Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/XMZc-iy0dr65b_XCMvPCVp3M3SI.roa
File: XMZc-iy0dr65b_XCMvPCVp3M3SI.roa (raw, json)
Hash identifier: a8dYXifPaYUNNYGGDdM+dGIzAkgP3AAJo8Jiiatkm6Y=
Subject key identifier: 5C:C6:5C:FA:2C:B4:76:BE:B9:6F:F5:C2:32:F3:C2:56:9D:CC:DD:22
Certificate issuer: /CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Certificate serial: 0187272B3725EB1C7C1326A04D9607A4DE40
Authority key identifier: 45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/XMZc-iy0dr65b_XCMvPCVp3M3SI.roa
Signing time: Tue 28 Mar 2023 07:42:36 +0000
ROA not before: Tue 28 Mar 2023 07:42:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60822
IP address blocks: 46.23.200.0/22 maxlen: 22
46.23.204.0/22 maxlen: 22
195.137.140.0/22 maxlen: 22
195.137.144.0/22 maxlen: 22
195.137.152.0/24 maxlen: 24
195.137.148.0/22 maxlen: 22
195.137.154.0/24 maxlen: 24
195.137.153.0/24 maxlen: 24
185.85.212.0/22 maxlen: 22
46.23.192.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:2b:37:25:eb:1c:7c:13:26:a0:4d:96:07:a4:de:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Validity
Not Before: Mar 28 07:42:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cc65cfa2cb476beb96ff5c232f3c2569dccdd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:14:fa:a0:f1:03:29:99:b9:8a:f7:cc:68:3e:
11:a5:90:05:69:18:18:64:9c:06:57:7a:3a:f1:b5:
41:7b:7c:8f:81:a6:78:df:58:b4:4d:5b:42:ad:f5:
e8:63:d2:8f:02:8b:23:44:55:ad:b3:21:9c:f6:61:
1f:58:cb:80:34:7c:4f:3d:07:53:2d:85:29:01:c3:
84:08:bc:81:d0:e3:de:00:fe:5f:1d:08:71:81:fd:
60:12:3f:48:02:f9:8e:ac:ec:1e:c6:a0:e6:8c:f9:
16:af:65:d2:27:ea:bd:6f:d9:0e:32:7d:87:ef:f4:
7d:89:30:79:2f:51:e7:f2:20:15:69:f0:dc:fc:c9:
19:6f:2f:c3:2e:f9:0a:6b:b8:fb:62:81:0e:4d:54:
4e:da:0d:66:ab:5c:7f:3b:c7:9d:f9:b5:b1:92:7a:
c0:41:f7:88:31:36:0b:51:3f:38:30:84:3c:6f:46:
3e:cc:0c:03:de:c3:0f:52:c4:62:06:f7:2c:06:f0:
e0:79:41:1d:77:e1:1c:d1:16:97:28:1e:c9:c1:d0:
0b:ac:5e:05:61:d6:8a:e8:f1:9f:88:8e:bb:96:24:
df:1f:a8:1a:8a:db:b4:f9:7f:4d:de:2f:57:fd:31:
16:3c:0e:25:d4:cf:76:c1:32:2d:c3:90:d4:5e:ea:
7a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C6:5C:FA:2C:B4:76:BE:B9:6F:F5:C2:32:F3:C2:56:9D:CC:DD:22
X509v3 Authority Key Identifier:
keyid:45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/XMZc-iy0dr65b_XCMvPCVp3M3SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/RYg0xSq-MEJ_CiKqRv09CAntRYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.192.0/20
185.85.212.0/22
195.137.140.0-195.137.154.255
Signature Algorithm: sha256WithRSAEncryption
3f:c1:5e:84:08:ce:e1:2e:81:b5:a1:b0:de:0e:6e:39:d0:cc:
0e:02:4b:68:46:5b:91:3a:04:d3:f5:37:c0:db:17:66:e2:92:
5c:ca:23:8e:71:a4:9b:b6:5c:17:db:56:e3:37:91:60:02:48:
1e:d2:9b:d0:93:c2:ea:c7:9a:e2:0f:2d:99:4c:24:91:67:6d:
2e:5b:a4:de:41:60:b4:73:26:8d:a4:6c:c5:71:c5:eb:fd:71:
23:6e:78:98:d8:c9:45:d0:ed:cc:60:53:16:16:65:2f:ea:0e:
31:97:86:61:1c:08:9b:f2:d0:bd:26:05:1c:d9:02:e7:82:57:
33:9d:a9:f7:9e:c9:b6:91:af:65:10:55:f9:96:b9:85:d9:43:
37:66:93:75:c3:25:d7:38:dc:11:82:b6:2a:94:f1:dc:cc:0d:
a3:21:7a:1a:c9:68:ff:a8:05:62:03:88:a9:8a:69:2f:b5:0f:
32:b7:70:ac:99:8d:39:93:9f:d3:f7:5f:b1:46:26:85:f4:5b:
08:db:de:d0:5d:79:be:c1:e8:7b:3e:27:4c:d5:54:5e:1e:d0:
fb:c9:19:d1:18:52:19:b7:e8:74:6a:93:07:db:46:fd:dc:0f:
cf:00:c0:93:21:94:28:c7:22:41:69:29:7f:db:93:18:5e:d3:
a9:ad:72:90
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYcnKzcl6xx8EyagTZYHpN5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ODgzNGM1MmFiZTMwNDI3ZjBhMjJhYTQ2ZmQzZDA4MDll
ZDQ1ODUwHhcNMjMwMzI4MDc0MjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M2NWNmYTJjYjQ3NmJlYjk2ZmY1YzIzMmYzYzI1NjlkY2NkZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxT6oPEDKZm5ivfMaD4RpZAFaRgY
ZJwGV3o68bVBe3yPgaZ431i0TVtCrfXoY9KPAosjRFWtsyGc9mEfWMuANHxPPQdT
LYUpAcOECLyB0OPeAP5fHQhxgf1gEj9IAvmOrOwexqDmjPkWr2XSJ+q9b9kOMn2H
7/R9iTB5L1Hn8iAVafDc/MkZby/DLvkKa7j7YoEOTVRO2g1mq1x/O8ed+bWxknrA
QfeIMTYLUT84MIQ8b0Y+zAwD3sMPUsRiBvcsBvDgeUEdd+Ec0RaXKB7JwdALrF4F
YdaK6PGfiI67liTfH6gaitu0+X9N3i9X/TEWPA4l1M92wTItw5DUXup6YQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFzGXPostHa+uW/1wjLzwladzN0iMB8GA1UdIwQY
MBaAFEWINMUqvjBCfwoiqkb9PQgJ7UWFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGIt
YTMxMTQzNDYzYmU5LzEvWE1aYy1peTBkcjY1Yl9YQ012UENWcDNNM1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGItYTMxMTQzNDYzYmU5
LzEvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQELhfAAwQC
uVXUMAwDBALDiYwDBADDiZowDQYJKoZIhvcNAQELBQADggEBAD/BXoQIzuEugbWh
sN4ObjnQzA4CS2hGW5E6BNP1N8DbF2biklzKI45xpJu2XBfbVuM3kWACSB7Sm9CT
wurHmuIPLZlMJJFnbS5bpN5BYLRzJo2kbMVxxev9cSNueJjYyUXQ7cxgUxYWZS/q
DjGXhmEcCJvy0L0mBRzZAueCVzOdqfeeybaRr2UQVfmWuYXZQzdmk3XDJdc43BGC
tiqU8dzMDaMhehrJaP+oBWIDiKmKaS+1DzK3cKyZjTmTn9P3X7FGJoX0Wwjb3tBd
eb7B6Hs+J0zVVF4e0PvJGdEYUhm36HRqkwfbRv3cD88AwJMhlCjHIkFpKX/bkxhe
06mtcpA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:00 2025 by rpki-client