Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/T4vEqiKTdVYoUTm2eUtL58YzJSc.roa
File: T4vEqiKTdVYoUTm2eUtL58YzJSc.roa (raw, json)
Hash identifier: q4zo2EQCBioAOfoYjPbq046hPQfa0Ma7LR74g9rlEjM=
Subject key identifier: 4F:8B:C4:AA:22:93:75:56:28:51:39:B6:79:4B:4B:E7:C6:33:25:27
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 01915F02293A8546E3A89A7D68F9355C417D
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/T4vEqiKTdVYoUTm2eUtL58YzJSc.roa
Signing time: Sat 17 Aug 2024 06:24:22 +0000
ROA not before: Sat 17 Aug 2024 06:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39120
IP address blocks: 5.56.8.0/22 maxlen: 22
5.56.12.0/22 maxlen: 22
5.83.120.0/22 maxlen: 22
5.83.124.0/22 maxlen: 22
31.7.144.0/20 maxlen: 20
45.90.232.0/22 maxlen: 22
91.214.72.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
2a0a:d3c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5f:02:29:3a:85:46:e3:a8:9a:7d:68:f9:35:5c:41:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Aug 17 06:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8bc4aa22937556285139b6794b4be7c6332527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:28:10:8c:f5:92:40:33:e2:49:2f:f7:01:d6:
72:2a:ba:35:b6:31:d8:c6:88:4d:29:14:83:15:4c:
7c:98:5e:3e:05:4c:07:19:ad:dc:f5:c4:eb:4e:67:
20:2b:40:28:53:51:f5:f4:14:a9:7d:65:53:ae:e4:
64:70:77:01:9e:ee:df:a5:cd:1b:e8:7f:b1:c7:58:
a2:0e:e8:1e:06:b7:88:b2:11:98:54:d8:b2:db:98:
62:3e:7a:ab:44:3c:7e:b6:7f:9f:39:34:a8:a7:32:
08:bf:34:00:12:7d:65:f0:54:9c:65:aa:d8:aa:76:
c5:79:93:22:58:cd:56:b7:b6:46:28:66:85:d0:4e:
fa:e3:cc:33:32:54:02:ad:2f:31:af:80:e5:57:9b:
c2:3b:9f:54:ac:fd:ae:e4:0e:9d:cb:d7:6c:5a:a6:
59:01:99:7c:5c:2e:3d:ca:61:77:00:08:b6:c9:b4:
74:ee:bd:d3:03:a7:35:d3:ef:f9:9e:45:6f:b4:fe:
a3:40:23:73:0a:47:ac:1e:a6:df:9e:82:0c:70:63:
93:2d:d7:41:fa:dc:59:fb:49:4f:85:c0:69:ba:f7:
ce:2d:d2:51:ef:f6:e9:00:73:e7:05:e1:06:a9:94:
1a:57:f6:28:6e:9c:a9:42:26:ad:60:8f:7d:e7:96:
cc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8B:C4:AA:22:93:75:56:28:51:39:B6:79:4B:4B:E7:C6:33:25:27
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/T4vEqiKTdVYoUTm2eUtL58YzJSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.8.0/21
5.83.120.0/21
31.7.144.0/20
45.90.232.0/22
91.214.72.0/22
185.29.248.0/22
IPv6:
2a0a:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:ea:11:ac:0b:de:a5:24:84:f2:8e:ba:0c:ac:e7:58:30:ca:
e6:3f:3f:99:f1:d7:a3:8f:41:7a:f0:4d:e4:5a:46:aa:86:86:
73:a7:ce:f3:51:f4:18:ab:13:48:70:cf:ff:3e:27:1e:d1:70:
4c:63:0e:c4:b8:8a:bc:4f:0d:52:21:38:29:8c:9f:88:f3:ab:
4f:8b:f1:89:22:bc:a5:0d:44:89:7c:c1:3d:71:30:11:ae:31:
59:c6:8d:db:de:a8:b6:32:6f:1e:96:da:3b:fe:c3:a4:31:c2:
e3:13:00:c3:13:35:24:be:58:8c:29:5f:77:7f:4c:bd:c5:52:
61:88:29:29:50:d4:6f:cf:d4:5f:b1:78:fc:9d:b2:30:dd:de:
7d:38:91:80:12:6d:74:88:2a:d3:f3:63:23:98:ca:4e:62:5f:
25:3d:99:ad:bf:7c:72:fb:a7:ab:fb:67:d6:aa:98:56:50:8c:
aa:c9:f3:b6:6c:1e:e9:cd:1a:80:68:37:8a:7f:1d:c2:39:ff:
4c:d5:4d:42:8a:6b:e5:b6:56:e5:3b:54:6d:6c:db:99:5c:47:
1d:b3:a7:bb:52:c5:57:7e:2e:71:1e:bd:11:dd:af:7b:c3:4b:
c0:ce:43:0e:e4:ea:ee:b7:e3:b6:5a:9e:f9:88:c2:da:1f:78:
56:4a:4e:2e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZFfAik6hUbjqJp9aPk1XEF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjQwODE3MDYyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhiYzRhYTIyOTM3NTU2Mjg1MTM5YjY3OTRiNGJlN2M2MzMyNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCgQjPWSQDPiSS/3AdZyKro1tjHY
xohNKRSDFUx8mF4+BUwHGa3c9cTrTmcgK0AoU1H19BSpfWVTruRkcHcBnu7fpc0b
6H+xx1iiDugeBreIshGYVNiy25hiPnqrRDx+tn+fOTSopzIIvzQAEn1l8FScZarY
qnbFeZMiWM1Wt7ZGKGaF0E7648wzMlQCrS8xr4DlV5vCO59UrP2u5A6dy9dsWqZZ
AZl8XC49ymF3AAi2ybR07r3TA6c10+/5nkVvtP6jQCNzCkesHqbfnoIMcGOTLddB
+txZ+0lPhcBpuvfOLdJR7/bpAHPnBeEGqZQaV/YobpypQiatYI9955bM/wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFE+LxKoik3VWKFE5tnlLS+fGMyUnMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvVDR2RXFpS1RkVllvVVRtMmVVdEw1OFl6SlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBTgIAwQD
BVN4AwQEHweQAwQCLVroAwQCW9ZIAwQCuR34MA0EAgACMAcDBQMqCtPAMA0GCSqG
SIb3DQEBCwUAA4IBAQCO6hGsC96lJITyjroMrOdYMMrmPz+Z8dejj0F68E3kWkaq
hoZzp87zUfQYqxNIcM//Pice0XBMYw7EuIq8Tw1SITgpjJ+I86tPi/GJIrylDUSJ
fME9cTARrjFZxo3b3qi2Mm8elto7/sOkMcLjEwDDEzUkvliMKV93f0y9xVJhiCkp
UNRvz9RfsXj8nbIw3d59OJGAEm10iCrT82MjmMpOYl8lPZmtv3xy+6er+2fWqphW
UIyqyfO2bB7pzRqAaDeKfx3COf9M1U1CimvltlblO1RtbNuZXEcds6e7UsVXfi5x
Hr0R3a97w0vAzkMO5Orut+O2Wp75iMLaH3hWSk4u
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:02 2025 by rpki-client