Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/dI_PunGOX80fI9yL-JNFBX9J-ZM.roa
File: dI_PunGOX80fI9yL-JNFBX9J-ZM.roa (raw, json)
Hash identifier: TgdGnh3JXAOT0W+5IC07oKb+dBNV1mOiOsUzWxpMLQM=
Subject key identifier: 74:8F:CF:BA:71:8E:5F:CD:1F:23:DC:8B:F8:93:45:05:7F:49:F9:93
Certificate issuer: /CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Certificate serial: 018475BE1D026ECF34286D5ACFF152C0F0E4
Authority key identifier: 1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/dI_PunGOX80fI9yL-JNFBX9J-ZM.roa
Signing time: Mon 14 Nov 2022 10:45:04 +0000
ROA not before: Mon 14 Nov 2022 10:45:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52106
IP address blocks: 194.180.44.0/22 maxlen: 22
45.148.40.0/22 maxlen: 22
194.61.159.0/24 maxlen: 24
194.61.56.0/24 maxlen: 24
194.60.205.0/24 maxlen: 24
194.60.202.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:be:1d:02:6e:cf:34:28:6d:5a:cf:f1:52:c0:f0:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a885c37e747bce23ee9097e5ff7e983bcba0db4
Validity
Not Before: Nov 14 10:45:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=748fcfba718e5fcd1f23dc8bf89345057f49f993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:d7:62:90:c6:d8:ba:a4:c6:74:37:c6:4d:
aa:e2:c1:47:60:f1:7e:9b:b3:84:1b:e5:b1:3a:c5:
2a:eb:94:80:9f:37:65:57:60:34:2b:f5:c1:c1:33:
a6:4d:85:c8:b3:a9:8f:29:99:07:a3:a2:ba:94:ae:
f7:bf:7b:d4:8d:62:cd:58:b4:0a:ba:98:28:c3:67:
37:ac:9b:42:cd:06:6c:2f:55:96:4b:5f:38:53:cc:
15:3f:8c:83:32:ac:31:58:e5:02:7a:46:d8:3d:f5:
a1:fb:90:ef:3a:27:40:aa:df:a5:26:0e:10:31:16:
f5:b8:eb:c0:f0:b6:93:04:c8:30:4b:5a:f0:09:ec:
e8:5a:15:60:75:6f:92:1d:2d:2c:78:7d:c5:74:12:
ef:d4:a2:dd:30:c0:16:8e:4f:06:ae:55:dc:c5:64:
58:f2:1f:72:63:27:16:69:1b:c6:55:cc:f9:f8:9f:
3b:ac:20:e1:c7:45:83:0b:06:3f:65:d5:82:18:8a:
47:9a:35:97:c2:f4:ef:f8:b8:1a:15:99:70:61:e9:
18:9e:77:0d:b6:c6:62:f9:e0:e9:da:d9:52:f6:14:
46:23:7a:c9:dc:04:c8:82:ad:c8:59:d6:b9:4c:0e:
5e:da:44:f1:41:d5:d8:c9:a0:e6:33:e5:af:19:9b:
33:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8F:CF:BA:71:8E:5F:CD:1F:23:DC:8B:F8:93:45:05:7F:49:F9:93
X509v3 Authority Key Identifier:
keyid:1A:88:5C:37:E7:47:BC:E2:3E:E9:09:7E:5F:F7:E9:83:BC:BA:0D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/dI_PunGOX80fI9yL-JNFBX9J-ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c54214-52d5-46dc-9939-c1402d261432/1/GohcN-dHvOI-6Ql-X_fpg7y6DbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.40.0/22
194.60.202.0/24
194.60.205.0/24
194.61.56.0/24
194.61.159.0/24
194.180.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:f1:3b:ae:c4:7f:4b:cd:cc:d4:4e:20:92:36:d0:77:e1:41:
24:da:e2:80:ae:6e:84:b1:ef:12:4b:be:a2:e1:7d:2d:2d:d9:
b1:46:ae:97:b8:ac:70:56:fc:6f:31:0d:5d:01:a6:f9:be:a3:
71:7a:7c:85:29:d5:74:14:f6:51:72:98:ce:4b:44:3e:45:fb:
4f:e7:f0:d6:32:e7:7f:9a:a3:4a:cb:fd:2c:13:c4:8c:cc:54:
f0:81:ca:62:5b:4e:12:b6:82:84:68:68:40:61:f2:88:0a:17:
e1:42:c9:a8:4a:24:9e:82:d6:95:8b:66:86:28:ad:49:a3:57:
9b:81:34:73:b4:fb:48:18:cc:5e:c7:d2:f8:d4:58:8b:d2:cf:
e0:63:4f:6b:24:6a:b8:c3:49:a9:fb:09:5d:bf:1b:7e:cf:f4:
cf:c9:4c:41:ea:3b:0c:2d:19:14:56:38:19:e8:f0:cb:e4:4f:
a9:d6:fa:d3:ab:20:26:0d:92:df:c8:01:53:ed:05:23:a2:66:
36:db:3d:b7:69:95:cf:e5:d3:e4:5c:33:68:44:5b:95:3f:f8:
cf:8e:4c:f7:0f:e9:db:d7:60:27:d6:3a:74:f0:9a:d8:51:40:
32:01:f5:8a:f5:56:4d:f1:75:13:16:4f:80:eb:44:96:ad:c7:
53:fa:4b:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYR1vh0Cbs80KG1az/FSwPDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhODg1YzM3ZTc0N2JjZTIzZWU5MDk3ZTVmZjdlOTgzYmNi
YTBkYjQwHhcNMjIxMTE0MTA0NTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhmY2ZiYTcxOGU1ZmNkMWYyM2RjOGJmODkzNDUwNTdmNDlmOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDHXYpDG2LqkxnQ3xk2q4sFHYPF+
m7OEG+WxOsUq65SAnzdlV2A0K/XBwTOmTYXIs6mPKZkHo6K6lK73v3vUjWLNWLQK
upgow2c3rJtCzQZsL1WWS184U8wVP4yDMqwxWOUCekbYPfWh+5DvOidAqt+lJg4Q
MRb1uOvA8LaTBMgwS1rwCezoWhVgdW+SHS0seH3FdBLv1KLdMMAWjk8GrlXcxWRY
8h9yYycWaRvGVcz5+J87rCDhx0WDCwY/ZdWCGIpHmjWXwvTv+LgaFZlwYekYnncN
tsZi+eDp2tlS9hRGI3rJ3ATIgq3IWda5TA5e2kTxQdXYyaDmM+WvGZsz5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHSPz7pxjl/NHyPci/iTRQV/SfmTMB8GA1UdIwQY
MBaAFBqIXDfnR7ziPukJfl/36YO8ug20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5Mzkt
YzE0MDJkMjYxNDMyLzEvZElfUHVuR09YODBmSTl5TC1KTkZCWDlKLVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jNTQyMTQtNTJkNS00NmRjLTk5MzktYzE0MDJkMjYxNDMy
LzEvR29oY04tZEh2T0ktNlFsLVhfZnBnN3k2RGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLZQoAwQA
wjzKAwQAwjzNAwQAwj04AwQAwj2fAwQCwrQsMA0GCSqGSIb3DQEBCwUAA4IBAQBb
8TuuxH9LzczUTiCSNtB34UEk2uKArm6Ese8SS76i4X0tLdmxRq6XuKxwVvxvMQ1d
Aab5vqNxenyFKdV0FPZRcpjOS0Q+RftP5/DWMud/mqNKy/0sE8SMzFTwgcpiW04S
toKEaGhAYfKIChfhQsmoSiSegtaVi2aGKK1Jo1ebgTRztPtIGMxex9L41FiL0s/g
Y09rJGq4w0mp+wldvxt+z/TPyUxB6jsMLRkUVjgZ6PDL5E+p1vrTqyAmDZLfyAFT
7QUjomY22z23aZXP5dPkXDNoRFuVP/jPjkz3D+nb12An1jp08JrYUUAyAfWK9VZN
8XUTFk+A60SWrcdT+kuu
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:36 2025 by rpki-client