Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/rXFEEBcuZA74Rr-qfJfwhBYeq5I.roa
File: rXFEEBcuZA74Rr-qfJfwhBYeq5I.roa (raw, json)
Hash identifier: eQJT1l7vLyz1fd78BC87ClH9Ocu3otEXrEbgKxVRsjs=
Subject key identifier: AD:71:44:10:17:2E:64:0E:F8:46:BF:AA:7C:97:F0:84:16:1E:AB:92
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 0186307422EAD0CE59966597F7FCE743AC33
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/rXFEEBcuZA74Rr-qfJfwhBYeq5I.roa
Signing time: Wed 08 Feb 2023 09:56:02 +0000
ROA not before: Wed 08 Feb 2023 09:56:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 79.139.52.0/22 maxlen: 24
116.50.16.0/21 maxlen: 24
83.142.200.0/21 maxlen: 24
198.14.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:30:74:22:ea:d0:ce:59:96:65:97:f7:fc:e7:43:ac:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Feb 8 09:56:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad714410172e640ef846bfaa7c97f084161eab92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f3:0f:21:1c:ca:ef:22:93:d9:a9:a2:92:37:
c4:82:01:4a:d3:98:2e:48:01:99:62:6c:7c:0a:4a:
b7:2b:02:ca:64:13:43:0d:d1:5e:70:b4:94:8c:ab:
ad:9b:ce:93:86:ca:15:f9:cc:bc:91:03:59:01:0f:
db:f7:9a:41:24:88:76:cc:fc:75:d5:d7:1d:84:a8:
67:d5:1c:c7:44:dc:ce:06:53:42:80:fc:a3:3b:43:
67:8c:49:d8:5b:91:9a:54:87:1b:a7:e7:21:98:f2:
4e:bf:99:8b:a1:ba:e5:eb:90:53:6e:a5:7f:d4:31:
cc:15:be:b6:e7:6d:8d:3f:1e:70:64:b8:15:3d:38:
d0:59:6f:a5:d5:e2:84:bb:fb:aa:4d:31:cc:70:f1:
79:01:65:f4:b0:44:69:73:a7:49:de:0e:b5:62:51:
c2:1a:f8:7d:9f:1c:3b:38:78:2b:10:ef:a4:df:7e:
4e:34:61:6f:62:e5:10:e7:c3:3e:dd:d5:80:e4:ee:
a2:9e:78:a3:8a:d8:45:f4:f4:23:a0:2b:d9:ee:c8:
4f:d3:71:7d:af:80:fe:2f:f8:d1:60:ad:11:38:0c:
ff:fe:7c:62:d2:85:04:2f:d1:57:df:33:aa:2f:f5:
bb:4f:00:8d:dc:43:99:68:14:89:2e:36:df:19:3b:
ab:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:71:44:10:17:2E:64:0E:F8:46:BF:AA:7C:97:F0:84:16:1E:AB:92
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/rXFEEBcuZA74Rr-qfJfwhBYeq5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.52.0/22
83.142.200.0/21
116.50.16.0/21
198.14.16.0/20
Signature Algorithm: sha256WithRSAEncryption
17:9a:82:aa:32:38:8d:f7:c0:1b:d4:92:ad:03:2b:6f:e2:57:
94:61:cf:5b:25:42:aa:85:fc:9f:d9:1f:aa:65:a9:8c:55:22:
83:1f:fc:c7:dd:8a:7d:e2:86:13:f0:33:4c:8a:62:b5:c8:ae:
8c:b9:b2:13:77:7e:70:93:9f:2f:7c:e9:c0:4b:7d:49:5b:c4:
b8:89:cc:00:85:52:63:c7:38:ce:d0:1a:e5:7f:93:09:03:ae:
31:e1:95:17:ba:ba:28:ad:c7:7b:2e:fa:ec:38:dd:f9:ff:e7:
3f:27:ae:a4:45:a1:3b:07:a6:40:5e:56:86:6f:5a:1d:22:6a:
e0:0c:19:c3:15:b2:45:fb:3e:87:e1:05:db:12:b9:fb:e2:51:
ca:0d:8b:3d:81:99:74:81:9b:7c:3e:66:ed:5f:77:dd:a8:8c:
ba:e9:7c:0b:f5:b2:bb:12:4d:c0:eb:ab:9c:94:3b:cb:f6:d8:
e0:bc:fe:9a:a7:9e:42:3a:0c:2a:35:94:f0:c7:d9:f8:ee:34:
ce:ce:cf:97:92:05:6a:18:c8:c1:21:82:29:dc:b8:15:b7:bc:
5a:83:0f:1c:4e:0c:86:f6:ea:ae:e8:10:4e:e4:c6:39:3a:31:
12:55:63:f7:9b:eb:fb:0a:89:91:0e:69:31:01:91:0b:7a:63:
e5:78:e9:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYwdCLq0M5ZlmWX9/znQ6wzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMwMjA4MDk1NjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDcxNDQxMDE3MmU2NDBlZjg0NmJmYWE3Yzk3ZjA4NDE2MWVhYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/MPIRzK7yKT2amikjfEggFK05gu
SAGZYmx8Ckq3KwLKZBNDDdFecLSUjKutm86ThsoV+cy8kQNZAQ/b95pBJIh2zPx1
1dcdhKhn1RzHRNzOBlNCgPyjO0NnjEnYW5GaVIcbp+chmPJOv5mLobrl65BTbqV/
1DHMFb62522NPx5wZLgVPTjQWW+l1eKEu/uqTTHMcPF5AWX0sERpc6dJ3g61YlHC
Gvh9nxw7OHgrEO+k335ONGFvYuUQ58M+3dWA5O6innijithF9PQjoCvZ7shP03F9
r4D+L/jRYK0ROAz//nxi0oUEL9FX3zOqL/W7TwCN3EOZaBSJLjbfGTurKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK1xRBAXLmQO+Ea/qnyX8IQWHquSMB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvclhGRUVCY3VaQTc0UnItcWZKZndoQlllcTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCT4s0AwQD
U47IAwQDdDIQAwQExg4QMA0GCSqGSIb3DQEBCwUAA4IBAQAXmoKqMjiN98Ab1JKt
Aytv4leUYc9bJUKqhfyf2R+qZamMVSKDH/zH3Yp94oYT8DNMimK1yK6MubITd35w
k58vfOnAS31JW8S4icwAhVJjxzjO0Brlf5MJA64x4ZUXuroorcd7LvrsON35/+c/
J66kRaE7B6ZAXlaGb1odImrgDBnDFbJF+z6H4QXbErn74lHKDYs9gZl0gZt8Pmbt
X3fdqIy66XwL9bK7Ek3A66uclDvL9tjgvP6ap55COgwqNZTwx9n47jTOzs+XkgVq
GMjBIYIp3LgVt7xagw8cTgyG9uqu6BBO5MY5OjESVWP3m+v7ComRDmkxAZELemPl
eOlm
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:35:39 2025 by rpki-client