Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/IxWHbCz8cVV6kWUaKmMz8pTdaXk.roa
File: IxWHbCz8cVV6kWUaKmMz8pTdaXk.roa (raw, json)
Hash identifier: TBZuz6HKb1s9tOTWfIWvoN9xbxVMTXUtm29L8mWGBhE=
Subject key identifier: 23:15:87:6C:2C:FC:71:55:7A:91:65:1A:2A:63:33:F2:94:DD:69:79
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 018283FB03239E96D4CED5306DD71FB1B3CF
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/IxWHbCz8cVV6kWUaKmMz8pTdaXk.roa
Signing time: Tue 09 Aug 2022 19:00:41 +0000
ROA not before: Tue 09 Aug 2022 19:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 85.239.149.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:83:fb:03:23:9e:96:d4:ce:d5:30:6d:d7:1f:b1:b3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Aug 9 19:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2315876c2cfc71557a91651a2a6333f294dd6979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0d:9e:ca:73:55:82:7d:da:10:32:a3:51:c1:
1e:9d:d4:f8:18:dc:df:72:aa:dc:be:32:59:75:69:
84:71:66:c2:06:18:f5:15:47:f4:14:ea:81:d9:39:
ea:8e:c7:30:65:6c:9a:56:ee:8e:d4:99:07:74:f1:
fe:e1:a9:af:2f:ea:8d:4a:d9:05:e8:d4:15:ea:d7:
92:a1:12:15:20:36:85:c6:ec:94:83:73:c9:55:fd:
e9:d4:39:f9:1c:7b:ee:af:60:eb:8f:d0:a0:89:dd:
2c:d0:30:70:1f:40:74:0f:8e:8f:e0:45:28:3e:87:
ee:5c:74:78:d3:fe:68:6a:9a:10:13:16:a0:1b:4a:
aa:bb:61:20:b3:35:60:12:87:50:77:c5:20:53:f3:
1f:82:7e:aa:21:19:9f:05:1d:b2:ed:d8:ae:86:85:
e8:1d:e2:34:d2:67:c8:a7:4a:b6:6a:17:46:22:fb:
d0:9e:ce:63:e8:c2:9d:96:02:c6:2e:29:b2:b8:55:
7e:65:f5:47:d6:76:54:e9:f6:b7:0c:11:78:bb:6b:
13:94:ba:52:43:ab:14:96:30:0a:54:70:ff:b6:46:
3d:b6:b5:31:a9:fe:d0:be:76:0b:1e:d3:7f:e7:34:
c1:f2:82:08:e4:a4:22:33:13:b7:cb:07:bd:67:6a:
d8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:15:87:6C:2C:FC:71:55:7A:91:65:1A:2A:63:33:F2:94:DD:69:79
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/IxWHbCz8cVV6kWUaKmMz8pTdaXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.149.0/24
85.239.151.0/24
185.95.156.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:83:de:dd:5b:3a:54:ee:2f:ff:b5:28:fa:6a:d8:a6:37:4c:
c4:85:4f:36:be:e3:3c:3d:cb:61:42:cb:0d:e5:22:16:3b:b1:
56:60:ae:9e:78:55:e0:05:b4:d0:c8:16:c0:a0:19:c5:6a:3a:
76:52:78:05:51:40:c5:35:a9:f0:da:7c:c5:b9:ce:35:b9:27:
c3:6f:6e:3a:17:22:20:8f:0c:e3:af:af:37:d7:35:4f:a5:a9:
a6:2d:c9:58:de:94:33:10:5d:50:a5:38:8f:77:7e:f4:16:04:
ba:01:d1:74:96:e4:03:c5:94:b5:d1:63:23:c0:65:2e:cb:94:
8e:22:97:ac:a7:47:a7:23:32:c4:d3:f9:94:d2:3f:f2:79:1d:
b7:3f:82:73:d3:ef:89:c4:80:46:89:50:75:62:a5:f7:6b:94:
2c:a8:9e:ca:06:52:1a:a4:ae:a4:98:a1:01:f0:bd:90:cd:9d:
5c:25:ee:57:a8:bc:2b:72:e0:56:6c:48:cf:6f:0c:cb:ad:c4:
49:a1:c8:d9:48:2d:d2:89:b7:07:f7:47:d6:93:c4:ec:ab:04:
5e:5d:0e:37:c8:d5:4c:41:df:7f:34:7d:b5:2c:86:b9:95:3f:
04:54:14:58:1b:0b:4f:e3:b3:e4:1f:56:a5:4f:7e:ad:79:6b:
9c:c7:e3:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKD+wMjnpbUztUwbdcfsbPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjIwODA5MTkwMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzE1ODc2YzJjZmM3MTU1N2E5MTY1MWEyYTYzMzNmMjk0ZGQ2OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA2eynNVgn3aEDKjUcEendT4GNzf
cqrcvjJZdWmEcWbCBhj1FUf0FOqB2TnqjscwZWyaVu6O1JkHdPH+4amvL+qNStkF
6NQV6teSoRIVIDaFxuyUg3PJVf3p1Dn5HHvur2Drj9Cgid0s0DBwH0B0D46P4EUo
PofuXHR40/5oapoQExagG0qqu2EgszVgEodQd8UgU/Mfgn6qIRmfBR2y7diuhoXo
HeI00mfIp0q2ahdGIvvQns5j6MKdlgLGLimyuFV+ZfVH1nZU6fa3DBF4u2sTlLpS
Q6sUljAKVHD/tkY9trUxqf7QvnYLHtN/5zTB8oII5KQiMxO3ywe9Z2rYiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCMVh2ws/HFVepFlGipjM/KU3Wl5MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvSXhXSGJDejhjVlY2a1dVYUttTXo4cFRkYVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVe+VAwQA
Ve+XAwQCuV+cMA0GCSqGSIb3DQEBCwUAA4IBAQBfg97dWzpU7i//tSj6atimN0zE
hU82vuM8PcthQssN5SIWO7FWYK6eeFXgBbTQyBbAoBnFajp2UngFUUDFNanw2nzF
uc41uSfDb246FyIgjwzjr6831zVPpammLclY3pQzEF1QpTiPd370FgS6AdF0luQD
xZS10WMjwGUuy5SOIpesp0enIzLE0/mU0j/yeR23P4Jz0++JxIBGiVB1YqX3a5Qs
qJ7KBlIapK6kmKEB8L2QzZ1cJe5XqLwrcuBWbEjPbwzLrcRJocjZSC3SibcH90fW
k8TsqwReXQ43yNVMQd9/NH21LIa5lT8EVBRYGwtP47PkH1alT36teWucx+MK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:00 2025 by rpki-client