Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/1-tTepChVvNWrv4AtN-veXNS46Wk.roa
File: 1-tTepChVvNWrv4AtN-veXNS46Wk.roa (raw, json)
Hash identifier: /MFF6tgjWalIyEGdKYJaKy8xQXOPEEm0B7PIe82ArII=
Subject key identifier: FA:D4:DE:A4:28:55:BC:D5:AB:BF:80:2D:37:EB:DE:5C:D4:B8:E9:69
Certificate issuer: /CN=a0db124ef35c222167894a5a5e93704a811c34ac
Certificate serial: 01856EC22874DDD0A47C022C5FCE0F1A63B6
Authority key identifier: A0:DB:12:4E:F3:5C:22:21:67:89:4A:5A:5E:93:70:4A:81:1C:34:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNsSTvNcIiFniUpaXpNwSoEcNKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/1-tTepChVvNWrv4AtN-veXNS46Wk.roa
Signing time: Sun 01 Jan 2023 19:14:56 +0000
ROA not before: Sun 01 Jan 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20926
IP address blocks: 185.47.240.0/22 maxlen: 24
79.98.16.0/21 maxlen: 24
84.239.64.0/18 maxlen: 24
80.74.64.0/20 maxlen: 24
185.10.176.0/22 maxlen: 24
141.101.56.0/22 maxlen: 24
2a00:6901::/32 maxlen: 48
2a00:6900::/44 maxlen: 48
2a00:6900:f0::/48 maxlen: 48
2a03:5d40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:28:74:dd:d0:a4:7c:02:2c:5f:ce:0f:1a:63:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0db124ef35c222167894a5a5e93704a811c34ac
Validity
Not Before: Jan 1 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fad4dea42855bcd5abbf802d37ebde5cd4b8e969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:48:cf:9b:b8:60:74:e4:d1:da:74:7b:52:79:
5b:0c:d3:f5:28:77:eb:06:1b:27:a7:19:dc:d8:c8:
9b:fa:c0:76:7d:5c:2c:81:ce:f0:64:9f:e1:41:63:
da:92:ad:3c:b5:b2:fe:58:5a:df:a8:8f:32:ab:61:
2d:7e:d6:86:a0:7d:67:1f:7a:f0:da:5d:56:46:6e:
ad:ec:74:75:b4:fa:b2:cd:c2:11:e9:05:fb:2a:a3:
ae:8f:c7:2d:6d:ae:ec:d5:6f:7c:4d:cf:1b:a3:ad:
1e:12:87:0a:97:99:39:d3:06:c6:87:ce:41:93:61:
51:29:60:16:72:2b:c9:71:2e:db:4e:9b:7b:dd:c7:
da:bf:bd:7d:26:67:2f:b6:29:ca:f1:81:3a:4d:03:
f8:07:50:57:40:40:d7:7c:08:a6:46:c0:08:d6:a8:
b9:07:5e:1e:be:29:ca:93:c6:10:2f:8a:08:af:1e:
eb:1a:7e:fb:dc:37:bb:9a:69:a0:53:1a:8c:0b:40:
02:85:ce:bf:99:eb:d3:1a:0b:2b:bd:aa:2f:7b:4d:
5d:7c:0b:5f:77:57:22:ae:0a:18:92:22:28:75:b6:
b6:66:1f:c1:7b:d7:d7:04:3b:3d:df:d9:37:33:37:
33:11:0e:ee:95:c4:e9:e1:b1:75:e3:4c:61:bf:34:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D4:DE:A4:28:55:BC:D5:AB:BF:80:2D:37:EB:DE:5C:D4:B8:E9:69
X509v3 Authority Key Identifier:
keyid:A0:DB:12:4E:F3:5C:22:21:67:89:4A:5A:5E:93:70:4A:81:1C:34:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNsSTvNcIiFniUpaXpNwSoEcNKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/1-tTepChVvNWrv4AtN-veXNS46Wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2dec93-7b0a-4614-a059-f7e092ce2170/1/oNsSTvNcIiFniUpaXpNwSoEcNKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.16.0/21
80.74.64.0/20
84.239.64.0/18
141.101.56.0/22
185.10.176.0/22
185.47.240.0/22
IPv6:
2a00:6900::/44
2a00:6900:f0::/48
2a00:6901::/32
2a03:5d40::/32
Signature Algorithm: sha256WithRSAEncryption
61:31:5a:c1:00:81:1d:71:6e:6c:76:02:53:8e:da:e9:74:c8:
28:30:6c:09:92:ae:69:85:cb:37:09:b3:0a:78:b2:7f:f9:d8:
2c:c5:fa:db:e3:50:c4:07:b3:a3:ff:25:8b:5a:6d:1f:75:b9:
d4:a3:b6:ca:e5:a8:db:d4:aa:9a:44:cd:1b:a0:a2:ec:21:0a:
25:81:4a:c2:14:d2:b9:33:bc:6a:9f:ae:83:42:95:81:bd:e9:
e8:ec:b2:81:4c:3f:de:13:f4:12:e9:2f:15:7f:72:20:11:da:
62:d8:89:5c:35:20:4e:ab:95:fe:74:ea:06:3c:b1:23:d4:1b:
25:2f:e6:61:d8:ec:1f:26:87:d6:71:6b:a6:92:31:08:56:ae:
e6:40:b2:72:0c:cd:47:ec:50:82:42:37:65:bb:ff:29:39:43:
23:55:7a:58:3c:e8:0f:33:b6:b0:82:56:93:c4:b0:6c:33:07:
3f:56:66:5a:6f:92:6c:71:32:0a:c2:5b:3b:01:10:74:cd:fc:
42:e6:29:18:ba:2c:6f:fc:b4:dc:45:5a:79:42:e9:6f:89:89:
96:9b:63:e9:09:3d:8a:1e:44:e9:62:02:d8:4d:c4:ad:eb:98:
62:92:75:42:d0:d5:87:1e:13:78:dc:c6:01:7c:9d:38:74:9d:
f8:af:01:c4
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYVuwih03dCkfAIsX84PGmO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGIxMjRlZjM1YzIyMjE2Nzg5NGE1YTVlOTM3MDRhODEx
YzM0YWMwHhcNMjMwMTAxMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ0ZGVhNDI4NTViY2Q1YWJiZjgwMmQzN2ViZGU1Y2Q0YjhlOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkjPm7hgdOTR2nR7UnlbDNP1KHfr
Bhsnpxnc2Mib+sB2fVwsgc7wZJ/hQWPakq08tbL+WFrfqI8yq2EtftaGoH1nH3rw
2l1WRm6t7HR1tPqyzcIR6QX7KqOuj8ctba7s1W98Tc8bo60eEocKl5k50wbGh85B
k2FRKWAWcivJcS7bTpt73cfav719JmcvtinK8YE6TQP4B1BXQEDXfAimRsAI1qi5
B14evinKk8YQL4oIrx7rGn773De7mmmgUxqMC0AChc6/mevTGgsrvaove01dfAtf
d1cirgoYkiIodba2Zh/Be9fXBDs939k3MzczEQ7ulcTp4bF140xhvzQ3YwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFPrU3qQoVbzVq7+ALTfr3lzUuOlpMB8GA1UdIwQY
MBaAFKDbEk7zXCIhZ4lKWl6TcEqBHDSsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05zU1R2TmNJaUZuaVVwYVhwTndTb0VjTkt3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yZGVjOTMtN2IwYS00NjE0LWEwNTkt
ZjdlMDkyY2UyMTcwLzEvMS10VGVwQ2hWdk5XcnY0QXROLXZlWE5TNDZXay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGUvMmRlYzkzLTdiMGEtNDYxNC1hMDU5LWY3ZTA5MmNlMjE3
MC8xL29Oc1NUdk5jSWlGbmlVcGFYcE53U29FY05Ldy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBlBggrBgEFBQcBBwEB/wRWMFQwKgQCAAEwJAMEA09iEAME
BFBKQAMEBlTvQAMEAo1lOAMEArkKsAMEArkv8DAmBAIAAjAgAwcEKgBpAAAAAwcA
KgBpAADwAwUAKgBpAQMFACoDXUAwDQYJKoZIhvcNAQELBQADggEBAGExWsEAgR1x
bmx2AlOO2ul0yCgwbAmSrmmFyzcJswp4sn/52CzF+tvjUMQHs6P/JYtabR91udSj
tsrlqNvUqppEzRugouwhCiWBSsIU0rkzvGqfroNClYG96ejssoFMP94T9BLpLxV/
ciAR2mLYiVw1IE6rlf506gY8sSPUGyUv5mHY7B8mh9Zxa6aSMQhWruZAsnIMzUfs
UIJCN2W7/yk5QyNVelg86A8ztrCCVpPEsGwzBz9WZlpvkmxxMgrCWzsBEHTN/ELm
KRi6LG/8tNxFWnlC6W+JiZabY+kJPYoeROliAthNxK3rmGKSdULQ1YceE3jcxgF8
nTh0nfivAcQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:43 2025 by rpki-client