Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/hFZcPXlSwTmReFFH51V3OGAiSSQ.roa
File: hFZcPXlSwTmReFFH51V3OGAiSSQ.roa (raw, json)
Hash identifier: 6mowt4c3oXu+wVTnr8SNC0gerYSP0d29bPljT7onw8I=
Subject key identifier: 84:56:5C:3D:79:52:C1:39:91:78:51:47:E7:55:77:38:60:22:49:24
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 0184A32EFDCF567C77145F88E8E59F072795
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/hFZcPXlSwTmReFFH51V3OGAiSSQ.roa
Signing time: Wed 23 Nov 2022 06:31:16 +0000
ROA not before: Wed 23 Nov 2022 06:31:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 2.59.56.0/23 maxlen: 24
2.59.58.0/23 maxlen: 24
193.39.9.0/24 maxlen: 24
193.39.10.0/24 maxlen: 24
193.38.53.0/24 maxlen: 24
171.22.76.0/22 maxlen: 24
171.22.78.0/23 maxlen: 24
193.37.239.0/24 maxlen: 24
185.172.172.0/23 maxlen: 24
45.87.172.0/22 maxlen: 24
45.137.96.0/24 maxlen: 24
85.209.221.0/24 maxlen: 24
85.209.222.0/24 maxlen: 24
5.181.176.0/23 maxlen: 24
5.181.178.0/23 maxlen: 24
45.158.56.0/22 maxlen: 24
45.158.58.0/24 maxlen: 24
45.12.81.0/24 maxlen: 24
45.12.82.0/24 maxlen: 24
45.12.80.0/24 maxlen: 24
2.56.251.0/24 maxlen: 24
2.56.248.0/22 maxlen: 24
45.91.136.0/22 maxlen: 24
45.91.136.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:2e:fd:cf:56:7c:77:14:5f:88:e8:e5:9f:07:27:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Nov 23 06:31:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84565c3d7952c13991785147e755773860224924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:21:78:a7:e6:b5:0f:f4:02:d2:06:50:3a:fe:
50:ad:de:50:6a:73:b4:9c:7f:03:0b:eb:e1:25:4c:
de:60:13:ff:8b:5c:06:58:da:7e:bc:fb:52:f5:59:
1e:73:a7:50:22:f1:7b:52:4a:99:9c:6f:93:61:10:
36:fd:a8:f5:25:c8:cb:f6:1e:61:67:48:61:56:95:
26:66:63:d5:66:b6:a5:8e:8a:33:94:3f:c1:31:4b:
ce:6f:6e:87:58:f4:8e:1a:2f:1d:67:6e:d1:09:87:
4f:2a:70:48:00:3e:57:9d:42:11:df:0c:2e:54:99:
34:f5:6d:4b:a8:f0:78:af:6b:09:81:6d:1d:34:7b:
60:86:70:20:42:8d:5c:bb:a8:55:53:17:82:ac:38:
fd:7d:c4:06:e4:56:77:77:06:b6:e2:e8:a1:fe:da:
55:e2:ea:b0:5e:29:e2:05:3d:21:c2:b0:8e:34:87:
cb:cf:0c:4a:59:b6:85:08:dc:0d:a3:d0:3d:c0:dc:
21:e6:73:98:a3:69:b1:de:6f:51:19:f1:23:77:b2:
f0:8e:c9:a4:52:fe:e3:2b:8d:7f:42:92:3e:59:82:
96:83:59:7d:e8:96:f8:20:62:17:3c:2a:97:f2:d5:
63:e2:92:de:98:a2:21:23:f7:5e:63:15:85:67:ad:
64:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:56:5C:3D:79:52:C1:39:91:78:51:47:E7:55:77:38:60:22:49:24
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/hFZcPXlSwTmReFFH51V3OGAiSSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/22
2.59.56.0/22
5.181.176.0/22
45.12.80.0-45.12.82.255
45.87.172.0/22
45.91.136.0/22
45.137.96.0/24
45.158.56.0/22
85.209.221.0-85.209.222.255
171.22.76.0/22
185.172.172.0/23
193.37.239.0/24
193.38.53.0/24
193.39.9.0-193.39.10.255
Signature Algorithm: sha256WithRSAEncryption
be:12:80:c8:0d:6e:68:58:d0:53:81:8a:e6:48:04:c5:c2:fb:
8a:b3:4d:67:ae:05:af:f5:af:fd:21:8e:42:70:ef:9f:5d:fb:
15:ae:42:ad:42:96:60:62:d6:98:86:73:07:b9:e2:8e:22:1e:
d4:2e:bc:6b:93:b1:36:d5:f2:d2:29:39:da:da:96:49:f3:1b:
78:24:23:9f:56:09:c1:79:b8:0b:f3:02:da:50:f3:83:3a:20:
d8:bd:f5:32:cc:40:94:c9:3e:82:73:fb:e4:99:a8:72:ad:ce:
59:c6:1e:40:69:0c:79:ea:02:8b:fc:ed:07:28:86:2b:5d:fa:
9c:d4:93:9e:b8:d2:36:73:7b:63:e0:57:25:1b:20:54:9a:24:
89:00:8e:57:7c:1c:e1:eb:4e:91:ce:97:f8:64:96:0d:77:ac:
cc:16:4c:57:82:5a:72:f9:ec:53:d6:67:d1:cb:86:84:a8:69:
27:34:1d:da:86:8a:4a:40:0c:04:3d:c9:81:e2:b6:e7:f8:08:
bf:d8:c3:f7:49:3f:3f:76:dd:65:92:96:e5:59:67:97:b2:6c:
e8:65:9f:c4:02:07:65:fe:da:2b:02:33:fb:10:f1:f1:12:2b:
ad:06:e5:46:4b:b7:1c:59:a8:f4:00:5b:f3:f9:cb:05:33:b1:
ea:87:4a:7f
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYSjLv3PVnx3FF+I6OWfByeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjIxMTIzMDYzMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDU2NWMzZDc5NTJjMTM5OTE3ODUxNDdlNzU1NzczODYwMjI0OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCF4p+a1D/QC0gZQOv5Qrd5QanO0
nH8DC+vhJUzeYBP/i1wGWNp+vPtS9Vkec6dQIvF7UkqZnG+TYRA2/aj1JcjL9h5h
Z0hhVpUmZmPVZraljoozlD/BMUvOb26HWPSOGi8dZ27RCYdPKnBIAD5XnUIR3wwu
VJk09W1LqPB4r2sJgW0dNHtghnAgQo1cu6hVUxeCrDj9fcQG5FZ3dwa24uih/tpV
4uqwXiniBT0hwrCONIfLzwxKWbaFCNwNo9A9wNwh5nOYo2mx3m9RGfEjd7Lwjsmk
Uv7jK41/QpI+WYKWg1l96Jb4IGIXPCqX8tVj4pLemKIhI/deYxWFZ61kIwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFIRWXD15UsE5kXhRR+dVdzhgIkkkMB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvaEZaY1BYbFN3VG1SZUZGSDUxVjNPR0FpU1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAgI4+AME
AgI7OAMEAgW1sDAMAwQELQxQAwQALQxSAwQCLVesAwQCLVuIAwQALYlgAwQCLZ44
MAwDBABV0d0DBABV0d4DBAKrFkwDBAG5rKwDBADBJe8DBADBJjUwDAMEAMEnCQME
AMEnCjANBgkqhkiG9w0BAQsFAAOCAQEAvhKAyA1uaFjQU4GK5kgExcL7irNNZ64F
r/Wv/SGOQnDvn137Fa5CrUKWYGLWmIZzB7nijiIe1C68a5OxNtXy0ik52tqWSfMb
eCQjn1YJwXm4C/MC2lDzgzog2L31MsxAlMk+gnP75Jmocq3OWcYeQGkMeeoCi/zt
ByiGK136nNSTnrjSNnN7Y+BXJRsgVJokiQCOV3wc4etOkc6X+GSWDXeszBZMV4Ja
cvnsU9Zn0cuGhKhpJzQd2oaKSkAMBD3JgeK25/gIv9jD90k/P3bdZZKW5Vlnl7Js
6GWfxAIHZf7aKwIz+xDx8RIrrQblRku3HFmo9ABb8/nLBTOx6odKfw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:15 2023 by rpki-client on console-ams.rpki-client.org