Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/fMgzhQZkx_jbB_W0p__wL62Ikxc.roa
File: fMgzhQZkx_jbB_W0p__wL62Ikxc.roa (raw, json)
Hash identifier: QgoBWDDUaYEllvvTLuQfYHoZwwOb/Dejj5mqPfE6yBU=
Subject key identifier: 7C:C8:33:85:06:64:C7:F8:DB:07:F5:B4:A7:FF:F0:2F:AD:88:93:17
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 0187135D31894A551F0956DFDE292AED170A
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/fMgzhQZkx_jbB_W0p__wL62Ikxc.roa
Signing time: Fri 24 Mar 2023 11:24:47 +0000
ROA not before: Fri 24 Mar 2023 11:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6677
IP address blocks: 85.220.0.0/17 maxlen: 17
213.167.128.0/19 maxlen: 19
157.157.4.0/24 maxlen: 24
157.157.2.0/24 maxlen: 24
157.157.0.0/16 maxlen: 16
213.167.150.0/24 maxlen: 24
212.30.192.0/19 maxlen: 19
31.209.192.0/18 maxlen: 18
192.147.34.0/24 maxlen: 24
194.105.224.0/24 maxlen: 24
194.105.224.0/19 maxlen: 19
2001:1a98::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:5d:31:89:4a:55:1f:09:56:df:de:29:2a:ed:17:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: Mar 24 11:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cc833850664c7f8db07f5b4a7fff02fad889317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:04:f3:ee:59:68:b6:1d:3d:5c:e8:84:f5:f9:
aa:7b:0c:3d:81:18:46:03:4a:c2:a8:cf:24:3b:a9:
d5:88:61:6b:a3:b8:a1:8c:1d:9e:88:50:54:a5:97:
bf:12:bd:81:d0:20:53:52:ea:17:00:6e:07:da:de:
ee:ef:5e:ff:2e:d9:5e:39:74:fb:03:9e:90:c0:85:
11:bf:f2:e5:74:43:67:db:e2:d6:86:31:a3:f5:20:
28:b6:d4:28:6d:c1:3a:e6:02:cf:1a:a9:b8:43:40:
80:a8:a8:a7:cc:28:c9:1e:01:9a:76:75:db:7d:29:
34:25:4e:de:f6:06:92:cf:87:e8:80:f8:e9:32:d0:
3c:71:34:a6:5f:4d:97:dd:d6:1d:68:66:b9:d8:33:
6d:bb:6e:ee:dc:66:22:6f:28:21:c9:26:a7:0c:8b:
a6:f6:ae:ab:48:52:f9:c8:1b:50:89:2d:97:4f:70:
e0:a9:2a:87:9d:a6:86:7d:c4:5f:b3:43:31:cd:cb:
36:66:8b:3a:ba:0e:cd:cb:3a:b7:ee:06:7a:3f:67:
11:42:81:97:94:b0:b2:88:e7:fc:88:e9:23:12:60:
b8:19:eb:83:99:8f:50:e5:a3:f1:76:50:2c:e5:60:
0a:5f:76:89:a7:8f:f2:bd:9d:8b:31:02:2b:50:74:
95:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C8:33:85:06:64:C7:F8:DB:07:F5:B4:A7:FF:F0:2F:AD:88:93:17
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/fMgzhQZkx_jbB_W0p__wL62Ikxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
192.147.34.0/24
194.105.224.0/19
212.30.192.0/19
213.167.128.0/19
IPv6:
2001:1a98::/29
Signature Algorithm: sha256WithRSAEncryption
0e:69:f4:e1:f9:39:d2:7e:5f:bd:4b:d9:c2:f1:b0:61:46:84:
0c:a9:ef:fc:79:cb:2c:87:10:3d:21:8e:91:d8:e5:f0:a5:09:
c0:ec:54:a4:2b:5d:ff:fa:39:4e:87:53:af:a6:b1:3c:87:af:
21:49:8e:24:37:15:95:73:e3:06:85:df:be:08:13:bb:8d:7e:
b1:82:08:50:2c:ee:eb:06:1a:c7:f3:f9:a5:bc:c4:73:b0:7a:
8a:ac:b7:a5:d0:f3:10:57:08:37:21:ac:4a:b4:66:0f:a4:fc:
39:78:27:c5:16:2e:14:e5:08:90:8e:ac:30:7f:b7:15:2c:4b:
7d:ae:ed:27:c7:60:a5:37:72:61:2a:00:14:b1:7d:40:3a:c2:
da:0a:a3:9a:e6:4b:9f:9d:94:82:23:f1:f4:a7:ec:af:97:ae:
7e:0a:97:0d:29:70:82:db:2f:37:05:e8:8e:92:7e:9f:e2:d6:
dd:4c:21:ae:df:aa:5a:b7:ab:fe:00:f6:41:18:4b:2f:ff:7f:
22:e5:32:0d:32:37:47:a9:0c:cc:c5:76:52:d9:74:56:1e:b4:
84:1f:01:46:d4:9c:19:85:7a:bf:2d:50:99:65:81:7b:09:90:
69:5a:1d:8c:81:47:2d:94:2d:cd:8c:7a:51:8e:dd:6b:92:d5:
a6:9c:8f:51
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYcTXTGJSlUfCVbf3ikq7RcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjMwMzI0MTEyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M4MzM4NTA2NjRjN2Y4ZGIwN2Y1YjRhN2ZmZjAyZmFkODg5MzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwTz7lloth09XOiE9fmqeww9gRhG
A0rCqM8kO6nViGFro7ihjB2eiFBUpZe/Er2B0CBTUuoXAG4H2t7u717/LtleOXT7
A56QwIURv/LldENn2+LWhjGj9SAottQobcE65gLPGqm4Q0CAqKinzCjJHgGadnXb
fSk0JU7e9gaSz4fogPjpMtA8cTSmX02X3dYdaGa52DNtu27u3GYibyghySanDIum
9q6rSFL5yBtQiS2XT3DgqSqHnaaGfcRfs0Mxzcs2Zos6ug7Nyzq37gZ6P2cRQoGX
lLCyiOf8iOkjEmC4GeuDmY9Q5aPxdlAs5WAKX3aJp4/yvZ2LMQIrUHSViwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHzIM4UGZMf42wf1tKf/8C+tiJMXMB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEvZk1nemhRWmt4X2piQl9XMHBfX3dMNjJJa3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGH9HAAwQH
VdwAAwMAnZ0DBADAkyIDBAXCaeADBAXUHsADBAXVp4AwDQQCAAIwBwMFAyABGpgw
DQYJKoZIhvcNAQELBQADggEBAA5p9OH5OdJ+X71L2cLxsGFGhAyp7/x5yyyHED0h
jpHY5fClCcDsVKQrXf/6OU6HU6+msTyHryFJjiQ3FZVz4waF374IE7uNfrGCCFAs
7usGGsfz+aW8xHOweoqst6XQ8xBXCDchrEq0Zg+k/Dl4J8UWLhTlCJCOrDB/txUs
S32u7SfHYKU3cmEqABSxfUA6wtoKo5rmS5+dlIIj8fSn7K+Xrn4Klw0pcILbLzcF
6I6Sfp/i1t1MIa7fqlq3q/4A9kEYSy//fyLlMg0yN0epDMzFdlLZdFYetIQfAUbU
nBmFer8tUJllgXsJkGlaHYyBRy2ULc2MelGO3WuS1aacj1E=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:42 2025 by rpki-client