Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/MAnh4ao5PtLS7jOHUFZq85BBgdI.roa
File: MAnh4ao5PtLS7jOHUFZq85BBgdI.roa (raw, json)
Hash identifier: XA0uZvF6kjdgyK21A0qSiXLLyJYKpKkv+9hIn0xgHNc=
Subject key identifier: 30:09:E1:E1:AA:39:3E:D2:D2:EE:33:87:50:56:6A:F3:90:41:81:D2
Certificate issuer: /CN=4aac317f820419c93af26ee44e8b4ebaa6c7fe7f
Certificate serial: 0184E219234A814FA8857F1547AF2B4132BC
Authority key identifier: 4A:AC:31:7F:82:04:19:C9:3A:F2:6E:E4:4E:8B:4E:BA:A6:C7:FE:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sqwxf4IEGck68m7kTotOuqbH_n8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/MAnh4ao5PtLS7jOHUFZq85BBgdI.roa
Signing time: Mon 05 Dec 2022 11:43:29 +0000
ROA not before: Mon 05 Dec 2022 11:43:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56882
IP address blocks: 46.251.254.0/23 maxlen: 23
188.227.159.0/24 maxlen: 24
185.59.64.0/24 maxlen: 24
45.252.236.0/22 maxlen: 22
185.59.65.0/24 maxlen: 24
185.59.66.0/24 maxlen: 24
185.59.67.0/24 maxlen: 24
185.130.152.0/22 maxlen: 22
188.227.128.0/19 maxlen: 19
91.228.91.0/24 maxlen: 24
46.251.252.0/23 maxlen: 23
185.193.8.0/22 maxlen: 22
168.245.196.0/23 maxlen: 23
37.209.160.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:19:23:4a:81:4f:a8:85:7f:15:47:af:2b:41:32:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aac317f820419c93af26ee44e8b4ebaa6c7fe7f
Validity
Not Before: Dec 5 11:43:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3009e1e1aa393ed2d2ee338750566af3904181d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bc:24:be:16:f0:67:84:1f:a4:e7:34:c8:85:
a4:9c:cf:ff:80:2f:bb:c3:d4:af:f2:12:07:03:c7:
1c:23:a7:9f:e0:61:5e:9e:bd:8a:1a:b8:8d:89:91:
96:86:f7:e8:6d:c5:91:ac:67:7f:c4:8f:ac:2f:19:
df:06:18:e6:6f:0d:af:92:20:64:6d:2c:c0:0a:bc:
a5:cc:e5:75:c6:3a:a3:eb:5b:f0:67:9f:18:f8:d0:
96:cd:ea:92:c9:4e:97:3c:d3:40:b3:d7:24:ec:92:
10:e8:4e:a9:8a:6d:a3:10:aa:f1:89:d5:34:0c:e7:
7e:fa:94:2b:71:d3:81:29:0b:2f:c8:37:8b:5f:aa:
d8:43:3e:a2:e4:08:f8:b9:de:6d:7e:d1:18:e1:50:
d8:35:e8:41:67:9f:aa:16:f0:3f:1b:4a:c9:c2:f1:
39:c6:ad:55:f6:76:7c:84:9c:42:e3:bb:79:c1:c1:
57:d5:05:69:6e:d0:e6:ef:5d:b7:dc:f4:03:58:05:
9b:c9:ff:b7:5e:0c:63:bf:98:76:cc:45:72:ec:3f:
bb:c8:24:7e:1b:9c:77:9e:1b:43:02:61:a1:bd:59:
1d:1b:57:83:d2:74:f5:24:ad:c5:ba:76:47:2f:e1:
5f:ac:2d:b0:71:fc:53:62:23:ba:59:d3:84:1f:82:
d8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:09:E1:E1:AA:39:3E:D2:D2:EE:33:87:50:56:6A:F3:90:41:81:D2
X509v3 Authority Key Identifier:
keyid:4A:AC:31:7F:82:04:19:C9:3A:F2:6E:E4:4E:8B:4E:BA:A6:C7:FE:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sqwxf4IEGck68m7kTotOuqbH_n8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/MAnh4ao5PtLS7jOHUFZq85BBgdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/9247f7-ef48-4509-901d-e08028d999eb/1/Sqwxf4IEGck68m7kTotOuqbH_n8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.160.0/21
45.252.236.0/22
46.251.252.0/22
91.228.91.0/24
168.245.196.0/23
185.59.64.0/22
185.130.152.0/22
185.193.8.0/22
188.227.128.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:5a:af:e6:94:b4:af:ba:95:01:49:90:48:a7:63:ae:7e:16:
5b:2d:79:e9:6c:5d:d3:34:f2:81:7f:19:e6:42:8d:10:df:8a:
80:e8:ff:38:98:e8:25:02:2d:22:71:3b:d5:b9:9e:0d:13:af:
0e:c0:9e:93:b5:26:66:29:7a:a8:aa:8b:7f:b5:4b:d1:c9:9e:
2d:6f:6d:d1:7a:d8:ec:4c:cd:a1:9b:f6:67:24:43:ba:6b:1b:
f1:1d:e5:bb:58:32:f8:72:3c:bf:84:84:92:82:64:b9:1f:dd:
51:80:e8:a0:de:cb:30:be:33:fe:a9:c3:ab:02:0b:ac:28:58:
8f:a7:23:81:2c:29:56:93:ad:f2:42:15:57:52:1b:de:91:5e:
09:9c:e9:c1:59:5d:39:83:17:fb:b8:d2:42:8a:4e:e2:b1:c6:
8e:7c:90:fe:c2:46:33:38:e4:21:17:95:6f:46:2c:95:f8:87:
c3:da:8f:8a:02:5b:59:79:d7:51:63:fb:46:15:13:52:0b:f4:
87:c2:2e:56:a3:b3:04:34:84:af:9d:5d:82:aa:a8:48:ff:a3:
8a:2a:31:e7:97:f8:8a:de:cc:12:01:88:ea:b4:a5:5e:c4:0e:
07:f3:2a:97:d7:9a:10:20:68:94:26:de:ed:59:30:3c:fc:b7:
f6:7f:e9:af
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYTiGSNKgU+ohX8VR68rQTK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWMzMTdmODIwNDE5YzkzYWYyNmVlNDRlOGI0ZWJhYTZj
N2ZlN2YwHhcNMjIxMjA1MTE0MzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA5ZTFlMWFhMzkzZWQyZDJlZTMzODc1MDU2NmFmMzkwNDE4MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrwkvhbwZ4QfpOc0yIWknM//gC+7
w9Sv8hIHA8ccI6ef4GFenr2KGriNiZGWhvfobcWRrGd/xI+sLxnfBhjmbw2vkiBk
bSzACrylzOV1xjqj61vwZ58Y+NCWzeqSyU6XPNNAs9ck7JIQ6E6pim2jEKrxidU0
DOd++pQrcdOBKQsvyDeLX6rYQz6i5Aj4ud5tftEY4VDYNehBZ5+qFvA/G0rJwvE5
xq1V9nZ8hJxC47t5wcFX1QVpbtDm71233PQDWAWbyf+3Xgxjv5h2zEVy7D+7yCR+
G5x3nhtDAmGhvVkdG1eD0nT1JK3FunZHL+FfrC2wcfxTYiO6WdOEH4LYbQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDAJ4eGqOT7S0u4zh1BWavOQQYHSMB8GA1UdIwQY
MBaAFEqsMX+CBBnJOvJu5E6LTrqmx/5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3F3eGY0SUVHY2s2OG03a1RvdE91cWJIX244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS85MjQ3ZjctZWY0OC00NTA5LTkwMWQt
ZTA4MDI4ZDk5OWViLzEvTUFuaDRhbzVQdExTN2pPSFVGWnE4NUJCZ2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS85MjQ3ZjctZWY0OC00NTA5LTkwMWQtZTA4MDI4ZDk5OWVi
LzEvU3F3eGY0SUVHY2s2OG03a1RvdE91cWJIX244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDJdGgAwQC
LfzsAwQCLvv8AwQAW+RbAwQBqPXEAwQCuTtAAwQCuYKYAwQCucEIAwQFvOOAMA0G
CSqGSIb3DQEBCwUAA4IBAQALWq/mlLSvupUBSZBIp2OufhZbLXnpbF3TNPKBfxnm
Qo0Q34qA6P84mOglAi0icTvVuZ4NE68OwJ6TtSZmKXqoqot/tUvRyZ4tb23Retjs
TM2hm/ZnJEO6axvxHeW7WDL4cjy/hISSgmS5H91RgOig3sswvjP+qcOrAgusKFiP
pyOBLClWk63yQhVXUhvekV4JnOnBWV05gxf7uNJCik7iscaOfJD+wkYzOOQhF5Vv
RiyV+IfD2o+KAltZeddRY/tGFRNSC/SHwi5Wo7MENISvnV2CqqhI/6OKKjHnl/iK
3swSAYjqtKVexA4H8yqX15oQIGiUJt7tWTA8/Lf2f+mv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:31 2024 by rpki-client on console-fra.rpki-client.org