Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/lIEQlnWjmhbEvcLAHrUs5hjHyQw.roa
File: lIEQlnWjmhbEvcLAHrUs5hjHyQw.roa (raw, json)
Hash identifier: f7FWYbvQqqcNsqT3mN5g6N28/9tFwju0/MiCUVXZGSU=
Subject key identifier: 94:81:10:96:75:A3:9A:16:C4:BD:C2:C0:1E:B5:2C:E6:18:C7:C9:0C
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018D35D200E2502F8FF0637307C1F39753E5
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/lIEQlnWjmhbEvcLAHrUs5hjHyQw.roa
Signing time: Tue 23 Jan 2024 10:16:11 +0000
ROA not before: Tue 23 Jan 2024 10:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61302
IP address blocks: 5.178.3.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
109.205.212.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:d2:00:e2:50:2f:8f:f0:63:73:07:c1:f3:97:53:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 23 10:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9481109675a39a16c4bdc2c01eb52ce618c7c90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8d:dd:0f:f9:e8:ce:aa:76:dc:6b:33:7f:11:
97:7e:44:6e:c4:fb:99:64:8b:7f:2b:63:78:2c:1a:
e0:34:30:00:8f:5c:37:17:fa:0c:5e:d5:f0:73:cc:
6b:9b:2e:82:23:46:92:b7:65:ef:c5:5a:ba:19:de:
48:dd:27:75:32:90:a9:73:89:b2:56:19:a2:a7:22:
e5:d2:dd:28:31:b6:c8:16:f9:1f:3c:9e:04:e0:11:
42:0e:de:84:80:9c:89:0a:f0:f9:fa:be:58:e3:47:
a9:80:d5:d9:50:5e:b7:44:43:7c:eb:72:ee:c0:0d:
8c:33:d9:11:d9:a3:a4:37:8c:ec:cc:9c:73:e3:3a:
21:6b:8c:36:d6:80:6f:21:95:52:b2:ab:6e:be:41:
4d:d8:73:11:4e:9f:ff:53:b7:c6:5f:e8:f6:26:ef:
5a:9e:b2:a9:2b:fe:56:9e:7a:25:50:03:d8:05:00:
bf:da:0c:b4:e1:fe:ff:0c:4d:23:b7:2b:bc:94:00:
fc:b2:d0:d1:ff:50:76:02:25:ad:0d:76:e8:97:2d:
22:e2:2f:e3:4d:8e:19:dd:a3:05:e7:ab:90:13:07:
ac:85:dd:62:e6:14:bb:e6:6e:3c:e5:b0:c3:db:15:
ac:45:c5:dc:cb:ea:91:21:80:00:0a:31:ef:43:80:
7d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:10:96:75:A3:9A:16:C4:BD:C2:C0:1E:B5:2C:E6:18:C7:C9:0C
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/lIEQlnWjmhbEvcLAHrUs5hjHyQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
46.23.100.0/22
109.205.212.0/24
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c0:e8:af:d3:e1:b0:f9:0e:59:c4:a4:4e:29:d3:74:09:67:
9d:4c:a2:c0:e5:63:43:8a:4e:06:a5:40:7b:cd:4a:e8:cb:0c:
6e:cb:3c:38:1b:da:8e:a8:89:d3:71:1d:6f:2c:ce:56:8f:38:
06:a5:96:51:29:e9:b8:2b:6d:07:27:cb:e2:1e:a9:5f:9a:a0:
1f:55:4e:72:ea:d7:fd:6a:de:e9:20:46:2e:ec:3a:0d:40:a9:
44:bb:41:29:5b:ce:72:2a:49:b3:15:71:59:41:71:af:7f:0d:
5f:fd:14:dd:f9:f5:52:c3:66:c0:00:ea:17:3e:65:f6:be:07:
b6:c9:ac:03:cf:06:c7:74:99:16:95:e7:ff:62:be:55:02:05:
2f:56:7c:94:ea:f9:50:4f:47:a3:de:92:2e:05:9b:a1:20:9c:
72:76:35:42:1b:f2:6c:fe:cf:09:04:6e:f0:3d:c1:7c:b8:c6:
e0:95:d2:f1:b4:b8:a2:95:2b:76:d5:b1:55:27:e8:b6:15:1a:
14:ce:0d:62:f9:6e:79:76:9c:4e:d3:1f:a7:36:2c:13:9d:77:
b0:e6:dc:26:48:12:62:a9:64:70:ca:f6:a2:cb:02:03:72:a6:
53:cf:91:1c:59:9c:9d:45:09:14:48:df:1a:6b:e3:b1:0b:20:
ca:59:b8:5f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY010gDiUC+P8GNzB8Hzl1PlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTIzMTAxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDgxMTA5Njc1YTM5YTE2YzRiZGMyYzAxZWI1MmNlNjE4YzdjOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY3dD/nozqp23GszfxGXfkRuxPuZ
ZIt/K2N4LBrgNDAAj1w3F/oMXtXwc8xrmy6CI0aSt2XvxVq6Gd5I3Sd1MpCpc4my
VhmipyLl0t0oMbbIFvkfPJ4E4BFCDt6EgJyJCvD5+r5Y40epgNXZUF63REN863Lu
wA2MM9kR2aOkN4zszJxz4zoha4w21oBvIZVSsqtuvkFN2HMRTp//U7fGX+j2Ju9a
nrKpK/5WnnolUAPYBQC/2gy04f7/DE0jtyu8lAD8stDR/1B2AiWtDXboly0i4i/j
TY4Z3aMF56uQEweshd1i5hS75m485bDD2xWsRcXcy+qRIYAACjHvQ4B9XQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJSBEJZ1o5oWxL3CwB61LOYYx8kMMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbElFUWxuV2ptaGJFdmNMQUhyVXM1aGpIeVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbIDAwQA
LhdgAwQALhdiAwQCLhdkAwQAbc3UAwQAuVHZMA0GCSqGSIb3DQEBCwUAA4IBAQAn
wOiv0+Gw+Q5ZxKROKdN0CWedTKLA5WNDik4GpUB7zUroywxuyzw4G9qOqInTcR1v
LM5WjzgGpZZRKem4K20HJ8viHqlfmqAfVU5y6tf9at7pIEYu7DoNQKlEu0EpW85y
KkmzFXFZQXGvfw1f/RTd+fVSw2bAAOoXPmX2vge2yawDzwbHdJkWlef/Yr5VAgUv
VnyU6vlQT0ej3pIuBZuhIJxydjVCG/Js/s8JBG7wPcF8uMbgldLxtLiilSt21bFV
J+i2FRoUzg1i+W55dpxO0x+nNiwTnXew5twmSBJiqWRwyvaiywIDcqZTz5EcWZyd
RQkUSN8aa+OxCyDKWbhf
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:17 2025 by rpki-client