Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/XRupuv4HjRMnUV4Rak3skdkVyKQ.roa
File: XRupuv4HjRMnUV4Rak3skdkVyKQ.roa (raw, json)
Hash identifier: R8otnJ8iyq+NggGef7Jjz4siqMrUEWq4fwVSNQ1RXiA=
Subject key identifier: 5D:1B:A9:BA:FE:07:8D:13:27:51:5E:11:6A:4D:EC:91:D9:15:C8:A4
Certificate issuer: /CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Certificate serial: 0181F72D4D028EB89D4EB624469E5CA3A8A7
Authority key identifier: 4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/XRupuv4HjRMnUV4Rak3skdkVyKQ.roa
Signing time: Wed 13 Jul 2022 10:49:09 +0000
ROA not before: Wed 13 Jul 2022 10:49:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 194.28.156.0/24 maxlen: 25
194.28.158.0/24 maxlen: 25
194.104.4.0/24 maxlen: 25
212.69.132.0/24 maxlen: 24
194.104.5.0/24 maxlen: 25
194.104.6.0/24 maxlen: 25
212.69.133.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f7:2d:4d:02:8e:b8:9d:4e:b6:24:46:9e:5c:a3:a8:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b7d2c9ad36d9f881fa81fd475387fb870b5b4fb
Validity
Not Before: Jul 13 10:49:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d1ba9bafe078d1327515e116a4dec91d915c8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:6a:31:52:44:c5:be:6d:62:3e:35:30:0e:
ac:80:cf:93:67:ea:26:8d:a9:36:41:4a:ed:0a:0a:
f3:49:c2:21:1f:11:df:bc:dd:a3:11:ac:59:65:1b:
90:91:db:9d:e3:00:0d:fa:67:0c:e5:7c:43:4f:57:
bf:31:9f:d8:50:6f:10:c4:1b:2a:85:4f:02:03:d6:
68:64:c7:f6:b8:5c:f5:cb:da:38:e8:cb:77:97:31:
ec:bd:48:5d:88:87:b7:d1:3d:d0:62:05:24:c0:7f:
0f:0a:05:84:50:7f:98:36:7b:45:15:f7:ce:bc:6a:
b5:b0:7b:4f:34:c8:ad:2a:fe:55:41:ce:0c:7e:a4:
60:01:58:b6:31:04:7a:9d:23:4b:96:db:08:3b:a3:
b5:57:1e:b3:e9:39:7a:23:66:66:2e:5b:4f:fd:66:
0a:e0:e5:1b:1c:a8:5d:a1:a1:01:20:62:c9:26:87:
7f:1a:3f:80:23:43:9d:6e:ff:c8:fb:57:1b:32:b7:
40:c9:74:41:7b:8e:29:5d:bd:29:30:c1:6a:a7:eb:
8e:94:89:ae:21:7b:81:9d:00:20:13:6e:b1:9d:39:
1a:cc:5b:e9:42:a5:7a:63:39:39:a8:1b:ef:4d:71:
7e:68:39:5a:b9:7b:ae:26:32:54:c1:b3:7d:eb:43:
12:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1B:A9:BA:FE:07:8D:13:27:51:5E:11:6A:4D:EC:91:D9:15:C8:A4
X509v3 Authority Key Identifier:
keyid:4B:7D:2C:9A:D3:6D:9F:88:1F:A8:1F:D4:75:38:7F:B8:70:B5:B4:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S30smtNtn4gfqB_UdTh_uHC1tPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/XRupuv4HjRMnUV4Rak3skdkVyKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/930882-44b4-42e3-924f-f71c43daa59b/1/S30smtNtn4gfqB_UdTh_uHC1tPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
49:78:47:25:d7:e2:3f:c4:25:bd:6a:33:74:22:a4:f6:d4:f6:
63:07:9f:fd:29:61:13:a3:01:33:e1:34:8e:47:9f:57:52:f4:
0f:a2:3e:b8:f7:d4:c0:29:96:80:c2:d8:5a:91:e8:b4:71:a2:
80:81:42:3e:aa:87:06:01:00:07:5b:d6:83:f1:d5:db:af:9b:
16:13:62:92:00:c1:4d:38:96:0a:1f:d7:9b:da:d4:da:73:aa:
3f:37:48:22:c3:45:66:a6:97:bb:6c:46:e0:9b:23:bc:0a:c8:
49:fc:72:ce:f6:8c:36:f4:1c:17:00:3a:11:f4:14:68:c0:f3:
5c:63:92:07:cf:0c:18:14:65:a8:3d:90:d2:f4:fd:52:b5:9e:
36:90:54:80:e8:57:4f:1f:b6:74:c9:6c:bb:56:2c:7d:fe:e0:
1a:53:ba:3e:11:c2:8b:c5:d6:d0:45:15:0b:cd:6e:57:45:43:
0c:67:07:4b:b5:69:e3:f8:72:3b:38:c5:e2:85:6d:52:e4:de:
8a:19:55:41:06:7d:d8:cc:55:0c:c2:ce:d1:43:14:7d:41:2d:
6b:f5:de:d8:80:4b:b2:26:3a:f5:34:1b:13:4a:cd:4c:cf:52:
f7:73:43:57:39:00:fd:c3:a9:3e:c2:bb:1c:30:be:d0:cd:cd:
ff:c6:51:ca
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYH3LU0CjridTrYkRp5co6inMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiN2QyYzlhZDM2ZDlmODgxZmE4MWZkNDc1Mzg3ZmI4NzBi
NWI0ZmIwHhcNMjIwNzEzMTA0OTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFiYTliYWZlMDc4ZDEzMjc1MTVlMTE2YTRkZWM5MWQ5MTVjOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwshqMVJExb5tYj41MA6sgM+TZ+om
jak2QUrtCgrzScIhHxHfvN2jEaxZZRuQkdud4wAN+mcM5XxDT1e/MZ/YUG8QxBsq
hU8CA9ZoZMf2uFz1y9o46Mt3lzHsvUhdiIe30T3QYgUkwH8PCgWEUH+YNntFFffO
vGq1sHtPNMitKv5VQc4MfqRgAVi2MQR6nSNLltsIO6O1Vx6z6Tl6I2ZmLltP/WYK
4OUbHKhdoaEBIGLJJod/Gj+AI0Odbv/I+1cbMrdAyXRBe44pXb0pMMFqp+uOlImu
IXuBnQAgE26xnTkazFvpQqV6Yzk5qBvvTXF+aDlauXuuJjJUwbN960MSkQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFF0bqbr+B40TJ1FeEWpN7JHZFcikMB8GA1UdIwQY
MBaAFEt9LJrTbZ+IH6gf1HU4f7hwtbT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYt
ZjcxYzQzZGFhNTliLzEvWFJ1cHV2NEhqUk1uVVY0UmFrM3NrZGtWeUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MzA4ODItNDRiNC00MmUzLTkyNGYtZjcxYzQzZGFhNTli
LzEvUzMwc210TnRuNGdmcUJfVWRUaF91SEMxdFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEASXhHJdfiP8QlvWozdCKk9tT2Ywef/SlhE6MBM+E0jkefV1L0D6I+uPfUwCmW
gMLYWpHotHGigIFCPqqHBgEAB1vWg/HV26+bFhNikgDBTTiWCh/Xm9rU2nOqPzdI
IsNFZqaXu2xG4JsjvArISfxyzvaMNvQcFwA6EfQUaMDzXGOSB88MGBRlqD2Q0vT9
UrWeNpBUgOhXTx+2dMlsu1Ysff7gGlO6PhHCi8XW0EUVC81uV0VDDGcHS7Vp4/hy
OzjF4oVtUuTeihlVQQZ92MxVDMLO0UMUfUEta/Xe2IBLsiY69TQbE0rNTM9S93ND
VzkA/cOpPsK7HDC+0M3N/8ZRyg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:59 2023 by rpki-client on console-ams.rpki-client.org