Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/sqv5W5W4b3gAI8qkQgT8Usve8cM.roa
File: sqv5W5W4b3gAI8qkQgT8Usve8cM.roa (raw, json)
Hash identifier: gZWj7xwdNHfOxbS0PE/g0OxHGHycKIm9d/nVaeRNePY=
Subject key identifier: B2:AB:F9:5B:95:B8:6F:78:00:23:CA:A4:42:04:FC:52:CB:DE:F1:C3
Certificate issuer: /CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Certificate serial: 018BF70F80EFC9DD8A9BD81D633D5D77D84A
Authority key identifier: 3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/sqv5W5W4b3gAI8qkQgT8Usve8cM.roa
Signing time: Wed 22 Nov 2023 12:44:30 +0000
ROA not before: Wed 22 Nov 2023 12:44:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29684
IP address blocks: 46.235.88.0/21 maxlen: 24
212.12.160.0/19 maxlen: 24
212.12.162.0/23 maxlen: 23
212.12.162.0/24 maxlen: 24
212.12.163.0/24 maxlen: 24
212.12.164.0/23 maxlen: 23
212.12.169.0/24 maxlen: 24
212.12.170.0/23 maxlen: 23
176.241.184.0/21 maxlen: 24
212.12.172.0/23 maxlen: 23
212.12.166.0/23 maxlen: 23
212.12.168.0/24 maxlen: 24
212.12.168.0/23 maxlen: 23
212.12.174.0/24 maxlen: 24
212.12.174.0/23 maxlen: 23
212.12.176.0/20 maxlen: 20
212.12.175.0/24 maxlen: 24
212.12.176.0/23 maxlen: 23
212.12.176.0/24 maxlen: 24
212.12.177.0/24 maxlen: 24
212.12.178.0/23 maxlen: 23
212.12.183.0/24 maxlen: 24
212.12.184.0/23 maxlen: 23
212.12.185.0/24 maxlen: 24
212.12.186.0/23 maxlen: 23
212.12.180.0/23 maxlen: 23
212.12.182.0/23 maxlen: 23
212.12.182.0/24 maxlen: 24
212.12.187.0/24 maxlen: 24
212.12.188.0/23 maxlen: 23
212.12.189.0/24 maxlen: 24
212.12.190.0/23 maxlen: 23
212.12.191.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
185.10.112.0/22 maxlen: 24
178.20.144.0/21 maxlen: 24
62.204.48.0/24 maxlen: 24
2a00:1560::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:0f:80:ef:c9:dd:8a:9b:d8:1d:63:3d:5d:77:d8:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Validity
Not Before: Nov 22 12:44:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2abf95b95b86f780023caa44204fc52cbdef1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4f:f4:8a:36:53:b8:26:3e:a8:45:b8:87:ff:
f0:c2:cf:be:47:1b:e3:08:af:9e:e8:fd:20:e1:ea:
d3:0e:25:2c:23:de:bc:22:01:15:e8:a0:aa:af:e5:
99:e0:f0:cc:2a:ce:a6:58:84:9f:0c:02:88:08:31:
c5:e6:7f:3a:51:b1:30:0d:d2:e1:3e:f3:4a:68:74:
75:5c:26:38:51:07:03:08:4d:a8:ba:35:91:f2:e0:
8e:ae:04:d6:14:08:41:ee:29:c9:47:fd:b0:f9:76:
62:80:7b:f7:80:28:8b:34:3f:d5:12:8d:fb:f5:32:
e8:96:ea:a5:61:61:68:b3:95:d2:e5:38:51:cc:b5:
c5:27:8f:eb:46:f9:21:20:4d:1d:29:3e:76:6e:07:
2e:9d:9f:03:e4:80:2c:03:ad:c4:bd:ff:5f:54:73:
b5:37:44:55:8a:11:4a:fd:d8:a9:bc:33:8d:89:1c:
85:09:ec:c7:05:a5:9c:19:21:15:0d:fe:e7:38:c6:
e1:74:8a:61:34:71:1d:08:ab:25:5f:29:29:d1:54:
7a:5e:51:d7:ec:54:6b:ad:6f:f2:da:84:81:0f:90:
c5:4d:7a:37:97:e7:4a:9a:e7:6a:ed:7f:f4:7b:ff:
4f:79:85:04:30:01:3b:3f:96:d2:bb:5c:ec:57:66:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:AB:F9:5B:95:B8:6F:78:00:23:CA:A4:42:04:FC:52:CB:DE:F1:C3
X509v3 Authority Key Identifier:
keyid:3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/sqv5W5W4b3gAI8qkQgT8Usve8cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/OxFYOsoegFn9MeJn6DAtDC_gCNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
88.85.224.0/19
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
212.12.160.0/19
IPv6:
2a00:1560::/32
Signature Algorithm: sha256WithRSAEncryption
02:cc:d6:19:d9:6d:9f:97:a6:b3:6e:19:7a:98:ac:25:77:e6:
5e:8f:02:87:f4:9c:50:e4:ad:da:88:a6:61:45:59:c4:eb:64:
e3:66:8e:29:b5:11:7f:06:1c:0a:b3:4a:e6:cd:b4:d5:ef:d3:
43:4b:8c:a0:15:69:c6:25:7c:29:ad:a2:c1:e7:73:c8:1b:d3:
ac:01:13:38:4d:75:54:8f:46:4f:74:fb:01:8d:a9:0d:3f:45:
a8:ee:15:43:13:87:37:5d:d0:2b:80:02:b2:a9:bb:d3:5d:97:
5e:d3:06:60:bc:5c:9d:ae:ff:1d:dc:4f:1b:80:78:d9:59:2e:
a7:36:2f:1a:87:0f:37:04:85:80:68:b7:8a:cc:30:51:c4:10:
25:58:9b:ee:7c:a6:7a:ab:4b:d5:de:62:c6:9d:78:c7:7d:c3:
2f:cf:2f:a7:a1:ad:74:a9:6f:d6:1b:1c:71:53:71:d2:c0:e8:
ea:4b:c5:c8:9f:a1:7e:42:ec:d3:e3:e0:ab:4d:16:0a:4a:b8:
ea:24:d6:cd:3b:8c:48:bb:b2:d9:16:e4:6d:44:25:cb:f1:53:
05:51:a9:16:55:de:a8:db:46:35:3f:96:df:9e:73:91:8f:3d:
cb:b4:1b:b6:c9:50:8d:37:90:4f:b4:95:f1:4b:7d:5b:5f:c6:
fb:f9:da:9f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYv3D4Dvyd2Km9gdYz1dd9hKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTE1ODNhY2ExZTgwNTlmZDMxZTI2N2U4MzAyZDBjMmZl
MDA4ZDYwHhcNMjMxMTIyMTI0NDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmFiZjk1Yjk1Yjg2Zjc4MDAyM2NhYTQ0MjA0ZmM1MmNiZGVmMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE/0ijZTuCY+qEW4h//wws++Rxvj
CK+e6P0g4erTDiUsI968IgEV6KCqr+WZ4PDMKs6mWISfDAKICDHF5n86UbEwDdLh
PvNKaHR1XCY4UQcDCE2oujWR8uCOrgTWFAhB7inJR/2w+XZigHv3gCiLND/VEo37
9TLoluqlYWFos5XS5ThRzLXFJ4/rRvkhIE0dKT52bgcunZ8D5IAsA63Evf9fVHO1
N0RVihFK/dipvDONiRyFCezHBaWcGSEVDf7nOMbhdIphNHEdCKslXykp0VR6XlHX
7FRrrW/y2oSBD5DFTXo3l+dKmudq7X/0e/9PeYUEMAE7P5bSu1zsV2YtUwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLKr+VuVuG94ACPKpEIE/FLL3vHDMB8GA1UdIwQY
MBaAFDsRWDrKHoBZ/THiZ+gwLQwv4AjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEt
ZGNlMGQwYWU2NzAzLzEvc3F2NVc1VzRiM2dBSThxa1FnVDhVc3ZlOGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mM2ViY2UtOTYwOC00MTgwLWE4OTEtZGNlMGQwYWU2NzAz
LzEvT3hGWU9zb2VnRm45TWVKbjZEQXREQ19nQ05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLutYAwQA
PswwAwQFWFXgAwQDsPG4AwQDshSQAwQCuQpwAwQF1AygMA0EAgACMAcDBQAqABVg
MA0GCSqGSIb3DQEBCwUAA4IBAQACzNYZ2W2fl6azbhl6mKwld+ZejwKH9JxQ5K3a
iKZhRVnE62TjZo4ptRF/BhwKs0rmzbTV79NDS4ygFWnGJXwpraLB53PIG9OsARM4
TXVUj0ZPdPsBjakNP0Wo7hVDE4c3XdArgAKyqbvTXZde0wZgvFydrv8d3E8bgHjZ
WS6nNi8ahw83BIWAaLeKzDBRxBAlWJvufKZ6q0vV3mLGnXjHfcMvzy+noa10qW/W
GxxxU3HSwOjqS8XIn6F+QuzT4+CrTRYKSrjqJNbNO4xIu7LZFuRtRCXL8VMFUakW
Vd6o20Y1P5bfnnORjz3LtBu2yVCNN5BPtJXxS31bX8b7+dqf
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:21 2025 by rpki-client