Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/1tivbOMKD3-DCEARL9WZFEJbVyI.roa
File: 1tivbOMKD3-DCEARL9WZFEJbVyI.roa (raw, json)
Hash identifier: 3RlsK/43PVzptfoQFcJbYt1X4SHAjsmpoGGXWtl02/w=
Subject key identifier: D6:D8:AF:6C:E3:0A:0F:7F:83:08:40:11:2F:D5:99:14:42:5B:57:22
Certificate issuer: /CN=c54eac151ffa9e997aa2ee60f3b38132deccd49c
Certificate serial: 01857139A8928DAFAE439D5B7CE493BBB52F
Authority key identifier: C5:4E:AC:15:1F:FA:9E:99:7A:A2:EE:60:F3:B3:81:32:DE:CC:D4:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xU6sFR_6npl6ou5g87OBMt7M1Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/1tivbOMKD3-DCEARL9WZFEJbVyI.roa
Signing time: Mon 02 Jan 2023 06:44:42 +0000
ROA not before: Mon 02 Jan 2023 06:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35617
IP address blocks: 185.225.128.0/22 maxlen: 24
109.239.240.0/20 maxlen: 24
85.204.42.0/24 maxlen: 24
212.81.60.0/22 maxlen: 24
86.104.135.0/24 maxlen: 24
178.132.88.0/21 maxlen: 24
185.59.132.0/22 maxlen: 24
2a04:e240::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:a8:92:8d:af:ae:43:9d:5b:7c:e4:93:bb:b5:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c54eac151ffa9e997aa2ee60f3b38132deccd49c
Validity
Not Before: Jan 2 06:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6d8af6ce30a0f7f830840112fd59914425b5722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:10:bf:26:6b:bc:2a:37:3e:e2:d7:38:98:37:
af:29:5b:90:2f:61:c9:68:fc:fa:15:01:ed:ad:3e:
87:dc:e3:a3:19:34:ef:d1:2e:56:56:b3:c5:a2:f4:
9e:ac:6a:ae:31:70:37:60:76:ce:9e:a5:df:51:1d:
bd:b8:8c:0a:e5:47:07:01:74:72:ac:70:06:0b:15:
34:f3:0b:c8:d1:9f:42:d8:36:3d:2a:74:62:34:0e:
1f:58:fa:6d:e7:1e:96:30:f7:92:05:96:3e:a7:08:
21:2e:a5:0e:ff:65:b6:91:e1:2e:08:92:7b:49:1c:
26:b6:36:d1:12:7e:f2:7a:1a:13:18:45:74:30:df:
90:87:b8:b8:06:4d:03:b0:1d:5c:9d:c0:a2:a3:37:
50:dc:93:e6:6a:0a:26:2e:48:f9:d0:47:79:ed:0e:
e5:7a:7c:09:ab:58:7d:3e:e2:ab:f0:ab:9e:b2:3a:
a8:e5:97:42:6d:21:30:6c:58:4a:83:63:b1:fc:38:
03:9f:de:0c:19:f2:53:70:af:92:ac:b6:82:fc:14:
f2:8d:10:1f:85:58:58:a0:d2:55:2b:60:20:6d:26:
47:9a:98:3d:5a:62:10:fd:69:0f:0e:18:fc:ca:47:
47:e1:63:7d:d2:7a:78:10:f2:10:19:4d:57:bc:d2:
ed:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D8:AF:6C:E3:0A:0F:7F:83:08:40:11:2F:D5:99:14:42:5B:57:22
X509v3 Authority Key Identifier:
keyid:C5:4E:AC:15:1F:FA:9E:99:7A:A2:EE:60:F3:B3:81:32:DE:CC:D4:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xU6sFR_6npl6ou5g87OBMt7M1Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/1tivbOMKD3-DCEARL9WZFEJbVyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/xU6sFR_6npl6ou5g87OBMt7M1Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.42.0/24
86.104.135.0/24
109.239.240.0/20
178.132.88.0/21
185.59.132.0/22
185.225.128.0/22
212.81.60.0/22
IPv6:
2a04:e240::/29
Signature Algorithm: sha256WithRSAEncryption
4c:2d:38:9a:55:c0:a9:e5:81:29:e8:a4:ce:a4:3f:fa:85:9a:
2b:1e:f2:ac:7e:d8:7d:3d:c0:8a:8e:1d:6f:e8:a6:3c:89:cf:
94:4d:3f:53:19:05:76:b9:2d:0a:a8:e3:a5:5c:16:16:d4:8f:
97:8b:8c:e6:f0:bf:57:48:63:f2:7d:be:9c:cd:7d:60:30:b1:
52:da:44:9b:80:cd:37:a4:7e:af:24:59:d5:d5:ac:49:f7:b5:
ed:e6:9d:83:b2:91:c2:80:24:67:20:6a:b3:5d:0e:d6:e8:0c:
e5:0b:a7:e7:99:68:8f:55:7c:dd:e4:58:e8:97:46:4e:f5:f1:
9a:00:14:ed:f6:2e:1d:b3:83:ee:dd:69:ed:f8:fd:66:c9:4a:
f3:7c:79:6f:bc:d9:6f:3c:bb:7a:58:47:fe:db:92:63:30:1c:
57:cb:01:1a:36:b1:68:5c:e6:a0:31:be:34:e3:32:e3:8e:02:
62:4c:07:68:ed:92:05:53:53:70:2d:68:39:68:b1:4e:31:64:
ff:f6:03:07:ef:5c:dc:c3:67:c8:2a:4c:65:b1:93:3e:73:2a:
9d:0d:16:1c:68:f5:fc:61:f4:5b:2b:3a:55:c5:55:a5:5e:35:
5d:63:c3:7e:27:7d:cd:e3:4e:7c:d1:47:31:4e:90:b8:e8:9b:
88:89:9a:64
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVxOaiSja+uQ51bfOSTu7UvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NGVhYzE1MWZmYTllOTk3YWEyZWU2MGYzYjM4MTMyZGVj
Y2Q0OWMwHhcNMjMwMTAyMDY0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ4YWY2Y2UzMGEwZjdmODMwODQwMTEyZmQ1OTkxNDQyNWI1NzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRC/Jmu8Kjc+4tc4mDevKVuQL2HJ
aPz6FQHtrT6H3OOjGTTv0S5WVrPFovSerGquMXA3YHbOnqXfUR29uIwK5UcHAXRy
rHAGCxU08wvI0Z9C2DY9KnRiNA4fWPpt5x6WMPeSBZY+pwghLqUO/2W2keEuCJJ7
SRwmtjbREn7yehoTGEV0MN+Qh7i4Bk0DsB1cncCiozdQ3JPmagomLkj50Ed57Q7l
enwJq1h9PuKr8Kuesjqo5ZdCbSEwbFhKg2Ox/DgDn94MGfJTcK+SrLaC/BTyjRAf
hVhYoNJVK2AgbSZHmpg9WmIQ/WkPDhj8ykdH4WN90np4EPIQGU1XvNLt/wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNbYr2zjCg9/gwhAES/VmRRCW1ciMB8GA1UdIwQY
MBaAFMVOrBUf+p6ZeqLuYPOzgTLezNScMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFU2c0ZSXzZucGw2b3U1Zzg3T0JNdDdNMUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wNDlkNmQtYmM0ZS00Y2ZiLWJhMWUt
NzczYzkxYTI4MTAwLzEvMXRpdmJPTUtEMy1EQ0VBUkw5V1pGRUpiVnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wNDlkNmQtYmM0ZS00Y2ZiLWJhMWUtNzczYzkxYTI4MTAw
LzEveFU2c0ZSXzZucGw2b3U1Zzg3T0JNdDdNMUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAVcwqAwQA
VmiHAwQEbe/wAwQDsoRYAwQCuTuEAwQCueGAAwQC1FE8MA0EAgACMAcDBQMqBOJA
MA0GCSqGSIb3DQEBCwUAA4IBAQBMLTiaVcCp5YEp6KTOpD/6hZorHvKsfth9PcCK
jh1v6KY8ic+UTT9TGQV2uS0KqOOlXBYW1I+Xi4zm8L9XSGPyfb6czX1gMLFS2kSb
gM03pH6vJFnV1axJ97Xt5p2DspHCgCRnIGqzXQ7W6AzlC6fnmWiPVXzd5Fjol0ZO
9fGaABTt9i4ds4Pu3Wnt+P1myUrzfHlvvNlvPLt6WEf+25JjMBxXywEaNrFoXOag
Mb404zLjjgJiTAdo7ZIFU1NwLWg5aLFOMWT/9gMH71zcw2fIKkxlsZM+cyqdDRYc
aPX8YfRbKzpVxVWlXjVdY8N+J33N40580UcxTpC46JuIiZpk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:01 2025 by rpki-client