Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/nX8G5wErML1MONqYsRFBmRnYSRc.roa
File: nX8G5wErML1MONqYsRFBmRnYSRc.roa (raw, json)
Hash identifier: C/JjHy63jS1mh/1LcMmjHwpPf6CJIBjiUscu5l3Gl/A=
Subject key identifier: 9D:7F:06:E7:01:2B:30:BD:4C:38:DA:98:B1:11:41:99:19:D8:49:17
Certificate issuer: /CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Certificate serial: 01857139EDB7F827D625682D97FA6FC73814
Authority key identifier: CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/nX8G5wErML1MONqYsRFBmRnYSRc.roa
Signing time: Mon 02 Jan 2023 06:44:59 +0000
ROA not before: Mon 02 Jan 2023 06:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60672
IP address blocks: 94.126.41.0/24 maxlen: 24
94.126.44.0/23 maxlen: 24
94.126.42.0/24 maxlen: 24
94.126.46.0/24 maxlen: 24
178.18.118.0/24 maxlen: 24
193.193.162.0/23 maxlen: 24
178.18.120.0/22 maxlen: 24
31.28.64.0/24 maxlen: 24
31.28.66.0/24 maxlen: 24
31.28.69.0/24 maxlen: 24
31.28.71.0/24 maxlen: 24
31.28.73.0/24 maxlen: 24
31.28.76.0/22 maxlen: 24
31.28.74.0/24 maxlen: 24
31.28.87.0/24 maxlen: 24
31.28.88.0/21 maxlen: 24
193.192.2.0/23 maxlen: 24
31.24.104.0/21 maxlen: 24
2a01:8000:4::/48 maxlen: 48
2a01:8000::/48 maxlen: 48
2a01:8000:1ffb::/48 maxlen: 48
2a01:8000:5::/48 maxlen: 48
2a10:6740::/32 maxlen: 32
2a01:8000::/32 maxlen: 32
2a01:8000:1ffd::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ed:b7:f8:27:d6:25:68:2d:97:fa:6f:c7:38:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf2488824b714a1f30c2c809fbdb68575652b4a
Validity
Not Before: Jan 2 06:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d7f06e7012b30bd4c38da98b111419919d84917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7e:80:1e:b1:b8:33:53:c1:0f:b8:5a:b1:54:
c7:a1:19:85:3c:31:a6:06:83:b3:47:3f:9f:ab:1c:
96:1b:2a:a8:58:db:f3:c7:b8:42:db:f1:43:1b:08:
48:5d:8a:45:58:23:43:80:33:0b:8b:ad:be:92:69:
b2:2e:ce:40:59:da:db:60:4f:a2:e9:34:11:94:15:
61:b8:84:34:92:a7:99:cd:59:01:03:5c:02:43:40:
9b:3d:da:53:2c:80:17:7a:76:30:2c:a1:15:8c:5e:
57:de:9d:78:8e:cc:7a:3f:b5:92:20:8a:60:9f:61:
75:42:36:7c:17:6d:e3:0b:0f:02:48:5f:ea:c5:93:
d1:4d:10:59:dd:1d:4a:a7:21:18:06:24:0d:de:a3:
0e:1a:d8:84:4b:37:ab:51:3d:4e:6e:31:c7:07:1d:
72:79:d5:42:b9:9a:fc:fb:8f:fe:c0:60:bd:ce:24:
a2:97:07:cd:c4:dd:9c:2a:a8:5f:e7:8e:a9:fa:13:
73:3d:a2:40:6e:89:9b:aa:9a:92:80:99:bc:1c:35:
1d:6e:11:3b:c1:98:1c:a9:dc:99:c1:68:5a:5e:98:
ed:d2:98:f7:25:62:2b:bf:ca:13:fc:f5:35:91:7c:
b0:61:ca:70:fa:96:ea:9b:dd:c0:f8:cf:65:52:35:
57:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:7F:06:E7:01:2B:30:BD:4C:38:DA:98:B1:11:41:99:19:D8:49:17
X509v3 Authority Key Identifier:
keyid:CA:F2:48:88:24:B7:14:A1:F3:0C:2C:80:9F:BD:B6:85:75:65:2B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvJIiCS3FKHzDCyAn722hXVlK0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/nX8G5wErML1MONqYsRFBmRnYSRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a936c-d6e2-4cc1-9e4b-d237a9e6ab14/1/yvJIiCS3FKHzDCyAn722hXVlK0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.104.0/21
31.28.64.0/24
31.28.66.0/24
31.28.69.0/24
31.28.71.0/24
31.28.73.0-31.28.74.255
31.28.76.0/22
31.28.87.0-31.28.95.255
94.126.41.0-94.126.42.255
94.126.44.0-94.126.46.255
178.18.118.0/24
178.18.120.0/22
193.192.2.0/23
193.193.162.0/23
IPv6:
2a01:8000::/32
2a10:6740::/32
Signature Algorithm: sha256WithRSAEncryption
39:c2:78:69:37:da:64:a8:41:b0:fd:7f:81:48:1d:cf:f4:55:
69:cb:05:50:13:5e:90:d5:16:5b:b0:40:a2:96:ae:40:bd:83:
53:0e:27:1f:6f:55:2b:85:17:da:c4:1c:05:aa:a9:e4:03:0d:
83:d7:dd:8e:a4:58:d5:8e:2c:83:71:0f:3f:a5:f7:48:dd:0e:
21:a4:e0:b0:5f:dc:64:e4:bd:0e:86:d6:d6:8a:69:95:c1:8a:
19:a0:f5:c0:7f:fc:31:f9:35:8d:ad:f5:34:55:1c:14:76:a9:
4e:af:c6:1b:fa:10:d3:ba:c2:50:ef:bd:85:d7:df:96:47:91:
a7:b1:2d:0c:15:05:fa:01:d3:b8:4e:30:b2:7f:6f:b6:71:59:
39:6c:ba:a8:c5:9e:d4:0d:78:4e:59:05:60:0b:ba:e3:47:e2:
1e:29:1e:af:8b:66:8a:bf:f3:f8:8f:dd:8d:d5:4d:30:fe:8a:
c7:4b:e0:20:eb:b6:fa:4b:09:c1:aa:26:1b:61:52:57:ed:23:
46:eb:f0:22:d9:00:41:ad:40:04:3f:34:74:72:b0:3f:f4:9b:
0d:44:bb:2c:7b:33:1f:99:01:25:38:74:c6:47:87:0d:e1:f2:
5e:c1:3b:5a:46:ce:0a:7a:f3:f9:a4:e7:17:34:2b:5a:5a:ea:
cd:0a:ad:1e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYVxOe23+CfWJWgtl/pvxzgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjI0ODg4MjRiNzE0YTFmMzBjMmM4MDlmYmRiNjg1NzU2
NTJiNGEwHhcNMjMwMTAyMDY0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDdmMDZlNzAxMmIzMGJkNGMzOGRhOThiMTExNDE5OTE5ZDg0OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyH6AHrG4M1PBD7hasVTHoRmFPDGm
BoOzRz+fqxyWGyqoWNvzx7hC2/FDGwhIXYpFWCNDgDMLi62+kmmyLs5AWdrbYE+i
6TQRlBVhuIQ0kqeZzVkBA1wCQ0CbPdpTLIAXenYwLKEVjF5X3p14jsx6P7WSIIpg
n2F1QjZ8F23jCw8CSF/qxZPRTRBZ3R1KpyEYBiQN3qMOGtiESzerUT1ObjHHBx1y
edVCuZr8+4/+wGC9ziSilwfNxN2cKqhf546p+hNzPaJAbombqpqSgJm8HDUdbhE7
wZgcqdyZwWhaXpjt0pj3JWIrv8oT/PU1kXywYcpw+pbqm93A+M9lUjVXCQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFJ1/BucBKzC9TDjamLERQZkZ2EkXMB8GA1UdIwQY
MBaAFMrySIgktxSh8wwsgJ+9toV1ZStKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZKSWlDUzNGS0h6REN5QW43MjJoWFZsSzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS83YTkzNmMtZDZlMi00Y2MxLTllNGIt
ZDIzN2E5ZTZhYjE0LzEvblg4RzV3RXJNTDFNT05xWXNSRkJtUm5ZU1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS83YTkzNmMtZDZlMi00Y2MxLTllNGItZDIzN2E5ZTZhYjE0
LzEveXZKSWlDUzNGS0h6REN5QW43MjJoWFZsSzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjB6BAIAATB0AwQDHxho
AwQAHxxAAwQAHxxCAwQAHxxFAwQAHxxHMAwDBAAfHEkDBAAfHEoDBAIfHEwwDAME
AB8cVwMEBR8cQDAMAwQAXn4pAwQAXn4qMAwDBAJefiwDBABefi4DBACyEnYDBAKy
EngDBAHBwAIDBAHBwaIwFAQCAAIwDgMFACoBgAADBQAqEGdAMA0GCSqGSIb3DQEB
CwUAA4IBAQA5wnhpN9pkqEGw/X+BSB3P9FVpywVQE16Q1RZbsECilq5AvYNTDicf
b1UrhRfaxBwFqqnkAw2D192OpFjVjiyDcQ8/pfdI3Q4hpOCwX9xk5L0OhtbWimmV
wYoZoPXAf/wx+TWNrfU0VRwUdqlOr8Yb+hDTusJQ772F19+WR5GnsS0MFQX6AdO4
TjCyf2+2cVk5bLqoxZ7UDXhOWQVgC7rjR+IeKR6vi2aKv/P4j92N1U0w/orHS+Ag
67b6SwnBqiYbYVJX7SNG6/Ai2QBBrUAEPzR0crA/9JsNRLssezMfmQElOHTGR4cN
4fJewTtaRs4KevP5pOcXNCtaWurNCq0e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:49 2024 by rpki-client on console-fra.rpki-client.org