Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/R7T8t1TSuXBcX2VSNgEZ-gQJ_dQ.roa
File: R7T8t1TSuXBcX2VSNgEZ-gQJ_dQ.roa (raw, json)
Hash identifier: yXSyO6LRAyTGBqp55SZiNvFvbwVZTBCrdVcnt7qJlWc=
Subject key identifier: 47:B4:FC:B7:54:D2:B9:70:5C:5F:65:52:36:01:19:FA:04:09:FD:D4
Certificate issuer: /CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Certificate serial: 0184F6C2C30E18A6130B1EA284A1F874EAED
Authority key identifier: 67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/R7T8t1TSuXBcX2VSNgEZ-gQJ_dQ.roa
Signing time: Fri 09 Dec 2022 12:01:09 +0000
ROA not before: Fri 09 Dec 2022 12:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57152
IP address blocks: 195.85.207.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2a09:cfc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:c2:c3:0e:18:a6:13:0b:1e:a2:84:a1:f8:74:ea:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67cfd7fae20d1d34b779dab669b8f0f07c9c34f8
Validity
Not Before: Dec 9 12:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47b4fcb754d2b9705c5f6552360119fa0409fdd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4b:59:00:41:76:2c:de:a1:5f:39:c9:a2:11:
70:ee:16:47:dc:e1:29:3e:c3:4d:e1:38:cc:8f:ab:
f3:ad:f7:83:6d:b3:b1:fc:ec:f0:94:c8:b3:b4:cc:
57:3b:ca:53:b4:cb:3b:4c:55:00:31:55:14:7f:42:
d6:93:bc:dd:f8:c3:eb:ec:b4:89:31:74:4f:15:5e:
89:f3:96:3b:df:32:be:0a:41:b8:fa:a7:33:1f:0a:
c0:fe:93:bf:1a:44:fc:52:10:cf:21:d5:0f:fb:eb:
a0:0d:3e:b5:05:9b:60:cf:ad:fe:56:da:ec:d5:de:
c9:cc:8e:70:7c:5d:cd:e2:3b:8a:51:4b:43:2b:57:
e1:66:bf:c8:12:52:d9:d8:23:9e:e5:42:f3:60:94:
41:24:7d:4e:69:43:34:31:6d:e7:d3:e6:ee:fc:f2:
cc:ce:4c:cc:40:fa:1e:67:39:2a:1d:7f:57:31:49:
e9:14:02:d0:6f:b9:48:6c:2a:71:98:6b:89:d0:54:
d3:77:34:9c:a1:11:da:99:ad:d5:af:0e:0b:de:4a:
47:9f:9a:09:eb:c1:cd:e1:b5:13:5e:41:25:67:9b:
be:73:5c:7e:4e:22:52:22:b6:b2:92:23:46:02:5b:
2e:f5:54:12:da:ff:91:63:2c:0c:e9:8b:10:46:b3:
7c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B4:FC:B7:54:D2:B9:70:5C:5F:65:52:36:01:19:FA:04:09:FD:D4
X509v3 Authority Key Identifier:
keyid:67:CF:D7:FA:E2:0D:1D:34:B7:79:DA:B6:69:B8:F0:F0:7C:9C:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8_X-uINHTS3edq2abjw8HycNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/R7T8t1TSuXBcX2VSNgEZ-gQJ_dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/62343d-d924-4378-a121-2b68ab2ad2e9/1/Z8_X-uINHTS3edq2abjw8HycNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.207.0/24
IPv6:
2a09:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
70:1f:62:fd:ba:ad:bf:29:2f:75:b5:0d:e5:72:f3:44:0c:45:
b9:72:43:50:86:af:fe:6c:be:c8:b6:d1:b7:42:bd:25:17:51:
c7:66:77:c3:2c:87:7f:8b:1b:62:7e:12:a2:f3:5a:f2:de:4c:
cf:58:44:4d:97:29:cc:64:39:d3:e2:42:08:4d:26:fe:31:7d:
50:5e:35:b8:d8:cf:de:37:3e:3f:be:81:f7:f3:12:b7:4e:41:
bd:b0:ce:36:ad:db:db:15:f6:10:fe:58:94:f9:af:0c:fd:39:
ee:38:b4:0a:82:e3:e3:e2:5b:90:b1:8c:16:1e:72:f0:02:d7:
14:70:6b:3e:e4:53:c4:98:15:2e:4d:01:55:dd:f5:a2:7e:65:
d2:10:59:00:7b:81:58:b1:ca:2d:79:eb:89:59:e8:51:18:6b:
c0:b6:bb:a8:b4:92:b3:2e:18:1e:12:83:09:df:8a:cb:50:dc:
72:c0:8f:15:12:4a:6b:9b:db:1c:1d:4d:08:28:94:d0:b3:3e:
1a:9c:13:d7:db:9e:bf:58:76:59:76:73:86:ca:3a:d3:0d:31:
9b:55:8b:a3:b3:c2:2d:56:24:ff:85:3f:2d:4f:ae:df:05:a9:
69:a9:1f:44:f6:a4:f1:f6:11:9c:d9:a9:3c:46:9a:d9:92:1f:
23:2c:76:46
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYT2wsMOGKYTCx6ihKH4dOrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3Y2ZkN2ZhZTIwZDFkMzRiNzc5ZGFiNjY5YjhmMGYwN2M5
YzM0ZjgwHhcNMjIxMjA5MTIwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I0ZmNiNzU0ZDJiOTcwNWM1ZjY1NTIzNjAxMTlmYTA0MDlmZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0tZAEF2LN6hXznJohFw7hZH3OEp
PsNN4TjMj6vzrfeDbbOx/OzwlMiztMxXO8pTtMs7TFUAMVUUf0LWk7zd+MPr7LSJ
MXRPFV6J85Y73zK+CkG4+qczHwrA/pO/GkT8UhDPIdUP++ugDT61BZtgz63+Vtrs
1d7JzI5wfF3N4juKUUtDK1fhZr/IElLZ2COe5ULzYJRBJH1OaUM0MW3n0+bu/PLM
zkzMQPoeZzkqHX9XMUnpFALQb7lIbCpxmGuJ0FTTdzScoRHama3Vrw4L3kpHn5oJ
68HN4bUTXkElZ5u+c1x+TiJSIraykiNGAlsu9VQS2v+RYywM6YsQRrN8WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEe0/LdU0rlwXF9lUjYBGfoECf3UMB8GA1UdIwQY
MBaAFGfP1/riDR00t3natmm48PB8nDT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEt
MmI2OGFiMmFkMmU5LzEvUjdUOHQxVFN1WEJjWDJWU05nRVotZ1FKX2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82MjM0M2QtZDkyNC00Mzc4LWExMjEtMmI2OGFiMmFkMmU5
LzEvWjhfWC11SU5IVFMzZWRxMmFianc4SHljTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCAjiYAwQC
ufKgAwQAw1XPMA0EAgACMAcDBQMqCc/AMA0GCSqGSIb3DQEBCwUAA4IBAQBwH2L9
uq2/KS91tQ3lcvNEDEW5ckNQhq/+bL7IttG3Qr0lF1HHZnfDLId/ixtifhKi81ry
3kzPWERNlynMZDnT4kIITSb+MX1QXjW42M/eNz4/voH38xK3TkG9sM42rdvbFfYQ
/liU+a8M/TnuOLQKguPj4luQsYwWHnLwAtcUcGs+5FPEmBUuTQFV3fWifmXSEFkA
e4FYscoteeuJWehRGGvAtruotJKzLhgeEoMJ34rLUNxywI8VEkprm9scHU0IKJTQ
sz4anBPX256/WHZZdnOGyjrTDTGbVYujs8ItViT/hT8tT67fBalpqR9E9qTx9hGc
2ak8RprZkh8jLHZG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:58 2025 by rpki-client