Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/7tYUtxinRod9TkCa-XaMcpqa2ZA.roa
File: 7tYUtxinRod9TkCa-XaMcpqa2ZA.roa (raw, json)
Hash identifier: 5wpy5Cq6COEP1sOgfXGSU+zDRWX19jN7QcQ7/3xwg3I=
Subject key identifier: EE:D6:14:B7:18:A7:46:87:7D:4E:40:9A:F9:76:8C:72:9A:9A:D9:90
Certificate issuer: /CN=4aac317f820419c93af26ee44e8b4ebaa6c7fe7f
Certificate serial: 018B941351F58B6085CF8435A1E277CD775F
Authority key identifier: 4A:AC:31:7F:82:04:19:C9:3A:F2:6E:E4:4E:8B:4E:BA:A6:C7:FE:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sqwxf4IEGck68m7kTotOuqbH_n8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/7tYUtxinRod9TkCa-XaMcpqa2ZA.roa
Signing time: Fri 03 Nov 2023 07:26:15 +0000
ROA not before: Fri 03 Nov 2023 07:26:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56882
IP address blocks: 46.251.254.0/23 maxlen: 23
188.227.159.0/24 maxlen: 24
185.59.64.0/24 maxlen: 24
45.252.236.0/22 maxlen: 22
185.59.65.0/24 maxlen: 24
185.59.66.0/24 maxlen: 24
185.59.67.0/24 maxlen: 24
185.130.152.0/22 maxlen: 22
115.42.52.0/22 maxlen: 22
188.227.128.0/19 maxlen: 19
91.228.91.0/24 maxlen: 24
185.193.8.0/22 maxlen: 22
46.251.252.0/23 maxlen: 23
168.245.196.0/23 maxlen: 23
37.209.160.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:13:51:f5:8b:60:85:cf:84:35:a1:e2:77:cd:77:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aac317f820419c93af26ee44e8b4ebaa6c7fe7f
Validity
Not Before: Nov 3 07:26:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eed614b718a746877d4e409af9768c729a9ad990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e6:f5:1e:57:d3:27:d6:7d:c1:92:03:f3:32:
4e:01:99:76:e6:dd:61:cf:81:f4:db:69:f5:1a:90:
ff:8a:b5:7a:c1:21:7d:2c:e1:f4:fe:da:dd:e6:93:
7b:e3:83:b0:69:3d:e8:bd:d7:fe:17:79:d3:b1:96:
96:dc:ac:b1:92:51:e2:46:d9:d5:f0:44:b4:18:d9:
7a:ea:d6:2d:36:4b:77:73:3e:ac:2a:2f:2c:90:20:
68:d7:79:e5:14:14:29:c6:de:36:39:01:6e:3d:cf:
5b:ee:e6:c2:7f:54:99:93:87:b2:18:d6:16:b7:f7:
21:50:23:e1:2b:f4:03:31:a8:62:26:90:ef:1a:00:
4f:56:02:ee:c8:c3:da:64:94:73:98:b9:f6:36:29:
03:df:da:53:89:e9:5a:d8:a3:fa:97:5c:10:95:a4:
fb:85:49:4e:91:28:8d:ac:f9:93:0d:e5:a1:e2:bd:
03:3e:b2:f3:ed:03:b6:0b:fb:24:bd:d1:70:fe:78:
9b:82:6f:6b:4b:60:3d:25:80:c3:ee:c9:31:2a:15:
7a:67:53:b6:01:6d:d7:a7:70:7e:6c:3d:e9:d5:b8:
39:f4:2f:90:e0:d1:8c:ef:c9:64:ad:04:bd:8f:6d:
4c:aa:f7:71:f8:76:c0:9f:27:6d:ad:a7:97:54:48:
bd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D6:14:B7:18:A7:46:87:7D:4E:40:9A:F9:76:8C:72:9A:9A:D9:90
X509v3 Authority Key Identifier:
keyid:4A:AC:31:7F:82:04:19:C9:3A:F2:6E:E4:4E:8B:4E:BA:A6:C7:FE:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sqwxf4IEGck68m7kTotOuqbH_n8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/7tYUtxinRod9TkCa-XaMcpqa2ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/Sqwxf4IEGck68m7kTotOuqbH_n8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.160.0/21
45.252.236.0/22
46.251.252.0/22
91.228.91.0/24
115.42.52.0/22
168.245.196.0/23
185.59.64.0/22
185.130.152.0/22
185.193.8.0/22
188.227.128.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:4c:07:dc:9b:22:3f:60:4b:bd:1c:ad:d3:a8:62:6d:0e:6f:
50:55:d8:13:a5:11:b9:d6:90:93:01:3a:a4:97:07:31:49:06:
47:1e:d3:ad:55:6a:ce:77:78:94:73:fa:90:69:53:ad:d0:f1:
34:28:33:2d:de:4d:34:f1:cf:39:ba:78:30:28:ca:6a:ae:71:
7b:42:2c:f2:a1:8d:6f:3d:df:f8:09:e7:8f:9c:a7:5d:a1:d4:
8c:1b:4b:b8:34:f6:9a:2d:3a:f5:73:72:29:a1:d2:ad:6b:07:
25:d1:c0:1b:37:fd:9e:ea:0a:2f:57:88:29:1e:de:20:32:b9:
17:61:34:02:25:1f:63:46:e9:9c:c0:1e:3f:5e:db:b8:ea:7c:
35:92:56:85:90:70:28:51:f9:5b:20:5b:4c:aa:34:ba:ea:e9:
c7:72:34:c7:90:54:42:a9:27:0c:a5:85:68:78:8f:0d:e6:36:
9f:2c:bc:51:3f:69:0c:da:6a:6d:08:33:8a:98:36:d2:c9:0d:
2f:fe:ef:01:29:80:d7:a3:2f:0b:a6:39:b9:f2:e4:86:c0:37:
7e:21:46:94:fa:12:c2:18:51:75:c4:33:da:b3:97:bd:ef:80:
55:15:50:63:21:cd:a0:4f:35:2c:b5:83:f3:ec:73:fb:48:e7:
9e:a4:65:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYuUE1H1i2CFz4Q1oeJ3zXdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWMzMTdmODIwNDE5YzkzYWYyNmVlNDRlOGI0ZWJhYTZj
N2ZlN2YwHhcNMjMxMTAzMDcyNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWQ2MTRiNzE4YTc0Njg3N2Q0ZTQwOWFmOTc2OGM3MjlhOWFkOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+b1HlfTJ9Z9wZID8zJOAZl25t1h
z4H022n1GpD/irV6wSF9LOH0/trd5pN744OwaT3ovdf+F3nTsZaW3KyxklHiRtnV
8ES0GNl66tYtNkt3cz6sKi8skCBo13nlFBQpxt42OQFuPc9b7ubCf1SZk4eyGNYW
t/chUCPhK/QDMahiJpDvGgBPVgLuyMPaZJRzmLn2NikD39pTiela2KP6l1wQlaT7
hUlOkSiNrPmTDeWh4r0DPrLz7QO2C/skvdFw/nibgm9rS2A9JYDD7skxKhV6Z1O2
AW3Xp3B+bD3p1bg59C+Q4NGM78lkrQS9j21Mqvdx+HbAnydtraeXVEi9iQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFO7WFLcYp0aHfU5Amvl2jHKamtmQMB8GA1UdIwQY
MBaAFEqsMX+CBBnJOvJu5E6LTrqmx/5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3F3eGY0SUVHY2s2OG03a1RvdE91cWJIX244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS85MjQ3ZjctZWY0OC00NTA5LTkwMWQt
ZTA4MDI4ZDk5OWViLzEvN3RZVXR4aW5Sb2Q5VGtDYS1YYU1jcHFhMlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS85MjQ3ZjctZWY0OC00NTA5LTkwMWQtZTA4MDI4ZDk5OWVi
LzEvU3F3eGY0SUVHY2s2OG03a1RvdE91cWJIX244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDJdGgAwQC
LfzsAwQCLvv8AwQAW+RbAwQCcyo0AwQBqPXEAwQCuTtAAwQCuYKYAwQCucEIAwQF
vOOAMA0GCSqGSIb3DQEBCwUAA4IBAQCOTAfcmyI/YEu9HK3TqGJtDm9QVdgTpRG5
1pCTATqklwcxSQZHHtOtVWrOd3iUc/qQaVOt0PE0KDMt3k008c85ungwKMpqrnF7
QizyoY1vPd/4CeePnKddodSMG0u4NPaaLTr1c3IpodKtawcl0cAbN/2e6govV4gp
Ht4gMrkXYTQCJR9jRumcwB4/Xtu46nw1klaFkHAoUflbIFtMqjS66unHcjTHkFRC
qScMpYVoeI8N5jafLLxRP2kM2mptCDOKmDbSyQ0v/u8BKYDXoy8Lpjm58uSGwDd+
IUaU+hLCGFF1xDPas5e974BVFVBjIc2gTzUstYPz7HP7SOeepGVI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:31 2024 by rpki-client on console-fra.rpki-client.org