Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a17a2d-3259-40c2-88fb-54996e58d507/1/eilgaNXmdSdSk5-pmchampZvlus.roa
File: eilgaNXmdSdSk5-pmchampZvlus.roa (raw, json)
Hash identifier: 5QjV4gTsKfJib0LQbH6f0LRnPezjpoFEuPZCgHEEyZ4=
Subject key identifier: 7A:29:60:68:D5:E6:75:27:52:93:9F:A9:99:C8:5A:9A:96:6F:96:EB
Certificate issuer: /CN=9e2bb9d60c74478ed29dd0e0d10d685ceb7c1573
Certificate serial: 0185734CCA45C663ED75E926AC160E9B8B8E
Authority key identifier: 9E:2B:B9:D6:0C:74:47:8E:D2:9D:D0:E0:D1:0D:68:5C:EB:7C:15:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/niu51gx0R47SndDg0Q1oXOt8FXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a17a2d-3259-40c2-88fb-54996e58d507/1/eilgaNXmdSdSk5-pmchampZvlus.roa
Signing time: Mon 02 Jan 2023 16:24:50 +0000
ROA not before: Mon 02 Jan 2023 16:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43451
IP address blocks: 31.24.176.0/21 maxlen: 21
31.24.176.0/22 maxlen: 22
31.24.180.0/22 maxlen: 22
93.174.176.0/22 maxlen: 22
93.174.176.0/21 maxlen: 23
78.41.172.0/22 maxlen: 22
78.41.168.0/22 maxlen: 22
93.174.180.0/22 maxlen: 23
93.174.180.0/23 maxlen: 23
78.41.168.0/21 maxlen: 21
185.22.212.0/22 maxlen: 22
185.22.212.0/23 maxlen: 23
185.22.214.0/23 maxlen: 23
185.213.144.0/23 maxlen: 23
185.213.144.0/22 maxlen: 22
185.213.146.0/23 maxlen: 23
81.92.248.0/21 maxlen: 21
81.92.248.0/22 maxlen: 22
81.92.252.0/22 maxlen: 22
188.121.160.0/20 maxlen: 20
188.121.160.0/19 maxlen: 19
185.134.212.0/22 maxlen: 22
188.121.176.0/20 maxlen: 20
188.121.184.0/22 maxlen: 22
2a03:a200:ffff::/64 maxlen: 64
2001:67c:2670::/48 maxlen: 48
2a03:a200::/32 maxlen: 126
2a0b:f104::/30 maxlen: 30
2a03:a200:2::4/126 maxlen: 126
2a0b:f100::/30 maxlen: 30
2a0b:f100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:ca:45:c6:63:ed:75:e9:26:ac:16:0e:9b:8b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e2bb9d60c74478ed29dd0e0d10d685ceb7c1573
Validity
Not Before: Jan 2 16:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a296068d5e6752752939fa999c85a9a966f96eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4e:50:a5:1e:ef:f6:4e:8a:82:c1:ab:5f:03:
f6:d6:6f:e0:7b:1f:e0:ee:62:82:4a:b1:2c:38:14:
fe:88:be:39:9b:5d:cd:d9:92:43:05:85:f3:a7:58:
d4:ec:d2:2b:0b:15:39:d1:80:ff:95:96:1b:04:58:
b7:55:cd:ab:74:52:08:da:35:3f:8d:07:7c:b0:3e:
1d:55:a0:36:92:27:e4:ff:76:ad:76:9b:3f:fb:a2:
e5:31:f7:93:03:06:b9:54:58:89:43:f0:a2:6d:1b:
3f:43:e9:c1:6c:ad:bf:ca:cb:a7:7a:e1:6e:c0:64:
83:80:1d:c2:60:2b:03:95:33:d0:ee:03:a6:e0:59:
5b:c1:36:32:ea:1d:d8:bc:a7:a6:3f:aa:92:87:80:
0b:c9:2b:04:ac:dc:99:7d:51:e7:c1:5e:b3:6e:32:
81:9b:b3:d6:88:61:0a:27:18:9c:e9:9b:8e:79:06:
50:bd:b7:c8:d8:76:79:f9:5c:29:d8:5d:19:62:ed:
78:cd:56:b0:65:83:d7:35:85:a9:e7:67:28:f3:0d:
55:f5:0d:78:f0:67:e6:ec:10:78:8f:06:d2:a7:66:
dd:bb:e4:20:cc:0d:b6:27:36:bc:5a:5d:32:03:bd:
29:9c:df:e6:b5:3d:43:95:8a:63:a4:4b:66:f8:62:
8b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:29:60:68:D5:E6:75:27:52:93:9F:A9:99:C8:5A:9A:96:6F:96:EB
X509v3 Authority Key Identifier:
keyid:9E:2B:B9:D6:0C:74:47:8E:D2:9D:D0:E0:D1:0D:68:5C:EB:7C:15:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/niu51gx0R47SndDg0Q1oXOt8FXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a17a2d-3259-40c2-88fb-54996e58d507/1/eilgaNXmdSdSk5-pmchampZvlus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a17a2d-3259-40c2-88fb-54996e58d507/1/niu51gx0R47SndDg0Q1oXOt8FXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.176.0/21
78.41.168.0/21
81.92.248.0/21
93.174.176.0/21
185.22.212.0/22
185.134.212.0/22
185.213.144.0/22
188.121.160.0/19
IPv6:
2001:67c:2670::/48
2a03:a200::/32
2a0b:f100::/29
Signature Algorithm: sha256WithRSAEncryption
49:7e:cb:fe:f5:6b:5a:4d:f6:02:89:21:91:74:2e:22:20:33:
a0:e8:07:f5:cf:39:b7:11:16:ea:2d:62:28:ad:4f:b6:a8:03:
a3:59:ea:f5:2c:c4:a7:3e:70:ce:94:35:bf:87:ff:4a:fc:43:
12:e0:a8:40:03:28:5e:e7:97:58:7e:e4:83:b0:c8:28:57:d1:
8a:a8:01:9e:8b:1f:26:b1:d2:b3:8c:30:30:bb:2f:90:4d:b2:
91:61:fc:ca:c1:44:d6:ab:96:34:72:3e:2f:a4:aa:9f:9c:32:
e1:4c:16:b5:89:d4:6f:51:b1:22:32:29:1b:b5:73:c6:19:23:
20:93:5e:54:b3:6d:bd:da:29:4b:18:ec:f2:34:91:03:19:fe:
2b:78:7d:69:5a:24:7b:ca:61:05:78:b8:76:26:57:44:d5:8e:
0b:80:37:05:a5:37:6a:8f:00:e0:dc:45:65:f9:9e:f1:15:04:
b3:16:fd:4a:d3:f3:ad:4a:46:1a:cd:a7:2d:ea:3f:97:8f:b0:
9b:b6:fe:cf:ac:d9:d0:0e:2f:dc:94:fa:11:a2:8a:ed:22:45:
b7:88:cd:40:ab:8a:dc:97:8f:4b:bf:4c:3a:5a:a8:39:17:20:
db:15:88:60:b9:3c:c6:4a:be:7d:96:d6:48:02:8e:65:35:a2:
ef:f4:df:51
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYVzTMpFxmPtdekmrBYOm4uOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMmJiOWQ2MGM3NDQ3OGVkMjlkZDBlMGQxMGQ2ODVjZWI3
YzE1NzMwHhcNMjMwMTAyMTYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTI5NjA2OGQ1ZTY3NTI3NTI5MzlmYTk5OWM4NWE5YTk2NmY5NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk5QpR7v9k6KgsGrXwP21m/gex/g
7mKCSrEsOBT+iL45m13N2ZJDBYXzp1jU7NIrCxU50YD/lZYbBFi3Vc2rdFII2jU/
jQd8sD4dVaA2kifk/3atdps/+6LlMfeTAwa5VFiJQ/CibRs/Q+nBbK2/ysuneuFu
wGSDgB3CYCsDlTPQ7gOm4FlbwTYy6h3YvKemP6qSh4ALySsErNyZfVHnwV6zbjKB
m7PWiGEKJxic6ZuOeQZQvbfI2HZ5+Vwp2F0ZYu14zVawZYPXNYWp52co8w1V9Q14
8Gfm7BB4jwbSp2bdu+QgzA22Jza8Wl0yA70pnN/mtT1DlYpjpEtm+GKLqQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFHopYGjV5nUnUpOfqZnIWpqWb5brMB8GA1UdIwQY
MBaAFJ4rudYMdEeO0p3Q4NENaFzrfBVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbml1NTFneDBSNDdTbmREZzBRMW9YT3Q4RlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hMTdhMmQtMzI1OS00MGMyLTg4ZmIt
NTQ5OTZlNThkNTA3LzEvZWlsZ2FOWG1kU2RTazUtcG1jaGFtcFp2bHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hMTdhMmQtMzI1OS00MGMyLTg4ZmItNTQ5OTZlNThkNTA3
LzEvbml1NTFneDBSNDdTbmREZzBRMW9YT3Q4RlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA2BAIAATAwAwQDHxiwAwQD
TimoAwQDUVz4AwQDXa6wAwQCuRbUAwQCuYbUAwQCudWQAwQFvHmgMB0EAgACMBcD
BwAgAQZ8JnADBQAqA6IAAwUDKgvxADANBgkqhkiG9w0BAQsFAAOCAQEASX7L/vVr
Wk32AokhkXQuIiAzoOgH9c85txEW6i1iKK1PtqgDo1nq9SzEpz5wzpQ1v4f/SvxD
EuCoQAMoXueXWH7kg7DIKFfRiqgBnosfJrHSs4wwMLsvkE2ykWH8ysFE1quWNHI+
L6Sqn5wy4UwWtYnUb1GxIjIpG7VzxhkjIJNeVLNtvdopSxjs8jSRAxn+K3h9aVok
e8phBXi4diZXRNWOC4A3BaU3ao8A4NxFZfme8RUEsxb9StPzrUpGGs2nLeo/l4+w
m7b+z6zZ0A4v3JT6EaKK7SJFt4jNQKuK3JePS79MOlqoORcg2xWIYLk8xkq+fZbW
SAKOZTWi7/TfUQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:43 2025 by rpki-client