Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/7w5I0pyxFY0XUsYFyWLQ3pTy6UQ.roa
File: 7w5I0pyxFY0XUsYFyWLQ3pTy6UQ.roa (raw, json)
Hash identifier: rxHJMEPlPqUSGwjyv9hJ7RNPTDvNnEWC/zj+uj4/Auw=
Subject key identifier: EF:0E:48:D2:9C:B1:15:8D:17:52:C6:05:C9:62:D0:DE:94:F2:E9:44
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 01845813810EA64130C6D6EE15B3056F8CD0
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/7w5I0pyxFY0XUsYFyWLQ3pTy6UQ.roa
Signing time: Tue 08 Nov 2022 16:29:44 +0000
ROA not before: Tue 08 Nov 2022 16:29:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 2.59.56.0/23 maxlen: 24
2.59.58.0/23 maxlen: 24
193.39.9.0/24 maxlen: 24
193.39.10.0/24 maxlen: 24
193.38.53.0/24 maxlen: 24
171.22.76.0/22 maxlen: 24
185.172.172.0/22 maxlen: 22
193.37.239.0/24 maxlen: 24
45.87.172.0/22 maxlen: 24
45.137.96.0/24 maxlen: 24
85.209.221.0/24 maxlen: 24
85.209.222.0/24 maxlen: 24
5.181.176.0/23 maxlen: 24
5.181.178.0/23 maxlen: 24
45.158.56.0/22 maxlen: 24
45.158.58.0/24 maxlen: 24
45.12.81.0/24 maxlen: 24
45.12.82.0/24 maxlen: 24
45.12.80.0/24 maxlen: 24
2.56.251.0/24 maxlen: 24
2.56.248.0/22 maxlen: 24
45.91.136.0/23 maxlen: 24
45.91.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:58:13:81:0e:a6:41:30:c6:d6:ee:15:b3:05:6f:8c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Nov 8 16:29:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef0e48d29cb1158d1752c605c962d0de94f2e944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d5:97:19:45:cf:f7:3f:d7:11:5e:d2:fc:e6:
af:4b:c3:53:95:31:7a:f4:5e:06:82:69:83:14:80:
ce:4c:9e:68:67:ce:2d:27:9d:bb:00:29:e9:45:69:
3a:ec:a1:1d:1f:89:74:03:db:7b:4f:1b:12:a9:54:
a5:c2:fb:27:8e:de:b0:28:80:02:6a:af:8c:c0:f3:
b1:ab:56:16:21:e2:8b:cb:c3:b0:29:fb:01:9c:27:
9c:0d:ef:7b:97:52:ae:a9:59:8b:35:1f:e1:bf:85:
c5:5a:f1:df:97:0e:e0:44:0b:d1:52:48:e0:63:99:
0c:5e:6d:35:2d:7c:e3:60:ff:3a:c8:a7:c9:de:31:
02:c1:64:04:35:18:c9:a1:21:e6:35:83:f0:8f:36:
62:ce:a0:ee:d4:6c:aa:dd:37:a9:19:e1:f9:11:d4:
22:0e:6a:46:43:dc:e9:b0:59:3f:6b:95:da:e7:0f:
4a:75:ce:b6:0b:10:ef:ea:8a:fe:99:f2:49:9a:40:
34:15:10:c3:ab:f3:d5:9d:8a:e1:3e:4f:7f:4c:ca:
d3:7b:97:59:09:6d:65:fb:10:fa:fa:0b:e7:b1:77:
97:1d:33:0f:5c:a1:13:c9:7e:fa:28:66:6d:0f:b1:
05:3a:ec:3a:ca:b9:52:84:a1:5c:12:50:7d:f7:81:
27:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:0E:48:D2:9C:B1:15:8D:17:52:C6:05:C9:62:D0:DE:94:F2:E9:44
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/7w5I0pyxFY0XUsYFyWLQ3pTy6UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/22
2.59.56.0/22
5.181.176.0/22
45.12.80.0-45.12.82.255
45.87.172.0/22
45.91.136.0/22
45.137.96.0/24
45.158.56.0/22
85.209.221.0-85.209.222.255
171.22.76.0/22
185.172.172.0/22
193.37.239.0/24
193.38.53.0/24
193.39.9.0-193.39.10.255
Signature Algorithm: sha256WithRSAEncryption
06:06:0f:ae:a8:c5:98:cd:ad:d5:c1:5b:f7:ae:3b:4e:0a:5b:
42:19:24:b7:80:07:46:af:81:e5:a2:e9:06:15:8d:a5:2f:2d:
2f:73:6b:ff:f4:34:46:cb:73:a3:d4:07:05:11:f4:2a:76:de:
08:45:61:ba:2f:60:f0:a3:61:d7:1c:4d:da:c1:fe:2e:81:25:
12:39:7a:d3:6d:45:15:45:f5:fd:d6:6c:71:83:17:b9:f6:a4:
1e:75:ce:d9:d7:2c:84:70:ff:a5:be:06:31:f9:9b:8d:05:dc:
1f:2f:d7:8d:81:7a:41:62:3e:0c:85:81:01:db:86:fd:fe:b5:
54:85:cd:b1:77:5a:56:78:a0:ed:5b:98:f6:08:75:28:e1:b8:
25:58:da:07:7b:1c:89:5d:6b:96:7c:46:4f:c4:f9:f4:94:25:
e5:da:d8:05:fe:d6:92:8c:47:be:8e:d3:5d:1a:a0:25:ce:7a:
f5:ec:59:53:c5:c2:ad:1c:db:99:e5:aa:81:10:5f:01:bb:af:
75:cb:2f:34:9f:bf:a2:50:e6:92:3d:85:a2:9e:c1:96:81:d0:
0d:bd:96:42:09:a1:0d:d1:2d:13:eb:c1:bd:cf:8d:64:f1:80:
c8:27:67:09:85:18:94:aa:34:9e:99:ca:b6:b6:f2:1b:19:01:
73:c1:56:56
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYRYE4EOpkEwxtbuFbMFb4zQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjIxMTA4MTYyOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjBlNDhkMjljYjExNThkMTc1MmM2MDVjOTYyZDBkZTk0ZjJlOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtWXGUXP9z/XEV7S/OavS8NTlTF6
9F4GgmmDFIDOTJ5oZ84tJ527ACnpRWk67KEdH4l0A9t7TxsSqVSlwvsnjt6wKIAC
aq+MwPOxq1YWIeKLy8OwKfsBnCecDe97l1KuqVmLNR/hv4XFWvHflw7gRAvRUkjg
Y5kMXm01LXzjYP86yKfJ3jECwWQENRjJoSHmNYPwjzZizqDu1Gyq3TepGeH5EdQi
DmpGQ9zpsFk/a5Xa5w9Kdc62CxDv6or+mfJJmkA0FRDDq/PVnYrhPk9/TMrTe5dZ
CW1l+xD6+gvnsXeXHTMPXKETyX76KGZtD7EFOuw6yrlShKFcElB994En2QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFO8OSNKcsRWNF1LGBcli0N6U8ulEMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvN3c1STBweXhGWTBYVXNZRnlXTFEzcFR5NlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAgI4+AME
AgI7OAMEAgW1sDAMAwQELQxQAwQALQxSAwQCLVesAwQCLVuIAwQALYlgAwQCLZ44
MAwDBABV0d0DBABV0d4DBAKrFkwDBAK5rKwDBADBJe8DBADBJjUwDAMEAMEnCQME
AMEnCjANBgkqhkiG9w0BAQsFAAOCAQEABgYPrqjFmM2t1cFb9647TgpbQhkkt4AH
Rq+B5aLpBhWNpS8tL3Nr//Q0Rstzo9QHBRH0KnbeCEVhui9g8KNh1xxN2sH+LoEl
Ejl6021FFUX1/dZscYMXufakHnXO2dcshHD/pb4GMfmbjQXcHy/XjYF6QWI+DIWB
AduG/f61VIXNsXdaVnig7VuY9gh1KOG4JVjaB3sciV1rlnxGT8T59JQl5drYBf7W
koxHvo7TXRqgJc569exZU8XCrRzbmeWqgRBfAbuvdcsvNJ+/olDmkj2Fop7BloHQ
Db2WQgmhDdEtE+vBvc+NZPGAyCdnCYUYlKo0npnKtrbyGxkBc8FWVg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:14 2023 by rpki-client on console-ams.rpki-client.org