Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/hoRlAxhGzC4W33BrG5nmmy5XZ3k.roa
File: hoRlAxhGzC4W33BrG5nmmy5XZ3k.roa (raw, json)
Hash identifier: UKIy8aUjGJxN7b79Vfi03GSlpgfNWVarXH8AFzx2NE4=
Subject key identifier: 86:84:65:03:18:46:CC:2E:16:DF:70:6B:1B:99:E6:9B:2E:57:67:79
Certificate issuer: /CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Certificate serial: 0184CE0EB385B699C8EEBC74A9CB470D121B
Authority key identifier: D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/hoRlAxhGzC4W33BrG5nmmy5XZ3k.roa
Signing time: Thu 01 Dec 2022 14:19:40 +0000
ROA not before: Thu 01 Dec 2022 14:19:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 31.6.43.0/24 maxlen: 24
31.6.48.0/24 maxlen: 24
31.6.50.0/23 maxlen: 24
31.6.45.0/24 maxlen: 24
31.6.46.0/23 maxlen: 24
31.6.56.0/23 maxlen: 24
31.6.62.0/23 maxlen: 24
31.6.59.0/24 maxlen: 24
31.6.61.0/24 maxlen: 24
31.6.1.0/24 maxlen: 24
31.6.2.0/24 maxlen: 24
31.6.16.0/24 maxlen: 24
31.6.12.0/22 maxlen: 24
185.29.166.0/24 maxlen: 24
31.6.20.0/24 maxlen: 24
31.6.24.0/22 maxlen: 24
178.208.177.0/24 maxlen: 24
178.208.178.0/23 maxlen: 24
178.208.180.0/22 maxlen: 24
178.208.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:0e:b3:85:b6:99:c8:ee:bc:74:a9:cb:47:0d:12:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d53ece71ef6ebf55bb7b87e50665ba11fdc77f08
Validity
Not Before: Dec 1 14:19:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=868465031846cc2e16df706b1b99e69b2e576779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:4e:29:f0:38:91:93:4a:5c:73:13:a0:e9:
0d:82:b0:56:64:17:e8:26:d3:34:bb:3e:25:71:be:
02:90:09:3d:07:15:a2:17:59:e5:a2:38:06:7b:1c:
bb:5b:15:ad:3b:14:ca:0d:9f:00:a2:b1:a8:47:f5:
21:a9:5f:f7:6b:c5:45:61:fa:56:6c:fc:67:ac:64:
af:2d:26:91:b5:f0:a7:07:1c:75:07:18:86:43:af:
62:b5:86:01:99:6a:83:2d:0c:e7:07:e8:9e:e1:16:
9f:a7:31:65:5c:69:7b:03:19:a1:c4:76:62:c8:26:
e4:5a:e0:b0:99:d9:41:fe:d3:40:7d:a7:3b:67:6f:
5a:e5:e1:22:0b:c5:21:7f:9d:5d:c6:ca:80:1f:5d:
cb:c3:15:76:82:d4:4f:e3:8e:31:2c:80:3c:ba:b7:
ef:71:55:9c:0f:5b:a6:8b:f1:d6:fd:d3:43:e6:34:
7e:3d:f8:3a:44:14:09:87:e9:f1:1e:ff:11:54:24:
56:a2:72:0f:c1:36:dd:53:70:7e:ae:b4:32:48:18:
30:85:40:b5:67:31:90:a1:18:1b:ee:5e:de:e9:f4:
95:f6:cf:7e:82:09:8d:10:f9:bd:b1:3a:cd:d7:d0:
26:a6:6d:c6:c8:ce:83:0d:15:f8:76:a3:4c:b6:14:
76:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:84:65:03:18:46:CC:2E:16:DF:70:6B:1B:99:E6:9B:2E:57:67:79
X509v3 Authority Key Identifier:
keyid:D5:3E:CE:71:EF:6E:BF:55:BB:7B:87:E5:06:65:BA:11:FD:C7:7F:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/hoRlAxhGzC4W33BrG5nmmy5XZ3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/c81669-2519-4da5-bd5d-1c2626590d28/1/1T7Oce9uv1W7e4flBmW6Ef3Hfwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.1.0-31.6.2.255
31.6.12.0-31.6.16.255
31.6.20.0/24
31.6.24.0/22
31.6.43.0/24
31.6.45.0-31.6.48.255
31.6.50.0/23
31.6.56.0/23
31.6.59.0/24
31.6.61.0-31.6.63.255
178.208.177.0-178.208.184.255
185.29.166.0/24
Signature Algorithm: sha256WithRSAEncryption
49:fb:a3:f8:cf:43:95:00:7f:9b:da:58:82:02:50:81:76:6b:
43:0a:1c:6b:83:62:bc:b0:70:5b:b7:83:62:5a:fa:20:1c:3d:
1c:77:fc:2c:09:32:7e:1d:f1:e4:45:76:5f:f8:64:f7:7c:b7:
23:11:ca:f3:f3:46:a8:1c:8a:c6:c7:67:90:2c:3c:f7:98:4a:
b0:4f:d7:6c:6c:97:ec:35:43:3e:7b:be:ff:34:aa:95:72:43:
47:4b:6e:2f:3c:d3:d7:5d:5d:50:73:6b:df:c6:d7:38:ae:fa:
cc:9f:58:e3:df:49:c8:35:0b:28:5b:4a:58:8d:b3:47:fb:d7:
bc:5c:e3:74:d7:25:92:e1:fa:5c:c9:c3:44:78:c4:c9:ef:0f:
04:4c:6b:1a:37:6e:d2:6c:d3:ec:9b:ff:e0:5b:e3:ae:80:0b:
4c:7b:e9:37:4d:77:85:a9:28:0e:08:23:5c:cc:82:3e:6a:8f:
42:dd:21:c2:a1:27:3a:7f:59:ea:45:fe:71:be:c3:58:70:02:
b0:c4:fa:74:11:35:5a:14:8a:b6:87:e3:83:7f:c0:08:fa:89:
2f:af:3f:0f:7e:6b:46:52:e0:18:7a:40:39:18:40:9d:24:2d:
71:f3:b7:1b:e9:a1:06:a0:d4:f7:5e:3e:ac:3b:b9:9a:e5:fd:
d4:93:d3:43
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYTODrOFtpnI7rx0qctHDRIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2VjZTcxZWY2ZWJmNTViYjdiODdlNTA2NjViYTExZmRj
NzdmMDgwHhcNMjIxMjAxMTQxOTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg0NjUwMzE4NDZjYzJlMTZkZjcwNmIxYjk5ZTY5YjJlNTc2Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn5OKfA4kZNKXHMToOkNgrBWZBfo
JtM0uz4lcb4CkAk9BxWiF1nlojgGexy7WxWtOxTKDZ8AorGoR/UhqV/3a8VFYfpW
bPxnrGSvLSaRtfCnBxx1BxiGQ69itYYBmWqDLQznB+ie4RafpzFlXGl7AxmhxHZi
yCbkWuCwmdlB/tNAfac7Z29a5eEiC8Uhf51dxsqAH13LwxV2gtRP444xLIA8urfv
cVWcD1umi/HW/dND5jR+Pfg6RBQJh+nxHv8RVCRWonIPwTbdU3B+rrQySBgwhUC1
ZzGQoRgb7l7e6fSV9s9+ggmNEPm9sTrN19Ampm3GyM6DDRX4dqNMthR2lQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFIaEZQMYRswuFt9waxuZ5psuV2d5MB8GA1UdIwQY
MBaAFNU+znHvbr9Vu3uH5QZluhH9x38IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQt
MWMyNjI2NTkwZDI4LzEvaG9SbEF4aEd6QzRXMzNCckc1bm1teTVYWjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9jODE2NjktMjUxOS00ZGE1LWJkNWQtMWMyNjI2NTkwZDI4
LzEvMVQ3T2NlOXV2MVc3ZTRmbEJtVzZFZjNIZndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcDAMAwQAHwYB
AwQAHwYCMAwDBAIfBgwDBAAfBhADBAAfBhQDBAIfBhgDBAAfBiswDAMEAB8GLQME
AB8GMAMEAR8GMgMEAR8GOAMEAB8GOzAMAwQAHwY9AwQGHwYAMAwDBACy0LEDBACy
0LgDBAC5HaYwDQYJKoZIhvcNAQELBQADggEBAEn7o/jPQ5UAf5vaWIICUIF2a0MK
HGuDYrywcFu3g2Ja+iAcPRx3/CwJMn4d8eRFdl/4ZPd8tyMRyvPzRqgcisbHZ5As
PPeYSrBP12xsl+w1Qz57vv80qpVyQ0dLbi8809ddXVBza9/G1ziu+syfWOPfScg1
CyhbSliNs0f717xc43TXJZLh+lzJw0R4xMnvDwRMaxo3btJs0+yb/+Bb466AC0x7
6TdNd4WpKA4II1zMgj5qj0LdIcKhJzp/WepF/nG+w1hwArDE+nQRNVoUiraH44N/
wAj6iS+vPw9+a0ZS4Bh6QDkYQJ0kLXHztxvpoQag1PdePqw7uZrl/dST00M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:40 2023 by rpki-client on console-fra.rpki-client.org