Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5FQLTPYGmhpXEL3wEAi0tZlyTxQ.roa
File: 5FQLTPYGmhpXEL3wEAi0tZlyTxQ.roa (raw, json)
Hash identifier: G1ARY3THZKTiCPr/uSvlBdqyrz4q2IMcKLOGRTUDGr8=
Subject key identifier: E4:54:0B:4C:F6:06:9A:1A:57:10:BD:F0:10:08:B4:B5:99:72:4F:14
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01886BD9F0132B956E020C0CD1FBB9EC0D50
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5FQLTPYGmhpXEL3wEAi0tZlyTxQ.roa
Signing time: Tue 30 May 2023 08:50:24 +0000
ROA not before: Tue 30 May 2023 08:50:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
46.23.109.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:d9:f0:13:2b:95:6e:02:0c:0c:d1:fb:b9:ec:0d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 30 08:50:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4540b4cf6069a1a5710bdf01008b4b599724f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d2:91:2a:c8:27:8b:77:55:b4:ae:c4:37:18:
af:cf:a8:d5:90:7a:51:29:4a:7c:b8:16:f6:25:bd:
ce:3c:72:61:f6:a5:ce:65:31:69:e2:44:1f:7e:6c:
ab:45:a7:72:0e:c0:de:d2:63:46:eb:29:06:5d:8c:
1a:e1:cd:71:e6:26:58:0f:bc:c2:33:03:03:c7:08:
bb:cf:47:14:6b:20:85:51:2d:0c:2d:10:39:b7:7c:
f8:85:7a:ec:f2:1e:72:dc:35:f3:02:f7:ff:98:81:
ca:c3:e3:a7:cb:f1:a1:06:dc:f8:3c:e6:a6:52:9c:
cc:7f:a3:2e:9f:a6:c9:19:7e:38:fe:75:61:fa:53:
d9:3c:f5:ec:5c:4a:39:e7:de:0b:5f:04:c4:14:8b:
b3:c8:d6:4b:d6:d5:64:b9:61:c0:b5:b0:cc:87:4a:
bc:fa:6f:de:5d:cf:c6:99:9b:6f:53:18:26:70:11:
4e:d6:57:99:f1:bd:63:ab:73:af:34:77:a8:ba:0e:
4f:f4:ad:78:6b:81:2d:b2:a3:12:93:4d:8a:10:dd:
bf:a0:64:c7:5a:ba:8b:2c:95:32:16:9c:f3:78:1e:
7f:27:6e:9a:f7:67:21:72:90:a2:98:c6:5e:cd:d7:
52:06:a1:cf:e2:13:53:a1:83:13:90:e0:e2:ca:f0:
55:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:54:0B:4C:F6:06:9A:1A:57:10:BD:F0:10:08:B4:B5:99:72:4F:14
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5FQLTPYGmhpXEL3wEAi0tZlyTxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.2.0/23
46.23.96.0/24
46.23.98.0/24
46.23.108.0/23
109.205.212.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:85:18:a7:77:a7:3b:e7:a5:6c:22:65:a5:9b:01:aa:cb:17:
bc:ce:55:ce:af:94:67:58:82:f7:54:3c:a0:fe:0b:8b:b4:54:
20:74:6f:79:28:1f:52:df:9c:e8:95:89:fa:b5:c4:b7:84:24:
eb:5a:e0:7e:ab:4d:2a:03:a1:13:fb:ca:25:71:77:2d:ab:fa:
c2:9a:5b:a9:f9:25:3f:9f:ac:2a:86:e4:a4:38:bc:b9:6e:5f:
76:28:e6:fd:9f:ca:69:4e:b6:b1:67:71:c9:8b:3f:60:a5:cc:
1b:47:37:0b:d7:05:4a:78:2f:27:75:69:00:5b:12:c6:19:6e:
c9:fb:7d:4c:04:d1:27:0e:e4:60:f8:85:fa:14:65:bc:42:a1:
c0:a2:e8:15:66:53:5b:b1:a8:1c:a0:e1:91:a6:0c:81:e4:fb:
f5:ee:de:cd:cd:ef:dd:d1:79:cd:5f:7d:18:d1:33:bb:7c:b2:
28:30:cb:bc:a1:fc:13:03:1a:63:b0:83:1e:60:af:22:2c:e3:
c8:bf:f9:83:b9:81:ff:59:48:80:41:dc:ed:66:29:34:7b:69:
3b:e4:43:4e:c6:73:8b:c7:db:6f:6e:84:5d:f3:59:b0:57:80:
1f:30:ba:0f:04:e0:da:78:a4:89:7e:b4:1a:2d:cc:fb:2a:98:
91:98:91:4e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhr2fATK5VuAgwM0fu57A1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNTMwMDg1MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU0MGI0Y2Y2MDY5YTFhNTcxMGJkZjAxMDA4YjRiNTk5NzI0ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdKRKsgni3dVtK7ENxivz6jVkHpR
KUp8uBb2Jb3OPHJh9qXOZTFp4kQffmyrRadyDsDe0mNG6ykGXYwa4c1x5iZYD7zC
MwMDxwi7z0cUayCFUS0MLRA5t3z4hXrs8h5y3DXzAvf/mIHKw+Ony/GhBtz4POam
UpzMf6Mun6bJGX44/nVh+lPZPPXsXEo5594LXwTEFIuzyNZL1tVkuWHAtbDMh0q8
+m/eXc/GmZtvUxgmcBFO1leZ8b1jq3OvNHeoug5P9K14a4EtsqMSk02KEN2/oGTH
WrqLLJUyFpzzeB5/J26a92chcpCimMZezddSBqHP4hNToYMTkODiyvBVowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFORUC0z2BpoaVxC98BAItLWZck8UMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvNUZRTFRQWUdtaHBYRUwzd0VBaTB0Wmx5VHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBbICAwQA
LhdgAwQALhdiAwQBLhdsAwQAbc3UMA0GCSqGSIb3DQEBCwUAA4IBAQDThRind6c7
56VsImWlmwGqyxe8zlXOr5RnWIL3VDyg/guLtFQgdG95KB9S35zolYn6tcS3hCTr
WuB+q00qA6ET+8olcXctq/rCmlup+SU/n6wqhuSkOLy5bl92KOb9n8ppTraxZ3HJ
iz9gpcwbRzcL1wVKeC8ndWkAWxLGGW7J+31MBNEnDuRg+IX6FGW8QqHAougVZlNb
sagcoOGRpgyB5Pv17t7Nze/d0XnNX30Y0TO7fLIoMMu8ofwTAxpjsIMeYK8iLOPI
v/mDuYH/WUiAQdztZik0e2k75ENOxnOLx9tvboRd81mwV4AfMLoPBODaeKSJfrQa
Lcz7KpiRmJFO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:06 2025 by rpki-client