Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0951d7-3f67-4bd4-904d-c94feaa6cb79/1/S-cUjYnP9XwVTb_D1dByrDs5T24.roa
File: S-cUjYnP9XwVTb_D1dByrDs5T24.roa (raw, json)
Hash identifier: y9OI3GNmcTA2ADzmHPgqKqVudmYPtSklIsyVXIvgJt4=
Subject key identifier: 4B:E7:14:8D:89:CF:F5:7C:15:4D:BF:C3:D5:D0:72:AC:3B:39:4F:6E
Certificate issuer: /CN=a5295237ab44bce35ddfc2627fd49a8c44612441
Certificate serial: 27E7DC70
Authority key identifier: A5:29:52:37:AB:44:BC:E3:5D:DF:C2:62:7F:D4:9A:8C:44:61:24:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pSlSN6tEvONd38Jif9SajERhJEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0951d7-3f67-4bd4-904d-c94feaa6cb79/1/S-cUjYnP9XwVTb_D1dByrDs5T24.roa
Signing time: Sat 01 Jan 2022 13:00:22 +0000
ROA not before: Sat 01 Jan 2022 13:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34383
IP address blocks: 89.170.0.0/16 maxlen: 16
85.192.192.0/18 maxlen: 18
85.117.128.0/19 maxlen: 19
95.136.128.0/17 maxlen: 17
2a00:5e80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 669506672 (0x27e7dc70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5295237ab44bce35ddfc2627fd49a8c44612441
Validity
Not Before: Jan 1 13:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4be7148d89cff57c154dbfc3d5d072ac3b394f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:50:ef:d6:92:4a:76:24:a4:d5:5d:b5:c1:b5:
a4:49:44:e1:44:17:09:cd:73:1a:e5:ad:ce:81:24:
ec:22:1d:4b:d4:46:64:5e:7b:06:e0:33:41:e8:46:
83:68:21:f0:ee:d6:e2:87:9c:68:ba:aa:23:3d:7e:
ce:18:ac:c5:9d:72:4f:7e:1d:4c:eb:a4:1f:90:31:
f2:5d:f1:4d:01:29:04:ef:39:87:24:34:f5:43:56:
0a:e6:e5:63:ec:7d:0a:76:ce:e0:f6:79:9b:a8:0a:
fa:6a:da:e4:22:77:43:d2:59:dd:6a:36:8f:fb:c6:
ab:ba:44:cc:b4:29:39:4e:72:8d:5d:99:04:fb:9a:
96:67:2b:dd:41:79:2a:d6:e5:d3:cc:8e:9a:ce:ee:
fe:7d:4c:e3:fe:bf:2d:43:0f:03:91:b2:be:a3:4d:
24:9b:9f:3f:82:a9:42:bd:64:0e:ce:9e:3f:77:a6:
b6:86:c4:7b:44:04:39:1e:01:b5:95:49:84:86:d5:
d4:92:bf:49:62:c5:95:b8:b6:0f:70:ad:8d:67:b2:
33:09:47:ed:58:be:ae:89:7f:51:29:9f:26:c1:68:
f1:47:f7:67:24:e7:0f:d3:a2:98:c3:79:4c:81:7c:
d2:14:c5:d7:3a:13:1d:cd:44:5f:2e:fd:7d:d1:f8:
48:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E7:14:8D:89:CF:F5:7C:15:4D:BF:C3:D5:D0:72:AC:3B:39:4F:6E
X509v3 Authority Key Identifier:
keyid:A5:29:52:37:AB:44:BC:E3:5D:DF:C2:62:7F:D4:9A:8C:44:61:24:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pSlSN6tEvONd38Jif9SajERhJEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0951d7-3f67-4bd4-904d-c94feaa6cb79/1/S-cUjYnP9XwVTb_D1dByrDs5T24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0951d7-3f67-4bd4-904d-c94feaa6cb79/1/pSlSN6tEvONd38Jif9SajERhJEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.128.0/19
85.192.192.0/18
89.170.0.0/16
95.136.128.0/17
IPv6:
2a00:5e80::/32
Signature Algorithm: sha256WithRSAEncryption
1b:17:ab:aa:7a:7e:68:b4:16:2e:f1:2c:ed:e5:a5:85:d1:8a:
2b:37:32:88:7b:f1:74:a1:c1:d5:c7:93:4f:31:67:46:13:2f:
c2:e4:f0:d7:ec:c0:a7:05:08:b9:6f:eb:e6:a9:13:fc:95:2a:
78:61:a5:25:1a:f8:ed:a2:a9:01:d9:2f:8b:97:22:d8:b5:64:
96:55:28:ea:fe:dd:45:fc:2f:ad:01:d9:2f:da:1a:7c:86:a5:
78:0c:47:c1:0e:be:ae:59:e0:4e:43:56:3c:90:94:36:48:2d:
a3:7e:cb:11:63:c4:7e:4a:02:23:79:15:98:7c:68:2e:4f:33:
f3:3a:1f:8b:c8:70:09:7c:26:eb:c6:d0:f4:ae:8a:29:bd:08:
0c:55:c3:f9:fe:8a:03:6c:f9:38:ab:1d:68:83:b1:24:db:2b:
da:e2:1d:73:c0:a8:ac:b9:0c:70:d5:72:4c:87:26:76:1a:c1:
41:30:49:da:03:b0:4a:0b:91:0b:70:b6:7e:eb:41:bb:6d:c6:
f8:2c:4d:5d:fc:cb:43:2a:5a:49:44:d4:95:a7:41:66:69:c1:
b0:f2:9f:cc:e8:11:ce:d4:9c:94:43:8f:87:79:d7:c0:ba:9f:
2f:0d:ae:d5:2f:dc:f7:09:32:7e:b1:ef:a4:f3:a8:93:64:8d:
1b:9b:fc:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEJ+fccDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTI5NTIzN2FiNDRiY2UzNWRkZmMyNjI3ZmQ0OWE4YzQ0NjEyNDQxMB4XDTIyMDEw
MTEzMDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJlNzE0OGQ4OWNm
ZjU3YzE1NGRiZmMzZDVkMDcyYWMzYjM5NGY2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9Q79aSSnYkpNVdtcG1pElE4UQXCc1zGuWtzoEk7CIdS9RG
ZF57BuAzQehGg2gh8O7W4oecaLqqIz1+zhisxZ1yT34dTOukH5Ax8l3xTQEpBO85
hyQ09UNWCublY+x9CnbO4PZ5m6gK+mra5CJ3Q9JZ3Wo2j/vGq7pEzLQpOU5yjV2Z
BPualmcr3UF5Ktbl08yOms7u/n1M4/6/LUMPA5GyvqNNJJufP4KpQr1kDs6eP3em
tobEe0QEOR4BtZVJhIbV1JK/SWLFlbi2D3CtjWeyMwlH7Vi+rol/USmfJsFo8Uf3
ZyTnD9OimMN5TIF80hTF1zoTHc1EXy79fdH4SG0CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBRL5xSNic/1fBVNv8PV0HKsOzlPbjAfBgNVHSMEGDAWgBSlKVI3q0S8413f
wmJ/1JqMRGEkQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BTbFNONnRFdk9OZDM4SmlmOVNhakVSaEpFRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMDk1MWQ3LTNmNjctNGJkNC05MDRkLWM5NGZlYWE2Y2I3OS8x
L1MtY1VqWW5QOVh3VlRiX0QxZEJ5ckRzNVQyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MDk1MWQ3LTNmNjctNGJkNC05MDRkLWM5NGZlYWE2Y2I3OS8xL3BTbFNONnRFdk9O
ZDM4SmlmOVNhakVSaEpFRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wHQQCAAEwFwMEBVV1gAMEBlXAwAMDAFmqAwQHX4iA
MA0EAgACMAcDBQAqAF6AMA0GCSqGSIb3DQEBCwUAA4IBAQAbF6uqen5otBYu8Szt
5aWF0YorNzKIe/F0ocHVx5NPMWdGEy/C5PDX7MCnBQi5b+vmqRP8lSp4YaUlGvjt
oqkB2S+LlyLYtWSWVSjq/t1F/C+tAdkv2hp8hqV4DEfBDr6uWeBOQ1Y8kJQ2SC2j
fssRY8R+SgIjeRWYfGguTzPzOh+LyHAJfCbrxtD0roopvQgMVcP5/ooDbPk4qx1o
g7Ek2yva4h1zwKisuQxw1XJMhyZ2GsFBMEnaA7BKC5ELcLZ+60G7bcb4LE1d/MtD
KlpJRNSVp0FmacGw8p/M6BHO1JyUQ4+HedfAup8vDa7VL9z3CTJ+se+k86iTZI0b
m/xp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:27 2025 by rpki-client