Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/_2fpd-t6THGspzMB86yLGmoTE6Q.roa
File: _2fpd-t6THGspzMB86yLGmoTE6Q.roa (raw, json)
Hash identifier: bwGuzwpij4l35XR3miTFDsfgj+ChIyw59zKdB1kyxj8=
Subject key identifier: FF:67:E9:77:EB:7A:4C:71:AC:A7:33:01:F3:AC:8B:1A:6A:13:13:A4
Certificate issuer: /CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Certificate serial: 2A0E3D0A
Authority key identifier: 21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/_2fpd-t6THGspzMB86yLGmoTE6Q.roa
Signing time: Thu 19 May 2022 08:41:17 +0000
ROA not before: Thu 19 May 2022 08:41:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 188.208.24.0/23 maxlen: 23
188.208.24.0/22 maxlen: 22
188.208.24.0/24 maxlen: 24
188.208.25.0/24 maxlen: 24
188.208.27.0/24 maxlen: 24
188.208.26.0/24 maxlen: 24
188.208.26.0/23 maxlen: 23
185.16.122.0/24 maxlen: 24
185.16.121.0/24 maxlen: 24
185.16.122.0/23 maxlen: 23
185.16.120.0/24 maxlen: 24
185.16.120.0/23 maxlen: 23
185.16.120.0/22 maxlen: 22
185.16.123.0/24 maxlen: 24
188.247.171.0/24 maxlen: 24
188.247.170.0/24 maxlen: 24
188.247.169.0/24 maxlen: 24
188.247.168.0/22 maxlen: 24
188.247.168.0/24 maxlen: 24
89.32.194.0/23 maxlen: 23
89.32.195.0/24 maxlen: 24
89.32.194.0/24 maxlen: 24
89.36.43.0/24 maxlen: 24
89.36.42.0/24 maxlen: 24
89.36.41.0/24 maxlen: 24
89.36.42.0/23 maxlen: 23
89.36.40.0/24 maxlen: 24
89.36.40.0/23 maxlen: 23
89.36.40.0/22 maxlen: 22
89.42.237.0/24 maxlen: 24
188.239.186.0/23 maxlen: 23
188.239.186.0/24 maxlen: 24
188.239.184.0/23 maxlen: 23
188.239.185.0/24 maxlen: 24
188.239.184.0/22 maxlen: 22
188.239.184.0/24 maxlen: 24
188.239.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 705576202 (0x2a0e3d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21b410a17440fcab1cdc90afa6fcb724c80c82a9
Validity
Not Before: May 19 08:41:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff67e977eb7a4c71aca73301f3ac8b1a6a1313a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ec:ef:1d:6d:6b:f6:d4:35:8e:b8:26:0b:0c:
b5:49:85:95:47:1d:9c:1b:5e:af:b1:49:42:54:ec:
25:7f:f1:d2:48:a0:b1:d4:4a:63:02:12:78:60:cf:
0d:00:33:cc:41:03:24:10:51:21:bc:16:be:c9:5c:
a8:55:73:49:19:46:ed:54:63:1f:82:b4:8d:50:70:
ad:2b:a8:ea:37:6b:91:ee:52:b3:26:df:56:3d:60:
81:63:75:7f:86:de:1e:b5:02:e4:43:96:44:e9:2a:
03:12:d4:32:12:89:0d:07:c3:89:b4:e3:15:76:f9:
f5:f3:e8:07:d1:f1:c9:ef:98:a4:96:cd:0a:7b:d9:
e4:fd:75:66:f5:2b:01:85:31:77:d8:43:f2:f1:0f:
fc:47:42:53:96:07:b0:9e:a6:06:56:42:62:30:29:
7a:93:4b:28:2c:e3:54:88:45:c0:71:ae:b4:ca:c6:
40:13:ef:ff:55:ea:a2:47:63:c2:5a:1d:82:e4:83:
9e:b0:3d:c3:33:3e:6a:91:46:76:c7:87:ac:f8:5c:
b3:10:45:a9:4c:df:e5:42:fc:22:9d:5a:24:bc:a7:
02:c9:d8:21:59:11:ba:a9:c6:3a:b6:62:82:db:d3:
a5:6b:ad:de:4b:96:57:69:60:d3:26:6d:89:5e:b1:
c9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:67:E9:77:EB:7A:4C:71:AC:A7:33:01:F3:AC:8B:1A:6A:13:13:A4
X509v3 Authority Key Identifier:
keyid:21:B4:10:A1:74:40:FC:AB:1C:DC:90:AF:A6:FC:B7:24:C8:0C:82:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/_2fpd-t6THGspzMB86yLGmoTE6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ea2b76-b5b8-40ef-9500-496e256cc6b1/1/IbQQoXRA_Ksc3JCvpvy3JMgMgqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.194.0/23
89.36.40.0/22
89.42.237.0/24
185.16.120.0/22
188.208.24.0/22
188.239.184.0/22
188.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
13:4c:3f:29:a4:f8:55:97:ec:2a:05:57:26:c7:42:af:38:73:
91:da:d0:16:5b:41:5e:ed:7d:c1:f7:fb:b5:7a:58:f6:12:98:
65:4f:0e:8b:a0:58:42:ac:c5:de:29:f0:c9:d2:cf:a8:f6:d8:
78:c1:ee:1a:48:71:e3:62:f9:73:a7:2a:a8:f0:8b:63:cf:d7:
b1:5b:d4:07:e0:a0:71:3e:36:d2:a6:e7:3d:46:e2:0c:38:06:
a6:38:2e:64:b1:d2:a1:e7:cd:c4:8c:f8:cf:dc:ed:14:bb:ec:
21:75:70:0a:61:28:e1:ff:47:5a:98:ab:a2:50:ee:69:d5:62:
3f:5d:c6:c5:fd:6c:86:f9:71:65:d4:d0:73:19:55:a1:17:88:
6c:91:66:5c:45:5b:3c:f6:05:43:32:18:d2:51:6a:d6:17:b7:
26:46:72:be:3f:3c:0e:a8:d4:49:ec:16:81:41:0d:0b:1d:0c:
7c:b7:62:8e:1d:f0:cd:eb:0f:50:7c:b8:9d:56:ab:5d:75:aa:
0d:ee:93:8f:99:6b:d1:13:b5:92:5c:e6:99:17:f7:9c:fb:6c:
4b:9e:8c:e2:51:3c:81:02:34:e6:88:2f:06:cb:58:be:8c:91:
a6:2a:80:6c:f4:c2:46:66:cc:26:ad:7b:84:39:1e:44:29:07:
39:31:a3:27
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEKg49CjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWI0MTBhMTc0NDBmY2FiMWNkYzkwYWZhNmZjYjcyNGM4MGM4MmE5MB4XDTIyMDUx
OTA4NDExN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY2N2U5NzdlYjdh
NGM3MWFjYTczMzAxZjNhYzhiMWE2YTEzMTNhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/s7x1ta/bUNY64JgsMtUmFlUcdnBter7FJQlTsJX/x0kig
sdRKYwISeGDPDQAzzEEDJBBRIbwWvslcqFVzSRlG7VRjH4K0jVBwrSuo6jdrke5S
sybfVj1ggWN1f4beHrUC5EOWROkqAxLUMhKJDQfDibTjFXb59fPoB9Hxye+YpJbN
CnvZ5P11ZvUrAYUxd9hD8vEP/EdCU5YHsJ6mBlZCYjApepNLKCzjVIhFwHGutMrG
QBPv/1XqokdjwlodguSDnrA9wzM+apFGdseHrPhcsxBFqUzf5UL8Ip1aJLynAsnY
IVkRuqnGOrZigtvTpWut3kuWV2lg0yZtiV6xyVECAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBT/Z+l363pMcaynMwHzrIsaahMTpDAfBgNVHSMEGDAWgBQhtBChdED8qxzc
kK+m/LckyAyCqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0liUVFvWFJBX0tzYzNKQ3ZwdnkzSk1nTWdxay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8x
L18yZnBkLXQ2VEhHc3B6TUI4NnlMR21vVEU2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
ZWEyYjc2LWI1YjgtNDBlZi05NTAwLTQ5NmUyNTZjYzZiMS8xL0liUVFvWFJBX0tz
YzNKQ3ZwdnkzSk1nTWdxay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAVkgwgMEAlkkKAMEAFkq7QMEArkQ
eAMEArzQGAMEArzvuAMEArz3qDANBgkqhkiG9w0BAQsFAAOCAQEAE0w/KaT4VZfs
KgVXJsdCrzhzkdrQFltBXu19wff7tXpY9hKYZU8Oi6BYQqzF3inwydLPqPbYeMHu
Gkhx42L5c6cqqPCLY8/XsVvUB+CgcT420qbnPUbiDDgGpjguZLHSoefNxIz4z9zt
FLvsIXVwCmEo4f9HWpirolDuadViP13Gxf1shvlxZdTQcxlVoReIbJFmXEVbPPYF
QzIY0lFq1he3JkZyvj88DqjUSewWgUENCx0MfLdijh3wzesPUHy4nVarXXWqDe6T
j5lr0RO1klzmmRf3nPtsS56M4lE8gQI05ogvBstYvoyRpiqAbPTCRmbMJq17hDke
RCkHOTGjJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org