Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/diLkZSNmSkA_P0E8XAQuJwLRalg.roa
File: diLkZSNmSkA_P0E8XAQuJwLRalg.roa (raw, json)
Hash identifier: vX3W6kxo/WtwtkGg1PtHgNO/NmZd0a0bM+F9+jjmaok=
Subject key identifier: 76:22:E4:65:23:66:4A:40:3F:3F:41:3C:5C:04:2E:27:02:D1:6A:58
Certificate issuer: /CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Certificate serial: 0194221F4FA95F090E89F1D5B894938A7B14
Authority key identifier: 67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/diLkZSNmSkA_P0E8XAQuJwLRalg.roa
Signing time: Wed 01 Jan 2025 13:47:44 +0000
ROA not before: Wed 01 Jan 2025 13:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5384
IP address blocks: 185.78.244.0/24 maxlen: 24
185.78.245.0/24 maxlen: 24
185.78.246.0/24 maxlen: 24
185.78.247.0/24 maxlen: 24
213.42.48.0/24 maxlen: 24
213.42.49.0/24 maxlen: 24
213.42.50.0/24 maxlen: 24
213.42.51.0/24 maxlen: 24
213.42.52.0/24 maxlen: 24
213.42.53.0/24 maxlen: 24
213.42.54.0/24 maxlen: 24
213.42.55.0/24 maxlen: 24
213.42.56.0/24 maxlen: 24
213.42.84.0/24 maxlen: 24
213.42.85.0/24 maxlen: 24
213.42.86.0/24 maxlen: 24
213.42.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:4f:a9:5f:09:0e:89:f1:d5:b8:94:93:8a:7b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=670e60779f3cd4d03d5e507840f5fa2a31a6ab8d
Validity
Not Before: Jan 1 13:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7622e46523664a403f3f413c5c042e2702d16a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bf:4f:5c:4c:fe:13:c8:b3:3e:e0:98:69:a3:
e2:fd:95:f6:f9:fd:51:35:f1:26:c1:44:7b:35:a0:
fc:69:db:da:17:99:67:57:2b:e2:7f:2a:c5:ab:a6:
cc:e1:e5:30:eb:24:f9:7c:ea:b5:12:32:d4:a8:56:
21:21:55:b2:f1:3d:3f:b1:51:80:bb:73:29:79:a2:
35:ab:b3:db:ee:0e:36:f3:d1:0c:fc:92:4c:91:5a:
ed:97:53:d5:bd:c3:60:10:57:fc:9f:2c:7f:6c:0d:
ad:03:7f:a1:2d:fc:58:cf:66:49:63:47:d8:93:f7:
6f:7a:ff:04:2d:f8:d6:07:18:e6:00:b3:0c:b9:de:
be:2d:5d:a0:43:66:50:11:51:82:28:e5:30:22:18:
02:56:2f:da:c5:b9:b5:1c:6c:66:98:a5:e7:c1:2e:
96:69:cf:db:86:7f:5a:0d:df:4b:6a:f6:a6:1c:49:
70:ce:c2:53:65:7c:06:34:cc:fc:41:da:52:fc:11:
98:37:a3:b9:87:81:87:f6:0d:72:ec:82:52:fb:f1:
e3:37:6b:4c:0c:28:40:83:8d:08:5a:46:72:c1:b7:
0a:17:35:e1:8c:da:09:f3:be:bf:4c:4d:5b:20:5e:
77:b8:6a:74:58:88:d5:70:bc:3b:5a:c3:ca:1d:88:
41:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:22:E4:65:23:66:4A:40:3F:3F:41:3C:5C:04:2E:27:02:D1:6A:58
X509v3 Authority Key Identifier:
keyid:67:0E:60:77:9F:3C:D4:D0:3D:5E:50:78:40:F5:FA:2A:31:A6:AB:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw5gd5881NA9XlB4QPX6KjGmq40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/diLkZSNmSkA_P0E8XAQuJwLRalg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/f5951a-b0ff-4a3c-88ae-35004a671eb3/1/Zw5gd5881NA9XlB4QPX6KjGmq40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.244.0/22
213.42.48.0-213.42.56.255
213.42.84.0/22
Signature Algorithm: sha256WithRSAEncryption
83:2f:38:15:41:45:3a:ce:c8:44:07:7a:de:c8:4c:14:5b:28:
80:f5:5d:77:cc:ad:36:36:0f:f3:ae:b0:d8:48:bf:2b:ef:a9:
c2:c5:36:cd:ce:ea:97:42:b0:12:8d:2f:21:47:f8:b9:02:b8:
12:01:42:df:73:51:a6:80:3f:f7:4d:fc:be:ad:2a:dd:dd:69:
03:43:28:ee:1a:46:d6:d0:bf:7c:74:ea:9c:e3:f2:67:fd:4f:
d6:db:c3:10:d6:4e:3d:12:bd:7f:1d:9a:3d:19:ae:55:1d:8e:
b8:84:96:a2:ac:99:c8:19:5b:cb:ec:4b:70:e6:5f:8f:d5:42:
6a:38:cc:7b:31:f0:8a:88:e2:99:47:fc:74:df:66:0e:8a:38:
4f:e9:59:f5:93:57:28:b6:5d:13:05:1c:45:1f:85:9d:35:88:
91:50:9b:ff:61:ff:e5:c3:c7:2c:38:35:c2:cc:8f:5c:2b:bc:
8c:10:19:31:ab:79:04:96:96:76:42:64:3d:e7:63:bf:9a:11:
0c:07:86:b1:b8:94:ee:b6:c4:52:4f:d2:99:7d:da:00:68:5f:
b2:62:ce:49:d1:28:e8:29:7e:01:ae:77:ee:da:88:ee:50:dc:
91:a3:38:1d:b3:28:82:ea:70:c2:fe:eb:88:33:05:d3:f4:af:
0b:d2:e2:84
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQiH0+pXwkOifHVuJSTinsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MGU2MDc3OWYzY2Q0ZDAzZDVlNTA3ODQwZjVmYTJhMzFh
NmFiOGQwHhcNMjUwMTAxMTM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIyZTQ2NTIzNjY0YTQwM2YzZjQxM2M1YzA0MmUyNzAyZDE2YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL9PXEz+E8izPuCYaaPi/ZX2+f1R
NfEmwUR7NaD8advaF5lnVyvifyrFq6bM4eUw6yT5fOq1EjLUqFYhIVWy8T0/sVGA
u3MpeaI1q7Pb7g4289EM/JJMkVrtl1PVvcNgEFf8nyx/bA2tA3+hLfxYz2ZJY0fY
k/dvev8ELfjWBxjmALMMud6+LV2gQ2ZQEVGCKOUwIhgCVi/axbm1HGxmmKXnwS6W
ac/bhn9aDd9LavamHElwzsJTZXwGNMz8QdpS/BGYN6O5h4GH9g1y7IJS+/HjN2tM
DChAg40IWkZywbcKFzXhjNoJ876/TE1bIF53uGp0WIjVcLw7WsPKHYhBxQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHYi5GUjZkpAPz9BPFwELicC0WpYMB8GA1UdIwQY
MBaAFGcOYHefPNTQPV5QeED1+ioxpquNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUt
MzUwMDRhNjcxZWIzLzEvZGlMa1pTTm1Ta0FfUDBFOFhBUXVKd0xSYWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9mNTk1MWEtYjBmZi00YTNjLTg4YWUtMzUwMDRhNjcxZWIz
LzEvWnc1Z2Q1ODgxTkE5WGxCNFFQWDZLakdtcTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuU70MAwD
BATVKjADBADVKjgDBALVKlQwDQYJKoZIhvcNAQELBQADggEBAIMvOBVBRTrOyEQH
et7ITBRbKID1XXfMrTY2D/OusNhIvyvvqcLFNs3O6pdCsBKNLyFH+LkCuBIBQt9z
UaaAP/dN/L6tKt3daQNDKO4aRtbQv3x06pzj8mf9T9bbwxDWTj0SvX8dmj0ZrlUd
jriElqKsmcgZW8vsS3DmX4/VQmo4zHsx8IqI4plH/HTfZg6KOE/pWfWTVyi2XRMF
HEUfhZ01iJFQm/9h/+XDxyw4NcLMj1wrvIwQGTGreQSWlnZCZD3nY7+aEQwHhrG4
lO62xFJP0pl92gBoX7JizknRKOgpfgGud+7aiO5Q3JGjOB2zKILqcML+64gzBdP0
rwvS4oQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:06:01 2025 by rpki-client