Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/9ZMu_a7DHebwalxkBQ43SuZio4w.roa
File: 9ZMu_a7DHebwalxkBQ43SuZio4w.roa (raw, json)
Hash identifier: bE3V0+foYZ1fYW+Rnf4xxafPPGOx4TC8CPTbrbmKL7k=
Subject key identifier: F5:93:2E:FD:AE:C3:1D:E6:F0:6A:5C:64:05:0E:37:4A:E6:62:A3:8C
Certificate issuer: /CN=f47bcb3f8eb6012cbd03897ada415ec282bfadec
Certificate serial: 08067A17
Authority key identifier: F4:7B:CB:3F:8E:B6:01:2C:BD:03:89:7A:DA:41:5E:C2:82:BF:AD:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9HvLP462ASy9A4l62kFewoK_rew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/9ZMu_a7DHebwalxkBQ43SuZio4w.roa
Signing time: Sat 01 Jan 2022 02:59:16 +0000
ROA not before: Sat 01 Jan 2022 02:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25124
IP address blocks: 109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
109.162.232.0/23 maxlen: 23
109.162.232.0/21 maxlen: 21
109.162.144.0/20 maxlen: 20
109.162.160.0/20 maxlen: 20
109.162.176.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
91.184.84.0/22 maxlen: 22
91.184.80.0/21 maxlen: 21
91.184.80.0/22 maxlen: 22
91.184.80.0/20 maxlen: 20
213.207.240.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
81.91.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134642199 (0x8067a17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f47bcb3f8eb6012cbd03897ada415ec282bfadec
Validity
Not Before: Jan 1 02:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5932efdaec31de6f06a5c64050e374ae662a38c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:83:e8:b5:e4:38:b2:91:a4:43:db:5b:e5:a9:
c1:5c:f0:c4:03:a6:a0:8c:a5:f0:0e:b7:ea:80:fc:
ac:4f:3c:ed:e7:61:6d:4c:c5:f4:37:b8:83:a8:fe:
32:b1:2f:35:4d:73:31:33:0e:9c:d1:fb:b0:26:cd:
ff:30:52:aa:c5:80:55:5f:6f:1d:9c:db:48:76:18:
3c:2f:fd:bf:8e:ea:d0:67:21:4b:b6:4e:bf:51:e7:
b4:c5:c3:74:bd:85:95:f6:44:e9:be:cc:35:51:8e:
d8:f8:93:95:d5:d5:d4:09:a6:42:07:80:72:29:92:
66:25:91:b6:06:bc:66:94:be:8f:86:a4:d2:f4:bd:
cd:75:ff:9c:14:ab:e6:80:1a:85:ab:09:49:e1:70:
2e:a0:4b:6d:bf:c7:93:28:7a:1c:16:0f:0f:64:1c:
8e:55:ca:5c:43:93:ee:6e:80:6c:68:2d:d8:bf:f8:
59:34:1b:99:8b:c7:9c:52:a2:95:d2:67:1b:74:3e:
ca:ac:32:8a:f0:cd:5e:65:e5:80:80:a7:41:96:55:
99:6b:83:9f:0d:30:32:4f:45:80:2d:90:8e:c4:90:
7c:77:7c:fb:58:d0:11:dc:51:06:f1:e3:e0:a2:e4:
a6:61:91:70:16:9f:45:57:94:98:8b:b9:8b:92:88:
c0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:93:2E:FD:AE:C3:1D:E6:F0:6A:5C:64:05:0E:37:4A:E6:62:A3:8C
X509v3 Authority Key Identifier:
keyid:F4:7B:CB:3F:8E:B6:01:2C:BD:03:89:7A:DA:41:5E:C2:82:BF:AD:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9HvLP462ASy9A4l62kFewoK_rew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/9ZMu_a7DHebwalxkBQ43SuZio4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/9HvLP462ASy9A4l62kFewoK_rew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
08:fa:67:84:e3:65:f9:3c:71:19:1a:94:85:d6:f2:98:ea:1e:
1c:3c:2c:f3:7a:95:13:f8:69:bf:5e:35:bb:37:64:7d:87:82:
bd:5f:db:a8:c9:bb:6d:df:a8:07:60:f3:87:12:fc:7f:ef:76:
ef:76:b5:78:4b:b3:4d:a7:73:df:48:5f:22:e7:85:55:1b:16:
b5:72:de:e5:85:8f:5f:29:da:fe:13:77:67:02:69:eb:88:d6:
11:2f:85:bf:22:43:42:45:94:70:23:c3:14:f4:3b:4c:08:ff:
29:7e:aa:f5:81:19:50:fe:d0:f1:86:0d:d1:86:d0:0c:4f:56:
29:18:93:b7:47:e2:0a:89:8e:a1:44:7f:24:74:ca:0e:e5:99:
b9:49:e1:15:af:d7:a4:d5:0a:17:a6:36:15:d6:6d:5c:9b:f6:
a8:dd:f4:e4:bb:e2:48:1c:f0:3d:48:a9:5f:e8:19:39:95:9b:
9c:d5:d3:ec:04:6c:36:39:7d:bb:f7:ed:1a:37:f0:c7:96:92:
a9:73:82:a8:ad:6d:f5:87:3f:55:48:d5:bc:67:ac:a8:28:6e:
7c:34:48:0b:24:28:25:ef:50:ae:93:66:b3:25:25:d9:49:fa:
8d:8c:33:22:b8:36:9c:11:d0:2b:d9:de:a1:e1:8c:d7:f5:e9:
58:89:e3:e4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECAZ6FzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDdiY2IzZjhlYjYwMTJjYmQwMzg5N2FkYTQxNWVjMjgyYmZhZGVjMB4XDTIyMDEw
MTAyNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjU5MzJlZmRhZWMz
MWRlNmYwNmE1YzY0MDUwZTM3NGFlNjYyYTM4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeD6LXkOLKRpEPbW+WpwVzwxAOmoIyl8A636oD8rE887edh
bUzF9De4g6j+MrEvNU1zMTMOnNH7sCbN/zBSqsWAVV9vHZzbSHYYPC/9v47q0Gch
S7ZOv1HntMXDdL2FlfZE6b7MNVGO2PiTldXV1AmmQgeAcimSZiWRtga8ZpS+j4ak
0vS9zXX/nBSr5oAahasJSeFwLqBLbb/Hkyh6HBYPD2QcjlXKXEOT7m6AbGgt2L/4
WTQbmYvHnFKildJnG3Q+yqwyivDNXmXlgICnQZZVmWuDnw0wMk9FgC2QjsSQfHd8
+1jQEdxRBvHj4KLkpmGRcBafRVeUmIu5i5KIwBkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBT1ky79rsMd5vBqXGQFDjdK5mKjjDAfBgNVHSMEGDAWgBT0e8s/jrYBLL0D
iXraQV7Cgr+t7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlIdkxQNDYyQVN5OUE0bDYya0Zld29LX3Jldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvMGFlZTk0LTNjYmEtNGU1NC04MzM2LThlMDdiZjgwMjkwZS8x
LzlaTXVfYTdESGVid2FseGtCUTQzU3VaaW80dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
MGFlZTk0LTNjYmEtNGU1NC04MzM2LThlMDdiZjgwMjkwZS8xLzlIdkxQNDYyQVN5
OUE0bDYya0Zld29LX3Jldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wLQQCAAEwJwMEBFFbgAMEBFu4UDAMAwQHbaKAAwQE
baLgMAsDBATVz9ADAwTVwDANBgkqhkiG9w0BAQsFAAOCAQEACPpnhONl+TxxGRqU
hdbymOoeHDws83qVE/hpv141uzdkfYeCvV/bqMm7bd+oB2DzhxL8f+9273a1eEuz
Tadz30hfIueFVRsWtXLe5YWPXyna/hN3ZwJp64jWES+FvyJDQkWUcCPDFPQ7TAj/
KX6q9YEZUP7Q8YYN0YbQDE9WKRiTt0fiComOoUR/JHTKDuWZuUnhFa/XpNUKF6Y2
FdZtXJv2qN305LviSBzwPUipX+gZOZWbnNXT7ARsNjl9u/ftGjfwx5aSqXOCqK1t
9Yc/VUjVvGesqChufDRICyQoJe9QrpNmsyUl2Un6jYwzIrg2nBHQK9neoeGM1/Xp
WInj5A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:50 2023 by rpki-client on console-fra.rpki-client.org