Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/lk_BQlfnL8VmR86hBHoyWjkCayo.roa
File: lk_BQlfnL8VmR86hBHoyWjkCayo.roa (raw, json)
Hash identifier: l2kicD1fTrtgRX9BKlmU1231jG7EVPv8cllMk45SWWA=
Subject key identifier: 96:4F:C1:42:57:E7:2F:C5:66:47:CE:A1:04:7A:32:5A:39:02:6B:2A
Certificate issuer: /CN=1fa5cb503b369e3cba844522d06d35a8acf5c733
Certificate serial: 015C2D40
Authority key identifier: 1F:A5:CB:50:3B:36:9E:3C:BA:84:45:22:D0:6D:35:A8:AC:F5:C7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6XLUDs2njy6hEUi0G01qKz1xzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/lk_BQlfnL8VmR86hBHoyWjkCayo.roa
Signing time: Mon 21 Mar 2022 14:13:50 +0000
ROA not before: Mon 21 Mar 2022 14:13:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 171.22.252.0/24 maxlen: 32
171.22.253.0/24 maxlen: 32
45.82.96.0/22 maxlen: 32
45.84.228.0/22 maxlen: 32
139.28.120.0/22 maxlen: 32
2.56.228.0/22 maxlen: 32
45.66.176.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22818112 (0x15c2d40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa5cb503b369e3cba844522d06d35a8acf5c733
Validity
Not Before: Mar 21 14:13:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=964fc14257e72fc56647cea1047a325a39026b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:03:ca:08:2f:5c:d6:19:c7:31:92:59:b9:05:
13:6f:9a:d3:e2:2b:ee:55:12:00:9f:8e:48:68:84:
c9:01:6b:6f:e7:7e:79:e1:a1:47:e0:18:a8:26:3e:
b4:3d:55:c4:7d:91:2b:9d:84:86:d4:7d:07:fd:15:
57:27:67:74:41:0a:91:1d:db:a8:da:39:de:de:b3:
15:ea:e7:69:6a:33:42:c6:70:c1:ed:32:23:ed:3b:
6b:3a:47:61:1b:c1:72:53:87:06:02:1e:fd:11:c8:
4f:20:9e:58:1c:24:18:0f:c8:81:14:09:ee:c8:bd:
19:5f:37:83:53:2d:7b:dd:d7:b6:a2:86:2f:0f:43:
59:36:96:33:cc:28:ab:ab:aa:1e:dd:28:ef:70:6e:
c1:4f:95:e1:84:04:05:e6:a6:52:ba:77:45:84:81:
f5:d5:cd:55:7c:22:26:27:cd:c7:ee:d5:60:5f:c3:
0f:14:4e:aa:5b:73:ef:55:e6:00:67:c5:fe:dd:de:
65:de:67:bc:37:d5:a9:8d:5c:4c:a1:fc:82:3d:a6:
a4:d1:fb:c7:c7:b7:d2:ce:33:c1:92:8f:07:bb:a7:
ec:19:e5:e5:ad:06:f2:a4:36:36:d2:c0:69:2d:e5:
88:70:d6:4f:72:e6:b8:29:53:d2:3f:9e:0b:39:ed:
13:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4F:C1:42:57:E7:2F:C5:66:47:CE:A1:04:7A:32:5A:39:02:6B:2A
X509v3 Authority Key Identifier:
keyid:1F:A5:CB:50:3B:36:9E:3C:BA:84:45:22:D0:6D:35:A8:AC:F5:C7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6XLUDs2njy6hEUi0G01qKz1xzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/lk_BQlfnL8VmR86hBHoyWjkCayo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/H6XLUDs2njy6hEUi0G01qKz1xzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.228.0/22
45.66.176.0/22
45.82.96.0/22
45.84.228.0/22
139.28.120.0/22
171.22.252.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:04:cc:ab:f9:98:fa:44:c3:9f:95:7c:7e:dd:52:4f:9c:80:
35:5d:40:ac:70:2f:c2:3c:9e:36:a0:4f:f5:0f:4f:dd:1b:15:
42:e0:3d:43:8e:cb:fa:6c:b9:d8:23:aa:ee:74:12:b1:de:09:
3a:01:e8:3d:98:bd:a5:06:b8:78:39:5c:f5:5a:ec:47:2c:df:
32:3c:be:59:f8:e3:7e:f4:84:a2:20:31:78:c1:0e:73:9b:be:
d5:4e:c4:55:c9:7d:ec:c7:c3:21:cf:8d:00:c9:18:d8:ad:b8:
9d:e4:9b:e2:20:37:1f:fb:57:3d:f7:c5:66:26:8c:99:01:58:
f1:d8:86:c1:82:67:45:e4:c7:0c:68:c3:cd:b7:9e:85:cb:0f:
ef:c1:6f:70:03:83:88:c7:39:e4:b7:ed:c6:e7:b9:30:7c:9f:
b1:fe:a6:2b:ce:a1:63:82:37:1e:1a:94:c1:be:f6:20:f1:ac:
32:77:d2:b6:24:12:a1:76:81:5f:c8:89:e2:02:24:2e:13:bf:
b3:50:3d:f9:80:19:25:63:b9:50:9a:ec:8e:3d:88:ff:5d:52:
2d:15:bc:85:ec:3b:da:ee:1d:2b:56:00:f2:5e:55:b7:42:cd:
47:8b:6d:8d:92:65:a5:ed:8a:80:73:fb:61:13:42:05:ad:b9:
65:37:fe:5e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAVwtQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmE1Y2I1MDNiMzY5ZTNjYmE4NDQ1MjJkMDZkMzVhOGFjZjVjNzMzMB4XDTIyMDMy
MTE0MTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY0ZmMxNDI1N2U3
MmZjNTY2NDdjZWExMDQ3YTMyNWEzOTAyNmIyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI8DyggvXNYZxzGSWbkFE2+a0+Ir7lUSAJ+OSGiEyQFrb+d+
eeGhR+AYqCY+tD1VxH2RK52EhtR9B/0VVydndEEKkR3bqNo53t6zFernaWozQsZw
we0yI+07azpHYRvBclOHBgIe/RHITyCeWBwkGA/IgRQJ7si9GV83g1Mte93XtqKG
Lw9DWTaWM8woq6uqHt0o73BuwU+V4YQEBeamUrp3RYSB9dXNVXwiJifNx+7VYF/D
DxROqltz71XmAGfF/t3eZd5nvDfVqY1cTKH8gj2mpNH7x8e30s4zwZKPB7un7Bnl
5a0G8qQ2NtLAaS3liHDWT3LmuClT0j+eCzntE5MCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSWT8FCV+cvxWZHzqEEejJaOQJrKjAfBgNVHSMEGDAWgBQfpctQOzaePLqE
RSLQbTWorPXHMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g2WExVRHMybmp5NmhFVWkwRzAxcUt6MXh6TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZTNkNWZhLTUzMzEtNGIyMy04YWZmLWJmNGRiZTdmOWFjYi8x
L2xrX0JRbGZuTDhWbVI4NmhCSG95V2prQ2F5by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZTNkNWZhLTUzMzEtNGIyMy04YWZmLWJmNGRiZTdmOWFjYi8xL0g2WExVRHMybmp5
NmhFVWkwRzAxcUt6MXh6TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAgI45AMEAi1CsAMEAi1SYAMEAi1U
5AMEAosceAMEAasW/DANBgkqhkiG9w0BAQsFAAOCAQEAHQTMq/mY+kTDn5V8ft1S
T5yANV1ArHAvwjyeNqBP9Q9P3RsVQuA9Q47L+my52COq7nQSsd4JOgHoPZi9pQa4
eDlc9VrsRyzfMjy+WfjjfvSEoiAxeMEOc5u+1U7EVcl97MfDIc+NAMkY2K24neSb
4iA3H/tXPffFZiaMmQFY8diGwYJnReTHDGjDzbeehcsP78FvcAODiMc55Lftxue5
MHyfsf6mK86hY4I3HhqUwb72IPGsMnfStiQSoXaBX8iJ4gIkLhO/s1A9+YAZJWO5
UJrsjj2I/11SLRW8hew72u4dK1YA8l5Vt0LNR4ttjZJlpe2KgHP7YRNCBa25ZTf+
Xg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:07 2023 by rpki-client on console.sobornost.net