Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a19618-186f-484d-ad46-42d34f31f7b7/1/Vm0s8tE4k_7exEfdJ23x9qqpRO4.roa
File: Vm0s8tE4k_7exEfdJ23x9qqpRO4.roa (raw, json)
Hash identifier: YauLOZ4D0NPrq9Hg8wU2rFlUjbJNftVcMVlSdIRh3z4=
Subject key identifier: 56:6D:2C:F2:D1:38:93:FE:DE:C4:47:DD:27:6D:F1:F6:AA:A9:44:EE
Certificate issuer: /CN=88f43a03028c692b15342381685b4280eb170ee5
Certificate serial: 281359DB
Authority key identifier: 88:F4:3A:03:02:8C:69:2B:15:34:23:81:68:5B:42:80:EB:17:0E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPQ6AwKMaSsVNCOBaFtCgOsXDuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a19618-186f-484d-ad46-42d34f31f7b7/1/Vm0s8tE4k_7exEfdJ23x9qqpRO4.roa
Signing time: Sat 01 Jan 2022 07:01:52 +0000
ROA not before: Sat 01 Jan 2022 07:01:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12714
IP address blocks: 176.77.64.0/18 maxlen: 18
109.170.0.0/17 maxlen: 24
176.77.0.0/18 maxlen: 18
46.72.0.0/16 maxlen: 16
176.195.0.0/16 maxlen: 16
46.73.0.0/16 maxlen: 21
212.1.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 672356827 (0x281359db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f43a03028c692b15342381685b4280eb170ee5
Validity
Not Before: Jan 1 07:01:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=566d2cf2d13893fedec447dd276df1f6aaa944ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3b:27:3c:3b:34:6c:72:09:23:d9:f1:fe:9d:
d2:27:6c:0f:1f:e0:28:a2:f5:8d:2b:c8:88:9a:0d:
5c:98:e9:d5:2f:7d:b1:63:c0:0c:8a:5c:f1:68:12:
35:93:3c:24:2f:de:54:73:5b:ab:9d:d3:22:6d:e5:
30:44:ce:e0:92:82:dc:02:9f:83:17:a2:a1:a2:fa:
50:48:b6:47:3c:fd:76:e6:34:da:71:46:f3:84:9b:
19:e4:68:0f:59:ca:a4:dc:de:e8:21:fe:43:94:8a:
76:bf:7e:72:ce:1c:5e:8f:0e:96:bf:58:46:f2:88:
7f:26:c9:64:a8:42:56:dd:14:e6:33:7c:a6:f6:2e:
c2:bc:24:24:54:f7:e0:38:f8:e1:46:18:f4:3d:b6:
92:32:ae:06:38:0e:44:1c:81:73:01:4a:96:f3:3a:
ff:ae:88:81:13:c7:f8:7e:18:a3:15:29:0d:4c:22:
ea:9d:62:12:88:0e:5f:32:67:8b:6c:a6:36:1b:71:
38:dd:56:20:1c:80:1f:3f:d8:11:a8:d2:7c:80:90:
19:e1:d7:d8:87:7d:ce:e5:97:da:bf:68:69:de:ce:
ac:dc:4a:29:26:af:74:be:9f:f4:29:92:d8:31:63:
c0:f4:75:7f:5e:a6:7c:50:77:b8:eb:28:41:59:17:
e5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:6D:2C:F2:D1:38:93:FE:DE:C4:47:DD:27:6D:F1:F6:AA:A9:44:EE
X509v3 Authority Key Identifier:
keyid:88:F4:3A:03:02:8C:69:2B:15:34:23:81:68:5B:42:80:EB:17:0E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPQ6AwKMaSsVNCOBaFtCgOsXDuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a19618-186f-484d-ad46-42d34f31f7b7/1/Vm0s8tE4k_7exEfdJ23x9qqpRO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a19618-186f-484d-ad46-42d34f31f7b7/1/iPQ6AwKMaSsVNCOBaFtCgOsXDuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.72.0.0/15
109.170.0.0/17
176.77.0.0/17
176.195.0.0/16
212.1.224.0/19
Signature Algorithm: sha256WithRSAEncryption
72:8c:39:51:b1:84:53:95:87:f4:b9:99:62:a5:27:53:f5:84:
04:2d:cb:44:5d:ae:79:10:e7:a1:57:94:2b:98:34:98:7f:85:
59:66:5d:b1:03:83:fe:8b:86:40:5c:24:77:98:3a:cc:fc:07:
87:f2:e4:ab:13:26:71:96:a9:86:46:40:ee:6d:df:b3:62:b1:
ad:da:41:09:cf:f0:46:9d:4b:08:66:8d:75:5b:da:42:13:65:
ab:f3:e3:f4:f9:fe:6f:c4:5c:40:b1:f5:35:81:63:31:95:6d:
8e:e8:f5:84:20:46:54:70:1c:d0:70:9b:c0:fa:b1:ba:24:5f:
1c:0f:93:c5:58:82:7b:81:db:d2:bc:52:00:5c:d4:1c:c0:d3:
4a:3f:40:f0:10:24:dd:d8:1c:90:80:f0:47:46:8c:ee:0a:86:
ab:ae:b4:09:dd:53:ce:a2:20:87:87:56:96:81:ac:85:ae:9e:
96:0f:2f:ed:78:22:e7:77:90:c6:bb:06:c6:4e:4e:24:74:73:
74:ee:f4:e5:e2:be:67:9a:0e:39:5f:a8:5e:c4:70:0a:f8:d3:
c2:00:32:3f:c5:6d:a6:b2:cf:54:e8:30:7b:c6:b2:c7:dd:b9:
52:a9:1b:88:f7:c0:57:96:a2:3a:07:37:ac:4a:73:64:f9:94:
2a:e6:16:3e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEKBNZ2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGY0M2EwMzAyOGM2OTJiMTUzNDIzODE2ODViNDI4MGViMTcwZWU1MB4XDTIyMDEw
MTA3MDE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTY2ZDJjZjJkMTM4
OTNmZWRlYzQ0N2RkMjc2ZGYxZjZhYWE5NDRlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJY7Jzw7NGxyCSPZ8f6d0idsDx/gKKL1jSvIiJoNXJjp1S99
sWPADIpc8WgSNZM8JC/eVHNbq53TIm3lMETO4JKC3AKfgxeioaL6UEi2Rzz9duY0
2nFG84SbGeRoD1nKpNze6CH+Q5SKdr9+cs4cXo8Olr9YRvKIfybJZKhCVt0U5jN8
pvYuwrwkJFT34Dj44UYY9D22kjKuBjgORByBcwFKlvM6/66IgRPH+H4YoxUpDUwi
6p1iEogOXzJni2ymNhtxON1WIByAHz/YEajSfICQGeHX2Id9zuWX2r9oad7OrNxK
KSavdL6f9CmS2DFjwPR1f16mfFB3uOsoQVkX5bcCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRWbSzy0TiT/t7ER90nbfH2qqlE7jAfBgNVHSMEGDAWgBSI9DoDAoxpKxU0
I4FoW0KA6xcO5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lQUTZBd0tNYVNzVk5DT0JhRnRDZ09zWER1VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvYTE5NjE4LTE4NmYtNDg0ZC1hZDQ2LTQyZDM0ZjMxZjdiNy8x
L1ZtMHM4dEU0a183ZXhFZmRKMjN4OXFxcFJPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
YTE5NjE4LTE4NmYtNDg0ZC1hZDQ2LTQyZDM0ZjMxZjdiNy8xL2lQUTZBd0tNYVNz
Vk5DT0JhRnRDZ09zWER1VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHAMDAS5IAwQHbaoAAwQHsE0AAwMAsMMD
BAXUAeAwDQYJKoZIhvcNAQELBQADggEBAHKMOVGxhFOVh/S5mWKlJ1P1hAQty0Rd
rnkQ56FXlCuYNJh/hVlmXbEDg/6LhkBcJHeYOsz8B4fy5KsTJnGWqYZGQO5t37Ni
sa3aQQnP8EadSwhmjXVb2kITZavz4/T5/m/EXECx9TWBYzGVbY7o9YQgRlRwHNBw
m8D6sbokXxwPk8VYgnuB29K8UgBc1BzA00o/QPAQJN3YHJCA8EdGjO4KhquutAnd
U86iIIeHVpaBrIWunpYPL+14Iud3kMa7BsZOTiR0c3Tu9OXivmeaDjlfqF7EcAr4
08IAMj/Fbaayz1ToMHvGssfduVKpG4j3wFeWojoHN6xKc2T5lCrmFj4=
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:33:39 2025 by rpki-client