Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/QSAvIjWDXSavkl_twra6Nu-TaH0.roa
File: QSAvIjWDXSavkl_twra6Nu-TaH0.roa (raw, json)
Hash identifier: McrRH82ochsa+5tMRbX7trgdHrUKNga0cTnTO4YNUUk=
Subject key identifier: 41:20:2F:22:35:83:5D:26:AF:92:5F:ED:C2:B6:BA:36:EF:93:68:7D
Certificate issuer: /CN=13349545ab8bfd265273e8d4843b98bf0b4148f2
Certificate serial: 01856FF9482F5918BA6192A9071390C54E28
Authority key identifier: 13:34:95:45:AB:8B:FD:26:52:73:E8:D4:84:3B:98:BF:0B:41:48:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzSVRauL_SZSc-jUhDuYvwtBSPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/QSAvIjWDXSavkl_twra6Nu-TaH0.roa
Signing time: Mon 02 Jan 2023 00:54:45 +0000
ROA not before: Mon 02 Jan 2023 00:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50563
IP address blocks: 152.89.182.0/23 maxlen: 23
152.89.182.0/24 maxlen: 24
152.89.180.0/24 maxlen: 24
152.89.180.0/23 maxlen: 23
152.89.180.0/22 maxlen: 22
152.89.183.0/24 maxlen: 24
152.89.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:48:2f:59:18:ba:61:92:a9:07:13:90:c5:4e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13349545ab8bfd265273e8d4843b98bf0b4148f2
Validity
Not Before: Jan 2 00:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41202f2235835d26af925fedc2b6ba36ef93687d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:af:bc:ac:f7:4d:5d:94:9a:03:03:80:39:84:
a6:9d:32:25:d2:52:c1:b6:b9:f2:03:8e:dd:73:f3:
6b:e5:48:2a:b4:10:00:ce:d1:3c:5c:c8:28:86:40:
c4:41:bf:1f:60:fc:ad:0e:03:76:d5:41:45:b4:91:
f1:39:be:04:b9:93:31:22:9f:63:06:07:78:f1:22:
0b:36:77:99:7d:b9:63:a4:44:16:37:47:7f:fd:6d:
43:dd:1e:22:1a:26:c8:86:0f:29:b6:52:5c:5e:b8:
5b:c9:97:9b:fd:50:93:b3:1c:c5:0b:58:95:ea:a0:
1a:56:ec:33:6b:07:bc:99:09:18:80:59:5e:5f:34:
62:ff:d8:ea:91:ef:5e:c3:26:72:a2:82:83:44:ab:
75:fe:ee:20:11:5e:50:dc:a0:30:d9:9d:1a:92:94:
bd:b3:71:3b:40:e0:02:65:a7:5c:13:9d:67:d3:07:
37:3f:22:1b:16:99:12:9c:44:ed:49:18:fb:42:c4:
f6:13:29:cf:ec:8f:7a:4a:f0:b4:b8:94:4a:34:c1:
e2:66:5b:6b:f7:72:3b:f4:33:18:8b:71:6f:d5:37:
e0:39:74:3b:0b:21:10:a0:71:05:61:7c:82:03:95:
42:9d:9e:d3:c1:38:1b:ca:0c:1f:80:e2:6f:9f:0d:
60:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:20:2F:22:35:83:5D:26:AF:92:5F:ED:C2:B6:BA:36:EF:93:68:7D
X509v3 Authority Key Identifier:
keyid:13:34:95:45:AB:8B:FD:26:52:73:E8:D4:84:3B:98:BF:0B:41:48:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzSVRauL_SZSc-jUhDuYvwtBSPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/QSAvIjWDXSavkl_twra6Nu-TaH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/175260-8f9a-4b7f-b011-4c2647a58967/1/EzSVRauL_SZSc-jUhDuYvwtBSPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.180.0/22
Signature Algorithm: sha256WithRSAEncryption
15:4f:7b:3c:af:b0:e5:5d:f5:b5:d5:8e:ab:6c:7c:6e:d2:c9:
79:c5:00:eb:3b:5b:67:a4:c6:2b:5e:dc:f2:64:40:b4:ca:b0:
27:99:a0:ed:c2:e7:64:22:93:f1:5b:32:7d:73:8c:76:cc:60:
8b:ee:8a:83:e7:4d:b5:aa:7c:a6:98:9a:b0:93:0a:4b:31:c2:
e1:45:99:11:49:e2:26:e9:d7:6b:b0:ec:28:15:2a:69:03:8f:
ea:55:d3:8d:2f:4e:c8:87:1f:59:e9:05:b2:1b:fe:f6:6a:97:
e2:9d:7d:09:bc:47:39:ba:73:da:52:4b:5b:5a:83:c9:18:0f:
b8:fb:bd:be:52:4c:a4:43:9c:08:80:6e:c4:58:aa:61:ec:c9:
06:57:ec:53:bc:4b:28:fa:c1:0a:35:66:dd:a9:76:18:b9:2b:
02:eb:e5:2f:28:3e:43:63:9a:bf:70:e0:df:f4:47:48:82:89:
fa:9e:51:4c:c6:48:35:99:2e:a6:46:04:41:c3:00:7b:f2:7f:
6e:56:4b:3e:70:cf:96:3a:c2:71:5d:fc:15:7b:b9:17:6c:c8:
4c:e1:80:af:c1:fd:31:4c:cd:c5:a0:1f:8e:4c:0c:9e:8e:b3:
98:94:bb:ad:e3:94:f5:96:3f:be:0f:82:54:0d:78:1a:68:07:
6a:65:5e:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+UgvWRi6YZKpBxOQxU4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMzQ5NTQ1YWI4YmZkMjY1MjczZThkNDg0M2I5OGJmMGI0
MTQ4ZjIwHhcNMjMwMTAyMDA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTIwMmYyMjM1ODM1ZDI2YWY5MjVmZWRjMmI2YmEzNmVmOTM2ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa+8rPdNXZSaAwOAOYSmnTIl0lLB
trnyA47dc/Nr5UgqtBAAztE8XMgohkDEQb8fYPytDgN21UFFtJHxOb4EuZMxIp9j
Bgd48SILNneZfbljpEQWN0d//W1D3R4iGibIhg8ptlJcXrhbyZeb/VCTsxzFC1iV
6qAaVuwzawe8mQkYgFleXzRi/9jqke9ewyZyooKDRKt1/u4gEV5Q3KAw2Z0akpS9
s3E7QOACZadcE51n0wc3PyIbFpkSnETtSRj7QsT2EynP7I96SvC0uJRKNMHiZltr
93I79DMYi3Fv1TfgOXQ7CyEQoHEFYXyCA5VCnZ7TwTgbygwfgOJvnw1gnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEgLyI1g10mr5Jf7cK2ujbvk2h9MB8GA1UdIwQY
MBaAFBM0lUWri/0mUnPo1IQ7mL8LQUjyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXpTVlJhdUxfU1pTYy1qVWhEdVl2d3RCU1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xNzUyNjAtOGY5YS00YjdmLWIwMTEt
NGMyNjQ3YTU4OTY3LzEvUVNBdklqV0RYU2F2a2xfdHdyYTZOdS1UYUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xNzUyNjAtOGY5YS00YjdmLWIwMTEtNGMyNjQ3YTU4OTY3
LzEvRXpTVlJhdUxfU1pTYy1qVWhEdVl2d3RCU1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFm0MA0G
CSqGSIb3DQEBCwUAA4IBAQAVT3s8r7DlXfW11Y6rbHxu0sl5xQDrO1tnpMYrXtzy
ZEC0yrAnmaDtwudkIpPxWzJ9c4x2zGCL7oqD5021qnymmJqwkwpLMcLhRZkRSeIm
6ddrsOwoFSppA4/qVdONL07Ihx9Z6QWyG/72apfinX0JvEc5unPaUktbWoPJGA+4
+72+UkykQ5wIgG7EWKph7MkGV+xTvEso+sEKNWbdqXYYuSsC6+UvKD5DY5q/cODf
9EdIgon6nlFMxkg1mS6mRgRBwwB78n9uVks+cM+WOsJxXfwVe7kXbMhM4YCvwf0x
TM3FoB+OTAyejrOYlLut45T1lj++D4JUDXgaaAdqZV6G
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:07:05 2025 by rpki-client