBA1hEhaT4jlxFm8QRG2oMnkoKgE+
SG9oiu9L920IU9M+wGuYOuxjafGR9eluElB1Pe3W
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:33 2023 by rpki-client on console-ams.rpki-client.org