Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e02b9b-5bb2-4b31-b68e-f1e1abb874dc/1/RCtS1oit9gQrdZRp0uRZYfw6gyY.roa
File: RCtS1oit9gQrdZRp0uRZYfw6gyY.roa (raw, json)
Hash identifier: agFE1P5eaYeFjiWBxL6gal75QwxIuep/hmg9jW9mpCc=
Subject key identifier: 44:2B:52:D6:88:AD:F6:04:2B:75:94:69:D2:E4:59:61:FC:3A:83:26
Certificate issuer: /CN=fd00e5fbe33e4fdc9e7cd442743ac75861f5619d
Certificate serial: 0A056E0C
Authority key identifier: FD:00:E5:FB:E3:3E:4F:DC:9E:7C:D4:42:74:3A:C7:58:61:F5:61:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_QDl--M-T9yefNRCdDrHWGH1YZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e02b9b-5bb2-4b31-b68e-f1e1abb874dc/1/RCtS1oit9gQrdZRp0uRZYfw6gyY.roa
Signing time: Sat 01 Jan 2022 06:01:20 +0000
ROA not before: Sat 01 Jan 2022 06:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34296
IP address blocks: 185.19.152.0/22 maxlen: 24
95.173.224.0/19 maxlen: 24
217.65.176.0/20 maxlen: 24
109.228.192.0/18 maxlen: 24
37.130.64.0/18 maxlen: 24
46.1.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168128012 (0xa056e0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd00e5fbe33e4fdc9e7cd442743ac75861f5619d
Validity
Not Before: Jan 1 06:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=442b52d688adf6042b759469d2e45961fc3a8326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9f:49:f2:0d:03:20:9f:49:62:d5:17:2e:ba:
a5:a5:75:65:8b:b5:51:6e:ef:21:b1:f0:bf:01:18:
78:70:6a:72:6b:70:ce:2a:53:71:7c:b5:2b:c8:95:
2d:da:20:30:58:f4:7e:91:72:c9:2b:46:71:68:af:
4d:86:38:2f:78:43:c3:23:1f:7d:a0:11:4f:f4:1d:
23:8e:65:83:e9:1e:3d:e6:bd:46:f9:49:fd:c5:37:
bf:8e:82:40:2b:fc:bc:0a:52:25:fb:b9:44:da:f7:
e8:df:31:ef:93:c7:5b:2e:71:20:a0:71:b5:c5:56:
1c:f8:80:77:a9:40:dc:d4:c8:9f:a8:8f:46:20:6e:
19:75:3f:75:3b:26:6a:f6:2e:42:3f:30:3c:06:d1:
fb:ab:70:7f:38:b7:7d:3c:1e:48:08:9d:c4:68:e6:
26:b8:5a:bc:42:29:25:3d:7f:33:11:87:98:bc:f0:
e2:ce:91:c4:5f:b2:1c:6c:ad:39:a6:19:65:0b:06:
54:bf:9e:15:05:91:a7:d9:13:2d:b2:3f:c8:21:f6:
b6:0b:23:86:a2:e2:fc:7c:a1:3d:b7:48:fc:63:77:
4f:29:94:8b:80:45:7e:14:40:41:2b:d4:f6:f7:df:
e2:94:2e:50:1c:36:ce:2a:09:88:56:be:15:da:c5:
f0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2B:52:D6:88:AD:F6:04:2B:75:94:69:D2:E4:59:61:FC:3A:83:26
X509v3 Authority Key Identifier:
keyid:FD:00:E5:FB:E3:3E:4F:DC:9E:7C:D4:42:74:3A:C7:58:61:F5:61:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_QDl--M-T9yefNRCdDrHWGH1YZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e02b9b-5bb2-4b31-b68e-f1e1abb874dc/1/RCtS1oit9gQrdZRp0uRZYfw6gyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e02b9b-5bb2-4b31-b68e-f1e1abb874dc/1/_QDl--M-T9yefNRCdDrHWGH1YZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.64.0/18
46.1.0.0/16
95.173.224.0/19
109.228.192.0/18
185.19.152.0/22
217.65.176.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:3a:01:4d:b7:cf:2f:47:42:29:3b:13:e7:f7:83:dc:00:06:
ee:65:1d:d0:f5:f8:8e:f3:5a:f4:dd:94:f5:20:bd:cf:93:1a:
81:ea:a6:49:c8:32:06:eb:cc:bf:87:f8:db:81:74:dc:a6:ee:
33:f4:f1:5a:34:ae:4c:e1:1c:3c:d3:c2:78:c9:c3:07:32:c5:
cb:85:db:d5:e3:f9:ac:be:23:82:a9:70:52:5d:cc:b2:42:ec:
ff:ad:ea:d2:98:c9:ae:7f:a3:db:16:2e:a8:9f:68:3e:5f:06:
34:3f:58:08:ba:1f:d1:ed:ee:54:48:17:01:b2:f2:76:1c:93:
27:e2:83:3b:ff:4f:0c:62:aa:8e:f6:ab:91:9f:69:cf:73:67:
3a:ac:51:7d:77:39:15:50:e1:ef:fb:b1:66:98:51:3c:62:65:
14:27:53:de:52:85:7e:04:4e:dd:af:a2:e9:c6:4c:f7:52:0b:
5f:8c:48:2f:19:e6:bc:3d:ed:59:1f:38:00:a3:7a:89:d8:86:
c3:0f:1d:09:0d:eb:ae:d1:be:d6:7e:ea:52:44:6a:83:56:ef:
69:8e:e2:0c:45:12:76:ae:b9:99:ed:b9:3b:12:89:dd:8d:e3:
62:1f:01:21:5d:c5:62:2e:df:9f:6f:b0:7e:55:2f:50:a9:05:
ae:fb:2a:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECgVuDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDAwZTVmYmUzM2U0ZmRjOWU3Y2Q0NDI3NDNhYzc1ODYxZjU2MTlkMB4XDTIyMDEw
MTA2MDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQyYjUyZDY4OGFk
ZjYwNDJiNzU5NDY5ZDJlNDU5NjFmYzNhODMyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCfSfINAyCfSWLVFy66paV1ZYu1UW7vIbHwvwEYeHBqcmtw
zipTcXy1K8iVLdogMFj0fpFyyStGcWivTYY4L3hDwyMffaART/QdI45lg+kePea9
RvlJ/cU3v46CQCv8vApSJfu5RNr36N8x75PHWy5xIKBxtcVWHPiAd6lA3NTIn6iP
RiBuGXU/dTsmavYuQj8wPAbR+6twfzi3fTweSAidxGjmJrhavEIpJT1/MxGHmLzw
4s6RxF+yHGytOaYZZQsGVL+eFQWRp9kTLbI/yCH2tgsjhqLi/HyhPbdI/GN3TymU
i4BFfhRAQSvU9vff4pQuUBw2zioJiFa+FdrF8FkCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBREK1LWiK32BCt1lGnS5Flh/DqDJjAfBgNVHSMEGDAWgBT9AOX74z5P3J58
1EJ0OsdYYfVhnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19RRGwtLU0tVDl5ZWZOUkNkRHJIV0dIMVlaMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvZTAyYjliLTViYjItNGIzMS1iNjhlLWYxZTFhYmI4NzRkYy8x
L1JDdFMxb2l0OWdRcmRaUnAwdVJaWWZ3Nmd5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
ZTAyYjliLTViYjItNGIzMS1iNjhlLWYxZTFhYmI4NzRkYy8xL19RRGwtLU0tVDl5
ZWZOUkNkRHJIV0dIMVlaMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswKQQCAAEwIwMEBiWCQAMDAC4BAwQFX63gAwQGbeTA
AwQCuROYAwQE2UGwMA0GCSqGSIb3DQEBCwUAA4IBAQBcOgFNt88vR0IpOxPn94Pc
AAbuZR3Q9fiO81r03ZT1IL3PkxqB6qZJyDIG68y/h/jbgXTcpu4z9PFaNK5M4Rw8
08J4ycMHMsXLhdvV4/msviOCqXBSXcyyQuz/rerSmMmuf6PbFi6on2g+XwY0P1gI
uh/R7e5USBcBsvJ2HJMn4oM7/08MYqqO9quRn2nPc2c6rFF9dzkVUOHv+7FmmFE8
YmUUJ1PeUoV+BE7dr6Lpxkz3UgtfjEgvGea8Pe1ZHzgAo3qJ2IbDDx0JDeuu0b7W
fupSRGqDVu9pjuIMRRJ2rrmZ7bk7EondjeNiHwEhXcViLt+fb7B+VS9QqQWu+yoY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:20 2025 by rpki-client