Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/1-8nNscULR1_FBxeSnH9z1bXHxCs.roa
File: 1-8nNscULR1_FBxeSnH9z1bXHxCs.roa (raw, json)
Hash identifier: mR5mQc4yHyKv6cp0R8OjpdwrhjYegEYQJInJbYKatkA=
Subject key identifier: FB:C9:CD:B1:C5:0B:47:5F:C5:07:17:92:9C:7F:73:D5:B5:C7:C4:2B
Certificate issuer: /CN=4944680c20d1af01f169b18ac9c77d9877133cde
Certificate serial: 01856D93F04290EDB70A57A18F2202FFBE97
Authority key identifier: 49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/1-8nNscULR1_FBxeSnH9z1bXHxCs.roa
Signing time: Sun 01 Jan 2023 13:44:49 +0000
ROA not before: Sun 01 Jan 2023 13:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51474
IP address blocks: 176.108.224.0/22 maxlen: 22
176.108.228.0/22 maxlen: 22
31.131.160.0/22 maxlen: 22
195.54.54.0/24 maxlen: 24
195.54.55.0/24 maxlen: 24
194.213.6.0/24 maxlen: 24
185.76.52.0/23 maxlen: 23
185.76.54.0/23 maxlen: 23
91.239.164.0/23 maxlen: 23
91.233.193.0/24 maxlen: 24
91.233.194.0/23 maxlen: 23
91.242.48.0/23 maxlen: 23
91.242.50.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
176.113.96.0/23 maxlen: 23
194.107.122.0/24 maxlen: 24
178.212.201.0/24 maxlen: 24
178.212.206.0/24 maxlen: 24
178.212.200.0/24 maxlen: 24
178.212.207.0/24 maxlen: 24
2a00:aa80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:f0:42:90:ed:b7:0a:57:a1:8f:22:02:ff:be:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4944680c20d1af01f169b18ac9c77d9877133cde
Validity
Not Before: Jan 1 13:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbc9cdb1c50b475fc50717929c7f73d5b5c7c42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c7:79:e2:39:2f:5b:fe:6a:c2:7f:24:35:cc:
07:47:68:37:90:f7:f5:57:9a:06:13:ac:5e:4a:ff:
63:c3:b4:b1:9f:49:59:40:76:6e:29:55:32:6d:f8:
e4:d9:ab:3b:f9:9f:f9:25:28:1c:c4:a1:25:d9:17:
b6:95:22:1c:81:0a:99:13:14:d0:45:13:6f:be:8e:
50:1a:a9:1d:ac:57:c6:ea:0d:e6:fa:e1:a3:8d:8a:
26:31:90:d9:30:f5:8c:75:cf:7c:aa:de:c0:5b:77:
71:25:ad:9e:f2:b9:39:f7:d5:fc:76:f0:48:c5:1b:
92:9f:80:6b:e2:ce:04:ff:13:5c:59:64:13:d0:3c:
e7:9f:8c:5a:1e:23:75:77:68:a0:39:6c:64:f6:9c:
e9:09:b0:a9:90:21:9d:ac:08:3f:db:34:98:92:f4:
20:b4:17:d0:10:7e:4e:99:61:84:40:d0:ef:0c:73:
a3:e7:6a:50:05:71:a1:c7:07:b3:78:41:1e:85:70:
b7:2d:c1:51:b0:13:b8:3b:ae:5f:f7:32:8b:94:f2:
71:d1:49:7a:55:ac:9a:43:31:19:80:1a:4f:fe:0b:
fc:0e:c9:d2:ca:00:e9:3e:d1:7a:41:a8:3f:e6:4c:
13:1c:e6:85:66:13:eb:25:db:56:71:e9:70:b6:99:
a7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C9:CD:B1:C5:0B:47:5F:C5:07:17:92:9C:7F:73:D5:B5:C7:C4:2B
X509v3 Authority Key Identifier:
keyid:49:44:68:0C:20:D1:AF:01:F1:69:B1:8A:C9:C7:7D:98:77:13:3C:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SURoDCDRrwHxabGKycd9mHcTPN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/1-8nNscULR1_FBxeSnH9z1bXHxCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7dee09-cd2e-4030-ab92-ebdcc02fbae9/1/SURoDCDRrwHxabGKycd9mHcTPN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.160.0/22
91.233.193.0-91.233.195.255
91.239.164.0/22
91.242.48.0/22
176.108.224.0/21
176.113.96.0/23
178.212.200.0/23
178.212.206.0/23
185.76.52.0/22
194.107.122.0/24
194.213.6.0/24
195.54.54.0/23
IPv6:
2a00:aa80::/32
Signature Algorithm: sha256WithRSAEncryption
9d:ea:4b:db:c3:31:1b:51:1f:4b:aa:6d:0c:2d:02:0c:a1:d0:
fa:bf:22:f0:b3:91:fa:4c:eb:c4:50:85:be:93:c6:57:72:ab:
8d:d7:38:96:4b:cf:1a:63:b9:7e:10:cf:61:71:72:3f:33:1b:
3b:58:3e:4a:71:58:cc:94:96:83:d9:6d:7c:8d:c7:c5:29:6e:
0e:67:ef:d4:b8:d4:c6:d9:e2:cd:93:bd:a1:a1:98:fd:36:64:
10:de:c8:21:fb:33:56:b4:d8:8d:d1:c2:9f:77:59:b1:ce:e5:
8a:0f:5c:f1:ae:88:8a:a3:75:57:4d:5e:8b:23:d0:87:f4:b4:
b0:17:fc:8e:ff:bc:bc:06:47:f0:03:fc:8d:13:c5:32:18:c8:
a7:cd:47:e3:38:5a:5d:9e:0d:2b:72:ff:9f:9f:9b:7b:d3:78:
6a:74:81:19:a2:f3:ce:b9:5d:98:10:5c:f4:8f:3e:91:cb:8e:
30:82:65:92:12:dc:1e:3e:29:24:7a:aa:8b:5e:90:7f:4b:95:
df:81:8d:93:1b:d8:83:e7:59:da:b0:7e:2d:33:90:24:7f:42:
57:5c:52:86:08:d1:aa:ed:99:27:06:3b:65:ef:19:59:28:4d:
e9:ce:b4:48:9d:a5:f7:cb:f1:7f:d6:08:30:ea:00:4b:88:4e:
7f:8d:f3:1e
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYVtk/BCkO23ClehjyIC/76XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NDQ2ODBjMjBkMWFmMDFmMTY5YjE4YWM5Yzc3ZDk4Nzcx
MzNjZGUwHhcNMjMwMTAxMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmM5Y2RiMWM1MGI0NzVmYzUwNzE3OTI5YzdmNzNkNWI1YzdjNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cd54jkvW/5qwn8kNcwHR2g3kPf1
V5oGE6xeSv9jw7Sxn0lZQHZuKVUybfjk2as7+Z/5JSgcxKEl2Re2lSIcgQqZExTQ
RRNvvo5QGqkdrFfG6g3m+uGjjYomMZDZMPWMdc98qt7AW3dxJa2e8rk599X8dvBI
xRuSn4Br4s4E/xNcWWQT0Dznn4xaHiN1d2igOWxk9pzpCbCpkCGdrAg/2zSYkvQg
tBfQEH5OmWGEQNDvDHOj52pQBXGhxwezeEEehXC3LcFRsBO4O65f9zKLlPJx0Ul6
VayaQzEZgBpP/gv8DsnSygDpPtF6Qag/5kwTHOaFZhPrJdtWcelwtpmnHQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFPvJzbHFC0dfxQcXkpx/c9W1x8QrMB8GA1UdIwQY
MBaAFElEaAwg0a8B8WmxisnHfZh3EzzeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1VSb0RDRFJyd0h4YWJHS3ljZDltSGNUUE40LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83ZGVlMDktY2QyZS00MDMwLWFiOTIt
ZWJkY2MwMmZiYWU5LzEvMS04bk5zY1VMUjFfRkJ4ZVNuSDl6MWJYSHhDcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzIvN2RlZTA5LWNkMmUtNDAzMC1hYjkyLWViZGNjMDJmYmFl
OS8xL1NVUm9EQ0RScndIeGFiR0t5Y2Q5bUhjVFBONC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB4BggrBgEFBQcBBwEB/wRpMGcwVgQCAAEwUAMEAh+DoDAM
AwQAW+nBAwQCW+nAAwQCW++kAwQCW/IwAwQDsGzgAwQBsHFgAwQBstTIAwQBstTO
AwQCuUw0AwQAwmt6AwQAwtUGAwQBwzY2MA0EAgACMAcDBQAqAKqAMA0GCSqGSIb3
DQEBCwUAA4IBAQCd6kvbwzEbUR9Lqm0MLQIModD6vyLws5H6TOvEUIW+k8ZXcquN
1ziWS88aY7l+EM9hcXI/Mxs7WD5KcVjMlJaD2W18jcfFKW4OZ+/UuNTG2eLNk72h
oZj9NmQQ3sgh+zNWtNiN0cKfd1mxzuWKD1zxroiKo3VXTV6LI9CH9LSwF/yO/7y8
BkfwA/yNE8UyGMinzUfjOFpdng0rcv+fn5t703hqdIEZovPOuV2YEFz0jz6Ry44w
gmWSEtwePikkeqqLXpB/S5XfgY2TG9iD51nasH4tM5Akf0JXXFKGCNGq7ZknBjtl
7xlZKE3pzrRInaX3y/F/1ggw6gBLiE5/jfMe
-----END CERTIFICATE-----
Generated at Mon Aug 28 09:54:14 2023 by rpki-client on console-ams.rpki-client.org