Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/lXUZ-5ebQ2i_aiPCfjiD8MAk5K0.roa
File: lXUZ-5ebQ2i_aiPCfjiD8MAk5K0.roa (raw, json)
Hash identifier: cFWYDTiUy9Nph0LUWnH7SFgmkRhSHZhQszVSEEZDMtE=
Subject key identifier: 95:75:19:FB:97:9B:43:68:BF:6A:23:C2:7E:38:83:F0:C0:24:E4:AD
Certificate issuer: /CN=f47bcb3f8eb6012cbd03897ada415ec282bfadec
Certificate serial: 08073B5D
Authority key identifier: F4:7B:CB:3F:8E:B6:01:2C:BD:03:89:7A:DA:41:5E:C2:82:BF:AD:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9HvLP462ASy9A4l62kFewoK_rew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/lXUZ-5ebQ2i_aiPCfjiD8MAk5K0.roa
Signing time: Sat 01 Jan 2022 02:59:17 +0000
ROA not before: Sat 01 Jan 2022 02:59:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44400
IP address blocks: 109.162.240.0/24 maxlen: 24
94.139.176.0/20 maxlen: 20
109.162.246.0/24 maxlen: 24
109.162.245.0/24 maxlen: 24
109.162.244.0/24 maxlen: 24
109.162.243.0/24 maxlen: 24
109.162.242.0/24 maxlen: 24
109.162.241.0/24 maxlen: 24
109.162.240.0/20 maxlen: 20
109.162.248.0/24 maxlen: 24
109.162.247.0/24 maxlen: 24
109.162.253.0/24 maxlen: 24
109.162.252.0/24 maxlen: 24
109.162.251.0/24 maxlen: 24
109.162.250.0/24 maxlen: 24
109.162.249.0/24 maxlen: 24
109.162.255.0/24 maxlen: 24
109.162.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134691677 (0x8073b5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f47bcb3f8eb6012cbd03897ada415ec282bfadec
Validity
Not Before: Jan 1 02:59:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=957519fb979b4368bf6a23c27e3883f0c024e4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c7:f3:aa:44:30:e6:fe:6d:71:eb:80:2a:1b:
e2:9c:9a:d7:81:f6:1b:15:b8:08:cb:6c:50:bf:10:
0b:37:e0:ef:54:49:ea:1c:6f:cf:90:8a:56:ab:eb:
94:8c:b0:b5:e7:32:19:a4:13:41:26:a4:e0:cc:56:
58:24:13:c3:50:d4:7c:5a:e1:da:ca:3e:9c:3c:0f:
3d:86:cc:77:1d:16:d8:a4:f9:fb:e2:eb:76:04:e9:
55:22:b5:58:51:0c:75:57:6e:f9:b2:0b:8f:c6:05:
fa:26:c9:41:14:3b:51:79:7b:18:b9:38:18:09:9d:
34:a2:d8:8e:f4:13:2d:3b:b1:78:44:8d:db:7e:99:
49:f5:0b:9f:83:33:77:7d:36:03:85:e6:3b:7f:e7:
d8:a9:8b:33:62:f0:3b:34:2d:44:73:9d:73:b0:e5:
45:e1:ae:96:a0:5f:0f:19:64:ef:e5:04:4a:3b:01:
e5:2b:6f:aa:4f:4b:21:f1:1c:9e:74:5d:b4:76:c8:
1a:00:c0:1c:13:d6:9d:d3:1a:67:94:8f:d5:63:68:
b9:90:66:c9:c7:a7:69:a5:0e:ee:24:76:b0:8d:44:
bb:ea:86:10:7f:34:31:d1:40:d2:dc:51:c8:97:b0:
88:5d:3e:3b:d7:0e:96:81:ed:ef:d6:ab:50:ed:90:
9d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:75:19:FB:97:9B:43:68:BF:6A:23:C2:7E:38:83:F0:C0:24:E4:AD
X509v3 Authority Key Identifier:
keyid:F4:7B:CB:3F:8E:B6:01:2C:BD:03:89:7A:DA:41:5E:C2:82:BF:AD:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9HvLP462ASy9A4l62kFewoK_rew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/lXUZ-5ebQ2i_aiPCfjiD8MAk5K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0aee94-3cba-4e54-8336-8e07bf80290e/1/9HvLP462ASy9A4l62kFewoK_rew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.176.0/20
109.162.240.0/20
Signature Algorithm: sha256WithRSAEncryption
90:c8:98:aa:a8:bb:a5:e6:af:d4:ef:39:46:e8:f7:ce:63:1d:
a9:85:73:cd:5e:5c:3e:a1:8c:d5:e6:63:73:85:47:16:a9:da:
7e:02:1c:d3:ab:1c:60:b2:b7:c8:c6:b1:05:05:0b:2e:10:78:
4b:91:e0:5e:df:09:64:12:3d:83:b2:1d:b9:f6:92:6e:89:32:
18:b0:6c:90:83:1b:a1:42:5e:76:a3:63:3c:33:81:ce:68:8c:
b2:0e:aa:02:12:c5:a7:ff:66:49:5f:88:b2:1b:d4:6d:55:6f:
cc:7c:c3:b8:5c:e3:72:a4:75:9b:9e:ec:f6:a9:41:0c:cc:ec:
8f:83:97:c8:66:49:64:7d:a2:17:e2:32:43:84:08:dd:cc:aa:
e3:1d:b6:a0:1b:08:06:8c:60:44:23:bc:7f:8b:5e:05:4b:cf:
64:31:79:0f:b1:63:66:e4:cc:d7:6e:e3:e8:d1:e9:ce:ef:c0:
d4:ec:42:73:34:b0:cc:36:a6:a3:54:cb:e4:23:f7:5d:b6:4a:
4b:56:fa:67:c3:e6:cb:31:ea:21:4e:9e:20:59:04:9a:a0:e1:
8f:ba:e2:ab:76:29:10:0c:06:7a:f8:b8:17:ac:1e:8c:06:24:
80:05:ca:40:cf:a4:cd:0a:7d:d8:d5:a1:d7:45:bd:ca:7a:7a:
6d:64:d6:f9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECAc7XTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDdiY2IzZjhlYjYwMTJjYmQwMzg5N2FkYTQxNWVjMjgyYmZhZGVjMB4XDTIyMDEw
MTAyNTkxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU3NTE5ZmI5Nzli
NDM2OGJmNmEyM2MyN2UzODgzZjBjMDI0ZTRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjH86pEMOb+bXHrgCob4pya14H2GxW4CMtsUL8QCzfg71RJ
6hxvz5CKVqvrlIywtecyGaQTQSak4MxWWCQTw1DUfFrh2so+nDwPPYbMdx0W2KT5
++LrdgTpVSK1WFEMdVdu+bILj8YF+ibJQRQ7UXl7GLk4GAmdNKLYjvQTLTuxeESN
236ZSfULn4Mzd302A4XmO3/n2KmLM2LwOzQtRHOdc7DlReGulqBfDxlk7+UESjsB
5Stvqk9LIfEcnnRdtHbIGgDAHBPWndMaZ5SP1WNouZBmycenaaUO7iR2sI1Eu+qG
EH80MdFA0txRyJewiF0+O9cOloHt79arUO2QnaECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSVdRn7l5tDaL9qI8J+OIPwwCTkrTAfBgNVHSMEGDAWgBT0e8s/jrYBLL0D
iXraQV7Cgr+t7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlIdkxQNDYyQVN5OUE0bDYya0Zld29LX3Jldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvMGFlZTk0LTNjYmEtNGU1NC04MzM2LThlMDdiZjgwMjkwZS8x
L2xYVVotNWViUTJpX2FpUENmamlEOE1BazVLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
MGFlZTk0LTNjYmEtNGU1NC04MzM2LThlMDdiZjgwMjkwZS8xLzlIdkxQNDYyQVN5
OUE0bDYya0Zld29LX3Jldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBF6LsAMEBG2i8DANBgkqhkiG9w0B
AQsFAAOCAQEAkMiYqqi7peav1O85Ruj3zmMdqYVzzV5cPqGM1eZjc4VHFqnafgIc
06scYLK3yMaxBQULLhB4S5HgXt8JZBI9g7IdufaSbokyGLBskIMboUJedqNjPDOB
zmiMsg6qAhLFp/9mSV+IshvUbVVvzHzDuFzjcqR1m57s9qlBDMzsj4OXyGZJZH2i
F+IyQ4QI3cyq4x22oBsIBoxgRCO8f4teBUvPZDF5D7FjZuTM127j6NHpzu/A1OxC
czSwzDamo1TL5CP3XbZKS1b6Z8PmyzHqIU6eIFkEmqDhj7riq3YpEAwGevi4F6we
jAYkgAXKQM+kzQp92NWh10W9ynp6bWTW+Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:41 2023 by rpki-client on console-ams.rpki-client.org