Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/cH2SddlAkJNgU9W3br0SKSTykWs.roa
File: cH2SddlAkJNgU9W3br0SKSTykWs.roa (raw, json)
Hash identifier: uraUvZxqtTBrcpCHaeuGpvVPH5Mvo4mvmU57K4/uDDs=
Subject key identifier: 70:7D:92:75:D9:40:90:93:60:53:D5:B7:6E:BD:12:29:24:F2:91:6B
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182C5B17334C75019CDB740F05241EA2187
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/cH2SddlAkJNgU9W3br0SKSTykWs.roa
Signing time: Mon 22 Aug 2022 13:15:17 +0000
ROA not before: Mon 22 Aug 2022 13:15:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 46.23.98.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
164.215.100.0/24 maxlen: 24
46.23.99.0/24 maxlen: 24
46.23.111.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
5.178.0.0/22 maxlen: 22
185.81.216.0/22 maxlen: 22
88.151.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:b1:73:34:c7:50:19:cd:b7:40:f0:52:41:ea:21:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 22 13:15:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=707d9275d94090936053d5b76ebd122924f2916b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bb:f1:e4:a6:ff:e3:45:09:b4:c6:83:f6:6c:
e8:e6:85:29:db:e0:fa:67:ba:0e:75:44:82:54:50:
4f:5a:14:6c:af:7e:c5:10:e0:02:b7:d6:99:4c:ff:
3d:74:1e:2c:15:a9:9e:6f:d8:8d:20:e2:a4:91:5b:
16:ae:c5:38:7b:62:35:97:8f:87:e0:83:b4:fb:5f:
3b:ef:f0:29:05:35:61:0d:88:7f:76:a6:8d:46:9b:
28:c5:9c:09:a5:6c:97:87:34:23:3a:07:a3:25:0e:
e4:d5:5a:42:21:90:f4:89:8d:b5:03:2f:5d:37:b2:
5c:23:2c:bb:9d:e2:31:57:ec:51:ef:a7:3c:e5:ff:
ae:a8:f3:0d:49:f8:a4:e6:f0:2a:31:8e:e2:75:b9:
09:f0:ac:6c:ba:88:81:f3:63:f9:08:6a:17:ba:d8:
95:85:46:e6:56:27:c9:4e:09:ad:39:a5:26:71:4c:
38:7a:d7:85:29:4a:d4:f8:60:b6:d4:1c:14:87:9c:
c0:d2:d2:7e:82:c1:2e:a4:a8:5a:9f:28:b6:9d:5a:
12:b1:9b:71:5d:78:d9:06:37:ce:d5:84:7a:c0:df:
7b:a8:9b:e7:08:fd:ea:0d:21:f4:9d:c0:93:1e:fb:
98:0b:b7:96:75:ee:ee:b7:a8:c3:3e:24:e6:b0:3e:
bb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7D:92:75:D9:40:90:93:60:53:D5:B7:6E:BD:12:29:24:F2:91:6B
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/cH2SddlAkJNgU9W3br0SKSTykWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.0.0/22
46.23.96.0/24
46.23.98.0/23
46.23.108.0/24
46.23.111.0/24
88.151.199.0/24
164.215.100.0/24
185.81.216.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:6c:f4:58:21:eb:d3:9e:7b:29:e8:cb:b0:40:54:5b:bd:a5:
5f:69:78:9b:81:e5:5a:53:54:92:61:90:f5:2d:c0:20:94:11:
cd:cf:91:e8:f1:95:1c:f3:37:f6:8c:0d:7c:40:c8:d3:22:c5:
22:bb:76:69:ac:a9:d7:c8:be:9c:fa:4f:47:cf:cd:48:1f:9b:
72:db:66:08:c1:4c:c2:70:cd:c7:f5:b2:07:8f:73:d1:8c:f0:
c2:0e:f5:bd:3f:cf:4e:b1:d0:3e:dc:5f:be:5c:80:ac:11:20:
c2:74:8c:4e:79:0a:71:44:ad:8d:d4:66:71:b3:72:40:40:c7:
70:5f:33:6a:34:74:f8:a1:88:9d:36:08:6d:75:3d:0d:74:41:
0b:77:77:a4:0c:e4:e1:48:22:e4:bf:a4:5a:fb:5e:1c:45:d5:
e8:4f:f0:50:79:08:a0:f7:51:8f:09:07:f7:8c:7d:44:1a:72:
a6:be:6d:4d:cd:85:71:f9:52:bc:ec:e8:65:de:13:84:ca:c9:
c9:23:5f:d5:19:c8:cf:66:bf:d0:ba:c8:6d:91:f1:fe:55:3f:
e1:6a:66:4b:64:10:04:9e:1f:b2:0f:07:e0:7b:cf:d8:a2:bf:
61:8e:de:04:47:d3:98:f0:a5:ce:24:aa:0e:61:49:70:f4:b7:
4e:02:a1:62
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYLFsXM0x1AZzbdA8FJB6iGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODIyMTMxNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdkOTI3NWQ5NDA5MDkzNjA1M2Q1Yjc2ZWJkMTIyOTI0ZjI5MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbvx5Kb/40UJtMaD9mzo5oUp2+D6
Z7oOdUSCVFBPWhRsr37FEOACt9aZTP89dB4sFameb9iNIOKkkVsWrsU4e2I1l4+H
4IO0+1877/ApBTVhDYh/dqaNRpsoxZwJpWyXhzQjOgejJQ7k1VpCIZD0iY21Ay9d
N7JcIyy7neIxV+xR76c85f+uqPMNSfik5vAqMY7idbkJ8KxsuoiB82P5CGoXutiV
hUbmVifJTgmtOaUmcUw4eteFKUrU+GC21BwUh5zA0tJ+gsEupKhanyi2nVoSsZtx
XXjZBjfO1YR6wN97qJvnCP3qDSH0ncCTHvuYC7eWde7ut6jDPiTmsD67YQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHB9knXZQJCTYFPVt269Eikk8pFrMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvY0gyU2RkbEFrSk5nVTlXM2JyMFNLU1R5a1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCBbIAAwQA
LhdgAwQBLhdiAwQALhdsAwQALhdvAwQAWJfHAwQApNdkAwQCuVHYMA0GCSqGSIb3
DQEBCwUAA4IBAQB+bPRYIevTnnsp6MuwQFRbvaVfaXibgeVaU1SSYZD1LcAglBHN
z5Ho8ZUc8zf2jA18QMjTIsUiu3ZprKnXyL6c+k9Hz81IH5ty22YIwUzCcM3H9bIH
j3PRjPDCDvW9P89OsdA+3F++XICsESDCdIxOeQpxRK2N1GZxs3JAQMdwXzNqNHT4
oYidNghtdT0NdEELd3ekDOThSCLkv6Ra+14cRdXoT/BQeQig91GPCQf3jH1EGnKm
vm1NzYVx+VK87Ohl3hOEysnJI1/VGcjPZr/QushtkfH+VT/hamZLZBAEnh+yDwfg
e8/Yor9hjt4ER9OY8KXOJKoOYUlw9LdOAqFi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:01 2025 by rpki-client