Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/IrVmkYdIUULMiJrhm1bGDzLzwug.roa
File: IrVmkYdIUULMiJrhm1bGDzLzwug.roa (raw, json)
Hash identifier: P3h3oJlVIGYTGbGxVydD/hqOmeATrrQOMJet8e9PtkY=
Subject key identifier: 22:B5:66:91:87:48:51:42:CC:88:9A:E1:9B:56:C6:0F:32:F3:C2:E8
Certificate issuer: /CN=926697c9efda955cba3e6f8970d72e996bf3c165
Certificate serial: 0185708CAAF85AB953A79F24E3FD0A0F8AA6
Authority key identifier: 92:66:97:C9:EF:DA:95:5C:BA:3E:6F:89:70:D7:2E:99:6B:F3:C1:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmaXye_alVy6Pm-JcNcumWvzwWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/IrVmkYdIUULMiJrhm1bGDzLzwug.roa
Signing time: Mon 02 Jan 2023 03:35:45 +0000
ROA not before: Mon 02 Jan 2023 03:35:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.73.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:aa:f8:5a:b9:53:a7:9f:24:e3:fd:0a:0f:8a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926697c9efda955cba3e6f8970d72e996bf3c165
Validity
Not Before: Jan 2 03:35:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22b5669187485142cc889ae19b56c60f32f3c2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:75:2c:96:0a:c3:b1:04:bd:09:41:39:83:57:
62:a8:1b:72:78:1e:fe:22:60:fa:88:ed:55:93:b9:
db:46:58:5b:90:5a:40:7d:b8:ca:9a:1f:e3:dc:57:
6d:21:04:1b:e8:f3:31:fd:2c:b9:fe:63:66:83:07:
ae:10:6c:11:b5:b7:ca:cb:12:a5:12:ef:aa:e9:b4:
b4:9a:4d:08:4e:31:67:e1:f0:db:69:d3:ac:ae:f9:
bb:68:13:87:ce:ef:24:6a:43:da:d8:76:5d:41:99:
4d:b3:a0:15:71:70:3c:44:ce:f2:88:5b:06:5c:f8:
08:2b:31:e4:e5:60:87:13:02:6e:27:d0:83:c9:3b:
ad:e5:a1:08:82:85:1c:ec:58:53:06:7d:18:15:fb:
8a:1f:2f:77:6f:7e:69:3e:58:bc:67:27:a2:42:f8:
dc:4c:6a:0b:82:89:c4:d1:fa:72:40:35:80:ea:b4:
f5:18:bb:db:11:e8:66:75:0b:b5:1b:98:56:d5:02:
6d:62:b2:7e:d0:57:ec:23:97:a9:84:f8:ca:ac:e0:
a6:e2:13:d8:81:5a:b6:ad:26:99:f9:51:3f:f8:82:
46:5f:52:9c:88:07:d3:05:6e:63:ee:1f:40:11:68:
0c:a5:9a:e0:f7:09:a0:8b:b1:2f:a8:23:68:8f:8c:
8b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B5:66:91:87:48:51:42:CC:88:9A:E1:9B:56:C6:0F:32:F3:C2:E8
X509v3 Authority Key Identifier:
keyid:92:66:97:C9:EF:DA:95:5C:BA:3E:6F:89:70:D7:2E:99:6B:F3:C1:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmaXye_alVy6Pm-JcNcumWvzwWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/IrVmkYdIUULMiJrhm1bGDzLzwug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0c4fbd-e07f-4f59-b8f4-2a4713eebff3/1/kmaXye_alVy6Pm-JcNcumWvzwWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0-5.104.74.255
91.245.239.0/24
95.214.92.0/23
95.214.95.0/24
Signature Algorithm: sha256WithRSAEncryption
64:1d:8b:7c:1d:d4:d0:e3:f7:fc:90:ed:dd:58:73:86:47:81:
2d:6f:53:ff:3b:8d:d9:6c:44:e2:cf:d4:2d:e4:ac:63:39:ff:
c5:67:ac:c5:36:ba:4d:f2:39:00:6f:5a:ee:64:ba:c3:e2:41:
89:8b:3f:d1:a5:2c:5a:36:28:8c:5e:2a:31:95:e3:d1:f8:3c:
6b:90:43:a6:ac:46:df:5a:af:b2:8b:d3:54:70:83:68:da:79:
5a:49:b1:fb:98:88:53:97:4e:f1:d6:ae:04:48:d5:e9:19:71:
0e:09:bb:78:21:2f:b9:18:26:c4:4e:ba:35:1a:c1:45:a7:09:
88:4a:9a:02:7d:a7:2b:10:e9:ea:63:d8:d9:ec:2e:de:00:c7:
be:a1:a7:a4:9a:28:75:21:94:03:0b:51:9d:1b:22:ed:60:6e:
69:9e:ba:03:ca:d3:e6:e3:7b:66:4f:3c:d6:98:59:fd:a6:38:
da:00:90:d1:60:9e:b1:c6:ca:07:d6:85:da:a5:0b:ab:fa:d1:
d2:05:fa:5b:c9:66:77:cc:c8:fa:b1:d9:2e:29:f8:a7:7f:72:
01:49:bf:84:4a:c7:f5:80:f6:99:42:f0:f3:5f:7f:cd:0d:d5:
ab:13:a4:68:aa:15:db:66:e3:e3:4f:9a:be:89:ed:7d:6c:52:
a0:19:0f:25
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwjKr4WrlTp58k4/0KD4qmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjY5N2M5ZWZkYTk1NWNiYTNlNmY4OTcwZDcyZTk5NmJm
M2MxNjUwHhcNMjMwMTAyMDMzNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI1NjY5MTg3NDg1MTQyY2M4ODlhZTE5YjU2YzYwZjMyZjNjMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3UslgrDsQS9CUE5g1diqBtyeB7+
ImD6iO1Vk7nbRlhbkFpAfbjKmh/j3FdtIQQb6PMx/Sy5/mNmgweuEGwRtbfKyxKl
Eu+q6bS0mk0ITjFn4fDbadOsrvm7aBOHzu8kakPa2HZdQZlNs6AVcXA8RM7yiFsG
XPgIKzHk5WCHEwJuJ9CDyTut5aEIgoUc7FhTBn0YFfuKHy93b35pPli8ZyeiQvjc
TGoLgonE0fpyQDWA6rT1GLvbEehmdQu1G5hW1QJtYrJ+0FfsI5ephPjKrOCm4hPY
gVq2rSaZ+VE/+IJGX1KciAfTBW5j7h9AEWgMpZrg9wmgi7EvqCNoj4yLnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCK1ZpGHSFFCzIia4ZtWxg8y88LoMB8GA1UdIwQY
MBaAFJJml8nv2pVcuj5viXDXLplr88FlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21hWHllX2FsVnk2UG0tSmNOY3VtV3Z6d1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wYzRmYmQtZTA3Zi00ZjU5LWI4ZjQt
MmE0NzEzZWViZmYzLzEvSXJWbWtZZElVVUxNaUpyaG0xYkdEekx6d3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wYzRmYmQtZTA3Zi00ZjU5LWI4ZjQtMmE0NzEzZWViZmYz
LzEva21hWHllX2FsVnk2UG0tSmNOY3VtV3Z6d1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAMFaEgD
BAAFaEoDBABb9e8DBAFf1lwDBABf1l8wDQYJKoZIhvcNAQELBQADggEBAGQdi3wd
1NDj9/yQ7d1Yc4ZHgS1vU/87jdlsROLP1C3krGM5/8VnrMU2uk3yOQBvWu5kusPi
QYmLP9GlLFo2KIxeKjGV49H4PGuQQ6asRt9ar7KL01Rwg2jaeVpJsfuYiFOXTvHW
rgRI1ekZcQ4Ju3ghL7kYJsROujUawUWnCYhKmgJ9pysQ6epj2NnsLt4Ax76hp6Sa
KHUhlAMLUZ0bIu1gbmmeugPK0+bje2ZPPNaYWf2mONoAkNFgnrHGygfWhdqlC6v6
0dIF+lvJZnfMyPqx2S4p+Kd/cgFJv4RKx/WA9plC8PNff80N1asTpGiqFdtm4+NP
mr6J7X1sUqAZDyU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:17 2024 by rpki-client on console-ams.rpki-client.org