Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/t4ztO1z0BYfEiLkJ3AXSpVD_9VI.roa
File: t4ztO1z0BYfEiLkJ3AXSpVD_9VI.roa (raw, json)
Hash identifier: N9XkF1zuPH8ECPYJh7QuF6REMjQfp/AFSqqUepQf6Bs=
Subject key identifier: B7:8C:ED:3B:5C:F4:05:87:C4:88:B9:09:DC:05:D2:A5:50:FF:F5:52
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 01857190A5D537CA00544F0C2D28F4D4C4A6
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/t4ztO1z0BYfEiLkJ3AXSpVD_9VI.roa
Signing time: Mon 02 Jan 2023 08:19:43 +0000
ROA not before: Mon 02 Jan 2023 08:19:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20910
IP address blocks: 89.191.96.0/19 maxlen: 32
91.188.32.0/19 maxlen: 32
185.7.236.0/22 maxlen: 32
85.115.96.0/19 maxlen: 32
79.132.64.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
62.84.0.0/19 maxlen: 32
80.255.224.0/20 maxlen: 20
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
91.123.64.0/20 maxlen: 32
62.205.192.0/18 maxlen: 18
87.226.0.0/17 maxlen: 32
217.198.224.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
195.62.128.0/19 maxlen: 32
94.30.128.0/17 maxlen: 32
217.199.96.0/19 maxlen: 32
217.24.64.0/20 maxlen: 32
188.64.176.0/21 maxlen: 21
79.135.128.0/19 maxlen: 32
37.148.168.0/21 maxlen: 32
80.254.208.0/20 maxlen: 32
85.234.160.0/19 maxlen: 32
109.110.0.0/19 maxlen: 32
91.142.0.0/20 maxlen: 32
136.169.0.0/17 maxlen: 17
89.201.0.0/17 maxlen: 32
2a00:f4a0::/29 maxlen: 29
2a00:9000::/29 maxlen: 32
2a03:6740::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:90:a5:d5:37:ca:00:54:4f:0c:2d:28:f4:d4:c4:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Jan 2 08:19:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b78ced3b5cf40587c488b909dc05d2a550fff552
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0f:70:00:f4:a0:6d:39:28:d9:cf:e9:0e:c7:
29:14:ec:d1:7e:2f:4f:ae:04:2f:b3:81:16:70:be:
6b:b7:bb:21:16:c2:2e:19:82:bb:cf:94:fa:3c:89:
a5:11:2a:28:2e:11:e0:a7:e4:18:47:cb:dd:a4:01:
91:55:b4:72:21:5a:9a:12:49:44:06:ae:55:88:75:
a3:45:bc:35:69:21:b4:7d:6c:38:02:fb:fd:f7:de:
7d:96:ea:aa:c3:c0:14:59:7e:10:2c:f2:f2:38:f4:
81:e8:fc:de:92:9b:d7:c6:78:28:8f:be:2d:cd:41:
93:d6:ce:a7:6d:c3:0d:50:c2:60:40:47:53:5f:33:
1f:0c:87:2b:dd:3b:f3:22:4a:54:a6:06:68:ef:f5:
5e:87:a9:09:c5:af:73:c0:02:c4:ad:4c:38:bf:99:
68:45:6f:e7:34:34:c9:19:f0:4a:41:15:7a:6e:c5:
3b:30:8b:5a:ee:6b:1a:f8:87:7b:2d:db:a9:05:63:
e1:6d:e3:e8:ae:50:da:86:8f:4d:ed:e9:03:b9:6b:
76:70:7a:8e:bc:6f:a4:12:c3:80:b5:e3:98:74:fe:
4c:10:fe:04:3b:18:44:81:41:e8:79:f6:11:d6:8c:
d6:79:e0:ba:db:d2:56:79:42:a1:83:b1:c6:a8:1c:
47:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8C:ED:3B:5C:F4:05:87:C4:88:B9:09:DC:05:D2:A5:50:FF:F5:52
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/t4ztO1z0BYfEiLkJ3AXSpVD_9VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.168.0/21
62.84.0.0/19
62.205.192.0/18
77.38.128.0/17
79.132.64.0/19
79.135.128.0/19
80.254.208.0/20
80.255.224.0/20
85.115.96.0/19
85.234.160.0/19
87.226.0.0/17
89.18.192.0/19
89.191.96.0/19
89.201.0.0/17
91.123.64.0/20
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.7.236.0/22
185.144.184.0/22
188.64.176.0/21
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.24.64.0/20
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
4d:96:70:54:60:eb:11:75:73:94:9b:fa:1c:aa:d3:85:c3:28:
b4:dd:ea:25:d0:32:91:84:6f:e4:97:5c:7c:3c:05:fb:fa:1a:
52:93:88:1d:3e:e2:e7:91:76:e6:ae:c2:e3:d0:62:1c:ce:9a:
96:41:00:5d:db:4b:33:d9:69:5e:d9:b1:32:3f:e5:38:3f:12:
e6:2c:17:9b:da:95:0d:fc:7a:07:a7:ee:fd:c0:cb:4f:4f:3b:
e7:9b:d9:c4:0f:34:a1:bf:b0:08:d8:70:b7:32:43:d4:2b:1b:
29:fd:92:d7:84:ab:e0:45:2b:a2:98:f5:4f:3b:65:49:c5:6e:
d4:6a:a1:8d:ef:07:f6:ec:9e:e8:df:67:73:b1:c1:72:ee:70:
89:16:2c:93:21:65:85:41:01:9b:40:75:c8:09:75:37:76:00:
26:a9:6b:25:d8:17:31:75:e8:b9:da:80:75:f2:05:1d:a8:ba:
2e:d5:d9:cc:18:9c:33:f8:66:86:fc:1b:26:cf:27:b8:00:3e:
b7:76:45:40:ca:8f:92:25:61:bf:8e:ff:2a:e0:b6:fa:7c:94:
61:4d:e2:14:4e:9a:47:cd:ab:8e:07:8e:e4:9d:85:d1:fe:cc:
71:28:33:27:42:83:d4:0b:06:0c:46:c5:96:89:cd:2f:34:32:
0a:b3:2b:4f
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAYVxkKXVN8oAVE8MLSj01MSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjMwMTAyMDgxOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzhjZWQzYjVjZjQwNTg3YzQ4OGI5MDlkYzA1ZDJhNTUwZmZmNTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Q9wAPSgbTko2c/pDscpFOzRfi9P
rgQvs4EWcL5rt7shFsIuGYK7z5T6PImlESooLhHgp+QYR8vdpAGRVbRyIVqaEklE
Bq5ViHWjRbw1aSG0fWw4Avv99959luqqw8AUWX4QLPLyOPSB6PzekpvXxngoj74t
zUGT1s6nbcMNUMJgQEdTXzMfDIcr3TvzIkpUpgZo7/Veh6kJxa9zwALErUw4v5lo
RW/nNDTJGfBKQRV6bsU7MIta7msa+Id7LdupBWPhbePorlDaho9N7ekDuWt2cHqO
vG+kEsOAteOYdP5MEP4EOxhEgUHoefYR1ozWeeC629JWeUKhg7HGqBxHPQIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFLeM7Ttc9AWHxIi5CdwF0qVQ//VSMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvdDR6dE8xejBCWWZFaUxrSjNBWFNwVkRfOVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBwQQCAAEwgboDBAMl
lKgDBAU+VAADBAY+zcADBAdNJoADBAVPhEADBAVPh4ADBARQ/tADBARQ/+ADBAVV
c2ADBAVV6qADBAdX4gADBAVZEsADBAVZv2ADBAdZyQADBARbe0ADBARbjgADBAVb
vCADBAZdscADBAdeHoADBAVtbgADBAeIqQADBAK5B+wDBAK5kLgDBAO8QLADBAa8
cIADBAXDPoADBATD9IADBAXVtGADBATZGEADBATZxuADBAXZx2AwGwQCAAIwFQMF
AyoAkAADBQMqAPSgAwUDKgNnQDANBgkqhkiG9w0BAQsFAAOCAQEATZZwVGDrEXVz
lJv6HKrThcMotN3qJdAykYRv5JdcfDwF+/oaUpOIHT7i55F25q7C49BiHM6alkEA
XdtLM9lpXtmxMj/lOD8S5iwXm9qVDfx6B6fu/cDLT08755vZxA80ob+wCNhwtzJD
1CsbKf2S14Sr4EUropj1TztlScVu1Gqhje8H9uye6N9nc7HBcu5wiRYskyFlhUEB
m0B1yAl1N3YAJqlrJdgXMXXoudqAdfIFHai6LtXZzBicM/hmhvwbJs8nuAA+t3ZF
QMqPkiVhv47/KuC2+nyUYU3iFE6aR82rjgeO5J2F0f7McSgzJ0KD1AsGDEbFlonN
LzQyCrMrTw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:53 2025 by rpki-client