Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/rHze9OfS-CWaAPLKAg4G1Z1PBKw.roa
File: rHze9OfS-CWaAPLKAg4G1Z1PBKw.roa (raw, json)
Hash identifier: x+fR7vLG6te1QeXT9tIVcpQmAY9h7hVcPObUQOrP9yw=
Subject key identifier: AC:7C:DE:F4:E7:D2:F8:25:9A:00:F2:CA:02:0E:06:D5:9D:4F:04:AC
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 0A9A0A2F
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/rHze9OfS-CWaAPLKAg4G1Z1PBKw.roa
Signing time: Mon 25 Apr 2022 17:38:47 +0000
ROA not before: Mon 25 Apr 2022 17:38:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 193.39.9.0/24 maxlen: 24
193.39.10.0/24 maxlen: 24
193.38.53.0/24 maxlen: 24
171.22.76.0/23 maxlen: 24
171.22.78.0/23 maxlen: 24
193.37.239.0/24 maxlen: 24
45.87.172.0/22 maxlen: 24
45.137.96.0/24 maxlen: 24
85.209.222.0/24 maxlen: 24
45.158.56.0/22 maxlen: 24
45.158.58.0/24 maxlen: 24
45.12.80.0/22 maxlen: 24
45.12.81.0/24 maxlen: 24
2.56.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177867311 (0xa9a0a2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Apr 25 17:38:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac7cdef4e7d2f8259a00f2ca020e06d59d4f04ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3a:bc:d3:cd:7b:f1:bb:d2:12:57:b9:d3:97:
66:c7:f1:49:d5:8d:31:e1:d0:a3:55:84:4f:bc:e2:
50:98:a2:13:f2:0f:ff:98:2a:e2:c9:85:ae:1b:9b:
8e:ac:5c:c7:b1:3e:13:78:70:89:17:85:5f:0c:0f:
c2:b8:28:95:3d:5f:a9:3b:d9:ab:21:62:17:7c:46:
ca:d0:4f:7e:72:71:90:bb:b9:ec:1d:2b:35:55:b3:
c0:ba:51:92:cd:b2:39:83:bd:ea:d5:e0:a9:ae:1b:
df:4a:e9:32:69:8b:ad:02:3a:26:09:24:27:19:96:
7a:e4:14:07:9f:7b:40:3d:3b:77:7f:1a:99:38:63:
72:9a:3b:ff:38:2a:5a:10:28:36:7c:9d:17:79:ce:
94:5c:58:6a:d4:fb:01:3a:da:3e:76:72:16:c1:7b:
18:fc:9e:b0:9b:29:ba:0c:30:8f:a7:29:0b:fd:30:
57:ad:95:00:c6:60:97:3c:7e:ca:d1:5d:75:96:d6:
84:1e:fd:0a:df:19:31:50:62:4e:48:73:ab:18:91:
9e:cd:93:14:d9:b3:d7:cb:c1:cc:a2:d5:1e:ef:c9:
7f:c6:d1:97:30:3d:7d:eb:48:47:21:c9:c0:5d:75:
b4:ad:95:c2:18:58:e6:4c:ba:e6:f6:b0:07:d5:f5:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7C:DE:F4:E7:D2:F8:25:9A:00:F2:CA:02:0E:06:D5:9D:4F:04:AC
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/rHze9OfS-CWaAPLKAg4G1Z1PBKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/22
45.12.80.0/22
45.87.172.0/22
45.137.96.0/24
45.158.56.0/22
85.209.222.0/24
171.22.76.0/22
193.37.239.0/24
193.38.53.0/24
193.39.9.0-193.39.10.255
Signature Algorithm: sha256WithRSAEncryption
70:c8:5f:cd:14:90:d6:ae:7d:6d:09:bb:24:37:36:25:ce:85:
35:c7:60:25:ef:90:a5:e5:21:c4:14:63:45:57:14:06:b5:99:
4b:f9:d6:f1:24:98:f4:b6:d7:99:e1:ef:ef:82:f3:27:a1:2c:
7d:64:20:65:8c:4d:56:45:88:cb:dc:0f:0b:03:5c:3d:68:b4:
6a:ed:64:39:ef:30:53:3d:af:6a:03:67:9d:3a:28:d1:61:00:
24:6b:45:57:c7:78:73:03:54:3b:4a:61:c4:f8:68:9d:97:f4:
48:e8:10:0c:07:d1:2d:2f:57:14:4b:78:f9:f0:d1:df:fa:ff:
6b:cd:aa:75:ed:d1:23:6d:18:6f:01:76:85:30:86:a0:23:59:
00:7c:58:a0:ae:5d:e4:2b:3a:48:17:ee:65:e1:74:6f:85:98:
ac:e3:c9:17:4b:57:40:f8:d6:79:d4:5a:e7:b0:68:e0:1b:c9:
1e:fa:6f:be:72:bd:03:f2:c0:05:23:1d:66:2e:31:93:d0:cb:
94:0c:d8:9b:5f:b1:a6:ef:f0:a1:a7:e6:b6:f6:2c:66:be:76:
98:93:fb:9f:43:eb:0e:ef:ea:68:b4:97:89:c6:c9:98:0d:c3:
00:63:a9:89:1c:b5:37:02:0e:e6:b8:aa:5c:5a:5e:6c:70:07:
d6:89:96:87
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIECpoKLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDRjMjY3ZmE3NTRjZDY1MDllOWY4MDcyNzMxMjNiZWU5NmM1MjVkMB4XDTIyMDQy
NTE3Mzg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM3Y2RlZjRlN2Qy
ZjgyNTlhMDBmMmNhMDIwZTA2ZDU5ZDRmMDRhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALk6vNPNe/G70hJXudOXZsfxSdWNMeHQo1WET7ziUJiiE/IP
/5gq4smFrhubjqxcx7E+E3hwiReFXwwPwrgolT1fqTvZqyFiF3xGytBPfnJxkLu5
7B0rNVWzwLpRks2yOYO96tXgqa4b30rpMmmLrQI6JgkkJxmWeuQUB597QD07d38a
mThjcpo7/zgqWhAoNnydF3nOlFxYatT7ATraPnZyFsF7GPyesJspugwwj6cpC/0w
V62VAMZglzx+ytFddZbWhB79Ct8ZMVBiTkhzqxiRns2TFNmz18vBzKLVHu/Jf8bR
lzA9fetIRyHJwF11tK2VwhhY5ky65vawB9X1qDUCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBSsfN7059L4JZoA8soCDgbVnU8ErDAfBgNVHSMEGDAWgBSkTCZ/p1TNZQnp
+AcnMSO+6WxSXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BFd21mNmRVeldVSjZmZ0hKekVqdnVsc1VsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8x
L3JIemU5T2ZTLUNXYUFQTEtBZzRHMVoxUEJLdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YWIyNmE1LTY3YjktNDY2Ny04NTViLTQ4YWYwODAwNGI1Zi8xL3BFd21mNmRVeldV
SjZmZ0hKekVqdnVsc1VsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAgI4+AMEAi0MUAMEAi1XrAMEAC2J
YAMEAi2eOAMEAFXR3gMEAqsWTAMEAMEl7wMEAMEmNTAMAwQAwScJAwQAwScKMA0G
CSqGSIb3DQEBCwUAA4IBAQBwyF/NFJDWrn1tCbskNzYlzoU1x2Al75Cl5SHEFGNF
VxQGtZlL+dbxJJj0tteZ4e/vgvMnoSx9ZCBljE1WRYjL3A8LA1w9aLRq7WQ57zBT
Pa9qA2edOijRYQAka0VXx3hzA1Q7SmHE+Gidl/RI6BAMB9EtL1cUS3j58NHf+v9r
zap17dEjbRhvAXaFMIagI1kAfFigrl3kKzpIF+5l4XRvhZis48kXS1dA+NZ51Frn
sGjgG8ke+m++cr0D8sAFIx1mLjGT0MuUDNibX7Gm7/Chp+a29ixmvnaYk/ufQ+sO
7+potJeJxsmYDcMAY6mJHLU3Ag7muKpcWl5scAfWiZaH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:15 2023 by rpki-client on console-ams.rpki-client.org