Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/v8VnrcKMGJLKJSzbk-eqvzK2brY.roa
File: v8VnrcKMGJLKJSzbk-eqvzK2brY.roa (raw, json)
Hash identifier: q4yIm7/PTl4aaZ8ExhB9hoic5A9Rwvkf2lTi8MXA4gY=
Subject key identifier: BF:C5:67:AD:C2:8C:18:92:CA:25:2C:DB:93:E7:AA:BF:32:B6:6E:B6
Certificate issuer: /CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Certificate serial: 01856E142EFAA4858672241B347573614920
Authority key identifier: FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/v8VnrcKMGJLKJSzbk-eqvzK2brY.roa
Signing time: Sun 01 Jan 2023 16:04:54 +0000
ROA not before: Sun 01 Jan 2023 16:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29081
IP address blocks: 5.253.216.0/22 maxlen: 22
62.212.160.0/19 maxlen: 19
185.225.88.0/22 maxlen: 22
185.108.200.0/22 maxlen: 22
45.90.68.0/22 maxlen: 22
2a00:1f30::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:2e:fa:a4:85:86:72:24:1b:34:75:73:61:49:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Validity
Not Before: Jan 1 16:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfc567adc28c1892ca252cdb93e7aabf32b66eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a3:d1:12:84:49:d9:d0:2f:5b:1a:92:bf:fb:
3d:eb:50:fa:89:47:6f:de:01:d5:49:e8:b3:34:14:
fa:ec:d2:cd:b5:7d:de:68:dc:37:cf:f3:4a:b3:5a:
14:f6:31:22:26:8e:33:45:06:a4:b7:67:c6:c8:6d:
65:fe:41:7e:4b:66:58:94:e2:da:49:44:eb:dd:24:
8c:16:52:83:46:55:98:75:6b:b9:0b:c9:1c:6a:7d:
2a:ca:d7:64:b7:7c:73:3b:5c:3e:e0:62:53:ea:89:
23:04:a6:3e:05:ad:18:69:2a:67:70:67:80:2a:24:
22:84:e8:71:8c:56:c6:31:2e:17:eb:2c:4e:b3:38:
32:38:fe:b3:65:18:00:37:6e:55:d2:f9:11:48:90:
6a:c2:26:b9:f6:17:8b:2d:d1:bd:a1:ae:b5:c6:4e:
e8:e6:b3:86:b6:b2:2a:71:d9:d8:53:c7:36:53:1e:
41:d5:3f:83:3e:e1:a1:d6:47:12:28:7c:77:8e:11:
b2:20:6f:22:06:0f:c3:39:73:f8:7e:13:e6:3d:f8:
00:35:82:7f:f6:1d:18:a5:ef:2d:cc:1e:47:31:91:
b0:0f:09:69:d4:5c:81:2e:00:5a:16:c0:18:bd:0b:
16:1e:f6:92:95:db:e6:42:ae:63:99:82:1e:cb:6a:
ac:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C5:67:AD:C2:8C:18:92:CA:25:2C:DB:93:E7:AA:BF:32:B6:6E:B6
X509v3 Authority Key Identifier:
keyid:FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/v8VnrcKMGJLKJSzbk-eqvzK2brY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.216.0/22
45.90.68.0/22
62.212.160.0/19
185.108.200.0/22
185.225.88.0/22
IPv6:
2a00:1f30::/29
Signature Algorithm: sha256WithRSAEncryption
2a:67:ef:66:94:ed:14:47:39:c8:d5:de:2d:0c:ca:4e:38:5d:
69:be:08:01:cc:b1:9a:8d:03:f0:99:28:b7:f9:9b:01:67:10:
6d:e7:0a:3b:e8:7e:0f:6c:a1:bf:d9:52:f7:36:1c:b2:8b:58:
b4:1f:56:55:b8:77:b3:26:c6:6e:8c:e0:65:27:66:e4:73:67:
b2:be:c3:c5:04:50:45:b7:e2:d3:66:33:f1:7d:91:34:6c:31:
68:46:15:30:ab:3a:07:28:07:2c:7f:65:6d:01:2f:ea:59:83:
bf:0f:db:a9:5b:d6:75:3a:f3:e3:f2:29:e3:92:6a:dc:84:e0:
99:a7:83:a3:4f:21:7c:87:c0:b7:77:98:43:92:f6:b0:86:23:
49:f6:6d:7e:67:44:12:2d:5e:d9:dd:cc:11:64:c9:a5:4e:92:
d3:4c:04:da:cb:f2:c8:b2:1d:53:28:ff:22:ea:18:3b:4d:bd:
50:57:cc:20:07:13:29:29:b9:8a:49:86:8c:91:25:56:4b:25:
ad:63:42:9d:a4:3c:b1:55:92:3e:c0:c3:af:cb:8e:91:ba:18:
84:a8:1c:4a:e7:bd:5a:f1:c3:86:19:6d:df:39:b5:eb:b4:5a:
9f:4e:e3:94:b1:88:17:6e:fc:cf:5d:20:e2:44:aa:21:83:18:
55:3d:01:13
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuFC76pIWGciQbNHVzYUkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkY2JmN2EyYTQzYjE4MGQ3MjJiMzc2MzFlODc5YWZhMWI5
YTVlZGIwHhcNMjMwMTAxMTYwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM1NjdhZGMyOGMxODkyY2EyNTJjZGI5M2U3YWFiZjMyYjY2ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaPREoRJ2dAvWxqSv/s961D6iUdv
3gHVSeizNBT67NLNtX3eaNw3z/NKs1oU9jEiJo4zRQakt2fGyG1l/kF+S2ZYlOLa
SUTr3SSMFlKDRlWYdWu5C8kcan0qytdkt3xzO1w+4GJT6okjBKY+Ba0YaSpncGeA
KiQihOhxjFbGMS4X6yxOszgyOP6zZRgAN25V0vkRSJBqwia59heLLdG9oa61xk7o
5rOGtrIqcdnYU8c2Ux5B1T+DPuGh1kcSKHx3jhGyIG8iBg/DOXP4fhPmPfgANYJ/
9h0Ype8tzB5HMZGwDwlp1FyBLgBaFsAYvQsWHvaSldvmQq5jmYIey2qs+QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL/FZ63CjBiSyiUs25Pnqr8ytm62MB8GA1UdIwQY
MBaAFP3L96KkOxgNcis3Yx6Hmvobml7bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2N2M29xUTdHQTF5S3pkakhvZWEtaHVhWHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mOWE5M2MtMGQ2OS00NGVjLTg0NDUt
ZjU4YTViODhjNzNlLzEvdjhWbnJjS01HSkxLSlN6YmstZXF2eksyYnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mOWE5M2MtMGQ2OS00NGVjLTg0NDUtZjU4YTViODhjNzNl
LzEvX2N2M29xUTdHQTF5S3pkakhvZWEtaHVhWHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBf3YAwQC
LVpEAwQFPtSgAwQCuWzIAwQCueFYMA0EAgACMAcDBQMqAB8wMA0GCSqGSIb3DQEB
CwUAA4IBAQAqZ+9mlO0URznI1d4tDMpOOF1pvggBzLGajQPwmSi3+ZsBZxBt5wo7
6H4PbKG/2VL3Nhyyi1i0H1ZVuHezJsZujOBlJ2bkc2eyvsPFBFBFt+LTZjPxfZE0
bDFoRhUwqzoHKAcsf2VtAS/qWYO/D9upW9Z1OvPj8injkmrchOCZp4OjTyF8h8C3
d5hDkvawhiNJ9m1+Z0QSLV7Z3cwRZMmlTpLTTATay/LIsh1TKP8i6hg7Tb1QV8wg
BxMpKbmKSYaMkSVWSyWtY0KdpDyxVZI+wMOvy46RuhiEqBxK571a8cOGGW3fObXr
tFqfTuOUsYgXbvzPXSDiRKohgxhVPQET
-----END CERTIFICATE-----
Generated at Sat Apr 12 06:52:17 2025 by rpki-client