Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/kMm9-zw2jKNCIo8CH9oU3CUUTBY.roa
File: kMm9-zw2jKNCIo8CH9oU3CUUTBY.roa (raw, json)
Hash identifier: 6shWjP/NXwQ3Bdx0NMFQVgQNA2JTi5aI+Yxh6hD+sbo=
Subject key identifier: 90:C9:BD:FB:3C:36:8C:A3:42:22:8F:02:1F:DA:14:DC:25:14:4C:16
Certificate issuer: /CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Certificate serial: 01856E667CB0C9240ED84CDC20B40E29F3F4
Authority key identifier: 45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/kMm9-zw2jKNCIo8CH9oU3CUUTBY.roa
Signing time: Sun 01 Jan 2023 17:34:48 +0000
ROA not before: Sun 01 Jan 2023 17:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60822
IP address blocks: 46.23.200.0/22 maxlen: 22
46.23.204.0/22 maxlen: 22
195.137.144.0/22 maxlen: 22
195.137.152.0/24 maxlen: 24
195.137.148.0/22 maxlen: 22
195.137.153.0/24 maxlen: 24
185.85.212.0/22 maxlen: 22
46.23.192.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:66:7c:b0:c9:24:0e:d8:4c:dc:20:b4:0e:29:f3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458834c52abe30427f0a22aa46fd3d0809ed4585
Validity
Not Before: Jan 1 17:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90c9bdfb3c368ca342228f021fda14dc25144c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b1:0e:f0:c3:f3:df:fd:19:5c:57:58:6b:30:
62:20:ed:c1:36:a1:08:9e:e7:71:f5:eb:a8:88:16:
75:bb:cc:de:30:5b:3b:4b:a5:98:25:84:e4:90:4f:
79:95:1b:f6:b4:6c:fb:fe:37:29:0e:0e:b4:5b:d1:
ab:36:6c:a6:e0:6b:5d:34:28:39:c6:0a:d4:ed:b3:
9c:f6:94:db:0c:7b:1c:01:05:0f:fb:61:66:17:b7:
fa:61:92:f7:0b:6e:6c:32:c6:96:27:49:b1:63:49:
4e:43:3e:a5:53:02:f8:2d:30:91:79:15:c3:86:19:
05:0b:d1:3d:5f:74:81:9a:54:34:85:dd:76:ed:71:
4f:87:2e:36:79:99:98:20:a1:50:d3:77:34:12:2c:
65:5a:42:bb:6a:d6:da:4e:6a:12:92:af:1d:8e:bc:
72:b2:35:c1:06:42:b5:91:ed:72:95:0b:98:e8:dd:
fd:ea:43:5c:0a:e2:1a:ce:7a:13:2a:b8:b4:41:eb:
6d:a7:f9:fd:8e:68:27:f8:a1:37:9f:04:63:bc:72:
71:95:6d:3d:5c:73:d1:1b:9c:d4:f7:bd:bf:7d:d0:
f0:5d:8a:68:91:ea:ab:45:5b:2d:57:c2:e6:22:d2:
d7:72:0f:7e:1d:95:45:d2:f2:10:6f:aa:bd:9c:3c:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C9:BD:FB:3C:36:8C:A3:42:22:8F:02:1F:DA:14:DC:25:14:4C:16
X509v3 Authority Key Identifier:
keyid:45:88:34:C5:2A:BE:30:42:7F:0A:22:AA:46:FD:3D:08:09:ED:45:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYg0xSq-MEJ_CiKqRv09CAntRYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/kMm9-zw2jKNCIo8CH9oU3CUUTBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c95a24-226c-476a-addb-a31143463be9/1/RYg0xSq-MEJ_CiKqRv09CAntRYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.192.0/20
185.85.212.0/22
195.137.144.0-195.137.153.255
Signature Algorithm: sha256WithRSAEncryption
87:3e:3d:33:79:b0:3d:04:15:db:ad:78:a2:b7:78:b3:1e:fb:
98:6f:8d:ef:c1:12:be:55:d1:86:27:0a:8b:64:16:04:73:c7:
6a:f3:68:e2:e6:0e:00:5d:9c:6f:2a:e7:06:2b:58:95:56:e8:
b7:25:06:28:f6:19:c9:74:eb:37:6b:25:2c:fb:71:52:5a:94:
f3:cd:98:5f:b3:7e:5f:b6:10:3c:ad:c9:9c:4d:24:bb:8f:1e:
8c:c2:51:80:58:28:56:3e:11:0a:22:01:1b:6b:70:52:9c:27:
ff:3e:a1:a1:a3:15:55:d7:fc:ac:b0:6c:f0:53:20:78:d0:3d:
a6:ac:93:82:aa:b2:71:81:f4:a7:b6:f5:89:d0:b7:67:1f:00:
7d:47:48:03:fd:f4:2e:bc:30:f8:c3:8f:97:46:00:70:de:e1:
a1:a7:ca:7c:a0:1e:12:9f:d2:85:b0:85:12:21:69:6b:84:cd:
9f:a5:06:a9:3f:14:4c:44:3d:bc:2f:2a:9c:b7:a1:80:f2:ae:
f6:8c:60:ca:e0:b8:78:29:0e:e7:29:83:84:cf:ed:c6:a6:0e:
04:3f:b5:c3:3e:9a:29:20:e6:78:bb:71:f0:db:68:c0:ab:de:
f3:e4:dc:48:2d:5c:21:03:22:3d:31:42:f5:5a:f7:ff:21:6c:
05:06:b6:86
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVuZnywySQO2EzcILQOKfP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ODgzNGM1MmFiZTMwNDI3ZjBhMjJhYTQ2ZmQzZDA4MDll
ZDQ1ODUwHhcNMjMwMTAxMTczNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM5YmRmYjNjMzY4Y2EzNDIyMjhmMDIxZmRhMTRkYzI1MTQ0YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7EO8MPz3/0ZXFdYazBiIO3BNqEI
nudx9euoiBZ1u8zeMFs7S6WYJYTkkE95lRv2tGz7/jcpDg60W9GrNmym4GtdNCg5
xgrU7bOc9pTbDHscAQUP+2FmF7f6YZL3C25sMsaWJ0mxY0lOQz6lUwL4LTCReRXD
hhkFC9E9X3SBmlQ0hd127XFPhy42eZmYIKFQ03c0EixlWkK7atbaTmoSkq8djrxy
sjXBBkK1ke1ylQuY6N396kNcCuIaznoTKri0Qettp/n9jmgn+KE3nwRjvHJxlW09
XHPRG5zU972/fdDwXYpokeqrRVstV8LmItLXcg9+HZVF0vIQb6q9nDwrbQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJDJvfs8NoyjQiKPAh/aFNwlFEwWMB8GA1UdIwQY
MBaAFEWINMUqvjBCfwoiqkb9PQgJ7UWFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGIt
YTMxMTQzNDYzYmU5LzEva01tOS16dzJqS05DSW84Q0g5b1UzQ1VVVEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jOTVhMjQtMjI2Yy00NzZhLWFkZGItYTMxMTQzNDYzYmU5
LzEvUllnMHhTcS1NRUpfQ2lLcVJ2MDlDQW50UllVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQELhfAAwQC
uVXUMAwDBATDiZADBAHDiZgwDQYJKoZIhvcNAQELBQADggEBAIc+PTN5sD0EFdut
eKK3eLMe+5hvje/BEr5V0YYnCotkFgRzx2rzaOLmDgBdnG8q5wYrWJVW6LclBij2
Gcl06zdrJSz7cVJalPPNmF+zfl+2EDytyZxNJLuPHozCUYBYKFY+EQoiARtrcFKc
J/8+oaGjFVXX/KywbPBTIHjQPaask4KqsnGB9Ke29YnQt2cfAH1HSAP99C68MPjD
j5dGAHDe4aGnynygHhKf0oWwhRIhaWuEzZ+lBqk/FExEPbwvKpy3oYDyrvaMYMrg
uHgpDucpg4TP7camDgQ/tcM+mikg5ni7cfDbaMCr3vPk3EgtXCEDIj0xQvVa9/8h
bAUGtoY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:12 2025 by rpki-client