Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/O5rbICxHJZQVXZulsqtXa2mUaDU.roa
File: O5rbICxHJZQVXZulsqtXa2mUaDU.roa (raw, json)
Hash identifier: qdmigathn/bIX2GBrWo+RM1htx4S6ixmgyNblkssvPs=
Subject key identifier: 3B:9A:DB:20:2C:47:25:94:15:5D:9B:A5:B2:AB:57:6B:69:94:68:35
Certificate issuer: /CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Certificate serial: 179011D2
Authority key identifier: 70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/O5rbICxHJZQVXZulsqtXa2mUaDU.roa
Signing time: Tue 05 Apr 2022 12:56:03 +0000
ROA not before: Tue 05 Apr 2022 12:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34655
IP address blocks: 5.159.216.0/24 maxlen: 24
95.128.120.0/24 maxlen: 24
109.71.165.0/24 maxlen: 24
95.128.124.0/24 maxlen: 24
2a03:9c40:800::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395317714 (0x179011d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=704eb0324b167299dd6064dbbf340d2f99c402c2
Validity
Not Before: Apr 5 12:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b9adb202c472594155d9ba5b2ab576b69946835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6b:1e:d8:ef:e5:69:7b:71:b8:8a:a2:b2:b7:
cd:f8:e1:fd:39:04:91:8a:6e:e0:00:2d:e6:7c:eb:
11:9d:8c:b0:21:2c:21:84:62:06:ef:7c:6e:53:9d:
5d:16:c1:22:77:b5:02:3d:a7:0f:5d:7f:95:03:73:
94:d1:c1:5a:9d:86:cb:32:15:cb:3b:77:d2:86:35:
f7:02:28:77:5a:8c:4b:a8:cf:df:d0:8a:9c:57:c5:
9c:2d:33:08:f0:70:ab:02:ac:c4:a8:90:63:8d:0c:
97:93:f2:03:bd:a8:67:94:59:76:45:0e:11:0b:b1:
da:b7:17:58:53:a2:ad:71:a5:23:7b:66:87:75:9a:
1c:e7:eb:19:f4:1b:ef:46:b5:ef:f5:a3:d4:56:d0:
2f:55:10:20:d0:a4:b8:68:56:95:92:a9:78:f2:be:
00:3e:2e:43:9d:b4:ae:84:be:6c:34:37:93:c0:ea:
10:f2:2b:9b:31:65:64:0c:48:29:35:88:65:72:25:
d5:e4:5d:66:4f:7a:05:34:9c:bd:9b:9b:bb:cb:e5:
50:0f:40:18:ba:00:1d:ba:a0:17:c6:57:f4:5b:11:
00:8f:50:77:d5:17:7d:10:ea:af:9e:85:d3:7a:f3:
33:88:45:4a:43:c9:08:0c:51:65:3a:0d:06:5c:b4:
ff:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9A:DB:20:2C:47:25:94:15:5D:9B:A5:B2:AB:57:6B:69:94:68:35
X509v3 Authority Key Identifier:
keyid:70:4E:B0:32:4B:16:72:99:DD:60:64:DB:BF:34:0D:2F:99:C4:02:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cE6wMksWcpndYGTbvzQNL5nEAsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/O5rbICxHJZQVXZulsqtXa2mUaDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ada691-0e3a-488f-89de-4cf298576b01/1/cE6wMksWcpndYGTbvzQNL5nEAsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.216.0/24
95.128.120.0/24
95.128.124.0/24
109.71.165.0/24
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
Signature Algorithm: sha256WithRSAEncryption
6f:9b:32:8b:4c:ba:3c:2f:83:01:9a:d5:a9:5b:f7:c0:c4:f2:
10:bc:3c:ff:23:ef:72:dd:a1:d7:8e:85:83:10:f5:44:15:a2:
38:9e:1a:df:b2:64:aa:8e:b9:ea:1a:b4:9f:33:50:5c:de:ea:
c1:7f:58:50:c8:ca:7a:67:97:6c:c2:8e:fa:18:e8:bb:64:07:
37:3a:cb:1b:07:1f:9a:57:e8:c2:ca:11:c1:06:f3:b7:56:5d:
a3:8f:76:a6:20:bd:15:db:95:7f:fd:c3:f9:9b:fb:f3:eb:a7:
a5:b5:11:18:cf:6d:52:5c:8d:e5:6c:fb:8b:51:12:76:a3:7c:
10:86:a4:96:f6:0a:d9:24:7b:37:58:9e:b7:c3:d7:14:30:9d:
47:3e:08:86:df:97:5f:b8:37:43:90:78:d2:98:9d:8d:bf:1f:
a8:c5:fd:d8:87:2b:65:0c:fb:3c:c0:44:e4:21:a7:f9:a8:07:
37:22:6d:13:6f:fd:aa:c7:8d:72:d2:3a:01:62:60:5b:b8:4a:
4d:7a:12:35:47:25:06:5f:7a:f4:dd:59:69:6f:95:82:07:ea:
ab:58:74:5d:f5:a0:2c:00:27:62:65:1f:a8:03:d2:11:8d:20:
3b:b2:c4:0e:1a:bd:1f:82:8b:1f:28:25:67:74:34:a3:7e:a2:
70:a6:41:87
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEF5AR0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDRlYjAzMjRiMTY3Mjk5ZGQ2MDY0ZGJiZjM0MGQyZjk5YzQwMmMyMB4XDTIyMDQw
NTEyNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I5YWRiMjAyYzQ3
MjU5NDE1NWQ5YmE1YjJhYjU3NmI2OTk0NjgzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANprHtjv5Wl7cbiKorK3zfjh/TkEkYpu4AAt5nzrEZ2MsCEs
IYRiBu98blOdXRbBIne1Aj2nD11/lQNzlNHBWp2GyzIVyzt30oY19wIod1qMS6jP
39CKnFfFnC0zCPBwqwKsxKiQY40Ml5PyA72oZ5RZdkUOEQux2rcXWFOirXGlI3tm
h3WaHOfrGfQb70a17/Wj1FbQL1UQINCkuGhWlZKpePK+AD4uQ520roS+bDQ3k8Dq
EPIrmzFlZAxIKTWIZXIl1eRdZk96BTScvZubu8vlUA9AGLoAHbqgF8ZX9FsRAI9Q
d9UXfRDqr56F03rzM4hFSkPJCAxRZToNBly0/+sCAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBQ7mtsgLEcllBVdm6Wyq1draZRoNTAfBgNVHSMEGDAWgBRwTrAySxZymd1g
ZNu/NA0vmcQCwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NFNndNa3NXY3BuZFlHVGJ2elFOTDVuRUFzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvYWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8x
L081cmJJQ3hISlpRVlhadWxzcXRYYTJtVWFEVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
YWRhNjkxLTBlM2EtNDg4Zi04OWRlLTRjZjI5ODU3NmIwMS8xL2NFNndNa3NXY3Bu
ZFlHVGJ2elFOTDVuRUFzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwHgQCAAEwGAMEAAWf2AMEAF+AeAMEAF+AfAMEAG1H
pTAzBAIAAjAtAwcAKgOcQAAAAwcAKgOcQAIAAwcAKgOcQAQAAwcAKgOcQAYAAwcA
KgOcQAgAMA0GCSqGSIb3DQEBCwUAA4IBAQBvmzKLTLo8L4MBmtWpW/fAxPIQvDz/
I+9y3aHXjoWDEPVEFaI4nhrfsmSqjrnqGrSfM1Bc3urBf1hQyMp6Z5dswo76GOi7
ZAc3OssbBx+aV+jCyhHBBvO3Vl2jj3amIL0V25V//cP5m/vz66eltREYz21SXI3l
bPuLURJ2o3wQhqSW9grZJHs3WJ63w9cUMJ1HPgiG35dfuDdDkHjSmJ2Nvx+oxf3Y
hytlDPs8wETkIaf5qAc3Im0Tb/2qx41y0joBYmBbuEpNehI1RyUGX3r03Vlpb5WC
B+qrWHRd9aAsACdiZR+oA9IRjSA7ssQOGr0fgosfKCVndDSjfqJwpkGH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:27 2024 by rpki-client on console-ams.rpki-client.org