Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H1KNCXUVg94sYxk9GHaCAiFdiUI.roa
File: H1KNCXUVg94sYxk9GHaCAiFdiUI.roa (raw, json)
Hash identifier: SUuGnWgTKqK67Zn2x85A78ZKCWOfGuZ4yfuZlwqXw/U=
Subject key identifier: 1F:52:8D:09:75:15:83:DE:2C:63:19:3D:18:76:82:02:21:5D:89:42
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018321F58EE2F9748B1D0AC7CE4B2C0AC4A7
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H1KNCXUVg94sYxk9GHaCAiFdiUI.roa
Signing time: Fri 09 Sep 2022 11:14:44 +0000
ROA not before: Fri 09 Sep 2022 11:14:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41124
IP address blocks: 93.171.64.0/21 maxlen: 24
92.253.208.0/22 maxlen: 24
146.158.64.0/22 maxlen: 24
31.148.140.0/22 maxlen: 24
146.120.200.0/22 maxlen: 24
95.47.32.0/22 maxlen: 24
95.46.232.0/21 maxlen: 24
95.47.192.0/22 maxlen: 24
146.120.152.0/22 maxlen: 24
146.158.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:f5:8e:e2:f9:74:8b:1d:0a:c7:ce:4b:2c:0a:c4:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 9 11:14:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f528d09751583de2c63193d18768202215d8942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:2b:7b:13:1c:18:dd:36:58:16:fc:b6:5b:
cf:4b:7d:64:17:0a:38:b7:80:1f:4c:10:42:63:36:
4d:70:ed:4f:10:c5:ba:9a:a1:e3:57:c5:ef:d1:b9:
4d:02:09:ff:0e:54:6b:31:dd:28:0f:14:97:6b:88:
51:7f:da:12:29:4a:4c:ff:ea:0d:e8:ef:5c:18:a4:
1d:e9:41:44:51:1a:37:98:88:62:95:99:bc:53:e4:
ab:08:1f:02:57:8f:2f:ea:f9:b0:39:a2:69:a6:2d:
bc:6a:d1:26:ef:02:ff:81:be:e9:80:9d:aa:fa:a6:
1f:86:11:49:ad:17:54:56:74:c1:89:e0:4e:97:42:
5e:3b:81:60:e5:27:25:2c:65:22:58:d8:5c:6e:df:
59:b3:e9:d0:e8:67:03:e3:d6:8c:ad:1a:6a:16:ef:
97:30:eb:0e:68:8e:ad:76:60:26:f8:72:81:32:4d:
ca:63:3b:99:e2:38:66:33:7a:0a:6b:c5:db:25:eb:
f8:72:fa:db:51:58:b1:02:81:4c:f0:cb:0c:6e:52:
81:82:d4:b5:f6:26:e3:8f:e1:64:28:9a:35:06:9a:
40:2a:a9:4e:d7:f2:ac:5f:a0:23:cb:f7:2e:f7:4b:
46:d8:66:30:5c:ca:1f:10:b1:af:51:7a:0a:03:f6:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:52:8D:09:75:15:83:DE:2C:63:19:3D:18:76:82:02:21:5D:89:42
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/H1KNCXUVg94sYxk9GHaCAiFdiUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.140.0/22
92.253.208.0/22
93.171.64.0/21
95.46.232.0/21
95.47.32.0/22
95.47.192.0/22
146.120.152.0/22
146.120.200.0/22
146.158.24.0/22
146.158.64.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:0d:7d:e9:ee:d9:c2:2d:32:29:11:4a:64:22:ed:93:88:e3:
24:94:74:63:4e:4d:7e:d5:24:af:5a:2a:43:34:38:2b:be:b8:
e6:02:0a:93:89:65:fb:a1:e2:d2:c9:fd:f0:56:82:c5:ed:58:
82:0e:6c:90:e1:e3:6f:22:a4:e2:9c:c2:3a:72:7c:d8:1a:6f:
f0:e6:1c:d2:8c:62:5b:c1:c9:e6:b1:4b:58:2f:00:56:d5:64:
4d:71:47:dd:f9:96:70:b7:19:4e:bb:ba:d7:3a:21:58:28:ca:
99:d4:7e:39:54:22:d7:a2:4b:77:c2:c9:76:fb:2c:c3:1e:c4:
72:ea:18:e4:18:83:61:15:db:a2:ac:f5:77:66:bc:76:24:e6:
05:7a:40:21:d0:29:c2:bb:e6:4c:11:23:a9:b0:cb:2e:27:70:
31:62:4f:c9:15:e0:7d:e3:c2:b5:86:88:04:52:8b:90:db:1f:
84:7f:28:3c:2d:96:00:74:03:b9:e3:c0:66:ad:02:b7:08:87:
0d:25:46:47:b6:25:d3:e5:92:fe:14:32:72:3f:42:1a:e9:74:
9f:1d:13:b8:39:84:b4:16:39:ef:46:74:be:74:1d:8a:84:60:
ef:98:da:c3:a2:df:ee:99:4a:64:d1:3b:b2:3b:d6:f3:ab:fd:
6c:cc:61:af
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYMh9Y7i+XSLHQrHzkssCsSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjIwOTA5MTExNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjUyOGQwOTc1MTU4M2RlMmM2MzE5M2QxODc2ODIwMjIxNWQ4OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmsrexMcGN02WBb8tlvPS31kFwo4
t4AfTBBCYzZNcO1PEMW6mqHjV8Xv0blNAgn/DlRrMd0oDxSXa4hRf9oSKUpM/+oN
6O9cGKQd6UFEURo3mIhilZm8U+SrCB8CV48v6vmwOaJppi28atEm7wL/gb7pgJ2q
+qYfhhFJrRdUVnTBieBOl0JeO4Fg5SclLGUiWNhcbt9Zs+nQ6GcD49aMrRpqFu+X
MOsOaI6tdmAm+HKBMk3KYzuZ4jhmM3oKa8XbJev4cvrbUVixAoFM8MsMblKBgtS1
9ibjj+FkKJo1BppAKqlO1/KsX6Ajy/cu90tG2GYwXMofELGvUXoKA/bPPwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB9SjQl1FYPeLGMZPRh2ggIhXYlCMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSDFLTkNYVVZnOTRzWXhrOUdIYUNBaUZkaVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCH5SMAwQC
XP3QAwQDXatAAwQDXy7oAwQCXy8gAwQCXy/AAwQCkniYAwQCknjIAwQCkp4YAwQC
kp5AMA0GCSqGSIb3DQEBCwUAA4IBAQBcDX3p7tnCLTIpEUpkIu2TiOMklHRjTk1+
1SSvWipDNDgrvrjmAgqTiWX7oeLSyf3wVoLF7ViCDmyQ4eNvIqTinMI6cnzYGm/w
5hzSjGJbwcnmsUtYLwBW1WRNcUfd+ZZwtxlOu7rXOiFYKMqZ1H45VCLXokt3wsl2
+yzDHsRy6hjkGINhFduirPV3Zrx2JOYFekAh0CnCu+ZMESOpsMsuJ3AxYk/JFeB9
48K1hogEUouQ2x+Efyg8LZYAdAO548BmrQK3CIcNJUZHtiXT5ZL+FDJyP0Ia6XSf
HRO4OYS0FjnvRnS+dB2KhGDvmNrDot/umUpk0TuyO9bzq/1szGGv
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:55 2025 by rpki-client