Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/EWGChI0bHJxCuYsK5zuh_D15l1M.roa
File: EWGChI0bHJxCuYsK5zuh_D15l1M.roa (raw, json)
Hash identifier: 6NX+ldamI2eLpSqpUVeIF8kZfg57OLrjdgTTnCw8LGg=
Subject key identifier: 11:61:82:84:8D:1B:1C:9C:42:B9:8B:0A:E7:3B:A1:FC:3D:79:97:53
Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Certificate serial: 018CC6B927CCA072CA3E827553C00B14CC7A
Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/EWGChI0bHJxCuYsK5zuh_D15l1M.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48362
IP address blocks: 45.152.52.0/22 maxlen: 24
185.31.212.0/22 maxlen: 22
185.252.36.0/22 maxlen: 22
94.199.168.0/21 maxlen: 21
91.195.116.0/23 maxlen: 24
2a02:1688::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:27:cc:a0:72:ca:3e:82:75:53:c0:0b:14:cc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=116182848d1b1c9c42b98b0ae73ba1fc3d799753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:45:63:d6:b4:4e:23:c0:ca:ca:76:47:0e:7e:
80:87:cc:9e:60:8e:5a:89:6a:87:72:d3:94:e5:83:
1d:70:a2:b6:1d:83:c5:0b:92:15:bf:7b:c5:17:7f:
94:e0:9c:20:c3:49:0c:7d:f1:c5:6b:b5:51:70:cd:
c1:cd:ea:5c:fb:fb:5d:e8:23:22:c9:0c:5f:2a:9d:
6e:b4:4d:e1:d4:81:77:e5:a0:08:6e:1e:49:46:f9:
7f:df:de:6a:1c:e7:4f:9c:f2:20:e1:89:7d:5d:c8:
38:b1:1c:2c:63:13:e2:d4:7f:f8:d4:97:71:85:f3:
fb:e9:36:6b:fc:2b:46:8c:1b:e4:49:11:46:a9:bd:
68:7b:f9:2c:fd:e0:a2:a0:37:9c:a5:37:57:d1:5b:
ad:63:e5:39:8a:4f:b3:02:82:46:70:0b:a2:4e:0e:
ad:66:14:49:17:6d:5e:0a:6d:59:64:9b:14:52:d7:
20:e8:d4:34:00:a9:fc:7c:08:7f:1d:f2:a4:14:9d:
e5:a2:6b:1a:94:27:ed:60:34:5b:19:38:5d:f3:5d:
51:11:d0:a8:a7:65:3d:ac:51:f5:cf:62:c6:ff:8f:
1a:30:a4:5d:f2:20:b5:5a:97:b9:35:6d:49:c0:26:
4e:76:68:e2:09:4b:6c:b4:90:48:04:ff:53:ba:a0:
29:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:61:82:84:8D:1B:1C:9C:42:B9:8B:0A:E7:3B:A1:FC:3D:79:97:53
X509v3 Authority Key Identifier:
keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/EWGChI0bHJxCuYsK5zuh_D15l1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.52.0/22
91.195.116.0/23
94.199.168.0/21
185.31.212.0/22
185.252.36.0/22
IPv6:
2a02:1688::/32
Signature Algorithm: sha256WithRSAEncryption
03:38:c4:c9:34:6f:3f:d6:29:30:76:a4:c5:01:57:f7:21:a0:
f0:6b:f4:21:69:81:f9:20:9b:dd:d1:20:00:72:23:90:9b:13:
4e:79:17:71:06:3e:0e:7d:aa:af:8e:ae:9d:56:e1:6b:4e:5d:
cf:30:83:90:74:d1:8a:00:81:59:37:6b:8c:21:a2:10:20:bc:
c0:43:ec:81:22:be:f2:d8:f5:2d:d6:23:d4:08:49:8e:11:f4:
80:dd:1c:f2:57:7f:bc:3d:6e:b4:96:81:cf:12:77:6f:a8:13:
cc:d8:69:e7:48:93:b1:df:52:af:8b:8d:4e:5b:a4:ae:6e:46:
81:fc:f4:67:4a:bd:9a:f6:94:68:c6:18:56:0e:cf:84:73:71:
00:98:f8:9d:fe:53:28:e1:71:ab:dd:68:c6:b8:72:87:65:e3:
83:6d:87:e2:fa:f2:9f:54:80:3e:d4:65:e6:06:f5:0f:19:d7:
b7:ac:97:10:0d:6e:18:f2:fb:52:a4:7e:77:86:f7:c5:9e:25:
84:53:18:33:0b:bf:b3:f6:44:00:23:98:c2:7f:ae:d4:6d:68:
c6:34:a2:2a:68:76:46:f6:3a:3e:ee:de:af:61:c0:d0:4e:fb:
ca:ec:47:52:fd:81:21:d3:d9:cd:51:b9:cb:c4:ea:e9:34:41:
ab:56:a4:bc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGuSfMoHLKPoJ1U8ALFMx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi
ZDQ1YmMwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTYxODI4NDhkMWIxYzljNDJiOThiMGFlNzNiYTFmYzNkNzk5NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokVj1rROI8DKynZHDn6Ah8yeYI5a
iWqHctOU5YMdcKK2HYPFC5IVv3vFF3+U4Jwgw0kMffHFa7VRcM3Bzepc+/td6CMi
yQxfKp1utE3h1IF35aAIbh5JRvl/395qHOdPnPIg4Yl9Xcg4sRwsYxPi1H/41Jdx
hfP76TZr/CtGjBvkSRFGqb1oe/ks/eCioDecpTdX0VutY+U5ik+zAoJGcAuiTg6t
ZhRJF21eCm1ZZJsUUtcg6NQ0AKn8fAh/HfKkFJ3lomsalCftYDRbGThd811REdCo
p2U9rFH1z2LG/48aMKRd8iC1Wpe5NW1JwCZOdmjiCUtstJBIBP9TuqAppQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBFhgoSNGxycQrmLCuc7ofw9eZdTMB8GA1UdIwQY
MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt
ZWU4MGEyZDI5NTJkLzEvRVdHQ2hJMGJISnhDdVlzSzV6dWhfRDE1bDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk
LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLZg0AwQB
W8N0AwQDXseoAwQCuR/UAwQCufwkMA0EAgACMAcDBQAqAhaIMA0GCSqGSIb3DQEB
CwUAA4IBAQADOMTJNG8/1ikwdqTFAVf3IaDwa/QhaYH5IJvd0SAAciOQmxNOeRdx
Bj4Ofaqvjq6dVuFrTl3PMIOQdNGKAIFZN2uMIaIQILzAQ+yBIr7y2PUt1iPUCEmO
EfSA3RzyV3+8PW60loHPEndvqBPM2GnnSJOx31Kvi41OW6SubkaB/PRnSr2a9pRo
xhhWDs+Ec3EAmPid/lMo4XGr3WjGuHKHZeODbYfi+vKfVIA+1GXmBvUPGde3rJcQ
DW4Y8vtSpH53hvfFniWEUxgzC7+z9kQAI5jCf67UbWjGNKIqaHZG9jo+7t6vYcDQ
TvvK7EdS/YEh09nNUbnLxOrpNEGrVqS8
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:28 2025 by rpki-client