Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/5c869d-f88a-4c7e-a168-80d0cfafa041/1/1-L82KG4To1VQJdBltjMonJm3guo.roa
File: 1-L82KG4To1VQJdBltjMonJm3guo.roa (raw, json)
Hash identifier: Hocq0iFFTCXjCxjv08YFW2oWfx/ivjbq9JKJ4FoHRzA=
Subject key identifier: F8:BF:36:28:6E:13:A3:55:50:25:D0:65:B6:33:28:9C:99:B7:82:EA
Certificate issuer: /CN=5711ad332b506f82251d3bfe3a121a979ccca94d
Certificate serial: 01856D9D14312A6B12A7C699EFE81A2EB68F
Authority key identifier: 57:11:AD:33:2B:50:6F:82:25:1D:3B:FE:3A:12:1A:97:9C:CC:A9:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxGtMytQb4IlHTv-OhIal5zMqU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/5c869d-f88a-4c7e-a168-80d0cfafa041/1/1-L82KG4To1VQJdBltjMonJm3guo.roa
Signing time: Sun 01 Jan 2023 13:54:48 +0000
ROA not before: Sun 01 Jan 2023 13:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198252
IP address blocks: 134.90.128.0/21 maxlen: 24
79.142.182.0/24 maxlen: 24
79.142.180.0/22 maxlen: 22
185.36.84.0/22 maxlen: 24
62.68.96.0/19 maxlen: 24
213.91.72.0/21 maxlen: 24
93.180.144.0/21 maxlen: 24
213.91.80.0/20 maxlen: 24
185.187.4.0/22 maxlen: 22
188.124.192.0/19 maxlen: 24
194.41.42.0/23 maxlen: 23
194.41.42.0/24 maxlen: 24
194.41.43.0/24 maxlen: 24
194.41.40.0/22 maxlen: 22
194.41.40.0/23 maxlen: 23
194.41.40.0/24 maxlen: 24
194.41.41.0/24 maxlen: 24
217.71.49.0/24 maxlen: 24
217.71.50.0/24 maxlen: 24
217.71.51.0/24 maxlen: 24
217.71.55.0/24 maxlen: 24
217.71.53.0/24 maxlen: 24
217.71.54.0/24 maxlen: 24
217.71.52.0/24 maxlen: 24
79.143.160.0/20 maxlen: 24
2a02:2030::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:14:31:2a:6b:12:a7:c6:99:ef:e8:1a:2e:b6:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5711ad332b506f82251d3bfe3a121a979ccca94d
Validity
Not Before: Jan 1 13:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8bf36286e13a3555025d065b633289c99b782ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:43:43:30:6d:6c:6c:29:4e:df:83:0e:68:d6:
82:63:d2:28:d2:9c:78:1d:04:17:00:ef:81:ab:6a:
6f:af:e7:e2:bb:32:d3:5a:f8:b6:24:0f:19:0a:d8:
c9:f4:7b:8e:0b:47:4b:34:3f:30:a1:54:ef:62:25:
81:7f:42:ac:3d:25:ce:84:29:5f:a3:80:2d:fd:e3:
f3:8e:02:39:f2:1e:be:59:09:c7:c8:d3:85:84:f0:
94:77:a6:ac:9e:3a:17:f6:c2:bf:71:60:e4:3e:31:
39:71:96:1c:ba:fc:b9:4b:38:69:56:8a:0b:89:b9:
5e:2f:73:fb:21:af:c1:7a:59:86:31:ec:bc:e8:c2:
19:43:6b:88:c7:78:a6:ae:22:d0:63:ee:81:d2:3d:
43:dd:e2:f5:07:85:65:ca:2a:80:41:d2:ef:3a:2a:
3b:72:0f:0f:67:d1:eb:90:f3:ab:82:6a:2b:e2:77:
0f:ac:5f:bb:10:45:65:8a:53:07:49:f5:b3:2b:e4:
fe:96:65:c9:1f:1a:ab:fe:21:cc:67:9f:37:ea:2e:
46:56:8b:af:5d:f3:fb:ec:79:b7:13:87:ab:c7:18:
8e:d5:82:5c:2f:55:35:db:31:ef:79:88:65:03:cf:
69:c8:c0:21:08:d7:45:48:3c:ea:0e:a5:b3:d1:1b:
b7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BF:36:28:6E:13:A3:55:50:25:D0:65:B6:33:28:9C:99:B7:82:EA
X509v3 Authority Key Identifier:
keyid:57:11:AD:33:2B:50:6F:82:25:1D:3B:FE:3A:12:1A:97:9C:CC:A9:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxGtMytQb4IlHTv-OhIal5zMqU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/5c869d-f88a-4c7e-a168-80d0cfafa041/1/1-L82KG4To1VQJdBltjMonJm3guo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/5c869d-f88a-4c7e-a168-80d0cfafa041/1/VxGtMytQb4IlHTv-OhIal5zMqU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.96.0/19
79.142.180.0/22
79.143.160.0/20
93.180.144.0/21
134.90.128.0/21
185.36.84.0/22
185.187.4.0/22
188.124.192.0/19
194.41.40.0/22
213.91.72.0-213.91.95.255
217.71.49.0-217.71.55.255
IPv6:
2a02:2030::/32
Signature Algorithm: sha256WithRSAEncryption
0d:b6:a9:f4:3c:4f:aa:83:c3:75:81:a0:ad:d8:73:b7:53:53:
bc:f9:1f:f6:91:fd:d5:12:3f:46:a2:ae:1e:60:38:02:7f:b3:
9d:0c:c7:64:73:68:55:42:00:c8:0b:3e:14:6e:f7:f6:bb:53:
90:33:44:76:ec:dc:52:96:89:dd:6a:4a:eb:3c:44:c3:b7:60:
39:07:19:5f:28:a8:c4:cf:9c:f3:83:6f:04:4a:35:b3:35:00:
0b:d0:57:3e:4e:fa:ff:85:eb:6c:8a:0b:a6:0d:e2:f0:52:c6:
d7:e1:b0:1d:37:7a:cb:df:a3:d9:2d:75:d1:b4:05:f4:90:9c:
88:29:a7:32:38:6a:f1:f0:f2:8d:cf:6d:b8:15:82:81:b5:d1:
91:25:18:3b:df:47:74:ce:9a:9f:34:75:91:cb:57:d3:4f:30:
94:13:cd:69:bc:b7:59:a4:08:53:03:fb:b9:cd:a9:b9:c2:a5:
21:84:69:dd:b2:1c:bd:f9:6f:63:19:5d:93:44:0a:9a:5b:00:
87:57:eb:f5:84:9f:52:5e:44:2b:b4:c3:f7:69:fc:80:c3:b2:
91:3d:d4:94:e2:fe:72:49:c8:55:cd:85:f4:e5:a6:65:06:43:
fc:27:7e:f9:92:70:2b:97:60:d7:b1:6d:0a:b0:fb:7f:01:31:
ae:68:e4:f9
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYVtnRQxKmsSp8aZ7+gaLraPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTFhZDMzMmI1MDZmODIyNTFkM2JmZTNhMTIxYTk3OWNj
Y2E5NGQwHhcNMjMwMTAxMTM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJmMzYyODZlMTNhMzU1NTAyNWQwNjViNjMzMjg5Yzk5Yjc4MmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskNDMG1sbClO34MOaNaCY9Io0px4
HQQXAO+Bq2pvr+fiuzLTWvi2JA8ZCtjJ9HuOC0dLND8woVTvYiWBf0KsPSXOhClf
o4At/ePzjgI58h6+WQnHyNOFhPCUd6asnjoX9sK/cWDkPjE5cZYcuvy5SzhpVooL
ibleL3P7Ia/BelmGMey86MIZQ2uIx3imriLQY+6B0j1D3eL1B4VlyiqAQdLvOio7
cg8PZ9HrkPOrgmor4ncPrF+7EEVlilMHSfWzK+T+lmXJHxqr/iHMZ5836i5GVouv
XfP77Hm3E4erxxiO1YJcL1U12zHveYhlA89pyMAhCNdFSDzqDqWz0Ru3nQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFPi/NihuE6NVUCXQZbYzKJyZt4LqMB8GA1UdIwQY
MBaAFFcRrTMrUG+CJR07/joSGpeczKlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhHdE15dFFiNElsSFR2LU9oSWFsNXpNcVUwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81Yzg2OWQtZjg4YS00YzdlLWExNjgt
ODBkMGNmYWZhMDQxLzEvMS1MODJLRzRUbzFWUUpkQmx0ak1vbkptM2d1by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWQvNWM4NjlkLWY4OGEtNGM3ZS1hMTY4LTgwZDBjZmFmYTA0
MS8xL1Z4R3RNeXRRYjRJbEhUdi1PaElhbDV6TXFVMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB6BggrBgEFBQcBBwEB/wRrMGkwWAQCAAEwUgMEBT5EYAME
Ak+OtAMEBE+PoAMEA120kAMEA4ZagAMEArkkVAMEArm7BAMEBbx8wAMEAsIpKDAM
AwQD1VtIAwQF1VtAMAwDBADZRzEDBAPZRzAwDQQCAAIwBwMFACoCIDAwDQYJKoZI
hvcNAQELBQADggEBAA22qfQ8T6qDw3WBoK3Yc7dTU7z5H/aR/dUSP0airh5gOAJ/
s50Mx2RzaFVCAMgLPhRu9/a7U5AzRHbs3FKWid1qSus8RMO3YDkHGV8oqMTPnPOD
bwRKNbM1AAvQVz5O+v+F62yKC6YN4vBSxtfhsB03esvfo9ktddG0BfSQnIgppzI4
avHw8o3PbbgVgoG10ZElGDvfR3TOmp80dZHLV9NPMJQTzWm8t1mkCFMD+7nNqbnC
pSGEad2yHL35b2MZXZNECppbAIdX6/WEn1JeRCu0w/dp/IDDspE91JTi/nJJyFXN
hfTlpmUGQ/wnfvmScCuXYNexbQqw+38BMa5o5Pk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:56 2024 by rpki-client on console-fra.rpki-client.org