Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/tqIyaEHJDqp-cWXuPy6VV-zMBrk.roa
File: tqIyaEHJDqp-cWXuPy6VV-zMBrk.roa (raw, json)
Hash identifier: 0AQoxLN0WC5XKyxK/DfdIqArS0SUwYsW4mO3XPtq4zM=
Subject key identifier: B6:A2:32:68:41:C9:0E:AA:7E:71:65:EE:3F:2E:95:57:EC:CC:06:B9
Certificate issuer: /CN=a44c267fa754cd6509e9f807273123bee96c525d
Certificate serial: 01846532DCFC92A81AC7106F4C126D76B057
Authority key identifier: A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/tqIyaEHJDqp-cWXuPy6VV-zMBrk.roa
Signing time: Fri 11 Nov 2022 05:39:02 +0000
ROA not before: Fri 11 Nov 2022 05:39:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 2.59.56.0/23 maxlen: 24
2.59.58.0/23 maxlen: 24
193.39.9.0/24 maxlen: 24
193.39.10.0/24 maxlen: 24
193.38.53.0/24 maxlen: 24
171.22.76.0/23 maxlen: 24
171.22.76.0/22 maxlen: 24
171.22.78.0/23 maxlen: 24
193.37.239.0/24 maxlen: 24
45.87.172.0/22 maxlen: 24
45.137.96.0/24 maxlen: 24
85.209.221.0/24 maxlen: 24
85.209.222.0/24 maxlen: 24
5.181.176.0/23 maxlen: 24
5.181.178.0/23 maxlen: 24
45.158.56.0/22 maxlen: 24
45.158.58.0/24 maxlen: 24
45.12.81.0/24 maxlen: 24
45.12.82.0/24 maxlen: 24
45.12.80.0/24 maxlen: 24
2.56.251.0/24 maxlen: 24
2.56.248.0/22 maxlen: 24
45.91.136.0/23 maxlen: 24
45.91.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:32:dc:fc:92:a8:1a:c7:10:6f:4c:12:6d:76:b0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a44c267fa754cd6509e9f807273123bee96c525d
Validity
Not Before: Nov 11 05:39:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6a2326841c90eaa7e7165ee3f2e9557eccc06b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:a7:e8:c4:48:00:04:48:08:a3:cb:80:71:
dd:4f:be:5c:a6:b5:7e:df:f3:f5:32:fd:13:15:28:
6b:75:1c:f5:43:5c:1e:4b:87:47:45:85:cd:6d:71:
e9:58:b7:42:dc:d6:af:ae:96:f8:19:d7:06:98:04:
af:dc:a3:d7:58:5e:2c:08:24:57:a6:e6:a1:74:f9:
e7:ec:fc:f6:64:a7:27:da:60:e0:b9:08:ac:1b:50:
5a:90:20:70:2b:8f:34:39:55:00:14:de:28:e8:85:
71:07:5f:27:b3:de:f9:d5:4b:19:78:50:f9:62:e8:
39:e4:f4:3e:5c:d9:51:79:68:2a:88:7b:35:db:94:
db:78:ac:d3:57:d3:62:8a:23:52:0f:50:e7:b4:d0:
18:f2:10:93:7e:76:3f:e8:2c:2f:31:4f:1e:c3:7b:
3c:2a:f1:c0:ed:2e:c5:6c:a3:2b:e8:17:43:92:73:
37:e5:90:13:72:b3:c6:eb:b8:bf:f9:b5:d3:0b:98:
52:7a:11:75:88:a1:90:f8:17:43:d0:22:6c:f8:5f:
0c:c8:3f:1a:2d:02:aa:a2:04:99:26:c5:a5:36:1c:
87:05:f8:bd:ff:c7:21:72:29:f5:7d:1b:11:6e:f4:
34:f7:56:29:ce:0b:09:5a:c5:fe:e4:7e:72:2f:12:
30:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A2:32:68:41:C9:0E:AA:7E:71:65:EE:3F:2E:95:57:EC:CC:06:B9
X509v3 Authority Key Identifier:
keyid:A4:4C:26:7F:A7:54:CD:65:09:E9:F8:07:27:31:23:BE:E9:6C:52:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pEwmf6dUzWUJ6fgHJzEjvulsUl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/tqIyaEHJDqp-cWXuPy6VV-zMBrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ab26a5-67b9-4667-855b-48af08004b5f/1/pEwmf6dUzWUJ6fgHJzEjvulsUl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/22
2.59.56.0/22
5.181.176.0/22
45.12.80.0-45.12.82.255
45.87.172.0/22
45.91.136.0/22
45.137.96.0/24
45.158.56.0/22
85.209.221.0-85.209.222.255
171.22.76.0/22
193.37.239.0/24
193.38.53.0/24
193.39.9.0-193.39.10.255
Signature Algorithm: sha256WithRSAEncryption
8e:f7:3c:b2:00:b1:d6:10:35:93:37:a0:07:85:6c:1d:c1:39:
70:be:28:cd:c7:d6:35:f1:14:8f:97:1d:d3:ab:55:b2:51:72:
90:3b:2c:96:4c:9e:32:af:8a:c0:38:b0:80:87:c6:ae:99:c2:
d7:7d:a5:4a:2d:5d:b8:34:a1:3f:5c:d8:cc:0c:b3:dd:0b:c9:
e5:b9:88:88:a0:61:0e:a6:1a:e8:cb:ff:15:70:34:8d:e6:8e:
7c:98:d4:c8:ef:b1:97:39:8b:2b:ea:85:56:ae:e2:6d:f8:91:
a4:83:e8:d9:18:56:a6:c4:fa:42:b5:36:2e:b3:1d:c0:90:b2:
b5:6b:ee:8d:88:ca:43:dd:d1:4b:64:2a:61:9d:d0:99:ac:95:
33:22:75:5c:4c:10:eb:4f:a7:08:9a:8a:b3:56:cd:1e:5f:d2:
38:64:76:51:ce:e9:c3:96:70:d0:3c:8d:d6:2e:05:bc:8b:08:
9e:7b:8a:81:1c:81:d2:12:a5:c0:9a:3c:99:9b:58:7a:e5:cd:
23:a7:eb:9f:d4:6b:3e:72:39:69:46:b9:64:19:e5:57:cf:72:
33:b1:ae:76:d1:a3:43:1d:e4:6a:0f:2b:f2:f4:25:55:51:28:
76:ce:2e:ce:3b:59:ad:33:f1:68:a3:c6:48:75:2a:dc:77:a2:
fe:d3:28:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYRlMtz8kqgaxxBvTBJtdrBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NGMyNjdmYTc1NGNkNjUwOWU5ZjgwNzI3MzEyM2JlZTk2
YzUyNWQwHhcNMjIxMTExMDUzOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmEyMzI2ODQxYzkwZWFhN2U3MTY1ZWUzZjJlOTU1N2VjY2MwNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixCn6MRIAARICKPLgHHdT75cprV+
3/P1Mv0TFShrdRz1Q1weS4dHRYXNbXHpWLdC3Navrpb4GdcGmASv3KPXWF4sCCRX
puahdPnn7Pz2ZKcn2mDguQisG1BakCBwK480OVUAFN4o6IVxB18ns9751UsZeFD5
Yug55PQ+XNlReWgqiHs125TbeKzTV9NiiiNSD1DntNAY8hCTfnY/6CwvMU8ew3s8
KvHA7S7FbKMr6BdDknM35ZATcrPG67i/+bXTC5hSehF1iKGQ+BdD0CJs+F8MyD8a
LQKqogSZJsWlNhyHBfi9/8chcin1fRsRbvQ091YpzgsJWsX+5H5yLxIwfQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFLaiMmhByQ6qfnFl7j8ulVfszAa5MB8GA1UdIwQY
MBaAFKRMJn+nVM1lCen4BycxI77pbFJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWIt
NDhhZjA4MDA0YjVmLzEvdHFJeWFFSEpEcXAtY1dYdVB5NlZWLXpNQnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hYjI2YTUtNjdiOS00NjY3LTg1NWItNDhhZjA4MDA0YjVm
LzEvcEV3bWY2ZFV6V1VKNmZnSEp6RWp2dWxzVWwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQCAjj4AwQC
Ajs4AwQCBbWwMAwDBAQtDFADBAAtDFIDBAItV6wDBAItW4gDBAAtiWADBAItnjgw
DAMEAFXR3QMEAFXR3gMEAqsWTAMEAMEl7wMEAMEmNTAMAwQAwScJAwQAwScKMA0G
CSqGSIb3DQEBCwUAA4IBAQCO9zyyALHWEDWTN6AHhWwdwTlwvijNx9Y18RSPlx3T
q1WyUXKQOyyWTJ4yr4rAOLCAh8aumcLXfaVKLV24NKE/XNjMDLPdC8nluYiIoGEO
phroy/8VcDSN5o58mNTI77GXOYsr6oVWruJt+JGkg+jZGFamxPpCtTYusx3AkLK1
a+6NiMpD3dFLZCphndCZrJUzInVcTBDrT6cImoqzVs0eX9I4ZHZRzunDlnDQPI3W
LgW8iwiee4qBHIHSEqXAmjyZm1h65c0jp+uf1Gs+cjlpRrlkGeVXz3Izsa520aND
HeRqDyvy9CVVUSh2zi7OO1mtM/Foo8ZIdSrcd6L+0yim
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:15 2023 by rpki-client on console-ams.rpki-client.org