Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/C947akILMynVJudVF7A6dpPOYSQ.roa
File: C947akILMynVJudVF7A6dpPOYSQ.roa (raw, json)
Hash identifier: EVMINBT5P06MgeRAxWz7lPPG9TyStVcF/cpjjlQa8mM=
Subject key identifier: 0B:DE:3B:6A:42:0B:33:29:D5:26:E7:55:17:B0:3A:76:93:CE:61:24
Certificate issuer: /CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Certificate serial: 2A0D69AC
Authority key identifier: 21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/C947akILMynVJudVF7A6dpPOYSQ.roa
Signing time: Thu 19 May 2022 08:41:16 +0000
ROA not before: Thu 19 May 2022 08:41:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199380
IP address blocks: 188.208.24.0/24 maxlen: 24
188.208.24.0/22 maxlen: 22
188.208.24.0/23 maxlen: 23
188.208.25.0/24 maxlen: 24
188.208.26.0/23 maxlen: 23
188.208.26.0/24 maxlen: 24
188.208.27.0/24 maxlen: 24
185.16.121.0/24 maxlen: 24
185.16.122.0/23 maxlen: 23
185.16.122.0/24 maxlen: 24
185.16.123.0/24 maxlen: 24
185.16.120.0/24 maxlen: 24
185.16.120.0/23 maxlen: 23
185.16.120.0/22 maxlen: 22
89.37.80.0/22 maxlen: 22
89.37.80.0/24 maxlen: 24
89.37.81.0/24 maxlen: 24
89.37.82.0/24 maxlen: 24
89.37.83.0/24 maxlen: 24
188.247.171.0/24 maxlen: 24
188.247.168.0/24 maxlen: 24
188.247.168.0/22 maxlen: 22
188.247.169.0/24 maxlen: 24
188.247.170.0/24 maxlen: 24
89.32.194.0/24 maxlen: 24
89.32.194.0/23 maxlen: 23
89.32.195.0/24 maxlen: 24
89.36.42.0/23 maxlen: 23
89.36.42.0/24 maxlen: 24
89.36.43.0/24 maxlen: 24
89.36.40.0/24 maxlen: 24
89.36.40.0/23 maxlen: 23
89.36.40.0/22 maxlen: 22
89.36.41.0/24 maxlen: 24
89.42.236.0/24 maxlen: 24
89.42.236.0/23 maxlen: 23
89.42.237.0/24 maxlen: 24
188.239.184.0/24 maxlen: 24
188.239.184.0/22 maxlen: 22
188.239.184.0/23 maxlen: 23
188.239.185.0/24 maxlen: 24
188.239.186.0/24 maxlen: 24
188.239.186.0/23 maxlen: 23
188.239.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705522092 (0x2a0d69ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Validity
Not Before: May 19 08:41:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bde3b6a420b3329d526e75517b03a7693ce6124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:58:fa:b8:72:06:f2:a4:56:72:57:27:6c:77:
e8:20:94:bd:2b:86:21:cb:df:54:cb:49:4c:bd:8f:
2f:7e:de:a0:f7:da:24:16:6b:13:38:81:1e:cc:23:
28:39:a0:18:16:90:5d:18:29:06:4d:8c:1e:31:57:
16:e2:fc:01:a6:cd:80:f6:e1:e3:bd:e3:80:d2:73:
26:69:a2:8c:4f:10:eb:75:c9:f9:65:dd:54:79:74:
fe:84:05:45:5e:25:be:b6:18:90:54:ac:89:ad:8e:
a4:50:a3:23:99:3d:3f:50:0b:4a:7c:b5:67:f0:1d:
d6:e9:1e:44:67:91:47:cf:54:10:d5:2d:3a:6b:44:
63:c8:7f:fb:ef:0a:66:08:0c:2e:ba:1e:25:34:d9:
da:36:b5:9e:96:e5:ce:c7:5b:47:9e:cc:0b:1c:f0:
52:20:9b:8a:d9:ba:63:e0:00:c6:22:ca:82:ba:bd:
e2:f5:ac:9f:1b:93:d8:eb:f4:18:90:94:f6:63:75:
e4:ca:e7:09:ab:8d:4e:c0:e7:c1:9b:e8:d7:26:5b:
12:f4:f5:c5:9c:fe:f6:1c:07:86:03:cd:fc:02:9d:
27:fd:35:fc:01:45:85:1b:c3:43:cd:8f:6e:2c:15:
8b:2e:63:e6:55:9c:59:a7:2f:8e:9e:54:ad:73:49:
03:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DE:3B:6A:42:0B:33:29:D5:26:E7:55:17:B0:3A:76:93:CE:61:24
X509v3 Authority Key Identifier:
keyid:21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/C947akILMynVJudVF7A6dpPOYSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.194.0/23
89.36.40.0/22
89.37.80.0/22
89.42.236.0/23
185.16.120.0/22
188.208.24.0/22
188.239.184.0/22
188.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
cc:5a:46:42:fa:c4:0b:cf:b0:a9:5c:c4:77:f2:50:76:d8:80:
b2:09:2c:a6:e6:0c:73:57:e2:49:e4:66:f0:bc:4d:34:3f:60:
9b:74:f3:59:b6:fb:cc:ac:12:17:17:ef:f8:a0:f0:ac:90:f8:
f4:94:8f:5c:81:2f:65:75:07:66:e0:5b:67:99:a1:f3:14:1a:
b1:ab:c1:cf:04:bc:18:2c:0e:e8:00:15:74:87:f2:4d:cb:16:
1d:ef:be:6a:69:64:1a:79:26:c2:9a:d5:e5:5f:35:d7:a8:ab:
0d:97:39:2a:ef:4c:f4:72:0c:be:ff:68:a1:ae:18:ab:c7:4c:
15:64:5b:a1:63:45:bd:d2:6a:c8:09:8a:b7:31:c8:d4:4e:41:
32:d7:ca:2b:14:49:be:5a:75:5c:7d:25:96:e0:35:a4:cb:33:
e0:99:d6:4b:f4:56:4f:9e:07:e2:a9:f0:fb:14:0a:d0:e9:d7:
74:9c:96:0e:96:81:b0:45:1c:c6:8b:58:8b:1e:cd:4d:ad:88:
7d:db:a0:87:f8:98:24:22:5e:89:e5:b0:8b:22:ff:20:2e:78:
e7:a5:3d:67:6d:da:84:f9:a6:fc:a3:af:fc:ba:cb:45:d1:52:
8a:89:ab:c3:6e:d0:e0:7f:09:0a:c3:6d:fa:2c:4c:5a:2c:23:
83:ec:8f:a7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEKg1prDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWI0MTBhMTc0NDBmY2FiMWNkYzkwYWZhNmZjYjcyNGM4MGM4MmE5MB4XDTIyMDUx
OTA4NDExNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJkZTNiNmE0MjBi
MzMyOWQ1MjZlNzU1MTdiMDNhNzY5M2NlNjEyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJlY+rhyBvKkVnJXJ2x36CCUvSuGIcvfVMtJTL2PL37eoPfa
JBZrEziBHswjKDmgGBaQXRgpBk2MHjFXFuL8AabNgPbh473jgNJzJmmijE8Q63XJ
+WXdVHl0/oQFRV4lvrYYkFSsia2OpFCjI5k9P1ALSny1Z/Ad1ukeRGeRR89UENUt
OmtEY8h/++8KZggMLroeJTTZ2ja1npblzsdbR57MCxzwUiCbitm6Y+AAxiLKgrq9
4vWsnxuT2Ov0GJCU9mN15MrnCauNTsDnwZvo1yZbEvT1xZz+9hwHhgPN/AKdJ/01
/AFFhRvDQ82PbiwViy5j5lWcWacvjp5UrXNJAykCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQL3jtqQgszKdUm51UXsDp2k85hJDAfBgNVHSMEGDAWgBQhtBChdED8qxzc
kK+m/LckyAyCqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0liUVFvWFJBX0tzYzNKQ3ZwdnkzSk1nTWdxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8x
L0M5NDdha0lMTXluVkp1ZFZGN0E2ZHBQT1lTUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
ZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8xL0liUVFvWFJBX0tz
YzNKQ3ZwdnkzSk1nTWdxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAVkgwgMEAlkkKAMEAlklUAMEAVkq
7AMEArkQeAMEArzQGAMEArzvuAMEArz3qDANBgkqhkiG9w0BAQsFAAOCAQEAzFpG
QvrEC8+wqVzEd/JQdtiAsgkspuYMc1fiSeRm8LxNND9gm3TzWbb7zKwSFxfv+KDw
rJD49JSPXIEvZXUHZuBbZ5mh8xQasavBzwS8GCwO6AAVdIfyTcsWHe++amlkGnkm
wprV5V8116irDZc5Ku9M9HIMvv9ooa4Yq8dMFWRboWNFvdJqyAmKtzHI1E5BMtfK
KxRJvlp1XH0lluA1pMsz4JnWS/RWT54H4qnw+xQK0OnXdJyWDpaBsEUcxotYix7N
Ta2Ifdugh/iYJCJeieWwiyL/IC5456U9Z23ahPmm/KOv/LrLRdFSiomrw27Q4H8J
CsNt+ixMWiwjg+yPpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org