Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/x9IiB929fBzfjkULQHq7sQeIpGU.roa
File: x9IiB929fBzfjkULQHq7sQeIpGU.roa (raw, json)
Hash identifier: VlOSnP3q/VWLn/bsSWhFpONKSo2t71ygv5v/DtwNmpA=
Subject key identifier: C7:D2:22:07:DD:BD:7C:1C:DF:8E:45:0B:40:7A:BB:B1:07:88:A4:65
Certificate issuer: /CN=0f47ec73bceecedd541efb73525d61232fa80219
Certificate serial: 018A2286E42E347B6F3B2FFA6388473A07D2
Authority key identifier: 0F:47:EC:73:BC:EE:CE:DD:54:1E:FB:73:52:5D:61:23:2F:A8:02:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D0fsc7zuzt1UHvtzUl1hIy-oAhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/x9IiB929fBzfjkULQHq7sQeIpGU.roa
Signing time: Wed 23 Aug 2023 13:13:00 +0000
ROA not before: Wed 23 Aug 2023 13:13:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29247
IP address blocks: 149.210.0.0/18 maxlen: 18
109.178.0.0/16 maxlen: 16
31.217.160.0/19 maxlen: 19
5.144.224.0/20 maxlen: 20
5.203.0.0/16 maxlen: 16
5.144.192.0/20 maxlen: 20
5.144.192.0/18 maxlen: 18
5.144.208.0/20 maxlen: 20
31.152.0.0/16 maxlen: 16
94.143.177.0/24 maxlen: 24
94.143.176.0/24 maxlen: 24
94.143.178.0/24 maxlen: 24
94.143.183.0/24 maxlen: 24
94.143.180.0/24 maxlen: 24
149.210.64.0/18 maxlen: 18
2a02:1388::/29 maxlen: 29
2a02:1388:4000::/36 maxlen: 36
2a02:1388::/36 maxlen: 36
2a02:1388:2000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:86:e4:2e:34:7b:6f:3b:2f:fa:63:88:47:3a:07:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f47ec73bceecedd541efb73525d61232fa80219
Validity
Not Before: Aug 23 13:13:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7d22207ddbd7c1cdf8e450b407abbb10788a465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:82:7c:ed:47:a4:59:a0:d3:bf:71:c2:09:22:
91:40:b6:7a:72:11:35:bc:01:0b:87:83:d5:30:3a:
0c:09:a0:26:f3:4c:a8:b6:29:68:18:29:7a:51:a6:
d0:c2:4c:ac:65:c6:60:69:09:1e:06:8a:b2:9e:16:
af:95:60:16:a4:ce:21:80:28:4c:5a:fe:ea:09:6a:
ed:f5:94:92:3f:94:4a:c0:71:37:52:bf:8a:8e:72:
a4:38:4f:87:fe:cb:fa:02:a1:d5:e1:e0:72:8d:10:
00:b6:40:b2:ed:f0:45:58:af:84:ef:07:f3:e4:fb:
bb:87:06:1f:8a:f2:81:ee:bd:cc:e1:2c:c8:f1:59:
47:97:63:76:d5:f0:8d:0d:8e:70:77:82:de:31:28:
bf:ad:9f:8d:52:25:ed:14:4a:42:4b:06:45:ce:00:
c3:15:81:71:c1:88:64:8a:73:7c:1f:2d:35:4d:ec:
c3:9d:ae:50:33:18:64:a8:a5:62:77:71:8f:13:81:
c8:e0:e3:85:21:0b:c7:42:5f:ba:1a:70:8b:d1:87:
3e:9a:18:02:61:92:94:be:ef:e9:c1:82:06:b9:c8:
53:32:a4:67:cf:97:13:ac:bc:16:4b:d4:01:47:b9:
36:36:3c:7f:1a:bd:35:f0:79:9b:0d:4f:c7:1b:0e:
c7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D2:22:07:DD:BD:7C:1C:DF:8E:45:0B:40:7A:BB:B1:07:88:A4:65
X509v3 Authority Key Identifier:
keyid:0F:47:EC:73:BC:EE:CE:DD:54:1E:FB:73:52:5D:61:23:2F:A8:02:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0fsc7zuzt1UHvtzUl1hIy-oAhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/x9IiB929fBzfjkULQHq7sQeIpGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/094180-0171-4252-afea-923546ed3e8a/1/D0fsc7zuzt1UHvtzUl1hIy-oAhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.192.0/18
5.203.0.0/16
31.152.0.0/16
31.217.160.0/19
94.143.176.0-94.143.178.255
94.143.180.0/24
94.143.183.0/24
109.178.0.0/16
149.210.0.0/17
IPv6:
2a02:1388::/29
Signature Algorithm: sha256WithRSAEncryption
94:82:d2:13:4f:10:87:a5:b6:0a:06:fb:65:65:3a:4d:61:53:
c4:73:23:2e:f1:50:24:d8:41:92:94:20:08:43:76:b4:33:95:
0b:16:32:25:6b:c7:57:e1:54:90:58:c7:0e:82:49:09:8e:67:
85:0b:b7:68:5a:6a:7a:86:40:20:7c:f2:db:e3:67:f6:fa:3e:
ce:2b:b7:fb:0b:82:f5:40:05:62:9c:42:95:a0:53:55:4a:20:
6d:2c:c3:2f:a6:9c:d1:2b:ba:19:ff:f6:96:4f:c8:c1:62:18:
c3:cf:99:f2:ea:8e:76:9b:87:e8:37:3e:24:3a:87:0b:59:13:
80:c2:e5:fc:92:ef:e3:d3:d8:ae:e1:8d:0b:9b:7c:fd:1d:a8:
35:7b:f4:39:fa:b4:b7:3b:11:b3:76:0e:94:36:f6:91:7c:2d:
4c:8e:80:13:22:a7:34:75:8b:22:fa:1f:33:00:41:e4:8d:af:
c6:d9:24:99:c0:65:92:0d:03:a3:31:11:6a:25:d0:26:d7:5b:
a1:24:96:69:1f:9c:69:95:1e:36:1e:ab:63:93:f6:52:46:90:
8d:ae:4f:a5:22:31:ef:24:04:a4:8e:96:b6:02:fc:c6:19:82:
83:0b:bf:d3:35:6a:6f:19:6a:b0:42:1c:07:e2:f1:0d:13:91:
ae:20:8e:d5
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYoihuQuNHtvOy/6Y4hHOgfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDdlYzczYmNlZWNlZGQ1NDFlZmI3MzUyNWQ2MTIzMmZh
ODAyMTkwHhcNMjMwODIzMTMxMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2QyMjIwN2RkYmQ3YzFjZGY4ZTQ1MGI0MDdhYmJiMTA3ODhhNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4J87UekWaDTv3HCCSKRQLZ6chE1
vAELh4PVMDoMCaAm80yotiloGCl6UabQwkysZcZgaQkeBoqynhavlWAWpM4hgChM
Wv7qCWrt9ZSSP5RKwHE3Ur+KjnKkOE+H/sv6AqHV4eByjRAAtkCy7fBFWK+E7wfz
5Pu7hwYfivKB7r3M4SzI8VlHl2N21fCNDY5wd4LeMSi/rZ+NUiXtFEpCSwZFzgDD
FYFxwYhkinN8Hy01TezDna5QMxhkqKVid3GPE4HI4OOFIQvHQl+6GnCL0Yc+mhgC
YZKUvu/pwYIGuchTMqRnz5cTrLwWS9QBR7k2Njx/Gr018HmbDU/HGw7HBwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFMfSIgfdvXwc345FC0B6u7EHiKRlMB8GA1UdIwQY
MBaAFA9H7HO87s7dVB77c1JdYSMvqAIZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBmc2M3enV6dDFVSHZ0elVsMWhJeS1vQWhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wOTQxODAtMDE3MS00MjUyLWFmZWEt
OTIzNTQ2ZWQzZThhLzEveDlJaUI5MjlmQnpmamtVTFFIcTdzUWVJcEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wOTQxODAtMDE3MS00MjUyLWFmZWEtOTIzNTQ2ZWQzZThh
LzEvRDBmc2M3enV6dDFVSHZ0elVsMWhJeS1vQWhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7AwQGBZDAAwMA
BcsDAwAfmAMEBR/ZoDAMAwQEXo+wAwQAXo+yAwQAXo+0AwQAXo+3AwMAbbIDBAeV
0gAwDQQCAAIwBwMFAyoCE4gwDQYJKoZIhvcNAQELBQADggEBAJSC0hNPEIeltgoG
+2VlOk1hU8RzIy7xUCTYQZKUIAhDdrQzlQsWMiVrx1fhVJBYxw6CSQmOZ4ULt2ha
anqGQCB88tvjZ/b6Ps4rt/sLgvVABWKcQpWgU1VKIG0swy+mnNEruhn/9pZPyMFi
GMPPmfLqjnabh+g3PiQ6hwtZE4DC5fyS7+PT2K7hjQubfP0dqDV79Dn6tLc7EbN2
DpQ29pF8LUyOgBMipzR1iyL6HzMAQeSNr8bZJJnAZZINA6MxEWol0CbXW6Eklmkf
nGmVHjYeq2OT9lJGkI2uT6UiMe8kBKSOlrYC/MYZgoMLv9M1am8ZarBCHAfi8Q0T
ka4gjtU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:22 2025 by rpki-client