Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/1zy8Q8RPtfaLRK_veZ3ALMNKtac.roa
File: 1zy8Q8RPtfaLRK_veZ3ALMNKtac.roa (raw, json)
Hash identifier: IZ+dgQUBoz/IpQLTxGaVId5xD3XXZaNUbMYexjYSTms=
Subject key identifier: D7:3C:BC:43:C4:4F:B5:F6:8B:44:AF:EF:79:9D:C0:2C:C3:4A:B5:A7
Certificate issuer: /CN=62fa765a393369c96d8d836f23f76e67489c7dde
Certificate serial: 09135ACB
Authority key identifier: 62:FA:76:5A:39:33:69:C9:6D:8D:83:6F:23:F7:6E:67:48:9C:7D:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yvp2WjkzacltjYNvI_duZ0icfd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/1zy8Q8RPtfaLRK_veZ3ALMNKtac.roa
Signing time: Sat 22 Jan 2022 00:30:34 +0000
ROA not before: Sat 22 Jan 2022 00:30:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 2.58.84.0/22 maxlen: 24
85.209.16.0/22 maxlen: 24
45.8.172.0/22 maxlen: 22
45.66.148.0/22 maxlen: 24
45.13.149.0/24 maxlen: 24
45.13.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152263371 (0x9135acb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fa765a393369c96d8d836f23f76e67489c7dde
Validity
Not Before: Jan 22 00:30:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d73cbc43c44fb5f68b44afef799dc02cc34ab5a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:2d:76:3c:27:84:ca:6a:d4:93:b8:4f:8d:
48:c0:c8:c5:f1:d8:18:10:04:a7:26:20:8a:86:b1:
a8:cb:bb:4a:e3:0c:30:2c:67:f7:c9:4d:19:f1:fa:
0d:c5:a4:1a:8c:2f:7a:b2:e8:0e:d9:1a:81:07:a6:
0f:56:c9:0f:5b:90:d0:7c:69:a7:1f:58:59:7a:df:
c2:09:e1:dc:d9:d4:69:18:49:ea:f3:f2:99:ac:3b:
89:3f:0c:23:8e:da:f4:16:6c:63:83:ae:c8:82:99:
cf:d7:ed:7c:43:a7:86:81:2c:6e:80:fc:b3:ba:fe:
28:37:24:e6:92:df:09:d7:d1:b8:b5:1c:76:85:26:
5a:3c:ed:2d:48:b0:a2:d3:fa:96:21:25:da:7b:1c:
48:19:ed:cf:f7:44:3a:8e:23:69:00:d8:8e:28:30:
fe:fe:99:dc:e6:a0:96:c6:3b:e3:1a:ac:1c:1f:49:
89:ae:ae:75:b1:3a:11:63:0e:38:68:be:8d:29:76:
61:88:5f:35:58:68:fc:e0:f9:e5:9b:7e:0d:b8:ef:
62:64:53:79:51:b4:ec:a1:f6:ea:01:d5:57:5a:1e:
7b:b9:68:f5:60:af:bc:6e:3c:b1:08:b3:21:60:c3:
ae:e7:22:1f:b7:cd:47:6f:84:e9:3b:4c:e2:cd:0f:
7d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3C:BC:43:C4:4F:B5:F6:8B:44:AF:EF:79:9D:C0:2C:C3:4A:B5:A7
X509v3 Authority Key Identifier:
keyid:62:FA:76:5A:39:33:69:C9:6D:8D:83:6F:23:F7:6E:67:48:9C:7D:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yvp2WjkzacltjYNvI_duZ0icfd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/1zy8Q8RPtfaLRK_veZ3ALMNKtac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/Yvp2WjkzacltjYNvI_duZ0icfd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.84.0/22
45.8.172.0/22
45.13.148.0/23
45.66.148.0/22
85.209.16.0/22
Signature Algorithm: sha256WithRSAEncryption
dc:1e:ea:15:75:02:63:06:bf:d6:3b:85:45:cc:33:45:2f:f4:
44:34:ea:fc:81:3d:1b:79:f9:de:c8:ea:4b:67:55:42:e0:76:
ad:fb:7a:dd:9b:d6:4d:51:f1:fb:3c:96:df:6e:e0:56:27:b1:
83:b8:3f:8f:ea:b9:4e:43:c8:bd:15:8f:74:57:da:01:08:50:
db:d0:2b:b3:40:9c:12:13:0b:8a:11:12:f6:d6:bf:60:88:4e:
37:2b:ff:d8:45:b2:07:b6:77:6b:69:eb:6d:5e:b4:6b:0d:1a:
72:bf:76:f1:cb:50:56:6d:03:41:e3:35:0b:0a:db:87:a9:ca:
c0:4d:77:c7:43:cd:08:ad:73:11:66:68:c5:72:14:df:06:ad:
9c:cd:d5:f9:7c:11:98:62:46:1a:29:6e:7d:bc:f2:19:3a:b9:
cf:b0:9b:b1:ea:80:3c:70:6c:c8:aa:6b:b8:40:77:64:45:4e:
1c:4a:66:43:c5:3e:a0:fd:1b:a3:ac:2b:83:70:32:b2:09:59:
ae:50:b5:54:69:bd:67:3a:80:b5:3d:dc:98:72:69:e1:19:b2:
ca:7e:f3:70:f2:eb:06:50:f7:a5:84:34:61:a9:09:56:a6:df:
8f:10:cd:9b:a3:fe:42:ac:ea:ab:30:17:d8:32:55:3f:49:e1:
45:52:59:e3
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECRNayzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmZhNzY1YTM5MzM2OWM5NmQ4ZDgzNmYyM2Y3NmU2NzQ4OWM3ZGRlMB4XDTIyMDEy
MjAwMzAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDczY2JjNDNjNDRm
YjVmNjhiNDRhZmVmNzk5ZGMwMmNjMzRhYjVhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKNLXY8J4TKatSTuE+NSMDIxfHYGBAEpyYgioaxqMu7SuMM
MCxn98lNGfH6DcWkGowverLoDtkagQemD1bJD1uQ0Hxppx9YWXrfwgnh3NnUaRhJ
6vPymaw7iT8MI47a9BZsY4OuyIKZz9ftfEOnhoEsboD8s7r+KDck5pLfCdfRuLUc
doUmWjztLUiwotP6liEl2nscSBntz/dEOo4jaQDYjigw/v6Z3OaglsY74xqsHB9J
ia6udbE6EWMOOGi+jSl2YYhfNVho/OD55Zt+DbjvYmRTeVG07KH26gHVV1oee7lo
9WCvvG48sQizIWDDruciH7fNR2+E6TtM4s0PfWECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTXPLxDxE+19otEr+95ncAsw0q1pzAfBgNVHSMEGDAWgBRi+nZaOTNpyW2N
g28j925nSJx93jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l2cDJXamt6YWNsdGpZTnZJX2R1WjBpY2ZkNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvYWRmZjgwLWIyMDctNGZiZC1iZjVlLTA3ZGQxYjRjNTVkOS8x
LzF6eThROFJQdGZhTFJLX3ZlWjNBTE1OS3RhYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
YWRmZjgwLWIyMDctNGZiZC1iZjVlLTA3ZGQxYjRjNTVkOS8xL1l2cDJXamt6YWNs
dGpZTnZJX2R1WjBpY2ZkNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAgI6VAMEAi0IrAMEAS0NlAMEAi1C
lAMEAlXREDANBgkqhkiG9w0BAQsFAAOCAQEA3B7qFXUCYwa/1juFRcwzRS/0RDTq
/IE9G3n53sjqS2dVQuB2rft63ZvWTVHx+zyW327gViexg7g/j+q5TkPIvRWPdFfa
AQhQ29Ars0CcEhMLihES9ta/YIhONyv/2EWyB7Z3a2nrbV60aw0acr928ctQVm0D
QeM1Cwrbh6nKwE13x0PNCK1zEWZoxXIU3watnM3V+XwRmGJGGilufbzyGTq5z7Cb
seqAPHBsyKpruEB3ZEVOHEpmQ8U+oP0bo6wrg3AysglZrlC1VGm9ZzqAtT3cmHJp
4Rmyyn7zcPLrBlD3pYQ0YakJVqbfjxDNm6P+QqzqqzAX2DJVP0nhRVJZ4w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:26 2025 by rpki-client