Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/K8SSF5ynfGWT0G_uaQTtosCqJxA.roa
File: K8SSF5ynfGWT0G_uaQTtosCqJxA.roa (raw, json)
Hash identifier: qqwxzdvuZG0xhDBYyyPxizDJmz5b+wMgZvlBCg71lxI=
Subject key identifier: 2B:C4:92:17:9C:A7:7C:65:93:D0:6F:EE:69:04:ED:A2:C0:AA:27:10
Certificate issuer: /CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Certificate serial: 018571B0F91B939563B28688E695B774CC69
Authority key identifier: 9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/K8SSF5ynfGWT0G_uaQTtosCqJxA.roa
Signing time: Mon 02 Jan 2023 08:55:01 +0000
ROA not before: Mon 02 Jan 2023 08:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13110
IP address blocks: 194.24.164.0/23 maxlen: 23
94.127.104.0/21 maxlen: 21
80.87.32.0/20 maxlen: 20
109.173.128.0/17 maxlen: 17
185.44.172.0/22 maxlen: 22
85.221.128.0/17 maxlen: 17
151.249.80.0/21 maxlen: 21
46.228.80.0/20 maxlen: 20
77.65.0.0/17 maxlen: 17
195.160.180.0/23 maxlen: 23
62.21.0.0/17 maxlen: 17
88.151.136.0/21 maxlen: 21
46.238.64.0/18 maxlen: 18
185.14.72.0/22 maxlen: 22
2001:4020::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:f9:1b:93:95:63:b2:86:88:e6:95:b7:74:cc:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Validity
Not Before: Jan 2 08:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bc492179ca77c6593d06fee6904eda2c0aa2710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ee:ac:31:d8:c9:7e:be:ef:79:19:20:af:8a:
fa:fb:ea:54:8a:42:39:9a:ec:8a:5c:8c:1a:48:b3:
ee:b0:b9:8a:74:84:82:49:ba:6c:b0:70:2b:47:20:
16:f3:4d:99:61:6d:0a:08:9e:0a:ba:fd:5d:e1:ea:
73:42:4e:f1:6f:22:ec:64:75:1f:48:4f:1f:12:0e:
6b:8b:11:c2:59:fe:10:9b:75:52:39:e4:d9:06:fa:
04:7f:e8:dc:b7:72:84:22:b8:ee:f7:45:38:6a:f3:
da:92:ab:aa:c7:1c:0a:1c:36:73:1e:ce:ca:9b:40:
5e:c9:e8:23:01:9f:b7:8c:f1:f2:c4:0d:7d:1f:16:
03:a0:81:21:3f:85:d7:78:31:15:b1:bb:92:8f:70:
7d:65:75:40:64:5a:16:63:ca:04:73:be:f4:8f:f4:
e4:66:72:af:80:1e:db:ae:f2:86:95:dc:e4:ef:e4:
d6:9e:e9:85:79:38:50:9b:fb:83:f9:7b:1c:72:79:
7f:30:7c:af:57:49:3d:f9:30:f6:a2:4e:65:79:43:
b2:5f:e2:67:d1:d7:12:fd:64:3e:96:e3:1b:a7:f5:
94:32:49:95:6b:b0:e0:18:fd:b9:e3:88:79:83:1d:
ad:db:d5:6f:51:5a:17:88:7f:36:76:51:0c:51:05:
0a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C4:92:17:9C:A7:7C:65:93:D0:6F:EE:69:04:ED:A2:C0:AA:27:10
X509v3 Authority Key Identifier:
keyid:9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/K8SSF5ynfGWT0G_uaQTtosCqJxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.80.0/20
46.238.64.0/18
62.21.0.0/17
77.65.0.0/17
80.87.32.0/20
85.221.128.0/17
88.151.136.0/21
94.127.104.0/21
109.173.128.0/17
151.249.80.0/21
185.14.72.0/22
185.44.172.0/22
194.24.164.0/23
195.160.180.0/23
IPv6:
2001:4020::/32
Signature Algorithm: sha256WithRSAEncryption
be:20:32:bd:ba:44:9f:52:c7:83:9f:60:4a:73:8a:fc:bc:9c:
34:8a:f1:78:5f:71:87:36:4f:cf:89:49:3d:b5:06:bf:24:b3:
75:c7:a4:d3:81:72:09:17:8d:0a:5f:75:89:ce:23:18:94:53:
97:ca:e7:6a:56:74:8c:7b:29:4a:71:cf:93:63:b7:fb:5f:d7:
58:09:75:52:da:8a:c6:4d:0f:85:46:95:cd:62:fe:f1:35:9a:
63:69:67:6f:30:60:e4:cc:69:3d:1c:f0:ef:0f:d2:56:b8:bb:
3f:f4:d6:6a:d9:86:a3:ea:5d:cb:ff:a6:d4:cd:25:e2:4b:80:
94:c9:82:ac:da:40:36:3e:03:22:b7:a3:df:44:4e:6a:3d:32:
77:80:dc:d6:f7:e8:92:0f:83:b7:41:fe:5d:cf:1e:84:0e:f1:
33:2e:ba:01:51:fb:84:38:47:06:00:e3:bb:5a:3e:de:5a:a3:
25:1c:5d:08:15:f9:30:19:47:fa:a7:86:1f:52:58:cf:7d:71:
e3:17:59:56:45:01:57:aa:5d:e4:38:d5:71:0a:ef:07:f2:bc:
78:ce:0d:8b:b8:96:b6:0d:cf:3f:31:61:d8:83:fa:5d:5f:51:
01:2c:aa:b8:94:69:d8:46:b6:00:f7:bb:c5:22:70:81:9e:b8:
96:ea:56:ec
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYVxsPkbk5VjsoaI5pW3dMxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNmI3YjNlYTYwZWZiNGE1NzlhNGY1ZTIzN2VhN2E4OGQz
YmMwNzgwHhcNMjMwMTAyMDg1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmM0OTIxNzljYTc3YzY1OTNkMDZmZWU2OTA0ZWRhMmMwYWEyNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne6sMdjJfr7veRkgr4r6++pUikI5
muyKXIwaSLPusLmKdISCSbpssHArRyAW802ZYW0KCJ4Kuv1d4epzQk7xbyLsZHUf
SE8fEg5rixHCWf4Qm3VSOeTZBvoEf+jct3KEIrju90U4avPakquqxxwKHDZzHs7K
m0BeyegjAZ+3jPHyxA19HxYDoIEhP4XXeDEVsbuSj3B9ZXVAZFoWY8oEc770j/Tk
ZnKvgB7brvKGldzk7+TWnumFeThQm/uD+Xsccnl/MHyvV0k9+TD2ok5leUOyX+Jn
0dcS/WQ+luMbp/WUMkmVa7DgGP2544h5gx2t29VvUVoXiH82dlEMUQUKCQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFCvEkhecp3xlk9Bv7mkE7aLAqicQMB8GA1UdIwQY
MBaAFJtrez6mDvtKV5pPXiN+p6iNO8B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAt
ZTc0ZDhkMWQ0ZTAyLzEvSzhTU0Y1eW5mR1dUMEdfdWFRVHRvc0NxSnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAtZTc0ZDhkMWQ0ZTAy
LzEvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQELuRQAwQG
Lu5AAwQHPhUAAwQHTUEAAwQEUFcgAwQHVd2AAwQDWJeIAwQDXn9oAwQHba2AAwQD
l/lQAwQCuQ5IAwQCuSysAwQBwhikAwQBw6C0MA0EAgACMAcDBQAgAUAgMA0GCSqG
SIb3DQEBCwUAA4IBAQC+IDK9ukSfUseDn2BKc4r8vJw0ivF4X3GHNk/PiUk9tQa/
JLN1x6TTgXIJF40KX3WJziMYlFOXyudqVnSMeylKcc+TY7f7X9dYCXVS2orGTQ+F
RpXNYv7xNZpjaWdvMGDkzGk9HPDvD9JWuLs/9NZq2Yaj6l3L/6bUzSXiS4CUyYKs
2kA2PgMit6PfRE5qPTJ3gNzW9+iSD4O3Qf5dzx6EDvEzLroBUfuEOEcGAOO7Wj7e
WqMlHF0IFfkwGUf6p4YfUljPfXHjF1lWRQFXql3kONVxCu8H8rx4zg2LuJa2Dc8/
MWHYg/pdX1EBLKq4lGnYRrYA97vFInCBnriW6lbs
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:09 2025 by rpki-client