Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Q4dbJO7DaVQUomzT9rCfcYu4y1I.roa
File: Q4dbJO7DaVQUomzT9rCfcYu4y1I.roa (raw, json)
Hash identifier: hNNTUgfE2Tx9LXnu5GT0x2T5s4g9VY6p8BIbmnzWoRM=
Subject key identifier: 43:87:5B:24:EE:C3:69:54:14:A2:6C:D3:F6:B0:9F:71:8B:B8:CB:52
Certificate issuer: /CN=51f866f32b47c69d478ad95354e257e51a236a57
Certificate serial: 018CC94E0C9CFFF2DE988B92B7BD3E206D62
Authority key identifier: 51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Q4dbJO7DaVQUomzT9rCfcYu4y1I.roa
Signing time: Tue 02 Jan 2024 08:33:04 +0000
ROA not before: Tue 02 Jan 2024 08:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39288
IP address blocks: 158.255.92.0/23 maxlen: 24
158.255.92.0/22 maxlen: 24
193.138.118.0/24 maxlen: 24
46.21.208.0/21 maxlen: 21
46.21.208.0/20 maxlen: 20
46.21.216.0/21 maxlen: 21
94.232.152.0/22 maxlen: 22
94.232.152.0/21 maxlen: 21
158.255.88.0/21 maxlen: 24
158.255.88.0/22 maxlen: 22
94.232.156.0/22 maxlen: 22
2a02:2928::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:0c:9c:ff:f2:de:98:8b:92:b7:bd:3e:20:6d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f866f32b47c69d478ad95354e257e51a236a57
Validity
Not Before: Jan 2 08:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43875b24eec3695414a26cd3f6b09f718bb8cb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cf:5b:5d:a9:33:99:7a:27:84:91:d6:9a:1e:
0c:f2:87:63:de:c7:2d:14:34:f0:7a:e7:a0:af:b3:
c8:8c:0d:14:a3:3a:cb:74:33:53:e0:eb:94:fe:5d:
b8:ae:d0:29:76:d0:19:19:74:d7:4f:f6:5a:76:9f:
fa:6e:6b:99:bf:0a:33:dc:33:59:2a:24:49:b5:89:
08:25:79:96:ca:05:0d:46:d1:4f:1b:e4:57:3c:41:
de:13:63:2e:f0:68:cd:82:d3:e5:5a:36:f1:53:73:
30:e2:54:12:e2:e4:c1:0a:1c:1d:db:0a:ff:24:6c:
f6:aa:c8:79:47:13:b7:e3:bd:14:97:cd:f1:fc:e3:
d2:c5:2a:8b:b2:d9:14:47:55:46:69:26:bb:9d:14:
98:a3:f1:eb:7b:7b:a2:12:ea:14:2d:e7:3b:23:c2:
f5:bc:09:0e:33:d5:f3:b6:1a:1b:ff:f1:57:02:6c:
79:13:ad:d1:9c:a5:0b:a9:bd:f7:7b:99:0f:d1:01:
92:4b:e6:d7:81:bb:95:e2:1f:73:10:b6:1a:dd:16:
e6:d1:2f:21:11:44:f3:b7:cf:6d:00:18:c3:26:7e:
97:b7:bb:51:8c:e1:f1:fd:19:15:46:63:4c:f0:31:
ed:d7:8c:f0:7e:43:79:95:36:b8:bb:5b:62:49:23:
2c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:87:5B:24:EE:C3:69:54:14:A2:6C:D3:F6:B0:9F:71:8B:B8:CB:52
X509v3 Authority Key Identifier:
keyid:51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Q4dbJO7DaVQUomzT9rCfcYu4y1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Ufhm8ytHxp1HitlTVOJX5Rojalc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.208.0/20
94.232.152.0/21
158.255.88.0/21
193.138.118.0/24
IPv6:
2a02:2928::/32
Signature Algorithm: sha256WithRSAEncryption
27:b5:8e:cf:6e:26:a9:1b:32:d8:5a:69:09:5d:a4:bb:5a:17:
8f:03:20:fe:79:47:97:b4:ff:6a:51:95:53:11:38:b3:2e:20:
36:87:04:74:bc:59:28:87:e3:4f:49:2d:2e:43:34:47:bd:3d:
34:91:0f:fd:eb:6a:ec:29:ee:cb:0c:23:b9:12:09:97:b8:1d:
be:38:24:e4:02:e6:61:85:a4:53:d8:80:df:3b:48:9b:c4:94:
0e:43:32:37:f1:11:c9:11:fd:63:46:72:fa:aa:02:6e:32:4f:
48:6a:a2:74:77:e6:c7:ed:a9:df:50:ba:81:e3:6c:22:7c:5c:
50:55:eb:af:18:d7:1f:22:e3:4b:16:79:0c:37:b1:2c:d7:d4:
f0:1e:ce:8f:2c:23:f2:ea:32:44:82:f6:29:c7:4e:88:b5:42:
6a:99:0a:19:76:2c:b9:4d:3a:75:ab:7a:89:e6:9c:44:30:c2:
d4:37:83:38:73:d1:13:39:bc:b0:9a:49:89:aa:e5:1e:d3:5d:
1b:67:be:f2:b6:9b:36:e6:32:19:1b:2e:09:49:c9:d2:77:4d:
f0:3a:fc:3b:14:a3:48:35:60:78:d8:84:74:a3:52:27:a1:db:
33:e5:f6:ab:aa:75:99:a5:aa:f7:70:56:b2:91:c1:69:0b:f1:
79:0c:d6:d4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJTgyc//LemIuSt70+IG1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZjg2NmYzMmI0N2M2OWQ0NzhhZDk1MzU0ZTI1N2U1MWEy
MzZhNTcwHhcNMjQwMTAyMDgzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzg3NWIyNGVlYzM2OTU0MTRhMjZjZDNmNmIwOWY3MThiYjhjYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh89bXakzmXonhJHWmh4M8odj3sct
FDTweuegr7PIjA0UozrLdDNT4OuU/l24rtApdtAZGXTXT/Zadp/6bmuZvwoz3DNZ
KiRJtYkIJXmWygUNRtFPG+RXPEHeE2Mu8GjNgtPlWjbxU3Mw4lQS4uTBChwd2wr/
JGz2qsh5RxO3470Ul83x/OPSxSqLstkUR1VGaSa7nRSYo/Hre3uiEuoULec7I8L1
vAkOM9Xzthob//FXAmx5E63RnKULqb33e5kP0QGSS+bXgbuV4h9zELYa3Rbm0S8h
EUTzt89tABjDJn6Xt7tRjOHx/RkVRmNM8DHt14zwfkN5lTa4u1tiSSMseQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEOHWyTuw2lUFKJs0/awn3GLuMtSMB8GA1UdIwQY
MBaAFFH4ZvMrR8adR4rZU1TiV+UaI2pXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZobTh5dEh4cDFIaXRsVFZPSlg1Um9qYWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9kY2I2ZmItMGU4Ni00ZDM0LWFkYzMt
ZDkzZmQ0OWFlOGVmLzEvUTRkYkpPN0RhVlFVb216VDlyQ2ZjWXU0eTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9kY2I2ZmItMGU4Ni00ZDM0LWFkYzMtZDkzZmQ0OWFlOGVm
LzEvVWZobTh5dEh4cDFIaXRsVFZPSlg1Um9qYWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELhXQAwQD
XuiYAwQDnv9YAwQAwYp2MA0EAgACMAcDBQAqAikoMA0GCSqGSIb3DQEBCwUAA4IB
AQAntY7PbiapGzLYWmkJXaS7WhePAyD+eUeXtP9qUZVTETizLiA2hwR0vFkoh+NP
SS0uQzRHvT00kQ/962rsKe7LDCO5EgmXuB2+OCTkAuZhhaRT2IDfO0ibxJQOQzI3
8RHJEf1jRnL6qgJuMk9IaqJ0d+bH7anfULqB42wifFxQVeuvGNcfIuNLFnkMN7Es
19TwHs6PLCPy6jJEgvYpx06ItUJqmQoZdiy5TTp1q3qJ5pxEMMLUN4M4c9ETObyw
mkmJquUe010bZ77ytps25jIZGy4JScnSd03wOvw7FKNINWB42IR0o1Inodsz5far
qnWZpar3cFaykcFpC/F5DNbU
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:00:37 2024 by rpki-client on console-fra.rpki-client.org