Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/PiROriJpdT23QSax8DSSZgphMk8.roa
File: PiROriJpdT23QSax8DSSZgphMk8.roa (raw, json)
Hash identifier: locDZQSqMrghFJTAITBdgSF0f7s9dqK9UVEPzHCPFvk=
Subject key identifier: 3E:24:4E:AE:22:69:75:3D:B7:41:26:B1:F0:34:92:66:0A:61:32:4F
Certificate issuer: /CN=72978d1d4e7782816ac42da4788e33cbb2487859
Certificate serial: 035CD46A
Authority key identifier: 72:97:8D:1D:4E:77:82:81:6A:C4:2D:A4:78:8E:33:CB:B2:48:78:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpeNHU53goFqxC2keI4zy7JIeFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/PiROriJpdT23QSax8DSSZgphMk8.roa
Signing time: Mon 02 May 2022 12:04:16 +0000
ROA not before: Mon 02 May 2022 12:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398464
IP address blocks: 194.180.232.0/23 maxlen: 24
194.180.236.0/23 maxlen: 24
45.133.112.0/22 maxlen: 24
45.136.24.0/22 maxlen: 24
45.147.8.0/22 maxlen: 24
45.147.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56415338 (0x35cd46a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72978d1d4e7782816ac42da4788e33cbb2487859
Validity
Not Before: May 2 12:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e244eae2269753db74126b1f03492660a61324f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:80:ec:be:88:52:a1:fb:ec:cf:9f:23:b9:3b:
a9:f2:f2:74:a6:23:50:c0:e5:a8:a4:ac:2a:2a:f9:
47:0c:c4:c1:2d:c1:a3:b1:d7:88:1d:32:fa:50:3f:
aa:dc:ec:a0:28:e3:ed:76:e1:b2:7c:1f:51:f0:16:
c1:99:9c:c9:f5:83:aa:3a:d5:20:a3:37:91:a0:db:
51:b4:03:9b:03:f2:5e:bb:77:24:08:a1:27:4c:bd:
bc:41:a7:de:60:1b:a2:e3:26:1b:cc:f8:29:28:33:
6a:f6:27:e0:a4:01:ad:a4:34:47:7e:5a:de:af:68:
72:68:b6:a6:7f:45:00:90:c4:97:17:0f:64:0f:69:
93:18:e7:1b:0e:83:f7:1f:21:29:7d:13:95:1c:12:
ff:fe:e3:24:7a:09:89:5e:4e:2b:30:7d:a8:16:3d:
f6:c7:87:9e:28:06:49:5b:9b:ca:a9:13:85:91:ab:
d7:26:17:c4:25:63:00:9b:89:59:da:8c:fb:44:c7:
85:a3:74:fc:2c:66:7a:9e:00:eb:ac:44:98:f1:ad:
40:c1:12:e6:4b:c6:c0:cb:08:88:80:b8:85:bc:a5:
2f:0e:70:13:8f:50:ac:44:a8:91:77:9f:0f:02:ab:
32:2c:6a:32:c4:e3:c1:38:c7:1f:44:f7:3f:fa:b4:
25:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:24:4E:AE:22:69:75:3D:B7:41:26:B1:F0:34:92:66:0A:61:32:4F
X509v3 Authority Key Identifier:
keyid:72:97:8D:1D:4E:77:82:81:6A:C4:2D:A4:78:8E:33:CB:B2:48:78:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpeNHU53goFqxC2keI4zy7JIeFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/PiROriJpdT23QSax8DSSZgphMk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/22e96f-2451-4e86-a037-8db62ea50995/1/cpeNHU53goFqxC2keI4zy7JIeFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.112.0/22
45.136.24.0/22
45.147.8.0/22
45.147.232.0/22
194.180.232.0/23
194.180.236.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:89:19:83:8f:03:52:3f:d8:e6:bf:86:0a:04:3d:c5:a0:3a:
5d:71:6b:1b:c6:05:e5:fe:48:29:f8:9d:b2:74:c2:c3:e1:c7:
a7:cf:e8:32:8f:6a:33:99:ef:56:59:0f:2b:fe:af:de:d9:17:
8b:c9:2e:c7:fd:74:18:04:c5:35:1d:28:1c:6a:e3:09:fd:2f:
b6:62:95:a9:a2:85:f4:61:a7:79:d1:29:cb:1a:50:04:ba:0f:
e5:16:d0:44:9c:0b:f3:0c:7c:a0:76:29:08:9d:bf:b1:1d:64:
b2:c7:70:64:57:d2:c2:bc:5a:6c:24:77:5f:5c:13:b9:5f:d5:
88:1e:b3:ed:fb:ed:e1:38:ad:6a:45:aa:f4:e0:ed:b0:2a:65:
20:38:a8:68:8b:15:5d:24:46:b6:01:36:ae:1c:96:75:2f:f1:
9e:cd:22:a1:a8:6e:a6:60:76:21:69:1a:e3:23:77:0e:1e:f9:
c1:3d:2b:24:17:7c:52:32:f5:65:22:8f:9b:86:8b:64:5d:c4:
a5:05:58:67:08:ac:64:93:9d:a1:dc:4a:62:bf:0d:a4:9f:d8:
73:df:68:75:f9:17:28:e8:06:fa:ac:34:db:96:6c:1d:8f:e8:
8f:a8:aa:79:f9:98:44:5d:3a:9e:c0:e2:0e:68:12:03:2d:e7:
7b:61:54:49
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA1zUajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Mjk3OGQxZDRlNzc4MjgxNmFjNDJkYTQ3ODhlMzNjYmIyNDg3ODU5MB4XDTIyMDUw
MjEyMDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UyNDRlYWUyMjY5
NzUzZGI3NDEyNmIxZjAzNDkyNjYwYTYxMzI0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWA7L6IUqH77M+fI7k7qfLydKYjUMDlqKSsKir5RwzEwS3B
o7HXiB0y+lA/qtzsoCjj7XbhsnwfUfAWwZmcyfWDqjrVIKM3kaDbUbQDmwPyXrt3
JAihJ0y9vEGn3mAbouMmG8z4KSgzavYn4KQBraQ0R35a3q9ocmi2pn9FAJDElxcP
ZA9pkxjnGw6D9x8hKX0TlRwS//7jJHoJiV5OKzB9qBY99seHnigGSVubyqkThZGr
1yYXxCVjAJuJWdqM+0THhaN0/Cxmep4A66xEmPGtQMES5kvGwMsIiIC4hbylLw5w
E49QrESokXefDwKrMixqMsTjwTjHH0T3P/q0Jb0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ+JE6uIml1PbdBJrHwNJJmCmEyTzAfBgNVHSMEGDAWgBRyl40dTneCgWrE
LaR4jjPLskh4WTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NwZU5IVTUzZ29GcXhDMmtlSTR6eTdKSWVGay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvMjJlOTZmLTI0NTEtNGU4Ni1hMDM3LThkYjYyZWE1MDk5NS8x
L1BpUk9yaUpwZFQyM1FTYXg4RFNTWmdwaE1rOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
MjJlOTZmLTI0NTEtNGU4Ni1hMDM3LThkYjYyZWE1MDk5NS8xL2NwZU5IVTUzZ29G
cXhDMmtlSTR6eTdKSWVGay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi2FcAMEAi2IGAMEAi2TCAMEAi2T
6AMEAcK06AMEAcK07DANBgkqhkiG9w0BAQsFAAOCAQEAL4kZg48DUj/Y5r+GCgQ9
xaA6XXFrG8YF5f5IKfidsnTCw+HHp8/oMo9qM5nvVlkPK/6v3tkXi8kux/10GATF
NR0oHGrjCf0vtmKVqaKF9GGnedEpyxpQBLoP5RbQRJwL8wx8oHYpCJ2/sR1kssdw
ZFfSwrxabCR3X1wTuV/ViB6z7fvt4TitakWq9ODtsCplIDioaIsVXSRGtgE2rhyW
dS/xns0ioahupmB2IWka4yN3Dh75wT0rJBd8UjL1ZSKPm4aLZF3EpQVYZwisZJOd
odxKYr8NpJ/Yc99odfkXKOgG+qw025ZsHY/oj6iqefmYRF06nsDiDmgSAy3ne2FU
SQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:20 2025 by rpki-client