Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/ld6gViQHl4XgikasQcLyxKPiqAQ.roa
File: ld6gViQHl4XgikasQcLyxKPiqAQ.roa (raw, json)
Hash identifier: ZL32cspWHvrxtDJ8F5DMz2Y+raZnHpDGffasnRgNSAI=
Subject key identifier: 95:DE:A0:56:24:07:97:85:E0:8A:46:AC:41:C2:F2:C4:A3:E2:A8:04
Certificate issuer: /CN=7b019c40386a69e290fac166371565fd8d92e0f6
Certificate serial: 0591C117
Authority key identifier: 7B:01:9C:40:38:6A:69:E2:90:FA:C1:66:37:15:65:FD:8D:92:E0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ewGcQDhqaeKQ-sFmNxVl_Y2S4PY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/ld6gViQHl4XgikasQcLyxKPiqAQ.roa
Signing time: Sat 01 Jan 2022 06:05:23 +0000
ROA not before: Sat 01 Jan 2022 06:05:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202326
IP address blocks: 194.180.9.0/24 maxlen: 24
194.180.11.0/24 maxlen: 24
194.180.8.0/24 maxlen: 24
194.180.10.0/23 maxlen: 23
194.180.8.0/22 maxlen: 22
194.180.10.0/24 maxlen: 24
2a07:eb80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93438231 (0x591c117)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b019c40386a69e290fac166371565fd8d92e0f6
Validity
Not Before: Jan 1 06:05:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95dea05624079785e08a46ac41c2f2c4a3e2a804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0d:9c:82:66:d9:86:9f:dd:7e:76:41:db:3e:
ce:83:7d:f9:59:c6:25:ee:23:02:e9:32:03:df:f2:
23:02:9f:80:30:0c:1d:b4:34:eb:24:76:cb:f1:bc:
a9:d0:1c:63:58:db:78:a7:11:fd:e6:84:c4:d6:fe:
2d:28:57:a4:d1:08:b1:24:23:21:53:40:04:b8:3c:
17:ed:dd:1d:ff:af:91:15:ab:e1:92:d3:19:97:d1:
36:02:02:dd:fc:26:8e:b3:d0:0a:d9:57:e5:c9:a0:
4c:cd:fc:13:07:33:66:77:20:48:b5:db:b3:70:09:
ab:35:b9:ca:88:bd:e7:90:17:2d:f8:51:72:1f:da:
f8:91:ca:f5:03:a3:37:86:bc:55:fb:4e:0f:6f:52:
fc:7e:e6:e0:ee:f1:28:82:10:84:ad:ec:e7:40:2e:
cc:24:cf:47:d5:82:cb:da:11:b4:5b:10:1a:e7:93:
53:dc:41:79:aa:dd:9c:f1:9c:e5:e3:74:50:de:d9:
8c:fe:95:6f:f1:79:0d:be:98:71:48:e0:16:68:61:
36:bc:f6:1e:a1:4f:16:e3:23:31:7a:93:a0:c8:f7:
7d:39:16:bb:fb:8c:35:6d:f3:4c:fb:f3:45:6f:8b:
b3:ff:41:8f:17:20:ab:8f:48:19:67:e0:e3:f7:91:
fc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DE:A0:56:24:07:97:85:E0:8A:46:AC:41:C2:F2:C4:A3:E2:A8:04
X509v3 Authority Key Identifier:
keyid:7B:01:9C:40:38:6A:69:E2:90:FA:C1:66:37:15:65:FD:8D:92:E0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ewGcQDhqaeKQ-sFmNxVl_Y2S4PY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/ld6gViQHl4XgikasQcLyxKPiqAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/5c1822-6ff9-4847-86b0-76ffab9b10aa/1/ewGcQDhqaeKQ-sFmNxVl_Y2S4PY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.8.0/22
IPv6:
2a07:eb80::/32
Signature Algorithm: sha256WithRSAEncryption
93:04:56:12:81:63:f4:da:12:ac:d2:96:7a:fb:4d:d4:e0:64:
b7:de:31:5c:4d:cc:17:ab:51:6b:21:83:e9:57:1a:36:54:31:
d3:86:6f:6b:85:ef:10:9e:f4:1b:44:36:71:bb:49:bd:ed:26:
55:c4:ae:3d:dc:87:c6:80:2e:74:66:f4:86:d9:07:94:a7:df:
00:1f:98:be:d1:fb:0f:89:3c:37:14:c9:0d:f0:d6:e5:ae:02:
8e:ed:ce:4a:1a:2e:f3:76:20:1b:fc:bc:aa:33:6b:77:99:37:
4c:8e:96:1b:32:e4:5a:24:4c:a2:df:57:7a:d8:ee:88:ca:3c:
d4:9d:12:11:76:f5:ac:c4:de:e1:a3:ea:e4:19:33:34:fa:93:
a6:c8:dd:e9:60:c1:77:cd:7b:f1:fa:20:0e:eb:e8:76:c3:25:
e2:cf:46:8b:78:4c:8e:bf:c4:2c:5c:b9:15:13:ab:91:b1:5d:
92:9c:4e:2b:d1:98:2c:2e:c1:98:b0:a7:eb:98:42:6e:26:1c:
b5:b5:8f:f1:22:f4:1a:b8:17:61:63:b8:3c:01:97:e0:37:8f:
56:f2:91:6a:7b:1a:62:f0:11:e7:3e:01:bb:9a:04:60:5c:ce:
21:70:b5:7c:21:91:80:ac:7a:59:bf:d3:7e:09:12:b9:be:29:
35:3d:82:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBZHBFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YjAxOWM0MDM4NmE2OWUyOTBmYWMxNjYzNzE1NjVmZDhkOTJlMGY2MB4XDTIyMDEw
MTA2MDUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVkZWEwNTYyNDA3
OTc4NWUwOGE0NmFjNDFjMmYyYzRhM2UyYTgwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQNnIJm2Yaf3X52Qds+zoN9+VnGJe4jAukyA9/yIwKfgDAM
HbQ06yR2y/G8qdAcY1jbeKcR/eaExNb+LShXpNEIsSQjIVNABLg8F+3dHf+vkRWr
4ZLTGZfRNgIC3fwmjrPQCtlX5cmgTM38EwczZncgSLXbs3AJqzW5yoi955AXLfhR
ch/a+JHK9QOjN4a8VftOD29S/H7m4O7xKIIQhK3s50AuzCTPR9WCy9oRtFsQGueT
U9xBeardnPGc5eN0UN7ZjP6Vb/F5Db6YcUjgFmhhNrz2HqFPFuMjMXqToMj3fTkW
u/uMNW3zTPvzRW+Ls/9Bjxcgq49IGWfg4/eR/OUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSV3qBWJAeXheCKRqxBwvLEo+KoBDAfBgNVHSMEGDAWgBR7AZxAOGpp4pD6
wWY3FWX9jZLg9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2V3R2NRRGhxYWVLUS1zRm1OeFZsX1kyUzRQWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNWMxODIyLTZmZjktNDg0Ny04NmIwLTc2ZmZhYjliMTBhYS8x
L2xkNmdWaVFIbDRYZ2lrYXNRY0x5eEtQaXFBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NWMxODIyLTZmZjktNDg0Ny04NmIwLTc2ZmZhYjliMTBhYS8xL2V3R2NRRGhxYWVL
US1zRm1OeFZsX1kyUzRQWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsK0CDANBAIAAjAHAwUAKgfrgDAN
BgkqhkiG9w0BAQsFAAOCAQEAkwRWEoFj9NoSrNKWevtN1OBkt94xXE3MF6tRayGD
6VcaNlQx04Zva4XvEJ70G0Q2cbtJve0mVcSuPdyHxoAudGb0htkHlKffAB+YvtH7
D4k8NxTJDfDW5a4Cju3OShou83YgG/y8qjNrd5k3TI6WGzLkWiRMot9XetjuiMo8
1J0SEXb1rMTe4aPq5BkzNPqTpsjd6WDBd8178fogDuvodsMl4s9Gi3hMjr/ELFy5
FROrkbFdkpxOK9GYLC7BmLCn65hCbiYctbWP8SL0GrgXYWO4PAGX4DePVvKRansa
YvAR5z4Bu5oEYFzOIXC1fCGRgKx6Wb/TfgkSub4pNT2C0Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:27 2025 by rpki-client