Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/cf59fc-653f-44eb-aca1-c5d1f27b532d/1/g0mB4KyjQuE15teH5XTa_O9buKk.roa
File: g0mB4KyjQuE15teH5XTa_O9buKk.roa (raw, json)
Hash identifier: OXKdRCnnFUEuGv+17oQk1UBu4bDTNs7DuPgcbqOtr2Q=
Subject key identifier: 83:49:81:E0:AC:A3:42:E1:35:E6:D7:87:E5:74:DA:FC:EF:5B:B8:A9
Certificate issuer: /CN=fc18de6e57903c243ca2fd14154f55ebe61ce56a
Certificate serial: 37BF1A56
Authority key identifier: FC:18:DE:6E:57:90:3C:24:3C:A2:FD:14:15:4F:55:EB:E6:1C:E5:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BjebleQPCQ8ov0UFU9V6-Yc5Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/cf59fc-653f-44eb-aca1-c5d1f27b532d/1/g0mB4KyjQuE15teH5XTa_O9buKk.roa
Signing time: Sat 01 Jan 2022 09:03:37 +0000
ROA not before: Sat 01 Jan 2022 09:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15533
IP address blocks: 62.73.128.0/19 maxlen: 24
91.185.160.0/20 maxlen: 24
164.93.128.0/17 maxlen: 24
37.244.64.0/18 maxlen: 24
213.212.64.0/18 maxlen: 24
185.50.160.0/23 maxlen: 24
5.32.152.0/21 maxlen: 24
176.62.128.0/21 maxlen: 24
2001:4138::/32 maxlen: 48
2001:4139::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 935270998 (0x37bf1a56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc18de6e57903c243ca2fd14154f55ebe61ce56a
Validity
Not Before: Jan 1 09:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=834981e0aca342e135e6d787e574dafcef5bb8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:77:c9:9a:17:dc:d7:2e:00:17:1a:d6:dc:c4:
06:41:25:e1:2f:2b:69:d0:b3:8e:99:c5:bf:43:77:
26:6b:50:f2:59:49:5a:55:fc:a2:a8:34:b5:90:77:
7a:87:db:a9:be:e6:92:94:c2:d6:57:71:66:8c:59:
95:d3:46:66:3d:33:c5:bc:1b:e6:1d:bb:87:62:21:
51:5c:cc:e8:3f:f2:67:27:50:ee:6a:52:bb:b0:d9:
1f:68:40:7f:a4:c8:23:77:8c:7d:f3:00:ec:44:f4:
37:20:98:9c:c9:f6:6d:72:54:c9:73:76:47:2a:08:
5b:14:b9:ba:bf:71:d9:07:bf:1c:9c:15:37:46:f5:
13:7f:b1:94:6a:80:4a:95:93:46:88:d7:33:1d:95:
3b:44:1b:cc:82:21:95:da:b7:98:40:9a:2b:1a:ba:
40:fb:4e:28:2e:dd:a7:a1:f9:c1:c4:5e:db:c7:47:
b8:7b:62:11:c1:7a:55:99:e3:88:fd:29:fc:10:2a:
6e:f4:8d:5a:34:e8:64:60:36:82:27:71:83:fb:f9:
1b:aa:75:02:f8:90:6a:d6:35:28:44:af:6a:22:e3:
a2:a6:be:a3:96:c9:78:42:5f:33:0a:32:6d:29:4a:
8e:d9:f9:f7:71:38:ad:bf:0f:cb:cf:ce:1e:89:e4:
9d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:49:81:E0:AC:A3:42:E1:35:E6:D7:87:E5:74:DA:FC:EF:5B:B8:A9
X509v3 Authority Key Identifier:
keyid:FC:18:DE:6E:57:90:3C:24:3C:A2:FD:14:15:4F:55:EB:E6:1C:E5:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BjebleQPCQ8ov0UFU9V6-Yc5Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cf59fc-653f-44eb-aca1-c5d1f27b532d/1/g0mB4KyjQuE15teH5XTa_O9buKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/cf59fc-653f-44eb-aca1-c5d1f27b532d/1/_BjebleQPCQ8ov0UFU9V6-Yc5Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.152.0/21
37.244.64.0/18
62.73.128.0/19
91.185.160.0/20
164.93.128.0/17
176.62.128.0/21
185.50.160.0/23
213.212.64.0/18
IPv6:
2001:4138::/31
Signature Algorithm: sha256WithRSAEncryption
82:33:72:17:4b:b0:cd:72:9e:0a:3b:0a:f4:df:1c:ae:42:bb:
59:6b:e0:f3:ad:27:27:1a:bb:f5:67:22:84:e4:55:cb:f5:0c:
a7:0f:43:7c:e3:05:f2:a8:f6:4e:bb:81:ea:3f:7e:25:88:c3:
ca:b7:0d:cc:41:82:4e:e5:29:97:f3:3d:47:a9:c0:cc:ff:57:
03:37:1c:63:51:a3:b4:09:8a:cf:15:c1:3b:d5:90:25:16:38:
dc:7b:69:de:4a:44:a9:8e:42:78:e0:89:2f:67:7e:a7:89:3b:
b0:62:72:ae:8c:14:12:b4:c5:7c:6b:44:5c:de:54:b8:68:2d:
bd:e2:91:f2:56:2a:8e:fc:ff:d1:b7:36:a6:bd:30:04:85:a3:
69:0d:12:f0:98:aa:11:77:25:35:28:64:31:54:ab:12:73:28:
44:99:76:1b:8f:e1:3d:b3:20:85:d3:43:31:e3:09:39:4c:dc:
da:d4:38:d7:68:53:67:e9:51:b5:80:2f:9b:74:40:89:60:cf:
b0:4c:94:8b:b9:e1:c3:f8:14:c8:c2:90:7c:5a:75:9a:5a:3c:
70:01:5c:64:90:be:04:fa:ff:2f:ef:7e:12:6f:0d:f9:5b:c9:
34:53:0f:63:e8:cf:7d:87:1d:8a:b4:10:d7:e0:a2:17:aa:2a:
69:e4:e4:ba
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEN78aVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzE4ZGU2ZTU3OTAzYzI0M2NhMmZkMTQxNTRmNTVlYmU2MWNlNTZhMB4XDTIyMDEw
MTA5MDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM0OTgxZTBhY2Ez
NDJlMTM1ZTZkNzg3ZTU3NGRhZmNlZjViYjhhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMR3yZoX3NcuABca1tzEBkEl4S8radCzjpnFv0N3JmtQ8llJ
WlX8oqg0tZB3eofbqb7mkpTC1ldxZoxZldNGZj0zxbwb5h27h2IhUVzM6D/yZydQ
7mpSu7DZH2hAf6TII3eMffMA7ET0NyCYnMn2bXJUyXN2RyoIWxS5ur9x2Qe/HJwV
N0b1E3+xlGqASpWTRojXMx2VO0QbzIIhldq3mECaKxq6QPtOKC7dp6H5wcRe28dH
uHtiEcF6VZnjiP0p/BAqbvSNWjToZGA2gidxg/v5G6p1AviQatY1KESvaiLjoqa+
o5bJeEJfMwoybSlKjtn593E4rb8Py8/OHonknXsCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBSDSYHgrKNC4TXm14fldNr871u4qTAfBgNVHSMEGDAWgBT8GN5uV5A8JDyi
/RQVT1Xr5hzlajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19CamVibGVRUENROG92MFVGVTlWNi1ZYzVXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvY2Y1OWZjLTY1M2YtNDRlYi1hY2ExLWM1ZDFmMjdiNTMyZC8x
L2cwbUI0S3lqUXVFMTV0ZUg1WFRhX085YnVLay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
Y2Y1OWZjLTY1M2YtNDRlYi1hY2ExLWM1ZDFmMjdiNTMyZC8xL19CamVibGVRUENR
OG92MFVGVTlWNi1ZYzVXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwUgmAMEBiX0QAMEBT5JgAMEBFu5
oAMEB6RdgAMEA7A+gAMEAbkyoAMEBtXUQDANBAIAAjAHAwUBIAFBODANBgkqhkiG
9w0BAQsFAAOCAQEAgjNyF0uwzXKeCjsK9N8crkK7WWvg860nJxq79WcihORVy/UM
pw9DfOMF8qj2TruB6j9+JYjDyrcNzEGCTuUpl/M9R6nAzP9XAzccY1GjtAmKzxXB
O9WQJRY43Htp3kpEqY5CeOCJL2d+p4k7sGJyrowUErTFfGtEXN5UuGgtveKR8lYq
jvz/0bc2pr0wBIWjaQ0S8JiqEXclNShkMVSrEnMoRJl2G4/hPbMghdNDMeMJOUzc
2tQ412hTZ+lRtYAvm3RAiWDPsEyUi7nhw/gUyMKQfFp1mlo8cAFcZJC+BPr/L+9+
Em8N+VvJNFMPY+jPfYcdirQQ1+CiF6oqaeTkug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:52 2024 by rpki-client on console-ams.rpki-client.org