Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/RHCoGQTgFz9TPOLhPorPPe5CfTU.roa
File: RHCoGQTgFz9TPOLhPorPPe5CfTU.roa (raw, json)
Hash identifier: P9bnH3NjDDgAC7CNmRsIDX5RYoNeozuXT34Y/4oovj4=
Subject key identifier: 44:70:A8:19:04:E0:17:3F:53:3C:E2:E1:3E:8A:CF:3D:EE:42:7D:35
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 0185E2CFA65D997B8E6B8551189DC064397F
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/RHCoGQTgFz9TPOLhPorPPe5CfTU.roa
Signing time: Tue 24 Jan 2023 08:05:37 +0000
ROA not before: Tue 24 Jan 2023 08:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.32.0/22 maxlen: 24
194.127.9.64/27 maxlen: 27
193.58.222.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.223.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:cf:a6:5d:99:7b:8e:6b:85:51:18:9d:c0:64:39:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 24 08:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4470a81904e0173f533ce2e13e8acf3dee427d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0a:14:4a:f0:6d:06:94:dd:8b:0e:49:9c:7e:
20:3f:40:75:74:5a:75:45:e1:33:57:27:d9:2a:29:
6e:07:d5:f7:5d:e2:f3:e5:0a:a4:90:b3:00:fa:fb:
16:c7:c5:4f:26:42:17:ba:a4:a7:c0:f9:1e:79:ee:
91:f4:14:04:82:11:f9:ca:be:05:24:9e:e4:da:32:
ae:d5:cb:84:e7:57:93:3a:a5:93:73:52:a4:a7:06:
a4:63:3c:b4:41:1b:2c:a6:04:96:da:9b:1c:f0:09:
af:9d:bf:e4:08:30:33:c8:23:73:43:af:fd:5e:96:
8f:24:19:70:88:93:a7:8d:67:b3:f8:22:d2:62:03:
41:e5:1a:f9:12:7c:10:28:cd:87:1b:a7:5c:c6:b3:
06:82:76:b0:6a:5d:98:88:26:dc:10:e7:aa:fe:66:
4a:7a:ce:22:f5:c8:64:81:75:ed:84:ef:5e:15:44:
aa:b5:35:51:c4:46:9b:76:d8:47:ff:99:ff:48:5f:
f8:4e:ad:77:14:d6:10:a0:3e:98:f0:47:87:4f:6f:
cb:5a:f4:9f:b7:56:17:37:d2:00:73:62:54:10:54:
2a:48:35:ec:30:72:5d:c7:21:10:45:6c:66:bb:8c:
28:4b:ae:b9:33:6c:8e:7d:da:44:6b:b9:a5:c7:3f:
dc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:70:A8:19:04:E0:17:3F:53:3C:E2:E1:3E:8A:CF:3D:EE:42:7D:35
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/RHCoGQTgFz9TPOLhPorPPe5CfTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
13:f7:c7:79:3a:b6:77:20:be:91:8d:a2:3b:7f:89:c8:57:b8:
09:8c:2a:c3:ce:3a:6a:ac:e3:d2:fb:fb:e1:e0:07:2c:c3:3b:
40:8f:dc:46:71:c8:e5:86:53:53:76:e1:06:b8:e5:33:04:23:
14:9e:00:7b:63:4e:ee:ed:6a:b9:87:7d:b2:b1:7d:55:41:29:
4c:ae:b4:76:f8:b1:17:53:68:77:39:9b:db:03:96:eb:1e:97:
3c:8d:3a:cf:44:fb:c2:88:93:09:cf:e7:89:6b:c5:31:38:a0:
47:82:45:b4:c2:3e:6d:32:f3:ed:bb:b4:ea:05:96:a1:fa:23:
38:2c:a6:15:3d:13:b7:ef:bd:6b:83:f6:8b:8f:11:90:a9:77:
d5:c2:38:cf:71:6a:cb:a9:e7:59:66:b6:fe:16:36:06:db:2d:
0c:fe:18:02:96:df:f8:12:f5:56:0f:92:16:fd:8b:57:e1:97:
05:14:fd:6b:9e:2e:bd:2c:70:60:bb:54:89:f5:01:03:05:56:
4f:21:90:e0:5f:08:35:6d:af:82:87:9a:dd:0b:4c:64:af:ce:
40:75:06:29:39:c3:92:f2:c0:9c:c5:12:74:7f:12:b4:05:c3:
9a:a8:f3:a4:92:92:59:f1:7f:76:62:8f:46:b6:f4:86:da:a8:
50:09:e1:bc
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYXiz6ZdmXuOa4VRGJ3AZDl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjMwMTI0MDgwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDcwYTgxOTA0ZTAxNzNmNTMzY2UyZTEzZThhY2YzZGVlNDI3ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQoUSvBtBpTdiw5JnH4gP0B1dFp1
ReEzVyfZKiluB9X3XeLz5QqkkLMA+vsWx8VPJkIXuqSnwPkeee6R9BQEghH5yr4F
JJ7k2jKu1cuE51eTOqWTc1KkpwakYzy0QRsspgSW2psc8Amvnb/kCDAzyCNzQ6/9
XpaPJBlwiJOnjWez+CLSYgNB5Rr5EnwQKM2HG6dcxrMGgnawal2YiCbcEOeq/mZK
es4i9chkgXXthO9eFUSqtTVRxEabdthH/5n/SF/4Tq13FNYQoD6Y8EeHT2/LWvSf
t1YXN9IAc2JUEFQqSDXsMHJdxyEQRWxmu4woS665M2yOfdpEa7mlxz/cywIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFERwqBkE4Bc/Uzzi4T6Kzz3uQn01MB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvUkhDb0dRVGdGejlUUE9MaFBvclBQZTVDZlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7AwQBwTreAwQB
wcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPCf0gDBADCf0wDBATC
f1AwDQQCAAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEBABP3x3k6tncgvpGN
ojt/ichXuAmMKsPOOmqs49L7++HgByzDO0CP3EZxyOWGU1N24Qa45TMEIxSeAHtj
Tu7tarmHfbKxfVVBKUyutHb4sRdTaHc5m9sDluselzyNOs9E+8KIkwnP54lrxTE4
oEeCRbTCPm0y8+27tOoFlqH6IzgsphU9E7fvvWuD9ouPEZCpd9XCOM9xasup51lm
tv4WNgbbLQz+GAKW3/gS9VYPkhb9i1fhlwUU/WueLr0scGC7VIn1AQMFVk8hkOBf
CDVtr4KHmt0LTGSvzkB1Bik5w5LywJzFEnR/ErQFw5qo86SSklnxf3Zij0a29Iba
qFAJ4bw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:18:21 2025 by rpki-client