Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/XYoIJn0LSnTxSiSI0yRU2o3V9Y4.roa
File: XYoIJn0LSnTxSiSI0yRU2o3V9Y4.roa (raw, json)
Hash identifier: xFrY5hpJWwsryFl+Fc8GA+m0rmMrmZoVwMS5cyVhU14=
Subject key identifier: 5D:8A:08:26:7D:0B:4A:74:F1:4A:24:88:D3:24:54:DA:8D:D5:F5:8E
Certificate issuer: /CN=9e38bc2e142fbebe5bd5575eaaeefb9f7890dd6b
Certificate serial: 03C6B793
Authority key identifier: 9E:38:BC:2E:14:2F:BE:BE:5B:D5:57:5E:AA:EE:FB:9F:78:90:DD:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nji8LhQvvr5b1Vdequ77n3iQ3Ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/XYoIJn0LSnTxSiSI0yRU2o3V9Y4.roa
Signing time: Tue 05 Apr 2022 12:11:19 +0000
ROA not before: Tue 05 Apr 2022 12:11:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 194.48.217.0/24 maxlen: 24
45.157.232.0/22 maxlen: 22
185.254.96.0/22 maxlen: 22
2a0c:4ac0:1200::/40 maxlen: 40
2a0c:4ac0:1100::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63354771 (0x3c6b793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e38bc2e142fbebe5bd5575eaaeefb9f7890dd6b
Validity
Not Before: Apr 5 12:11:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d8a08267d0b4a74f14a2488d32454da8dd5f58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:c6:5a:c5:e0:aa:6b:15:31:37:3b:8f:fc:
7b:cc:e6:e8:0e:16:a3:67:9a:d3:1b:d0:db:1d:77:
8d:6d:45:b4:82:cd:8c:49:38:43:e8:d3:ee:67:80:
a3:9a:88:ed:85:a5:7b:d9:04:66:23:c9:d3:81:c8:
f7:93:ef:f6:00:55:fd:68:8a:1b:b9:a2:5f:f6:4f:
b7:67:75:df:22:d0:8b:e6:4f:bc:70:68:e4:a7:cf:
04:c8:fc:c4:97:35:36:3a:63:6e:a0:10:e6:21:76:
70:fa:0c:2e:b5:52:cf:fc:69:13:77:08:d3:d6:2c:
61:f0:8c:4a:98:36:02:89:03:36:22:e6:e6:24:fb:
2a:bd:a9:18:0e:e3:39:b9:d4:d8:cd:b3:3e:55:78:
f8:fd:02:6a:aa:06:3a:b1:5c:97:75:25:02:34:d0:
6e:1f:30:52:34:8e:13:4b:1b:9e:b2:e6:30:63:80:
e8:22:11:8f:b2:cc:a7:73:5e:47:80:89:61:e5:d0:
22:af:9c:ad:4d:4e:45:cc:d8:e6:50:c9:99:c4:6d:
eb:0e:45:8f:51:6c:3a:94:8c:c7:bc:ef:1b:ed:d8:
a7:bc:45:5d:c7:89:3e:b7:6b:b4:b7:c9:5c:15:1f:
ff:cd:c4:62:4d:94:23:83:cb:78:17:60:75:4a:8e:
3f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8A:08:26:7D:0B:4A:74:F1:4A:24:88:D3:24:54:DA:8D:D5:F5:8E
X509v3 Authority Key Identifier:
keyid:9E:38:BC:2E:14:2F:BE:BE:5B:D5:57:5E:AA:EE:FB:9F:78:90:DD:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nji8LhQvvr5b1Vdequ77n3iQ3Ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/XYoIJn0LSnTxSiSI0yRU2o3V9Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cf2e6-b083-4afd-8cc7-20a1173589df/1/nji8LhQvvr5b1Vdequ77n3iQ3Ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.232.0/22
185.254.96.0/22
194.48.217.0/24
IPv6:
2a0c:4ac0:1100::-2a0c:4ac0:12ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
76:29:e0:d3:fc:9b:b1:08:b1:70:92:d7:ec:c6:c7:04:94:ed:
6d:9e:5d:1d:9a:60:c0:08:cb:d5:c4:9c:fc:4c:a7:b5:df:f5:
e4:eb:2e:68:18:7d:5e:98:d5:4e:7c:a1:ff:73:cb:b4:cb:bb:
eb:64:ba:69:9f:d8:77:0a:9b:e1:fd:d4:d5:10:57:b0:64:c2:
17:2d:82:89:dd:42:1d:7e:c6:91:4a:cb:0f:f7:0d:41:66:82:
c4:61:28:94:6b:5a:fa:e6:b1:f9:fe:0a:45:f0:18:67:e8:dc:
44:87:aa:12:2b:96:07:c9:6d:34:1e:13:5f:21:8a:c7:c7:17:
2e:4b:a9:83:74:66:63:ea:4c:7f:67:4e:62:a1:f8:58:21:40:
7b:11:fc:76:13:d1:06:a7:f7:36:6f:72:c3:d0:5e:73:02:1b:
c8:3a:ac:98:a1:7b:d2:40:49:44:9a:c0:12:66:81:99:45:7c:
7e:44:38:75:43:97:b9:6b:16:c1:a8:f0:29:cf:a1:4d:58:f6:
46:11:54:dc:ef:49:5c:e1:db:37:90:c9:5d:c7:a1:4b:8a:67:
53:0c:4f:90:44:77:74:43:e2:2f:44:b4:36:6a:7d:e7:8f:fd:
a8:1c:f6:59:07:39:19:45:75:51:f4:e6:52:6c:bd:61:0d:ba:
b5:6a:8d:ea
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEA8a3kzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTM4YmMyZTE0MmZiZWJlNWJkNTU3NWVhYWVlZmI5Zjc4OTBkZDZiMB4XDTIyMDQw
NTEyMTExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ4YTA4MjY3ZDBi
NGE3NGYxNGEyNDg4ZDMyNDU0ZGE4ZGQ1ZjU4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkfxlrF4KprFTE3O4/8e8zm6A4Wo2ea0xvQ2x13jW1FtILN
jEk4Q+jT7meAo5qI7YWle9kEZiPJ04HI95Pv9gBV/WiKG7miX/ZPt2d13yLQi+ZP
vHBo5KfPBMj8xJc1NjpjbqAQ5iF2cPoMLrVSz/xpE3cI09YsYfCMSpg2AokDNiLm
5iT7Kr2pGA7jObnU2M2zPlV4+P0CaqoGOrFcl3UlAjTQbh8wUjSOE0sbnrLmMGOA
6CIRj7LMp3NeR4CJYeXQIq+crU1ORczY5lDJmcRt6w5Fj1FsOpSMx7zvG+3Yp7xF
XceJPrdrtLfJXBUf/83EYk2UI4PLeBdgdUqOPzsCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRdiggmfQtKdPFKJIjTJFTajdX1jjAfBgNVHSMEGDAWgBSeOLwuFC++vlvV
V16q7vufeJDdazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25qaThMaFF2dnI1YjFWZGVxdTc3bjNpUTNXcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNmNmMmU2LWIwODMtNGFmZC04Y2M3LTIwYTExNzM1ODlkZi8x
L1hZb0lKbjBMU25UeFNpU0kweVJVMm8zVjlZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NmNmMmU2LWIwODMtNGFmZC04Y2M3LTIwYTExNzM1ODlkZi8xL25qaThMaFF2dnI1
YjFWZGVxdTc3bjNpUTNXcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEAi2d6AMEArn+YAMEAMIw2TAYBAIA
AjASMBADBgAqDErAEQMGACoMSsASMA0GCSqGSIb3DQEBCwUAA4IBAQB2KeDT/Jux
CLFwktfsxscElO1tnl0dmmDACMvVxJz8TKe13/Xk6y5oGH1emNVOfKH/c8u0y7vr
ZLppn9h3Cpvh/dTVEFewZMIXLYKJ3UIdfsaRSssP9w1BZoLEYSiUa1r65rH5/gpF
8Bhn6NxEh6oSK5YHyW00HhNfIYrHxxcuS6mDdGZj6kx/Z05iofhYIUB7Efx2E9EG
p/c2b3LD0F5zAhvIOqyYoXvSQElEmsASZoGZRXx+RDh1Q5e5axbBqPApz6FNWPZG
EVTc70lc4ds3kMldx6FLimdTDE+QRHd0Q+IvRLQ2an3nj/2oHPZZBzkZRXVR9OZS
bL1hDbq1ao3q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:00 2025 by rpki-client