Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f9de18-c8c1-48fd-99ab-cfacb83fe8ed/1/N1l1pLQr670eqvik3we0mzB9aHM.roa
File: N1l1pLQr670eqvik3we0mzB9aHM.roa (raw, json)
Hash identifier: z5qwuvhHuKRMofGLGxzv9gb3EcFrE1ZWjb3nr1mT/z8=
Subject key identifier: 37:59:75:A4:B4:2B:EB:BD:1E:AA:F8:A4:DF:07:B4:9B:30:7D:68:73
Certificate issuer: /CN=be9b02bb81f7b5b0fb62a1a4a3dc5a88d1cbe4ff
Certificate serial: 0185719E62D18F251A56B800345572EB3CD1
Authority key identifier: BE:9B:02:BB:81:F7:B5:B0:FB:62:A1:A4:A3:DC:5A:88:D1:CB:E4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vpsCu4H3tbD7YqGko9xaiNHL5P8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f9de18-c8c1-48fd-99ab-cfacb83fe8ed/1/N1l1pLQr670eqvik3we0mzB9aHM.roa
Signing time: Mon 02 Jan 2023 08:34:43 +0000
ROA not before: Mon 02 Jan 2023 08:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201508
IP address blocks: 194.126.152.0/22 maxlen: 22
185.4.24.0/22 maxlen: 22
185.182.52.0/22 maxlen: 22
185.42.0.0/22 maxlen: 22
185.245.212.0/22 maxlen: 24
185.65.164.0/22 maxlen: 22
185.208.240.0/22 maxlen: 22
46.36.192.0/21 maxlen: 21
2a05:1c0::/29 maxlen: 29
2a04:8d80::/29 maxlen: 29
2a02:66c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:62:d1:8f:25:1a:56:b8:00:34:55:72:eb:3c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9b02bb81f7b5b0fb62a1a4a3dc5a88d1cbe4ff
Validity
Not Before: Jan 2 08:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=375975a4b42bebbd1eaaf8a4df07b49b307d6873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ea:3b:cb:cc:23:e8:f5:db:3e:62:85:fd:27:
71:98:a7:31:85:c2:f4:92:3d:63:2a:4c:84:8b:f2:
d6:95:ac:7f:eb:81:0d:a6:ed:c6:bc:aa:f4:31:c2:
8c:1f:8f:9f:a5:d9:d6:4b:2f:24:f7:4b:5c:ea:41:
24:44:62:c5:40:7a:81:be:8a:2b:3a:b8:05:5f:80:
17:a6:68:07:13:eb:b4:99:36:27:86:a7:83:df:c1:
23:5a:3d:d3:8a:12:5f:36:63:19:2e:a3:1c:b2:70:
d9:bb:50:5d:6f:9c:9a:0a:d5:fb:3f:a2:44:cb:f8:
c0:51:66:5e:14:f3:b5:41:c8:a7:4d:19:45:42:7b:
4a:89:63:4f:63:d4:3a:36:7b:03:53:e4:f1:a8:71:
1b:2c:35:44:f0:82:33:a1:7f:35:63:ef:ee:e7:2b:
68:8c:a8:8b:06:34:40:93:22:d3:0b:65:d9:bb:f1:
39:8a:48:ea:42:04:bd:3b:8f:10:c4:eb:f2:14:e6:
f2:b5:4a:0a:80:2e:2f:46:16:59:02:ea:f5:ef:fe:
e9:94:cf:6c:d4:dd:d6:ea:22:8c:4d:df:54:30:04:
e0:29:61:1d:16:a5:13:05:32:30:dc:98:9c:d0:bb:
05:11:5e:87:b4:37:ce:34:c1:89:6c:df:3c:04:6a:
7c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:59:75:A4:B4:2B:EB:BD:1E:AA:F8:A4:DF:07:B4:9B:30:7D:68:73
X509v3 Authority Key Identifier:
keyid:BE:9B:02:BB:81:F7:B5:B0:FB:62:A1:A4:A3:DC:5A:88:D1:CB:E4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vpsCu4H3tbD7YqGko9xaiNHL5P8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f9de18-c8c1-48fd-99ab-cfacb83fe8ed/1/N1l1pLQr670eqvik3we0mzB9aHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f9de18-c8c1-48fd-99ab-cfacb83fe8ed/1/vpsCu4H3tbD7YqGko9xaiNHL5P8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.192.0/21
185.4.24.0/22
185.42.0.0/22
185.65.164.0/22
185.182.52.0/22
185.208.240.0/22
185.245.212.0/22
194.126.152.0/22
IPv6:
2a02:66c0::/32
2a04:8d80::/29
2a05:1c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:09:98:0a:ab:cc:40:b7:d5:40:f6:d1:2c:c8:5e:e2:e1:80:
53:67:bd:40:05:c5:70:39:58:2d:68:da:7e:9a:b6:85:2c:01:
bc:cc:5c:27:2e:de:71:5d:26:c0:e2:37:92:eb:b8:70:f8:a4:
f2:fa:f2:89:4a:70:3e:e8:97:cd:6a:3b:5d:89:76:4d:4e:16:
0b:0e:e3:47:fd:db:c6:0a:dc:1f:c0:e5:66:c9:89:94:5b:3d:
d0:4e:5d:5c:89:b7:bb:55:80:1b:32:2f:68:0a:b5:00:81:95:
e2:7b:14:3c:1d:d4:e6:14:b7:8f:bb:bb:e9:a7:b6:1b:9c:71:
de:8d:bd:68:ae:81:3f:8b:65:78:e6:de:65:8a:74:1c:2d:4c:
fc:e5:2d:80:e7:5a:9b:da:be:48:d0:cf:ce:d7:17:41:42:52:
16:48:96:ae:23:21:cf:30:ca:2d:82:78:64:07:d3:05:3d:46:
cb:80:cb:9a:81:40:85:29:f3:a1:0e:71:3d:8f:37:15:df:9e:
95:42:18:89:dd:ef:ed:38:b8:30:63:a4:f6:6a:93:7b:a5:ad:
82:57:eb:f1:a4:e3:3b:63:f6:3e:18:e0:b4:0c:da:7e:fd:74:
d3:60:91:2e:d3:0c:ae:d2:f0:f9:92:5c:86:52:c2:e2:5f:53:
23:d0:96:3a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYVxnmLRjyUaVrgANFVy6zzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOWIwMmJiODFmN2I1YjBmYjYyYTFhNGEzZGM1YTg4ZDFj
YmU0ZmYwHhcNMjMwMTAyMDgzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzU5NzVhNGI0MmJlYmJkMWVhYWY4YTRkZjA3YjQ5YjMwN2Q2ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOo7y8wj6PXbPmKF/SdxmKcxhcL0
kj1jKkyEi/LWlax/64ENpu3GvKr0McKMH4+fpdnWSy8k90tc6kEkRGLFQHqBvoor
OrgFX4AXpmgHE+u0mTYnhqeD38EjWj3TihJfNmMZLqMcsnDZu1Bdb5yaCtX7P6JE
y/jAUWZeFPO1QcinTRlFQntKiWNPY9Q6NnsDU+TxqHEbLDVE8IIzoX81Y+/u5yto
jKiLBjRAkyLTC2XZu/E5ikjqQgS9O48QxOvyFObytUoKgC4vRhZZAur17/7plM9s
1N3W6iKMTd9UMATgKWEdFqUTBTIw3Jic0LsFEV6HtDfONMGJbN88BGp8fQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDdZdaS0K+u9Hqr4pN8HtJswfWhzMB8GA1UdIwQY
MBaAFL6bAruB97Ww+2KhpKPcWojRy+T/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnBzQ3U0SDN0YkQ3WXFHa285eGFpTkhMNVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mOWRlMTgtYzhjMS00OGZkLTk5YWIt
Y2ZhY2I4M2ZlOGVkLzEvTjFsMXBMUXI2NzBlcXZpazN3ZTBtekI5YUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mOWRlMTgtYzhjMS00OGZkLTk5YWItY2ZhY2I4M2ZlOGVk
LzEvdnBzQ3U0SDN0YkQ3WXFHa285eGFpTkhMNVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA2BAIAATAwAwQDLiTAAwQC
uQQYAwQCuSoAAwQCuUGkAwQCubY0AwQCudDwAwQCufXUAwQCwn6YMBsEAgACMBUD
BQAqAmbAAwUDKgSNgAMFAyoFAcAwDQYJKoZIhvcNAQELBQADggEBADIJmAqrzEC3
1UD20SzIXuLhgFNnvUAFxXA5WC1o2n6atoUsAbzMXCcu3nFdJsDiN5LruHD4pPL6
8olKcD7ol81qO12Jdk1OFgsO40f928YK3B/A5WbJiZRbPdBOXVyJt7tVgBsyL2gK
tQCBleJ7FDwd1OYUt4+7u+mnthuccd6NvWiugT+LZXjm3mWKdBwtTPzlLYDnWpva
vkjQz87XF0FCUhZIlq4jIc8wyi2CeGQH0wU9RsuAy5qBQIUp86EOcT2PNxXfnpVC
GInd7+04uDBjpPZqk3ulrYJX6/Gk4ztj9j4Y4LQM2n79dNNgkS7TDK7S8PmSXIZS
wuJfUyPQljo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:08 2025 by rpki-client