Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/sx-UCsH84Fo5bc2WmQwkmwlKLoA.roa
File: sx-UCsH84Fo5bc2WmQwkmwlKLoA.roa (raw, json)
Hash identifier: Q4Kop0+uG17slbImIq2AZoEMlOj+HfQwg/st4yakPBE=
Subject key identifier: B3:1F:94:0A:C1:FC:E0:5A:39:6D:CD:96:99:0C:24:9B:09:4A:2E:80
Certificate issuer: /CN=628a08e28b31bbe5c1812fda90e7e8c8a48335e8
Certificate serial: 0194266BBD3333D29BBC607B933F110F7D5C
Authority key identifier: 62:8A:08:E2:8B:31:BB:E5:C1:81:2F:DA:90:E7:E8:C8:A4:83:35:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YooI4osxu-XBgS_akOfoyKSDNeg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/sx-UCsH84Fo5bc2WmQwkmwlKLoA.roa
Signing time: Thu 02 Jan 2025 09:49:42 +0000
ROA not before: Thu 02 Jan 2025 09:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199494
IP address blocks: 83.142.216.0/22 maxlen: 22
83.142.220.0/22 maxlen: 22
91.201.88.0/22 maxlen: 22
176.115.80.0/21 maxlen: 21
193.0.192.0/22 maxlen: 22
193.0.196.0/24 maxlen: 24
193.0.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:bd:33:33:d2:9b:bc:60:7b:93:3f:11:0f:7d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=628a08e28b31bbe5c1812fda90e7e8c8a48335e8
Validity
Not Before: Jan 2 09:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b31f940ac1fce05a396dcd96990c249b094a2e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:76:80:d6:14:10:cd:e1:f9:8f:73:84:20:e8:
a2:90:e9:bc:d3:f3:ad:2a:85:8c:8d:d9:57:d1:af:
03:d2:f7:e0:ab:22:18:2d:05:b9:05:62:40:95:78:
81:4c:e5:9c:fd:27:b2:dc:75:06:a6:d9:cf:22:69:
d1:c8:fb:dd:bd:e5:f9:4c:65:ff:9c:a6:29:48:ad:
4b:bf:a9:07:cf:7c:e9:f4:ba:b6:d8:6c:38:e6:c3:
65:b7:8d:5d:1c:99:05:a7:b8:d3:ea:bd:bd:7d:de:
e0:33:b7:e8:88:35:18:a4:06:51:69:09:8f:68:da:
18:15:d9:57:64:69:d1:8e:9b:69:33:4f:82:a8:15:
91:84:8b:29:5c:d1:07:b0:54:28:06:86:f4:73:ac:
3c:50:1f:bc:0d:25:14:2b:63:94:2d:95:9b:12:84:
63:7c:5d:c1:e6:c0:c4:36:97:03:99:3e:a6:7d:96:
07:43:ae:4f:2e:c2:cd:1f:71:22:12:f0:7b:69:a9:
d2:3d:9e:4b:46:6d:b7:12:2d:18:59:24:0b:d3:e9:
0d:5f:61:a4:4a:6d:1f:67:07:f0:a7:5f:c4:cf:84:
5a:f0:db:17:97:32:91:2f:e2:a5:11:de:a9:fe:9c:
01:28:cf:88:0b:64:c3:72:5c:ee:81:42:6e:a5:c5:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1F:94:0A:C1:FC:E0:5A:39:6D:CD:96:99:0C:24:9B:09:4A:2E:80
X509v3 Authority Key Identifier:
keyid:62:8A:08:E2:8B:31:BB:E5:C1:81:2F:DA:90:E7:E8:C8:A4:83:35:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YooI4osxu-XBgS_akOfoyKSDNeg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/sx-UCsH84Fo5bc2WmQwkmwlKLoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/YooI4osxu-XBgS_akOfoyKSDNeg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.216.0/21
91.201.88.0/22
176.115.80.0/21
193.0.192.0-193.0.197.255
Signature Algorithm: sha256WithRSAEncryption
79:64:ae:eb:54:b0:f3:b7:7f:92:42:f4:d3:5b:5d:1b:64:8f:
b9:c9:96:d2:ec:27:81:c7:38:c4:ae:4b:15:c2:c8:85:a7:0d:
08:66:3a:81:3a:be:fe:c3:ea:58:7d:10:92:ac:89:98:a3:c6:
c2:69:eb:07:c8:b0:42:21:90:f4:55:c7:e2:9e:b8:aa:ad:77:
37:e1:f2:2f:05:4c:29:e2:d7:65:32:ed:77:6a:2a:7b:ce:1b:
1e:45:38:fb:5c:21:b0:a9:80:62:b2:93:3f:ae:bd:0c:d4:78:
03:fe:01:60:14:3c:05:de:bb:6a:a6:ba:5d:73:f9:12:95:20:
1d:bb:09:7b:ab:3f:84:73:15:0b:d9:1f:fe:c7:13:51:44:8d:
4e:92:1d:f8:75:c6:60:09:ee:b3:b1:15:1d:7f:e9:6b:56:16:
e1:78:b9:41:6c:7f:50:a7:cc:28:eb:f1:e5:11:a8:51:fc:1d:
7d:4f:ec:18:63:94:22:68:ce:b4:6b:40:95:5e:78:6f:71:00:
d1:8d:65:7c:e4:51:58:b9:35:24:de:c6:de:1a:90:d2:d8:97:
8e:8f:c6:30:57:cf:cf:bd:85:1b:e1:6d:e9:a9:34:8f:a2:cf:
ab:1e:1a:d3:56:a8:1b:53:d4:04:47:ba:fd:22:56:9e:76:ab:
12:4a:06:d7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQma70zM9KbvGB7kz8RD31cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGEwOGUyOGIzMWJiZTVjMTgxMmZkYTkwZTdlOGM4YTQ4
MzM1ZTgwHhcNMjUwMTAyMDk0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFmOTQwYWMxZmNlMDVhMzk2ZGNkOTY5OTBjMjQ5YjA5NGEyZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXaA1hQQzeH5j3OEIOiikOm80/Ot
KoWMjdlX0a8D0vfgqyIYLQW5BWJAlXiBTOWc/Sey3HUGptnPImnRyPvdveX5TGX/
nKYpSK1Lv6kHz3zp9Lq22Gw45sNlt41dHJkFp7jT6r29fd7gM7foiDUYpAZRaQmP
aNoYFdlXZGnRjptpM0+CqBWRhIspXNEHsFQoBob0c6w8UB+8DSUUK2OULZWbEoRj
fF3B5sDENpcDmT6mfZYHQ65PLsLNH3EiEvB7aanSPZ5LRm23Ei0YWSQL0+kNX2Gk
Sm0fZwfwp1/Ez4Ra8NsXlzKRL+KlEd6p/pwBKM+IC2TDclzugUJupcWoNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLMflArB/OBaOW3NlpkMJJsJSi6AMB8GA1UdIwQY
MBaAFGKKCOKLMbvlwYEv2pDn6MikgzXoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9vSTRvc3h1LVhCZ1NfYWtPZm95S1NETmVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NjkzMjUtMTJjMi00ZmMwLWIxOWIt
MGExZDRjMDIyZTUxLzEvc3gtVUNzSDg0Rm81YmMyV21Rd2ttd2xLTG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NjkzMjUtMTJjMi00ZmMwLWIxOWItMGExZDRjMDIyZTUx
LzEvWW9vSTRvc3h1LVhCZ1NfYWtPZm95S1NETmVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDU47YAwQC
W8lYAwQDsHNQMAwDBAbBAMADBAHBAMQwDQYJKoZIhvcNAQELBQADggEBAHlkrutU
sPO3f5JC9NNbXRtkj7nJltLsJ4HHOMSuSxXCyIWnDQhmOoE6vv7D6lh9EJKsiZij
xsJp6wfIsEIhkPRVx+KeuKqtdzfh8i8FTCni12Uy7XdqKnvOGx5FOPtcIbCpgGKy
kz+uvQzUeAP+AWAUPAXeu2qmul1z+RKVIB27CXurP4RzFQvZH/7HE1FEjU6SHfh1
xmAJ7rOxFR1/6WtWFuF4uUFsf1CnzCjr8eURqFH8HX1P7BhjlCJozrRrQJVeeG9x
ANGNZXzkUVi5NSText4akNLYl46PxjBXz8+9hRvhbempNI+iz6seGtNWqBtT1ARH
uv0iVp52qxJKBtc=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:31:07 2025 by rpki-client