Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/k7w_0Uw3wpmNPXoetGTwfY8gkJY.roa
File: k7w_0Uw3wpmNPXoetGTwfY8gkJY.roa (raw, json)
Hash identifier: t3GDEBCJIW0sczgTrYGaHNdAlPrIGLBwEmbVZaOGpoc=
Subject key identifier: 93:BC:3F:D1:4C:37:C2:99:8D:3D:7A:1E:B4:64:F0:7D:8F:20:90:96
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018AEF278790A5CF6E534D5288574D809759
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/k7w_0Uw3wpmNPXoetGTwfY8gkJY.roa
Signing time: Mon 02 Oct 2023 06:50:59 +0000
ROA not before: Mon 02 Oct 2023 06:50:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 94.154.116.0/24 maxlen: 24
194.62.104.0/24 maxlen: 24
5.172.180.0/24 maxlen: 24
185.149.148.0/24 maxlen: 24
185.235.227.0/24 maxlen: 24
185.83.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:27:87:90:a5:cf:6e:53:4d:52:88:57:4d:80:97:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Oct 2 06:50:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93bc3fd14c37c2998d3d7a1eb464f07d8f209096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a2:45:0f:e0:31:6f:2d:8b:6e:f8:0d:d0:4b:
3e:52:f9:44:a3:5b:ca:79:80:bd:da:67:d5:a8:c9:
8d:b6:06:c4:05:c9:eb:59:91:5c:c2:c5:6f:13:ae:
1b:10:5b:b3:18:6b:11:b5:d3:84:62:87:d7:47:f7:
b9:2a:fe:df:15:ae:39:d9:a9:98:f1:8f:37:27:86:
9c:3b:7f:f4:cf:1a:a8:21:2f:0e:bd:13:85:95:27:
5b:9f:3c:4e:9f:21:5c:1b:c6:2c:ed:a2:e4:72:9b:
3f:4b:05:e5:b1:10:78:d5:6f:b9:94:42:00:c2:94:
da:f3:9a:71:23:e9:1a:23:20:c0:1d:49:e7:96:50:
40:77:83:2d:34:34:0c:6d:c8:c1:54:b8:98:41:8c:
b1:bf:9f:84:d3:8f:e6:20:b6:a1:c1:cb:78:d2:1a:
c9:20:c7:ae:24:c9:91:2b:3f:2e:c2:f1:2b:ab:ba:
6c:3a:96:27:bb:e5:1e:6f:0b:99:79:bf:69:01:36:
ad:13:dd:df:17:94:56:9e:40:d8:e7:54:03:a3:37:
6e:fb:95:83:57:d9:84:43:62:66:cb:d7:5c:f8:47:
8f:c3:20:35:8c:fa:3a:e9:da:c3:06:5e:79:a9:f7:
32:78:39:71:61:3d:ff:12:57:d3:b5:2c:ee:a0:64:
78:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:BC:3F:D1:4C:37:C2:99:8D:3D:7A:1E:B4:64:F0:7D:8F:20:90:96
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/k7w_0Uw3wpmNPXoetGTwfY8gkJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.180.0/24
94.154.116.0/24
185.83.231.0/24
185.149.148.0/24
185.235.227.0/24
194.62.104.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c4:0c:70:e5:67:57:39:a8:96:20:7c:47:81:6a:b1:23:3e:
27:82:c3:8b:87:d2:56:38:e0:07:a0:66:dd:79:d1:72:c2:4c:
aa:c2:e9:a5:7c:9c:56:36:12:1c:bd:51:f3:cd:bd:ac:fb:8a:
78:19:9c:82:4d:42:b5:2b:7d:eb:57:4a:3c:68:cc:35:62:37:
6d:64:25:75:e1:15:9f:64:43:ce:4f:5b:a0:95:58:00:59:17:
a4:3d:47:13:b0:3b:47:48:d6:21:6e:bb:43:96:92:bb:da:ab:
01:03:12:ea:c9:57:07:b9:4a:85:53:3e:64:24:de:43:5d:2a:
e8:e2:74:b3:21:cc:82:d7:9b:65:a9:a5:46:11:e6:df:2d:44:
56:d0:1f:b4:3a:23:17:26:97:16:f8:2e:cc:fc:b1:46:01:c5:
20:b6:33:79:1d:e7:18:ec:ab:6a:56:8d:9a:9a:5e:42:0d:cb:
c5:44:e1:5f:9d:ef:de:ed:46:5f:49:62:44:87:72:31:aa:1f:
77:ba:92:dc:e9:41:40:fd:22:07:85:8c:3c:9b:df:97:0c:b0:
86:15:05:5c:44:9d:c4:24:fd:e7:6e:5c:4c:b0:51:6e:56:98:
38:25:16:75:ef:ee:df:83:52:0e:48:12:52:9e:8d:9f:3e:35:
bc:44:ab:b2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYrvJ4eQpc9uU01SiFdNgJdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMxMDAyMDY1MDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2JjM2ZkMTRjMzdjMjk5OGQzZDdhMWViNDY0ZjA3ZDhmMjA5MDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaJFD+Axby2LbvgN0Es+UvlEo1vK
eYC92mfVqMmNtgbEBcnrWZFcwsVvE64bEFuzGGsRtdOEYofXR/e5Kv7fFa452amY
8Y83J4acO3/0zxqoIS8OvROFlSdbnzxOnyFcG8Ys7aLkcps/SwXlsRB41W+5lEIA
wpTa85pxI+kaIyDAHUnnllBAd4MtNDQMbcjBVLiYQYyxv5+E04/mILahwct40hrJ
IMeuJMmRKz8uwvErq7psOpYnu+UebwuZeb9pATatE93fF5RWnkDY51QDozdu+5WD
V9mEQ2Jmy9dc+EePwyA1jPo66drDBl55qfcyeDlxYT3/ElfTtSzuoGR4xQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJO8P9FMN8KZjT16HrRk8H2PIJCWMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvazd3XzBVdzN3cG1OUFhvZXRHVHdmWThna0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABay0AwQA
Xpp0AwQAuVPnAwQAuZWUAwQAuevjAwQAwj5oMA0GCSqGSIb3DQEBCwUAA4IBAQBe
xAxw5WdXOaiWIHxHgWqxIz4ngsOLh9JWOOAHoGbdedFywkyqwumlfJxWNhIcvVHz
zb2s+4p4GZyCTUK1K33rV0o8aMw1YjdtZCV14RWfZEPOT1uglVgAWRekPUcTsDtH
SNYhbrtDlpK72qsBAxLqyVcHuUqFUz5kJN5DXSro4nSzIcyC15tlqaVGEebfLURW
0B+0OiMXJpcW+C7M/LFGAcUgtjN5HecY7KtqVo2aml5CDcvFROFfne/e7UZfSWJE
h3Ixqh93upLc6UFA/SIHhYw8m9+XDLCGFQVcRJ3EJP3nblxMsFFuVpg4JRZ17+7f
g1IOSBJSno2fPjW8RKuy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:31 2025 by rpki-client