Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/PaAFGT59j3qATO3XMX_w98yEyqw.roa
File: PaAFGT59j3qATO3XMX_w98yEyqw.roa (raw, json)
Hash identifier: VZrphTffD7lwo1TdHpF7Um804pojMcnBKcLsvXFiasA=
Subject key identifier: 3D:A0:05:19:3E:7D:8F:7A:80:4C:ED:D7:31:7F:F0:F7:CC:84:CA:AC
Certificate issuer: /CN=62fa765a393369c96d8d836f23f76e67489c7dde
Certificate serial: 018474581F446C4CAE1E46B28BA51E895F21
Authority key identifier: 62:FA:76:5A:39:33:69:C9:6D:8D:83:6F:23:F7:6E:67:48:9C:7D:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yvp2WjkzacltjYNvI_duZ0icfd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/PaAFGT59j3qATO3XMX_w98yEyqw.roa
Signing time: Mon 14 Nov 2022 04:14:02 +0000
ROA not before: Mon 14 Nov 2022 04:14:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 85.209.16.0/24 maxlen: 24
85.209.16.0/23 maxlen: 23
2.58.84.0/23 maxlen: 24
2.58.86.0/23 maxlen: 24
45.8.172.0/23 maxlen: 24
85.209.18.0/23 maxlen: 23
45.8.174.0/23 maxlen: 24
45.66.148.0/22 maxlen: 24
45.13.150.0/23 maxlen: 24
212.102.114.0/24 maxlen: 24
77.83.253.0/24 maxlen: 24
77.83.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:74:58:1f:44:6c:4c:ae:1e:46:b2:8b:a5:1e:89:5f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fa765a393369c96d8d836f23f76e67489c7dde
Validity
Not Before: Nov 14 04:14:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3da005193e7d8f7a804cedd7317ff0f7cc84caac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9e:2c:ca:b0:44:2b:4b:05:4f:cb:1c:01:75:
b7:60:e1:bb:ba:7b:da:31:06:dd:cd:98:55:a0:d4:
7e:0e:e8:34:bc:13:4b:f4:bd:02:9c:28:71:90:01:
b7:c4:f5:a6:dd:69:18:63:8b:fe:4c:d0:57:30:22:
b6:64:8f:7f:c3:de:bd:c0:51:f3:5a:25:6f:06:2b:
de:e2:ef:f2:17:78:81:66:80:f6:a8:3d:8e:dd:77:
f0:ff:c5:08:b2:57:a3:8e:79:08:c9:ea:54:1d:df:
c1:85:3a:db:fb:0a:e4:87:5c:82:25:2f:dc:4d:64:
55:4e:96:b5:da:9f:fa:85:77:b2:c3:d1:a2:fa:e4:
aa:ff:94:fa:fe:22:8c:38:44:26:23:74:72:21:f1:
52:9e:c6:5d:d7:fc:5e:51:e8:7f:9e:e6:ca:c4:55:
16:43:2e:3a:55:e8:3c:86:06:d2:fc:e9:ac:7a:97:
3b:32:6a:1a:31:c0:c6:bd:f2:01:66:14:2c:8f:87:
e4:bd:5d:78:fb:ea:a9:c7:be:4d:8a:f1:52:c8:5a:
44:77:ea:77:37:f1:bc:4e:07:b8:18:17:cc:14:51:
f5:40:ea:46:c4:1d:e3:2c:eb:d0:e0:f6:f1:45:fa:
eb:5c:2f:e0:23:a8:20:c9:5a:c3:93:45:94:30:8e:
4d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:05:19:3E:7D:8F:7A:80:4C:ED:D7:31:7F:F0:F7:CC:84:CA:AC
X509v3 Authority Key Identifier:
keyid:62:FA:76:5A:39:33:69:C9:6D:8D:83:6F:23:F7:6E:67:48:9C:7D:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yvp2WjkzacltjYNvI_duZ0icfd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/PaAFGT59j3qATO3XMX_w98yEyqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/adff80-b207-4fbd-bf5e-07dd1b4c55d9/1/Yvp2WjkzacltjYNvI_duZ0icfd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.84.0/22
45.8.172.0/22
45.13.150.0/23
45.66.148.0/22
77.83.252.0/22
85.209.16.0/22
212.102.114.0/24
Signature Algorithm: sha256WithRSAEncryption
45:01:5f:08:43:8b:77:83:4e:58:2e:fe:13:99:f1:e0:fb:97:
9c:9b:26:33:63:9e:d8:bb:e8:2a:89:2b:38:a2:f0:ea:1d:f1:
b0:71:35:f2:9a:de:7c:7d:f5:79:c4:71:1d:4b:02:2e:bf:ec:
99:af:af:ea:23:fb:1d:20:73:4b:4f:28:61:fc:d0:01:31:03:
b1:ca:74:2e:43:fb:50:39:35:33:db:7e:e3:eb:11:63:c8:ae:
fa:1e:e1:16:34:a7:d5:b2:5d:96:02:1a:96:50:c8:59:a7:06:
42:6d:6a:2e:90:ba:76:d8:6d:6e:79:92:cb:a8:23:d9:b0:8d:
de:ec:5c:83:27:67:05:0f:26:2f:be:4a:8f:e8:49:c9:f6:52:
a1:1d:d5:61:af:ca:63:a6:fd:19:1a:f5:ab:cd:70:35:a5:7d:
9f:0b:da:5e:b9:e8:6e:bb:0f:2d:c9:b4:20:a9:25:1a:3a:66:
40:0d:4d:73:1e:dc:2a:f6:3a:0a:fa:8f:b3:33:31:be:0c:d6:
0f:06:e2:67:4f:7d:9b:6c:d9:64:15:e0:05:a3:02:f0:00:02:
02:c1:63:cb:89:51:0a:90:1a:bf:9c:e3:85:aa:40:87:48:4f:
20:d2:8e:41:47:86:f6:72:ef:b1:48:fb:55:ec:9b:76:d3:61:
29:1b:a1:89
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYR0WB9EbEyuHkayi6UeiV8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmE3NjVhMzkzMzY5Yzk2ZDhkODM2ZjIzZjc2ZTY3NDg5
YzdkZGUwHhcNMjIxMTE0MDQxNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEwMDUxOTNlN2Q4ZjdhODA0Y2VkZDczMTdmZjBmN2NjODRjYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh54syrBEK0sFT8scAXW3YOG7unva
MQbdzZhVoNR+Dug0vBNL9L0CnChxkAG3xPWm3WkYY4v+TNBXMCK2ZI9/w969wFHz
WiVvBive4u/yF3iBZoD2qD2O3Xfw/8UIslejjnkIyepUHd/BhTrb+wrkh1yCJS/c
TWRVTpa12p/6hXeyw9Gi+uSq/5T6/iKMOEQmI3RyIfFSnsZd1/xeUeh/nubKxFUW
Qy46Veg8hgbS/Omsepc7MmoaMcDGvfIBZhQsj4fkvV14++qpx75NivFSyFpEd+p3
N/G8Tge4GBfMFFH1QOpGxB3jLOvQ4PbxRfrrXC/gI6ggyVrDk0WUMI5NxQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD2gBRk+fY96gEzt1zF/8PfMhMqsMB8GA1UdIwQY
MBaAFGL6dlo5M2nJbY2DbyP3bmdInH3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXZwMldqa3phY2x0allOdklfZHVaMGljZmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hZGZmODAtYjIwNy00ZmJkLWJmNWUt
MDdkZDFiNGM1NWQ5LzEvUGFBRkdUNTlqM3FBVE8zWE1YX3c5OHlFeXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hZGZmODAtYjIwNy00ZmJkLWJmNWUtMDdkZDFiNGM1NWQ5
LzEvWXZwMldqa3phY2x0allOdklfZHVaMGljZmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCAjpUAwQC
LQisAwQBLQ2WAwQCLUKUAwQCTVP8AwQCVdEQAwQA1GZyMA0GCSqGSIb3DQEBCwUA
A4IBAQBFAV8IQ4t3g05YLv4TmfHg+5ecmyYzY57Yu+gqiSs4ovDqHfGwcTXymt58
ffV5xHEdSwIuv+yZr6/qI/sdIHNLTyhh/NABMQOxynQuQ/tQOTUz237j6xFjyK76
HuEWNKfVsl2WAhqWUMhZpwZCbWoukLp22G1ueZLLqCPZsI3e7FyDJ2cFDyYvvkqP
6EnJ9lKhHdVhr8pjpv0ZGvWrzXA1pX2fC9peuehuuw8tybQgqSUaOmZADU1zHtwq
9joK+o+zMzG+DNYPBuJnT32bbNlkFeAFowLwAAICwWPLiVEKkBq/nOOFqkCHSE8g
0o5BR4b2cu+xSPtV7Jt202EpG6GJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:20 2024 by rpki-client on console-ams.rpki-client.org