Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/bMNEKoZxbTw3GYG5u7LKSZl2Dzs.roa
File: bMNEKoZxbTw3GYG5u7LKSZl2Dzs.roa (raw, json)
Hash identifier: iuiZ4xeSGHC2Sh9QS5njdhSYDgRS6Y4Jwsdsrj6QxrQ=
Subject key identifier: 6C:C3:44:2A:86:71:6D:3C:37:19:81:B9:BB:B2:CA:49:99:76:0F:3B
Certificate issuer: /CN=dd82de4f1304339fde527ba06033ca9e511171bd
Certificate serial: 01886910BEBA59EF835AD40B4DB0F3B564B2
Authority key identifier: DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/bMNEKoZxbTw3GYG5u7LKSZl2Dzs.roa
Signing time: Mon 29 May 2023 19:51:24 +0000
ROA not before: Mon 29 May 2023 19:51:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48551
IP address blocks: 195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.190.0/23 maxlen: 23
157.119.191.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
45.94.252.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
185.86.182.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:69:10:be:ba:59:ef:83:5a:d4:0b:4d:b0:f3:b5:64:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd82de4f1304339fde527ba06033ca9e511171bd
Validity
Not Before: May 29 19:51:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cc3442a86716d3c371981b9bbb2ca4999760f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:00:5a:8c:eb:94:d2:c3:d5:da:cc:eb:86:82:
d0:47:dd:fc:e7:de:f3:79:c4:d1:ff:83:c4:c8:ea:
94:2d:61:f3:9c:35:a5:17:7e:99:44:e2:bd:51:eb:
54:ea:d2:74:45:aa:04:4b:8f:df:cd:99:fc:7a:e3:
02:d5:17:fb:c7:96:18:53:cc:52:45:9e:30:d2:12:
1d:57:df:ec:65:ce:f4:00:ed:01:d9:7e:ba:c4:55:
cd:5d:19:97:f1:c0:14:9a:92:71:4c:50:d7:72:79:
5d:64:63:68:c2:19:49:ca:db:ef:66:63:3a:1e:4e:
c9:57:08:2c:76:e6:f5:7a:dc:93:ab:cd:99:fa:1f:
da:be:67:c2:72:15:87:a0:05:0c:54:06:15:63:44:
97:6c:53:80:4c:5d:4a:e7:3a:e3:54:8b:0c:33:33:
61:40:af:fe:97:1c:0b:e6:d4:67:96:79:21:a4:a5:
bb:3c:d4:85:f6:aa:ab:9b:7d:fa:77:ac:9a:3d:08:
46:66:a0:1b:3b:c5:ec:13:fd:4f:ab:57:ce:81:6f:
de:26:91:18:68:94:20:05:b8:72:f4:42:04:bd:6c:
da:98:fa:50:5f:02:95:3b:55:93:4b:5b:56:e6:69:
c7:e1:66:a5:9f:12:b6:ae:5d:39:1d:2a:95:4d:fc:
5f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C3:44:2A:86:71:6D:3C:37:19:81:B9:BB:B2:CA:49:99:76:0F:3B
X509v3 Authority Key Identifier:
keyid:DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/bMNEKoZxbTw3GYG5u7LKSZl2Dzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/3YLeTxMEM5_eUnugYDPKnlERcb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.252.0/24
45.94.254.0/23
45.159.196.0/22
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.86.180.0-185.86.182.255
185.236.36.0/22
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
0c:50:1a:01:4a:84:22:2d:00:35:a1:4a:2d:17:8f:3c:39:e8:
4d:f5:b5:e1:83:1e:2b:35:f9:1a:c7:54:1b:c4:25:07:fc:dc:
f7:84:f0:46:ae:1d:51:f4:2e:da:20:1e:ce:12:0d:2b:97:81:
b2:a7:63:18:57:0f:cc:b5:06:c1:6a:28:05:09:16:c5:46:c8:
fc:a6:05:0c:53:81:9e:55:75:8f:ab:b3:e8:37:4d:bd:80:31:
ac:f9:bf:b3:da:08:6d:93:e0:ef:f6:57:be:37:cd:f4:63:9c:
e8:c6:af:e6:87:a8:1e:3d:66:33:90:cd:5e:d7:33:68:bd:e1:
5f:24:53:b2:5d:76:75:9b:b5:62:6c:cf:a1:20:d1:89:b3:37:
c4:cd:c7:bd:62:93:da:1c:c0:27:95:26:d6:35:55:39:60:bd:
be:d3:31:b9:8a:76:47:de:b9:54:29:94:fa:5e:31:fd:39:0d:
51:3b:c0:64:84:b5:12:f4:a7:78:49:94:cb:f5:00:ab:50:99:
80:24:c5:17:49:c4:a4:b7:c4:83:3b:16:3a:b3:24:81:81:9f:
2b:95:0d:60:0e:40:ab:05:dd:46:c2:f5:1f:45:06:3d:a4:0b:
2f:83:6f:28:89:27:00:e0:6f:11:f2:31:1b:21:1a:a7:54:37:
1a:b6:b1:ed
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYhpEL66We+DWtQLTbDztWSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkODJkZTRmMTMwNDMzOWZkZTUyN2JhMDYwMzNjYTllNTEx
MTcxYmQwHhcNMjMwNTI5MTk1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2MzNDQyYTg2NzE2ZDNjMzcxOTgxYjliYmIyY2E0OTk5NzYwZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswBajOuU0sPV2szrhoLQR938597z
ecTR/4PEyOqULWHznDWlF36ZROK9UetU6tJ0RaoES4/fzZn8euMC1Rf7x5YYU8xS
RZ4w0hIdV9/sZc70AO0B2X66xFXNXRmX8cAUmpJxTFDXcnldZGNowhlJytvvZmM6
Hk7JVwgsdub1etyTq82Z+h/avmfCchWHoAUMVAYVY0SXbFOATF1K5zrjVIsMMzNh
QK/+lxwL5tRnlnkhpKW7PNSF9qqrm336d6yaPQhGZqAbO8XsE/1Pq1fOgW/eJpEY
aJQgBbhy9EIEvWzamPpQXwKVO1WTS1tW5mnH4WalnxK2rl05HSqVTfxf5QIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFGzDRCqGcW08NxmBubuyykmZdg87MB8GA1UdIwQY
MBaAFN2C3k8TBDOf3lJ7oGAzyp5REXG9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1lMZVR4TUVNNV9lVW51Z1lEUEtubEVSY2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mOGJiMWItZDZmZC00OWExLTk2NTMt
ZmYxNTdiZWYwNjIxLzEvYk1ORUtvWnhiVHczR1lHNXU3TEtTWmwyRHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mOGJiMWItZDZmZC00OWExLTk2NTMtZmYxNTdiZWYwNjIx
LzEvM1lMZVR4TUVNNV9lVW51Z1lEUEtubEVSY2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQALV78AwQB
LV7+AwQCLZ/EAwQCZ9g8AwQAnXe8AwQBnXe+MAwDBAK5VrQDBAC5VrYDBAK57CQD
BAHDcgQDBAHDcggwDQQCAAIwBwMFAyoNlQAwDQYJKoZIhvcNAQELBQADggEBAAxQ
GgFKhCItADWhSi0Xjzw56E31teGDHis1+RrHVBvEJQf83PeE8EauHVH0LtogHs4S
DSuXgbKnYxhXD8y1BsFqKAUJFsVGyPymBQxTgZ5VdY+rs+g3Tb2AMaz5v7PaCG2T
4O/2V743zfRjnOjGr+aHqB49ZjOQzV7XM2i94V8kU7JddnWbtWJsz6Eg0YmzN8TN
x71ik9ocwCeVJtY1VTlgvb7TMbmKdkfeuVQplPpeMf05DVE7wGSEtRL0p3hJlMv1
AKtQmYAkxRdJxKS3xIM7FjqzJIGBnyuVDWAOQKsF3UbC9R9FBj2kCy+DbyiJJwDg
bxHyMRshGqdUNxq2se0=
-----END CERTIFICATE-----
Generated at Wed Nov 29 15:07:33 2023 by rpki-client on console-ams.rpki-client.org