Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/ACSgxkqUEABCwJ1GD5ZZlPakdLQ.roa
File: ACSgxkqUEABCwJ1GD5ZZlPakdLQ.roa (raw, json)
Hash identifier: ZtDVGNHGafNsVTnZeTj9lXtj/BXb+R/o9iV9G4jITC8=
Subject key identifier: 00:24:A0:C6:4A:94:10:00:42:C0:9D:46:0F:96:59:94:F6:A4:74:B4
Certificate issuer: /CN=a88100464b1826c3c445a91c84e2f230e63ddb2d
Certificate serial: 018282715564CFFE79212278B290C7C1C270
Authority key identifier: A8:81:00:46:4B:18:26:C3:C4:45:A9:1C:84:E2:F2:30:E6:3D:DB:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIEARksYJsPERakchOLyMOY92y0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/ACSgxkqUEABCwJ1GD5ZZlPakdLQ.roa
Signing time: Tue 09 Aug 2022 11:50:41 +0000
ROA not before: Tue 09 Aug 2022 11:50:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.109.132.0/24 maxlen: 24
185.109.134.0/23 maxlen: 24
185.109.133.0/24 maxlen: 24
91.198.117.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:71:55:64:cf:fe:79:21:22:78:b2:90:c7:c1:c2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a88100464b1826c3c445a91c84e2f230e63ddb2d
Validity
Not Before: Aug 9 11:50:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0024a0c64a94100042c09d460f965994f6a474b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:09:59:61:0e:46:d0:50:f2:49:84:fb:d7:f9:
4d:f5:1e:0a:71:12:3f:ed:4f:65:ce:f7:3e:b2:a1:
56:70:85:f5:25:05:3d:10:88:63:f6:eb:29:83:ae:
90:33:3a:5b:6b:5b:81:49:52:38:97:ca:08:8c:2b:
3b:da:03:a4:a8:29:78:5a:2b:83:a5:d9:f7:41:57:
ac:c7:92:1a:77:c0:c1:58:cf:94:e8:8d:f6:cd:80:
b3:35:20:94:e3:42:eb:18:92:0d:f4:28:bf:d3:1d:
42:ec:c1:8a:68:ce:9a:6b:a4:a4:42:8d:75:e0:f6:
b9:58:06:bc:d9:ba:fe:03:19:14:11:ab:e5:de:4c:
f3:0f:84:8a:75:e6:36:c2:74:96:ed:cf:03:21:09:
1d:46:5e:e3:e2:db:ee:58:3d:8f:ec:f7:ea:4f:f4:
a8:c4:87:8b:18:bb:22:9d:be:f6:32:d3:97:0e:2b:
d2:48:60:e3:e2:91:03:20:e2:2e:50:0a:35:d3:30:
b0:a7:18:0e:6c:38:0d:19:3b:95:54:14:ba:d3:fb:
c2:43:82:24:33:9c:96:b1:f2:d6:27:89:9c:12:42:
35:df:c9:cc:e4:93:16:bb:62:a4:63:b6:18:5b:b1:
62:44:89:af:cc:a1:e5:33:20:5a:52:6c:13:73:57:
3a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:24:A0:C6:4A:94:10:00:42:C0:9D:46:0F:96:59:94:F6:A4:74:B4
X509v3 Authority Key Identifier:
keyid:A8:81:00:46:4B:18:26:C3:C4:45:A9:1C:84:E2:F2:30:E6:3D:DB:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIEARksYJsPERakchOLyMOY92y0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/ACSgxkqUEABCwJ1GD5ZZlPakdLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/920566-e957-47e5-99f9-59a0f63c6682/1/qIEARksYJsPERakchOLyMOY92y0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.117.0/24
185.109.132.0/22
Signature Algorithm: sha256WithRSAEncryption
25:b2:f0:8f:0a:8e:ef:73:77:e2:23:69:6f:c0:28:c8:4e:3a:
12:a9:51:45:77:f5:df:b7:3b:97:03:b1:5f:ac:ad:56:f0:83:
73:0d:5c:bd:32:88:24:a8:17:d0:b5:2c:5e:6c:16:d8:7c:03:
49:d8:15:67:be:b0:7a:3e:5e:59:de:42:53:e6:08:a7:36:80:
b3:6b:9a:30:a4:c6:a9:dd:65:0a:00:49:e1:15:d6:fb:03:be:
e4:28:00:64:20:1a:54:4d:12:85:86:17:72:b0:81:2c:2e:1c:
ce:02:b1:c9:bc:89:d3:f7:38:14:ff:8d:85:94:17:e7:f8:c1:
d8:d3:80:75:9f:a3:e7:0a:e0:a9:84:71:83:2d:70:80:fa:70:
e9:a7:3e:05:d6:9a:47:72:43:04:4e:e3:2b:81:9c:e0:3d:cb:
10:1c:74:1f:2f:67:0e:48:7d:84:60:cc:a6:84:37:b0:fe:b7:
d4:bc:b5:08:86:0e:fe:38:e2:2c:3a:7e:26:4e:d1:07:4b:1f:
ff:c1:df:04:e2:20:fb:d9:4f:18:07:1b:0b:06:3d:ef:cd:6f:
26:d7:5f:63:92:92:13:b1:6b:00:22:0b:ec:1f:84:80:bd:f0:
18:1f:09:24:fc:60:b5:f2:e1:1e:da:42:33:b2:cd:51:8c:9b:
4f:83:a4:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKCcVVkz/55ISJ4spDHwcJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODEwMDQ2NGIxODI2YzNjNDQ1YTkxYzg0ZTJmMjMwZTYz
ZGRiMmQwHhcNMjIwODA5MTE1MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI0YTBjNjRhOTQxMDAwNDJjMDlkNDYwZjk2NTk5NGY2YTQ3NGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AlZYQ5G0FDySYT71/lN9R4KcRI/
7U9lzvc+sqFWcIX1JQU9EIhj9uspg66QMzpba1uBSVI4l8oIjCs72gOkqCl4WiuD
pdn3QVesx5Iad8DBWM+U6I32zYCzNSCU40LrGJIN9Ci/0x1C7MGKaM6aa6SkQo11
4Pa5WAa82br+AxkUEavl3kzzD4SKdeY2wnSW7c8DIQkdRl7j4tvuWD2P7PfqT/So
xIeLGLsinb72MtOXDivSSGDj4pEDIOIuUAo10zCwpxgObDgNGTuVVBS60/vCQ4Ik
M5yWsfLWJ4mcEkI138nM5JMWu2KkY7YYW7FiRImvzKHlMyBaUmwTc1c6FwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAAkoMZKlBAAQsCdRg+WWZT2pHS0MB8GA1UdIwQY
MBaAFKiBAEZLGCbDxEWpHITi8jDmPdstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlFQVJrc1lKc1BFUmFrY2hPTHlNT1k5MnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85MjA1NjYtZTk1Ny00N2U1LTk5Zjkt
NTlhMGY2M2M2NjgyLzEvQUNTZ3hrcVVFQUJDd0oxR0Q1WlpsUGFrZExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85MjA1NjYtZTk1Ny00N2U1LTk5ZjktNTlhMGY2M2M2Njgy
LzEvcUlFQVJrc1lKc1BFUmFrY2hPTHlNT1k5MnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8Z1AwQC
uW2EMA0GCSqGSIb3DQEBCwUAA4IBAQAlsvCPCo7vc3fiI2lvwCjITjoSqVFFd/Xf
tzuXA7FfrK1W8INzDVy9MogkqBfQtSxebBbYfANJ2BVnvrB6Pl5Z3kJT5ginNoCz
a5owpMap3WUKAEnhFdb7A77kKABkIBpUTRKFhhdysIEsLhzOArHJvInT9zgU/42F
lBfn+MHY04B1n6PnCuCphHGDLXCA+nDppz4F1ppHckMETuMrgZzgPcsQHHQfL2cO
SH2EYMymhDew/rfUvLUIhg7+OOIsOn4mTtEHSx//wd8E4iD72U8YBxsLBj3vzW8m
119jkpITsWsAIgvsH4SAvfAYHwkk/GC18uEe2kIzss1RjJtPg6Sg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:12 2025 by rpki-client