Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/AQw24XRFT11KjjmrnhKvBHsZ-pc.roa
File: AQw24XRFT11KjjmrnhKvBHsZ-pc.roa (raw, json)
Hash identifier: 9b3wTTA/CptCsTrc0M3UVt44T0LFIk/IxTEunU35n8Q=
Subject key identifier: 01:0C:36:E1:74:45:4F:5D:4A:8E:39:AB:9E:12:AF:04:7B:19:FA:97
Certificate issuer: /CN=5673fa6842973edf62d579b4efec2fa64fdbf8c8
Certificate serial: 01856F6FF955A41ACC3734C9AF1BF63590D5
Authority key identifier: 56:73:FA:68:42:97:3E:DF:62:D5:79:B4:EF:EC:2F:A6:4F:DB:F8:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/AQw24XRFT11KjjmrnhKvBHsZ-pc.roa
Signing time: Sun 01 Jan 2023 22:24:47 +0000
ROA not before: Sun 01 Jan 2023 22:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 78.135.112.0/24 maxlen: 24
212.68.47.0/24 maxlen: 24
95.214.72.0/22 maxlen: 22
31.210.62.0/23 maxlen: 24
2a09:da80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:f9:55:a4:1a:cc:37:34:c9:af:1b:f6:35:90:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5673fa6842973edf62d579b4efec2fa64fdbf8c8
Validity
Not Before: Jan 1 22:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=010c36e174454f5d4a8e39ab9e12af047b19fa97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e9:5c:d1:a0:31:91:8c:aa:44:f9:e1:8d:1d:
56:3d:44:a0:ee:2e:9b:26:7a:59:dd:f2:df:e9:e2:
3d:1d:87:b1:94:64:42:89:ce:ce:b5:62:43:4b:00:
53:0d:c8:9c:c9:6e:87:16:9a:82:72:b1:72:85:96:
f3:b6:02:ab:d7:c2:e4:95:16:f2:21:8e:91:8a:11:
8f:97:52:93:7b:9a:d3:d0:39:84:d2:9b:2d:15:6c:
71:92:26:fc:58:58:70:c7:96:e7:4c:65:bf:47:b7:
f1:a4:07:b3:6f:4d:9f:10:a3:06:eb:90:9b:a9:ea:
cd:1b:68:ef:9b:aa:e9:aa:60:de:35:e3:e1:eb:36:
6b:48:bc:4f:d9:9a:c6:fa:35:22:1e:90:51:3e:a3:
e9:d9:e3:85:67:a8:f8:51:28:4b:c2:49:b7:2b:1e:
d3:3f:1a:9b:30:bf:33:52:6d:34:13:fb:65:44:79:
76:8a:30:ab:78:b4:7c:f6:74:6c:4d:db:ca:95:3a:
72:85:11:ff:6a:f0:03:9d:b0:81:0e:7d:c9:2c:82:
65:ed:6c:47:87:a1:4e:e4:fa:85:00:bf:1d:c1:4e:
9d:42:3a:c5:f7:1a:f2:a0:94:cb:86:56:a0:14:07:
71:16:11:57:a2:c5:96:b8:d2:e4:bb:ba:1e:bb:3b:
aa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0C:36:E1:74:45:4F:5D:4A:8E:39:AB:9E:12:AF:04:7B:19:FA:97
X509v3 Authority Key Identifier:
keyid:56:73:FA:68:42:97:3E:DF:62:D5:79:B4:EF:EC:2F:A6:4F:DB:F8:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/AQw24XRFT11KjjmrnhKvBHsZ-pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/78e5eb-c2af-4462-b859-898996c861df/1/VnP6aEKXPt9i1Xm07-wvpk_b-Mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.62.0/23
78.135.112.0/24
95.214.72.0/22
212.68.47.0/24
IPv6:
2a09:da80::/29
Signature Algorithm: sha256WithRSAEncryption
9a:57:3a:77:6d:cf:db:b7:92:ca:0a:4c:8d:98:48:52:e4:d5:
d4:a7:26:e8:01:05:26:8a:36:77:c2:03:7e:2b:f7:50:51:54:
05:e1:81:bd:57:c7:ce:c6:83:2f:98:fc:56:00:db:76:31:a7:
28:9f:16:03:26:bd:56:f6:36:25:e8:7a:2e:33:87:55:cc:df:
39:d6:c7:c4:8f:d9:bc:40:76:f2:11:56:55:9e:5b:09:16:dc:
b1:5e:91:fa:35:b1:09:1c:06:3d:56:84:06:b8:b4:8e:6c:ae:
eb:61:c7:86:9f:94:a8:a4:a5:50:2d:f0:62:da:96:c1:b5:14:
ac:a3:ca:85:f4:d7:56:30:5e:b8:b8:52:76:10:03:54:ad:12:
02:35:a9:66:40:db:72:94:0f:bf:17:00:41:9a:2e:f9:6d:af:
f5:59:14:07:e4:cf:a2:b2:25:0e:fa:08:6c:a1:f6:cc:14:3f:
03:42:52:ad:bd:dd:3d:f6:c5:2c:e3:53:38:3a:61:7f:55:1e:
de:17:d5:30:c9:82:8c:27:de:87:b3:7f:80:72:9f:03:d1:a4:
47:2d:35:a3:15:33:ce:19:fa:ca:77:2f:46:79:49:3b:ac:3e:
d2:22:b4:2a:db:e4:89:60:2f:b5:70:e6:9f:20:6c:33:28:b1:
73:fb:36:41
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvb/lVpBrMNzTJrxv2NZDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NzNmYTY4NDI5NzNlZGY2MmQ1NzliNGVmZWMyZmE2NGZk
YmY4YzgwHhcNMjMwMTAxMjIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTBjMzZlMTc0NDU0ZjVkNGE4ZTM5YWI5ZTEyYWYwNDdiMTlmYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlulc0aAxkYyqRPnhjR1WPUSg7i6b
JnpZ3fLf6eI9HYexlGRCic7OtWJDSwBTDcicyW6HFpqCcrFyhZbztgKr18LklRby
IY6RihGPl1KTe5rT0DmE0pstFWxxkib8WFhwx5bnTGW/R7fxpAezb02fEKMG65Cb
qerNG2jvm6rpqmDeNePh6zZrSLxP2ZrG+jUiHpBRPqPp2eOFZ6j4UShLwkm3Kx7T
PxqbML8zUm00E/tlRHl2ijCreLR89nRsTdvKlTpyhRH/avADnbCBDn3JLIJl7WxH
h6FO5PqFAL8dwU6dQjrF9xryoJTLhlagFAdxFhFXosWWuNLku7oeuzuqiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAEMNuF0RU9dSo45q54SrwR7GfqXMB8GA1UdIwQY
MBaAFFZz+mhClz7fYtV5tO/sL6ZP2/jIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5QNmFFS1hQdDlpMVhtMDctd3Zwa19iLU1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83OGU1ZWItYzJhZi00NDYyLWI4NTkt
ODk4OTk2Yzg2MWRmLzEvQVF3MjRYUkZUMTFLamptcm5oS3ZCSHNaLXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83OGU1ZWItYzJhZi00NDYyLWI4NTktODk4OTk2Yzg2MWRm
LzEvVm5QNmFFS1hQdDlpMVhtMDctd3Zwa19iLU1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBH9I+AwQA
TodwAwQCX9ZIAwQA1EQvMA0EAgACMAcDBQMqCdqAMA0GCSqGSIb3DQEBCwUAA4IB
AQCaVzp3bc/bt5LKCkyNmEhS5NXUpyboAQUmijZ3wgN+K/dQUVQF4YG9V8fOxoMv
mPxWANt2MaconxYDJr1W9jYl6HouM4dVzN851sfEj9m8QHbyEVZVnlsJFtyxXpH6
NbEJHAY9VoQGuLSObK7rYceGn5SopKVQLfBi2pbBtRSso8qF9NdWMF64uFJ2EANU
rRICNalmQNtylA+/FwBBmi75ba/1WRQH5M+isiUO+ghsofbMFD8DQlKtvd099sUs
41M4OmF/VR7eF9UwyYKMJ96Hs3+Acp8D0aRHLTWjFTPOGfrKdy9GeUk7rD7SIrQq
2+SJYC+1cOafIGwzKLFz+zZB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:30 2025 by rpki-client