Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/XUSRtl7fWktRJw-XDaoIPk2nzpI.roa
File: XUSRtl7fWktRJw-XDaoIPk2nzpI.roa (raw, json)
Hash identifier: /HX/ivhHuiAK5DdAO6ZbvSsdk/H/NWhebMKhT4vy6dI=
Subject key identifier: 5D:44:91:B6:5E:DF:5A:4B:51:27:0F:97:0D:AA:08:3E:4D:A7:CE:92
Certificate issuer: /CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Certificate serial: 114D8413
Authority key identifier: 81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/XUSRtl7fWktRJw-XDaoIPk2nzpI.roa
Signing time: Wed 16 Feb 2022 09:45:36 +0000
ROA not before: Wed 16 Feb 2022 09:45:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43402
IP address blocks: 83.142.240.0/21 maxlen: 21
95.131.160.0/21 maxlen: 21
95.131.166.0/24 maxlen: 24
95.131.167.0/24 maxlen: 24
185.127.144.0/22 maxlen: 22
185.127.144.0/23 maxlen: 23
2a03:62c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290292755 (0x114d8413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8102d3e0d5f21ec72c745731a641fb7903787de0
Validity
Not Before: Feb 16 09:45:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d4491b65edf5a4b51270f970daa083e4da7ce92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:89:00:f8:3a:68:7b:1b:5a:07:b1:71:97:8c:
5c:ed:5c:36:6e:72:b0:10:71:cb:42:ea:2d:39:14:
fd:47:e7:f3:e8:5d:1a:cd:52:e4:fa:f9:b5:36:22:
29:29:f0:df:2b:8f:58:f4:0f:e6:91:56:bb:3e:dc:
aa:5a:c9:f2:1f:a3:1f:25:dd:2a:72:6e:08:ba:f5:
68:90:5e:45:1d:88:3d:21:8e:46:33:e4:fd:20:c5:
0b:18:14:3f:6e:04:7f:e4:d4:5c:d0:71:49:c1:91:
be:66:7c:bd:7b:cb:48:94:ea:88:24:a3:5e:3e:5f:
c7:3e:fa:07:69:01:00:4a:0e:e7:b9:44:5a:bd:49:
23:03:eb:73:2c:f4:b0:45:fe:1f:5f:2d:b1:a3:aa:
99:b0:0d:ac:30:16:db:5d:0e:d8:56:f6:51:70:3d:
dc:e7:e5:33:21:6b:54:8d:a9:a1:d5:8b:7e:17:76:
7d:84:65:03:35:75:09:bb:0c:04:04:55:05:10:14:
3b:97:7a:33:a3:18:a2:63:98:39:05:cc:6c:56:8a:
50:77:93:ac:fa:41:18:de:26:96:93:67:fc:51:6d:
46:be:5e:92:31:c1:26:58:ab:ed:13:1c:4c:32:59:
0d:c6:0d:c7:89:db:c0:61:a0:e6:24:b3:3b:cd:14:
ac:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:44:91:B6:5E:DF:5A:4B:51:27:0F:97:0D:AA:08:3E:4D:A7:CE:92
X509v3 Authority Key Identifier:
keyid:81:02:D3:E0:D5:F2:1E:C7:2C:74:57:31:A6:41:FB:79:03:78:7D:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQLT4NXyHscsdFcxpkH7eQN4feA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/XUSRtl7fWktRJw-XDaoIPk2nzpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/463b90-bb28-4b0a-9ad8-5b1523518221/1/gQLT4NXyHscsdFcxpkH7eQN4feA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.240.0/21
95.131.160.0/21
185.127.144.0/22
IPv6:
2a03:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
95:a0:30:60:35:f1:22:d0:2e:5d:91:7f:59:dc:8f:92:70:d1:
59:90:8e:40:b4:b9:a7:19:58:9b:44:00:a5:96:36:40:46:3b:
1d:10:94:aa:02:ed:ef:b1:a5:5d:b8:81:35:6e:eb:19:06:a6:
88:f6:f9:46:50:e1:47:4b:b2:a7:db:b9:f6:1c:bc:9c:94:8e:
29:60:2a:eb:fc:1f:b6:25:57:2b:d2:e4:6d:cc:01:1c:3f:96:
21:36:67:40:fb:7e:80:39:b5:97:d4:8f:5e:17:24:7f:35:9f:
ce:2e:3c:02:c5:20:c7:be:ff:f7:15:b2:e3:d9:d2:b5:47:09:
1e:bc:cd:9f:ef:0c:7e:29:71:39:de:cd:f0:86:7b:72:f9:0b:
3a:96:e7:23:34:8d:78:98:c5:72:e1:ec:f7:1a:22:63:6d:2a:
26:6a:b4:31:01:cb:3f:05:2e:4a:6f:83:ad:3a:b5:24:94:1c:
f3:ff:05:a6:11:be:2c:ad:3c:a6:05:39:5d:81:ab:2f:0f:f9:
89:16:46:8d:6b:41:b9:c7:e5:0b:19:99:d3:30:30:ec:1e:b1:
47:35:6e:a4:0e:14:e4:1c:1b:36:47:5d:ef:5c:1e:cd:32:9f:
70:44:b9:1a:b7:43:5e:82:79:e4:81:93:a4:d2:5c:40:fe:c9:
98:23:cc:aa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEU2EEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTAyZDNlMGQ1ZjIxZWM3MmM3NDU3MzFhNjQxZmI3OTAzNzg3ZGUwMB4XDTIyMDIx
NjA5NDUzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ0NDkxYjY1ZWRm
NWE0YjUxMjcwZjk3MGRhYTA4M2U0ZGE3Y2U5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGJAPg6aHsbWgexcZeMXO1cNm5ysBBxy0LqLTkU/Ufn8+hd
Gs1S5Pr5tTYiKSnw3yuPWPQP5pFWuz7cqlrJ8h+jHyXdKnJuCLr1aJBeRR2IPSGO
RjPk/SDFCxgUP24Ef+TUXNBxScGRvmZ8vXvLSJTqiCSjXj5fxz76B2kBAEoO57lE
Wr1JIwPrcyz0sEX+H18tsaOqmbANrDAW210O2Fb2UXA93OflMyFrVI2podWLfhd2
fYRlAzV1CbsMBARVBRAUO5d6M6MYomOYOQXMbFaKUHeTrPpBGN4mlpNn/FFtRr5e
kjHBJlir7RMcTDJZDcYNx4nbwGGg5iSzO80UrCkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRdRJG2Xt9aS1EnD5cNqgg+TafOkjAfBgNVHSMEGDAWgBSBAtPg1fIexyx0
VzGmQft5A3h94DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dRTFQ0Tlh5SHNjc2RGY3hwa0g3ZVFONGZlQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8x
L1hVU1J0bDdmV2t0Ukp3LVhEYW9JUGsybnpwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NDYzYjkwLWJiMjgtNGIwYS05YWQ4LTViMTUyMzUxODIyMS8xL2dRTFQ0Tlh5SHNj
c2RGY3hwa0g3ZVFONGZlQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1OO8AMEA1+DoAMEArl/kDANBAIA
AjAHAwUAKgNiwDANBgkqhkiG9w0BAQsFAAOCAQEAlaAwYDXxItAuXZF/WdyPknDR
WZCOQLS5pxlYm0QApZY2QEY7HRCUqgLt77GlXbiBNW7rGQamiPb5RlDhR0uyp9u5
9hy8nJSOKWAq6/wftiVXK9LkbcwBHD+WITZnQPt+gDm1l9SPXhckfzWfzi48AsUg
x77/9xWy49nStUcJHrzNn+8MfilxOd7N8IZ7cvkLOpbnIzSNeJjFcuHs9xoiY20q
Jmq0MQHLPwUuSm+DrTq1JJQc8/8FphG+LK08pgU5XYGrLw/5iRZGjWtBucflCxmZ
0zAw7B6xRzVupA4U5BwbNkdd71wezTKfcES5GrdDXoJ55IGTpNJcQP7JmCPMqg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:21 2025 by rpki-client