Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/d6xJbDKTfkhb-mheiVB2QLB1Waw.roa
File: d6xJbDKTfkhb-mheiVB2QLB1Waw.roa (raw, json)
Hash identifier: GJU6yIBvmD/7dFVYef6Lod6OGFtP0NFpQQk1DkxYt00=
Subject key identifier: 77:AC:49:6C:32:93:7E:48:5B:FA:68:5E:89:50:76:40:B0:75:59:AC
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 01865E4D6B0701110B4FD2CAAE68ED86980F
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/d6xJbDKTfkhb-mheiVB2QLB1Waw.roa
Signing time: Fri 17 Feb 2023 07:36:17 +0000
ROA not before: Fri 17 Feb 2023 07:36:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49360
IP address blocks: 45.90.232.0/22 maxlen: 22
31.7.144.0/20 maxlen: 20
91.214.72.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
5.83.122.0/24 maxlen: 24
2a0a:d3c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5e:4d:6b:07:01:11:0b:4f:d2:ca:ae:68:ed:86:98:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Feb 17 07:36:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77ac496c32937e485bfa685e89507640b07559ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d5:42:d4:d0:2b:4f:5d:51:27:31:0f:6c:3b:
50:0b:93:3d:1b:d5:ee:02:67:59:f7:bf:81:10:14:
d4:e3:86:e9:21:7d:d3:83:ee:25:48:c2:d3:22:81:
13:b5:a4:8f:ff:59:d3:34:4b:b8:06:a5:17:eb:49:
4c:f9:57:f3:2d:41:e6:8c:a7:8d:7c:29:c5:fa:a3:
0c:06:bb:5f:b4:44:9e:99:35:bb:05:31:82:0a:6e:
ea:f5:5c:36:e1:4a:1e:44:47:05:9d:a9:1f:db:20:
d1:42:94:76:19:d9:3c:ea:56:3b:ca:ad:c7:df:19:
62:a0:68:aa:67:18:5f:38:d2:04:23:75:f3:c2:36:
41:4a:68:1d:a2:e4:ce:28:4e:20:cf:6f:69:0b:e3:
d7:58:89:27:f6:c1:77:1d:02:18:2d:60:a4:8b:64:
a8:7e:6b:90:47:9d:23:91:2a:c1:67:30:d5:05:f7:
0f:cf:28:16:f7:7d:d4:7c:9a:37:4f:d9:b6:61:a9:
4b:fb:f9:a8:fd:5d:ad:b7:9b:83:ff:1c:91:e3:02:
8f:74:9d:30:53:1c:38:15:81:79:ec:aa:7b:1d:4f:
26:cf:84:55:fe:b0:b2:9a:60:79:ec:63:05:20:7d:
be:2a:fc:7a:a9:03:d0:00:21:19:19:24:8b:8a:64:
5e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AC:49:6C:32:93:7E:48:5B:FA:68:5E:89:50:76:40:B0:75:59:AC
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/d6xJbDKTfkhb-mheiVB2QLB1Waw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.122.0/24
31.7.144.0/20
45.90.232.0/22
91.214.72.0/22
185.29.248.0/22
IPv6:
2a0a:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:52:d1:77:5f:bd:44:0d:27:c3:d7:82:dd:8f:e6:16:7d:23:
7d:09:03:bb:80:0a:e5:60:fb:d4:e6:e7:40:be:db:1f:b5:ff:
e1:80:0e:4c:38:b8:d9:f9:d0:3b:28:c7:38:36:3a:e0:a5:64:
e4:4e:1b:ec:83:92:74:67:87:b0:85:f9:fb:bc:63:7c:e2:a4:
f0:0e:3b:ef:62:fe:2c:c4:c1:5b:0e:ef:3c:85:85:ca:1d:5e:
31:80:84:47:8e:cc:5c:cf:c4:be:55:11:e2:9d:09:73:96:25:
c8:56:38:b0:b7:44:88:db:f7:30:41:af:31:1e:4b:e0:72:1c:
8f:f1:58:d7:3f:34:c0:09:8d:9e:ba:98:e8:46:99:25:b2:b6:
e7:3d:ae:17:c3:39:2f:17:84:19:5e:44:0b:eb:0b:35:ed:3c:
d4:76:b6:e2:bb:09:09:bf:b3:ed:e2:1e:aa:b9:c2:de:8c:23:
17:bf:f4:29:7c:ff:7d:3b:50:56:86:db:a6:34:6e:cf:52:7f:
f2:78:b0:e4:45:d4:32:db:2b:29:17:3c:0b:2f:5a:65:ec:fc:
e9:e6:27:5f:49:d1:8b:39:7e:74:67:f4:94:e1:a3:d0:0f:10:
26:9e:27:3d:d2:58:57:b0:83:64:68:55:6d:84:74:ac:b5:ff:
28:25:74:b1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYZeTWsHARELT9LKrmjthpgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjMwMjE3MDczNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FjNDk2YzMyOTM3ZTQ4NWJmYTY4NWU4OTUwNzY0MGIwNzU1OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNVC1NArT11RJzEPbDtQC5M9G9Xu
AmdZ97+BEBTU44bpIX3Tg+4lSMLTIoETtaSP/1nTNEu4BqUX60lM+VfzLUHmjKeN
fCnF+qMMBrtftESemTW7BTGCCm7q9Vw24UoeREcFnakf2yDRQpR2Gdk86lY7yq3H
3xlioGiqZxhfONIEI3XzwjZBSmgdouTOKE4gz29pC+PXWIkn9sF3HQIYLWCki2So
fmuQR50jkSrBZzDVBfcPzygW933UfJo3T9m2YalL+/mo/V2tt5uD/xyR4wKPdJ0w
Uxw4FYF57Kp7HU8mz4RV/rCymmB57GMFIH2+Kvx6qQPQACEZGSSLimRe4wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHesSWwyk35IW/poXolQdkCwdVmsMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvZDZ4SmJES1Rma2hiLW1oZWlWQjJRTEIxV2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQABVN6AwQE
HweQAwQCLVroAwQCW9ZIAwQCuR34MA0EAgACMAcDBQMqCtPAMA0GCSqGSIb3DQEB
CwUAA4IBAQAuUtF3X71EDSfD14Ldj+YWfSN9CQO7gArlYPvU5udAvtsftf/hgA5M
OLjZ+dA7KMc4NjrgpWTkThvsg5J0Z4ewhfn7vGN84qTwDjvvYv4sxMFbDu88hYXK
HV4xgIRHjsxcz8S+VRHinQlzliXIVjiwt0SI2/cwQa8xHkvgchyP8VjXPzTACY2e
upjoRpklsrbnPa4XwzkvF4QZXkQL6ws17TzUdrbiuwkJv7Pt4h6qucLejCMXv/Qp
fP99O1BWhtumNG7PUn/yeLDkRdQy2yspFzwLL1pl7Pzp5idfSdGLOX50Z/SU4aPQ
DxAmnic90lhXsINkaFVthHSstf8oJXSx
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:19 2025 by rpki-client