Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/iKleYbd5oN72OnYWR2-Ee1vPSOU.roa
File: iKleYbd5oN72OnYWR2-Ee1vPSOU.roa (raw, json)
Hash identifier: mkyy+YFyDViyUZXTVw1AP0yDDLLJfsI9nzXWQoxkYDI=
Subject key identifier: 88:A9:5E:61:B7:79:A0:DE:F6:3A:76:16:47:6F:84:7B:5B:CF:48:E5
Certificate issuer: /CN=9f662b3cfa8b9059068c29d46b99263ba2de50c1
Certificate serial: 01856F8252FDAF754FC493C7544D3F47FC32
Authority key identifier: 9F:66:2B:3C:FA:8B:90:59:06:8C:29:D4:6B:99:26:3B:A2:DE:50:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2YrPPqLkFkGjCnUa5kmO6LeUME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/iKleYbd5oN72OnYWR2-Ee1vPSOU.roa
Signing time: Sun 01 Jan 2023 22:44:49 +0000
ROA not before: Sun 01 Jan 2023 22:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15517
IP address blocks: 80.238.136.0/24 maxlen: 24
80.238.134.0/24 maxlen: 24
80.238.139.0/24 maxlen: 24
80.238.144.0/20 maxlen: 20
80.238.140.0/22 maxlen: 22
80.238.160.0/20 maxlen: 20
45.85.92.0/22 maxlen: 22
80.238.176.0/20 maxlen: 20
80.238.129.0/24 maxlen: 24
80.238.128.0/17 maxlen: 17
80.238.130.0/24 maxlen: 24
62.65.128.0/19 maxlen: 19
62.65.137.0/24 maxlen: 24
62.65.144.0/21 maxlen: 21
62.65.143.0/24 maxlen: 24
62.65.142.0/24 maxlen: 24
62.65.141.0/24 maxlen: 24
62.65.158.0/24 maxlen: 24
62.65.153.0/24 maxlen: 24
62.65.154.0/23 maxlen: 23
62.65.156.0/23 maxlen: 23
80.238.192.0/21 maxlen: 21
80.238.200.0/22 maxlen: 22
80.238.208.0/21 maxlen: 21
80.238.216.0/22 maxlen: 22
80.238.225.0/24 maxlen: 24
80.238.223.0/24 maxlen: 24
94.78.3.0/24 maxlen: 24
94.78.0.0/18 maxlen: 18
94.78.2.0/24 maxlen: 24
2a01:330::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:52:fd:af:75:4f:c4:93:c7:54:4d:3f:47:fc:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f662b3cfa8b9059068c29d46b99263ba2de50c1
Validity
Not Before: Jan 1 22:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88a95e61b779a0def63a7616476f847b5bcf48e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:59:91:e0:fb:db:31:79:6f:04:45:8a:24:e8:
86:59:74:63:e3:8e:29:e5:2f:12:f3:77:dc:25:5f:
39:e0:bb:68:25:56:24:60:1c:2e:15:b6:89:7b:cf:
b4:a7:87:ad:a6:9b:8e:f9:74:80:52:63:ca:6d:2c:
31:06:25:ab:3f:21:45:cd:be:78:10:71:4b:02:d4:
8a:2d:b9:9b:f3:6c:a0:30:90:d6:bb:8c:56:5c:fa:
a0:8a:a1:a1:d8:c2:60:12:6a:3b:68:e1:66:44:9a:
a9:4b:97:7d:b2:af:c8:d7:47:2e:b9:ea:9b:d8:4d:
33:3a:05:cc:98:8c:d3:bb:3f:88:3c:1c:09:e8:6a:
98:7e:ad:a3:98:51:3c:af:9c:37:2d:36:a0:95:50:
82:be:f5:c0:68:1e:5e:3f:6d:46:da:e9:3e:89:60:
9b:ed:7c:6f:dd:30:c0:30:f5:6a:53:e7:51:bd:5e:
6f:ca:ed:bb:74:f4:f1:67:a7:ed:75:59:6f:8f:2d:
5e:97:25:43:ac:e5:77:93:c5:19:4e:b2:99:93:40:
17:1a:8b:8f:84:42:e4:15:95:27:24:de:b5:55:1b:
fa:81:51:07:1e:9b:09:ef:45:ad:fc:a7:1b:0f:5e:
ba:11:a6:58:83:03:0d:04:2a:a1:32:d3:2e:04:da:
7d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A9:5E:61:B7:79:A0:DE:F6:3A:76:16:47:6F:84:7B:5B:CF:48:E5
X509v3 Authority Key Identifier:
keyid:9F:66:2B:3C:FA:8B:90:59:06:8C:29:D4:6B:99:26:3B:A2:DE:50:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2YrPPqLkFkGjCnUa5kmO6LeUME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/iKleYbd5oN72OnYWR2-Ee1vPSOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2512c5-252b-4967-89a7-6a1f97ff8d34/1/n2YrPPqLkFkGjCnUa5kmO6LeUME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.92.0/22
62.65.128.0/19
80.238.128.0/17
94.78.0.0/18
IPv6:
2a01:330::/32
Signature Algorithm: sha256WithRSAEncryption
3d:f1:72:92:6e:ea:ea:51:b6:c5:58:3e:49:35:46:2e:94:d0:
f5:c5:d3:c6:94:5b:cc:38:42:bb:bf:ed:63:7d:db:b0:83:c9:
09:36:9d:c6:ce:f6:c7:34:d1:1e:db:ed:08:6e:c2:fb:99:30:
83:4e:48:89:43:29:fc:bd:ed:44:f2:66:3c:88:a2:45:01:cb:
45:ba:58:0d:54:35:b0:0c:d7:66:53:c9:9f:c6:0f:d7:fa:e7:
42:b8:4f:09:f9:a1:be:66:ce:67:46:8a:02:18:b5:be:20:14:
1d:bc:55:99:80:d0:e7:6e:d7:5e:e9:de:af:d8:bd:44:cf:52:
14:e0:af:d3:87:36:9d:74:60:fc:df:ad:e8:66:e1:2f:2e:2c:
d1:f7:5b:b1:8c:cf:e6:e6:d2:f1:2d:f1:9b:11:5c:57:ab:c0:
1f:d3:9a:b5:00:4a:7f:ab:d9:f1:e8:56:6d:88:b9:5a:43:79:
f2:05:bf:71:de:ce:95:1a:9f:bc:6f:57:10:55:38:71:e5:85:
54:8a:cc:81:81:24:7d:a1:77:ad:ef:18:97:b4:45:3e:7c:85:
42:fe:17:7c:c5:86:de:19:c4:d8:18:d6:cc:f7:fc:56:1e:05:
cd:7f:1c:66:3d:b3:a0:f2:e8:d2:59:ed:30:be:75:e0:8b:80:
9a:c4:b1:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvglL9r3VPxJPHVE0/R/wyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjYyYjNjZmE4YjkwNTkwNjhjMjlkNDZiOTkyNjNiYTJk
ZTUwYzEwHhcNMjMwMTAxMjI0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGE5NWU2MWI3NzlhMGRlZjYzYTc2MTY0NzZmODQ3YjViY2Y0OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFmR4PvbMXlvBEWKJOiGWXRj444p
5S8S83fcJV854LtoJVYkYBwuFbaJe8+0p4etppuO+XSAUmPKbSwxBiWrPyFFzb54
EHFLAtSKLbmb82ygMJDWu4xWXPqgiqGh2MJgEmo7aOFmRJqpS5d9sq/I10cuueqb
2E0zOgXMmIzTuz+IPBwJ6GqYfq2jmFE8r5w3LTaglVCCvvXAaB5eP21G2uk+iWCb
7Xxv3TDAMPVqU+dRvV5vyu27dPTxZ6ftdVlvjy1elyVDrOV3k8UZTrKZk0AXGouP
hELkFZUnJN61VRv6gVEHHpsJ70Wt/KcbD166EaZYgwMNBCqhMtMuBNp9VwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIipXmG3eaDe9jp2FkdvhHtbz0jlMB8GA1UdIwQY
MBaAFJ9mKzz6i5BZBowp1GuZJjui3lDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJZclBQcUxrRmtHakNuVWE1a21PNkxlVU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yNTEyYzUtMjUyYi00OTY3LTg5YTct
NmExZjk3ZmY4ZDM0LzEvaUtsZVliZDVvTjcyT25ZV1IyLUVlMXZQU09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yNTEyYzUtMjUyYi00OTY3LTg5YTctNmExZjk3ZmY4ZDM0
LzEvbjJZclBQcUxrRmtHakNuVWE1a21PNkxlVU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLVVcAwQF
PkGAAwQHUO6AAwQGXk4AMA0EAgACMAcDBQAqAQMwMA0GCSqGSIb3DQEBCwUAA4IB
AQA98XKSburqUbbFWD5JNUYulND1xdPGlFvMOEK7v+1jfduwg8kJNp3GzvbHNNEe
2+0IbsL7mTCDTkiJQyn8ve1E8mY8iKJFActFulgNVDWwDNdmU8mfxg/X+udCuE8J
+aG+Zs5nRooCGLW+IBQdvFWZgNDnbtde6d6v2L1Ez1IU4K/ThzaddGD8363oZuEv
LizR91uxjM/m5tLxLfGbEVxXq8Af05q1AEp/q9nx6FZtiLlaQ3nyBb9x3s6VGp+8
b1cQVThx5YVUisyBgSR9oXet7xiXtEU+fIVC/hd8xYbeGcTYGNbM9/xWHgXNfxxm
PbOg8ujSWe0wvnXgi4CaxLHm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:55 2024 by rpki-client on console-ams.rpki-client.org