Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/EJxhWHKQcaNyUgcWacFwyKLwIOQ.roa
File: EJxhWHKQcaNyUgcWacFwyKLwIOQ.roa (raw, json)
Hash identifier: CDdocEL0mBGIST7gdlnf6AqtXcb6Q4tWP5xku/pLoro=
Subject key identifier: 10:9C:61:58:72:90:71:A3:72:52:07:16:69:C1:70:C8:A2:F0:20:E4
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0184C8C58D8A05790484FC9EBCA60D2B80D2
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/EJxhWHKQcaNyUgcWacFwyKLwIOQ.roa
Signing time: Wed 30 Nov 2022 13:41:40 +0000
ROA not before: Wed 30 Nov 2022 13:41:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204197
IP address blocks: 164.215.96.0/22 maxlen: 22
46.23.100.0/22 maxlen: 22
85.158.148.0/22 maxlen: 22
37.128.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:c5:8d:8a:05:79:04:84:fc:9e:bc:a6:0d:2b:80:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Nov 30 13:41:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=109c6158729071a37252071669c170c8a2f020e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b0:bd:ff:98:e3:1f:f1:1e:ac:4c:91:33:97:
37:76:7f:c3:a5:94:9a:f4:80:0e:19:31:db:7a:79:
dd:22:90:8f:2b:1c:fb:ff:83:6f:92:ec:11:32:85:
96:a6:a6:8d:77:84:78:0c:32:8d:d6:97:ea:82:f8:
ca:08:cf:ea:85:f8:f4:f3:b7:cf:b3:54:0f:84:52:
92:cb:cd:ea:e0:b4:ea:6d:53:d8:5c:ce:ac:bf:34:
e8:af:24:8d:8a:3d:f1:48:8c:99:28:bd:ac:47:41:
28:c2:46:39:c2:20:e5:a0:e7:c6:e6:98:3d:91:f8:
b9:ca:ac:c0:7c:2d:8f:fa:a6:d2:b9:75:61:0d:4c:
e8:98:76:f2:64:56:18:f1:6c:72:84:99:87:17:c8:
40:c6:09:98:e4:7b:48:75:40:f7:03:f8:7d:de:f6:
4f:de:8d:3f:6d:75:ba:1f:47:7d:76:64:4d:72:5e:
81:68:b1:ac:60:18:25:e7:1e:3f:f4:8f:86:a8:5f:
ac:6e:ce:ea:99:f6:4d:e9:1a:9d:cf:e4:45:4e:1a:
dd:da:63:f4:2e:2b:66:64:e5:cf:3c:05:6a:b0:19:
e4:2c:b9:4f:eb:73:85:c8:0f:a0:7f:b0:a8:c6:a2:
82:9d:cd:a7:38:77:03:54:c6:74:64:63:65:08:54:
4e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9C:61:58:72:90:71:A3:72:52:07:16:69:C1:70:C8:A2:F0:20:E4
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/EJxhWHKQcaNyUgcWacFwyKLwIOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.200.0/22
46.23.100.0/22
85.158.148.0/22
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:b2:d5:34:4b:4f:74:81:55:e6:fd:0c:2d:f5:02:22:eb:0e:
5e:d4:f9:58:52:c3:18:b6:57:b9:73:50:d0:81:05:c6:10:6b:
0a:ac:7f:46:ca:b6:9c:92:71:a7:ee:04:3e:d2:1c:2c:bd:76:
33:67:c1:45:ce:59:b7:af:5b:2c:56:5e:0a:a1:c3:2f:7e:2d:
1c:d5:2f:18:fb:da:ef:02:02:09:19:ce:1f:9b:58:3b:04:80:
e2:38:e0:4c:a6:e8:13:1a:b4:bc:78:9b:ae:bf:0c:5c:29:2a:
1a:1e:5e:03:78:8a:02:2f:20:ff:f4:b9:4e:3d:04:9b:b0:a2:
75:54:80:f7:b8:f5:e6:58:ce:a0:dc:17:fe:b8:fa:4e:ca:46:
1e:3d:df:09:49:a5:c4:71:8a:ea:bc:3a:69:60:9b:a1:5f:05:
12:7d:d8:8e:3c:aa:67:bb:64:2b:63:54:66:68:66:5c:3b:29:
0a:4c:11:7c:c0:07:64:85:c6:5b:1c:ec:34:af:0f:c0:18:6d:
2a:ee:f2:12:48:74:74:75:6a:4d:93:f9:a6:bd:84:3b:f3:61:
dc:67:ae:bd:b0:31:ec:4f:31:3c:89:fc:70:d5:8a:b0:be:ad:
78:83:75:26:2d:00:0b:fc:00:fd:0b:5a:24:53:ee:d8:7a:c5:
49:f8:04:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTIxY2KBXkEhPyevKYNK4DSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMTMwMTM0MTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDljNjE1ODcyOTA3MWEzNzI1MjA3MTY2OWMxNzBjOGEyZjAyMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbC9/5jjH/EerEyRM5c3dn/DpZSa
9IAOGTHbenndIpCPKxz7/4NvkuwRMoWWpqaNd4R4DDKN1pfqgvjKCM/qhfj087fP
s1QPhFKSy83q4LTqbVPYXM6svzTorySNij3xSIyZKL2sR0EowkY5wiDloOfG5pg9
kfi5yqzAfC2P+qbSuXVhDUzomHbyZFYY8WxyhJmHF8hAxgmY5HtIdUD3A/h93vZP
3o0/bXW6H0d9dmRNcl6BaLGsYBgl5x4/9I+GqF+sbs7qmfZN6Rqdz+RFThrd2mP0
LitmZOXPPAVqsBnkLLlP63OFyA+gf7CoxqKCnc2nOHcDVMZ0ZGNlCFROCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBCcYVhykHGjclIHFmnBcMii8CDkMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvRUp4aFdIS1FjYU55VWdjV2FjRnd5S0x3SU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCJYDIAwQC
LhdkAwQCVZ6UAwQCpNdgMA0GCSqGSIb3DQEBCwUAA4IBAQBNstU0S090gVXm/Qwt
9QIi6w5e1PlYUsMYtle5c1DQgQXGEGsKrH9GyracknGn7gQ+0hwsvXYzZ8FFzlm3
r1ssVl4KocMvfi0c1S8Y+9rvAgIJGc4fm1g7BIDiOOBMpugTGrS8eJuuvwxcKSoa
Hl4DeIoCLyD/9LlOPQSbsKJ1VID3uPXmWM6g3Bf+uPpOykYePd8JSaXEcYrqvDpp
YJuhXwUSfdiOPKpnu2QrY1RmaGZcOykKTBF8wAdkhcZbHOw0rw/AGG0q7vISSHR0
dWpNk/mmvYQ782HcZ669sDHsTzE8ifxw1Yqwvq14g3UmLQAL/AD9C1okU+7YesVJ
+AS4
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:15 2025 by rpki-client