Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/aqPStHHw760Zg745_VMZwu_v5VE.roa
File: aqPStHHw760Zg745_VMZwu_v5VE.roa (raw, json)
Hash identifier: D1iuVKekXd98+T1OByujpDBZpb7lhwLRFlaqKlBvX4M=
Subject key identifier: 6A:A3:D2:B4:71:F0:EF:AD:19:83:BE:39:FD:53:19:C2:EF:EF:E5:51
Certificate issuer: /CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Certificate serial: 01856ED4BF83E347C3B1284D28B4D7C4AFD2
Authority key identifier: 8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/aqPStHHw760Zg745_VMZwu_v5VE.roa
Signing time: Sun 01 Jan 2023 19:35:14 +0000
ROA not before: Sun 01 Jan 2023 19:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 88.218.80.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:bf:83:e3:47:c3:b1:28:4d:28:b4:d7:c4:af:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e747481f2c98fbb70dca8d65c23de4fca37583d
Validity
Not Before: Jan 1 19:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa3d2b471f0efad1983be39fd5319c2efefe551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cd:88:0c:d9:93:58:e8:f1:5c:e7:ea:97:37:
84:35:a5:04:6f:88:f5:a6:3b:90:67:7a:b4:4d:22:
83:56:d0:fc:6d:bc:f8:54:6f:27:8b:4f:01:ad:e8:
95:1d:66:08:11:ec:03:44:3a:be:07:58:a3:2f:fa:
4e:90:32:22:53:cd:cb:9a:b5:27:1c:96:95:a0:c7:
d2:a6:2a:d4:62:0d:7b:4e:4d:3b:44:63:1d:a0:b9:
81:09:09:6c:ff:fc:be:31:81:17:a9:16:3d:37:ae:
41:ff:9e:72:c9:3a:94:7a:67:76:66:66:d6:57:9c:
3b:81:81:df:b5:68:09:01:94:62:1f:b0:49:6d:70:
c0:42:c4:04:1f:02:fe:9c:98:34:3e:f3:93:1b:ef:
9c:41:1b:85:87:09:66:b6:24:e8:f5:1c:b3:e3:77:
34:0a:5f:c6:e5:72:07:80:01:3e:30:c4:fe:53:b9:
3e:41:10:fd:a2:a6:68:49:08:22:72:0c:f2:a2:e8:
0e:3c:2c:5f:73:55:d5:14:a3:67:f1:f9:bc:92:f4:
6a:e4:04:79:89:dc:28:1a:d2:64:7e:c3:a0:74:41:
fa:30:03:34:b8:93:0e:ef:6a:79:ba:df:39:39:9b:
10:f2:a0:e9:4d:b3:85:6c:f7:48:da:00:84:9e:ed:
d0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A3:D2:B4:71:F0:EF:AD:19:83:BE:39:FD:53:19:C2:EF:EF:E5:51
X509v3 Authority Key Identifier:
keyid:8E:74:74:81:F2:C9:8F:BB:70:DC:A8:D6:5C:23:DE:4F:CA:37:58:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnR0gfLJj7tw3KjWXCPeT8o3WD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/aqPStHHw760Zg745_VMZwu_v5VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/40db6b-da85-4c9d-a948-6521d395f132/1/jnR0gfLJj7tw3KjWXCPeT8o3WD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
95.214.83.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:00:41:67:b8:a7:9e:8b:6f:a6:1c:48:9a:70:33:96:9e:d3:
69:47:b4:9e:b9:51:04:2c:99:ca:92:a8:3b:72:1e:22:a4:cf:
e4:e5:c6:21:25:8f:6a:a5:18:10:f4:97:7e:5f:43:04:67:fa:
50:7a:23:a3:32:20:53:84:2e:a3:13:2e:da:0a:7d:22:40:95:
83:de:11:ae:97:e7:54:79:6e:97:a0:ac:bf:b9:56:75:be:f8:
23:e3:6e:0a:ac:46:82:af:dd:e0:d8:30:bd:2d:ae:86:35:0e:
ed:52:17:42:6e:e0:b3:af:06:b5:8a:51:a2:c3:94:4c:a1:8c:
d7:7a:1c:f6:92:ec:2b:99:31:c2:c9:1a:1c:1f:c5:b9:37:30:
a0:bb:3b:b6:90:46:5f:c0:dc:94:b8:16:78:ac:04:76:75:4e:
20:09:2d:08:d9:49:53:92:d1:13:3d:0b:eb:82:6a:cc:71:14:
77:71:e7:1b:f1:a0:26:9e:8c:0c:ab:8c:66:ce:65:ea:65:24:
ab:56:c0:24:09:94:00:c6:7d:35:75:78:08:c6:65:58:3b:67:
8a:ad:98:9d:d9:cd:98:17:11:40:10:75:4c:c8:ce:ab:12:12:
24:17:6f:3d:c6:ad:8d:df:31:24:0f:62:95:bf:bf:51:13:ce:
5e:ba:58:b2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVu1L+D40fDsShNKLTXxK/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzQ3NDgxZjJjOThmYmI3MGRjYThkNjVjMjNkZTRmY2Ez
NzU4M2QwHhcNMjMwMTAxMTkzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWEzZDJiNDcxZjBlZmFkMTk4M2JlMzlmZDUzMTljMmVmZWZlNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAic2IDNmTWOjxXOfqlzeENaUEb4j1
pjuQZ3q0TSKDVtD8bbz4VG8ni08BreiVHWYIEewDRDq+B1ijL/pOkDIiU83LmrUn
HJaVoMfSpirUYg17Tk07RGMdoLmBCQls//y+MYEXqRY9N65B/55yyTqUemd2ZmbW
V5w7gYHftWgJAZRiH7BJbXDAQsQEHwL+nJg0PvOTG++cQRuFhwlmtiTo9Ryz43c0
Cl/G5XIHgAE+MMT+U7k+QRD9oqZoSQgicgzyougOPCxfc1XVFKNn8fm8kvRq5AR5
idwoGtJkfsOgdEH6MAM0uJMO72p5ut85OZsQ8qDpTbOFbPdI2gCEnu3QOwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGqj0rRx8O+tGYO+Of1TGcLv7+VRMB8GA1UdIwQY
MBaAFI50dIHyyY+7cNyo1lwj3k/KN1g9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgt
NjUyMWQzOTVmMTMyLzEvYXFQU3RISHc3NjBaZzc0NV9WTVp3dV92NVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS80MGRiNmItZGE4NS00YzlkLWE5NDgtNjUyMWQzOTVmMTMy
LzEvam5SMGdmTEpqN3R3M0tqV1hDUGVUOG8zV0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCTVMUAwQC
VPxAAwQAWNpQAwQAX9ZTAwQBsHa8AwQAsHa/AwQBubFMAwQAwaBEMA0GCSqGSIb3
DQEBCwUAA4IBAQCoAEFnuKeei2+mHEiacDOWntNpR7SeuVEELJnKkqg7ch4ipM/k
5cYhJY9qpRgQ9Jd+X0MEZ/pQeiOjMiBThC6jEy7aCn0iQJWD3hGul+dUeW6XoKy/
uVZ1vvgj424KrEaCr93g2DC9La6GNQ7tUhdCbuCzrwa1ilGiw5RMoYzXehz2kuwr
mTHCyRocH8W5NzCguzu2kEZfwNyUuBZ4rAR2dU4gCS0I2UlTktETPQvrgmrMcRR3
cecb8aAmnowMq4xmzmXqZSSrVsAkCZQAxn01dXgIxmVYO2eKrZid2c2YFxFAEHVM
yM6rEhIkF289xq2N3zEkD2KVv79RE85euliy
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:35:51 2025 by rpki-client